Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Can't Switch wi-fi networks in Windows 7

Windows 7; malware; network

  • This topic is locked This topic is locked

#1
BluePoet

BluePoet

    Member

  • Member
  • PipPip
  • 46 posts

I seem to have some malware affecting my ability to change wi-fi networks.  It happens like this:

 

1) Computer boots into Windows 7 Ultimate 64-buit edition and connects to default network;

 

2) I try to change the network by clicking either in the toolbar or the Network and Sharing Center.

 

3) After selecting another network (another home network that I was once able to connect to and still can with other devices), I get disconnected from the default;

 

4) No new network connection is made;

 

5) I cannot open the list of available connections.  Clicking either on the toolbar icon or in the Network and Sharing Center does nothing.

 

I am posting my FarBar logs below:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:11-07-2015
Ran by John (administrator) on JOHN-PC on 12-07-2015 10:04:41
Running from C:\Users\John\Desktop
Loaded Profiles: John (Available Profiles: John & Laura & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(UPEK Inc.) C:\Program Files\Protector Suite\upeksvr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Backblaze\bzserv.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Rosetta Stone Ltd.) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdController.exe
(Rosetta Stone Ltd.) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServer.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(SparkLabs) C:\Program Files\TorGuard.Viscosity\TorGuardService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(UPEK Inc.) C:\Program Files\Protector Suite\psqltray.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(MediaMall Technologies, Inc.) C:\Program Files (x86)\MediaMall\PlayOn.exe
() C:\Program Files (x86)\Backblaze\bzbui.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(SparkLabs) C:\Program Files\TorGuard.Viscosity\TorGuard.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Microsoft Corporation) C:\Windows\System32\sdclt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2328360 2010-09-16] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11776104 2011-02-11] (Realtek Semiconductor)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-11-02] (Intel® Corporation)
HKLM\...\Run: [PSQLLauncher] => C:\Program Files\Protector Suite\launcher.exe [84744 2010-04-27] (UPEK Inc.)
HKLM\...\Run: [THXCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [1374720 2010-11-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-03] (CyberLink)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [358336 2011-08-11] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [570880 2013-12-27] (Nikon Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [495616 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [856064 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-08-05] (Wondershare)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2012-01-26] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [PowerDVD15Agent] => C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe [950296 2015-03-19] (CyberLink Corp.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157992 2015-06-29] (Apple Inc.)
Winlogon\Notify\psfus: C:\Program Files\Protector Suite\psqlpwd.dll (UPEK Inc.)
HKU\S-1-5-21-777044968-2926712198-4189444973-1000\...\Run: [iFunBoxConnector] => C:\Program Files (x86)\i-Funbox DevTeam\ifb_conn.exe [812544 2012-11-20] ()
HKU\S-1-5-21-777044968-2926712198-4189444973-1000\...\Run: [PlayOn] => C:\Program Files (x86)\MediaMall\PlayOn.exe [67904 2015-07-08] (MediaMall Technologies, Inc.)
HKU\S-1-5-21-777044968-2926712198-4189444973-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-777044968-2926712198-4189444973-1000\...\Run: [Backblaze] => C:\Program Files (x86)\Backblaze\bzbui.exe [490176 2015-05-15] ()
HKU\S-1-5-21-777044968-2926712198-4189444973-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [717696 2010-01-16] (Microsoft Corporation)
HKU\S-1-5-21-777044968-2926712198-4189444973-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-18\...\Run: [Backblaze] => C:\Program Files (x86)\Backblaze\bzbui.exe [490176 2015-05-15] ()
Lsa: [Notification Packages] scecli C:\Program Files\Protector Suite\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hotkey.lnk.disabled [2011-10-31]
ShortcutTarget: Hotkey.lnk.disabled -> C:\Program Files (x86)\Hotkey\Hotkey.exe (No File)
ShellIconOverlayIdentifiers: [UEAFOverlay] -> {F2F31467-B1AC-4df0-AE79-FD5FA085E22B} => C:\Program Files\Protector Suite\farchns.dll [2010-04-27] (UPEK Inc.)
ShellIconOverlayIdentifiers: [UEAFOverlayOpen] -> {A3E208F7-0E3A-4182-A7A6-B169D5D691AA} => C:\Program Files\Protector Suite\farchns.dll [2010-04-27] (UPEK Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-777044968-2926712198-4189444973-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-777044968-2926712198-4189444973-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-777044968-2926712198-4189444973-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
SearchScopes: HKLM -> DefaultScope {21A51130-7285-49FE-B3F6-2385CC71CDEA} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {21A51130-7285-49FE-B3F6-2385CC71CDEA} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {21A51130-7285-49FE-B3F6-2385CC71CDEA} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {21A51130-7285-49FE-B3F6-2385CC71CDEA} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-777044968-2926712198-4189444973-1000 -> DefaultScope {21A51130-7285-49FE-B3F6-2385CC71CDEA} URL =
SearchScopes: HKU\S-1-5-21-777044968-2926712198-4189444973-1000 -> {7DC274FF-15F0-4C7A-AC2B-6613696CB505} URL = http://search.yahoo....p={SearchTerms}
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-11-19] (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-21] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-11-19] (Kaspersky Lab ZAO)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-21] (Oracle Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-11-19] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-11-19] (Kaspersky Lab ZAO)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-11-19] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-11-19] (Kaspersky Lab ZAO)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKU\S-1-5-21-777044968-2926712198-4189444973-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Winsock: Catalog5 01 mswsock.dll File not found ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File not found ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not ' & $found1 & ' ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not ' & $found1 & ' ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 190.157.8.33 181.48.0.232
Tcpip\..\Interfaces\{3B552699-F8DC-47B2-BD2C-E35D315E9186}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5E270983-28AC-49BD-886E-883FA6F49800}: [DhcpNameServer] 190.157.8.33 181.48.0.232
Tcpip\..\Interfaces\{AA627AE5-AEB8-4C34-B457-E730DC5FC15D}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{D802E7C7-6E87-4D45-AAB5-52C6EFDA5265}: [DhcpNameServer] 8.8.8.8 8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\z5xtwheb.default-1347206686710
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll [2015-07-11] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-08-21] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-02-04] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email protected] [2014-11-19] ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email protected] [2014-11-19] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email protected] [2014-11-19] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-03-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-03-14] (NVIDIA Corporation)
FF Plugin-x32: @playon.tv/PlayOnToolbar -> C:\Program Files (x86)\MediaMall\toolbar\npVT.dll [2015-06-20] (MediaMall Technologies, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-777044968-2926712198-4189444973-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\John\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-07-20] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-777044968-2926712198-4189444973-1000: electronicarts.com/GameFacePlugin -> C:\Users\John\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll [2012-07-26] (Electronic Arts)
FF user.js: detected! => C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\z5xtwheb.default-1347206686710\user.js [2015-07-03]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll [2011-08-11] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll [2011-08-10] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll [2011-08-11] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll [2011-08-11] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll [2011-08-11] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll [2011-08-11] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll [2011-08-11] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll [2011-08-11] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll [2011-08-10] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll [2011-08-10] (Citrix Systems, Inc.)
FF Extension: about:addons-memory - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\z5xtwheb.default-1347206686710\Extensions\[email protected] [2015-07-03]
FF Extension: fcreward.100770.b - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\z5xtwheb.default-1347206686710\Extensions\{003e1c8f-ebd6-f074-7551-4b31c0f547ec}.xpi [2012-09-23]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2012-08-30]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email protected]
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email protected] [2014-10-16]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email protected]
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email protected] [2014-10-16]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email protected]
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email protected] [2014-10-16]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2015-03-13]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR Profile: C:\Users\John\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-09]
CHR Extension: (Google Docs) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-09]
CHR Extension: (Google Drive) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-09]
CHR Extension: (YouTube) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-09]
CHR Extension: (Google Search) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-09]
CHR Extension: (Kaspersky Protection) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-02-09]
CHR Extension: (Google Sheets) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-09]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-02]
CHR Extension: (BitTorrentBar) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid [2015-02-09]
CHR Extension: (Google Wallet) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-09]
CHR Extension: (Gmail) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-09]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.googl...jjmlmojhbllhbho
CHR HKU\S-1-5-21-777044968-2926712198-4189444973-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\John\AppData\Local\CRE\mhfdcmehmjcclgopdodkjdicohagipid.crx [2012-06-07]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.googl...jjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\John\AppData\Local\CRE\mhfdcmehmjcclgopdodkjdicohagipid.crx [2012-06-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
R2 bzserv; C:\Program Files (x86)\Backblaze\bzserv.exe [235712 2015-05-15] ()
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 MediaMall Server; C:\Program Files (x86)\MediaMall\MediaMallServer.exe [5830960 2015-07-08] (MediaMall Technologies, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-11-02] ()
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [34528 2013-03-07] (The OpenVPN Project)
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [1142768 2014-01-23] (Paramount Software UK Ltd)
R2 RosettaStoneLtdController; C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdController.exe [352312 2008-09-16] (Rosetta Stone Ltd.) [File not signed]
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28848 2014-09-16] (Samsung Electronics Co., Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TorGuardService; C:\Program Files\TorGuard.Viscosity\TorGuardService.exe [92960 2015-07-10] (SparkLabs)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 PowerBiosServer; "C:\Program Files (x86)\Hotkey\PowerBiosServer.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2014-11-19] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [819896 2015-03-10] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2014-11-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 msvad_simple; C:\Windows\System32\drivers\povrtdev.sys [28528 2013-03-05] (MediaMall Technologies, Inc.)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2012-01-19] () [File not signed]
S3 visctap0901; C:\Windows\System32\DRIVERS\visctap0901.sys [34440 2015-07-10] (The OpenVPN Project)
R2 {687703DE-DC6D-4649-892B-B8497854A6AB}; C:\Program Files (x86)\CyberLink\PowerDVD15\Common\NavFilter\000.fcl [29896 2015-03-18] (CyberLink Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-12 10:04 - 2015-07-12 10:05 - 00036142 _____ C:\Users\John\Desktop\FRST.txt
2015-07-12 10:03 - 2015-07-12 10:04 - 00000000 ____D C:\FRST
2015-07-12 10:03 - 2015-07-12 10:03 - 02130944 _____ (Farbar) C:\Users\John\Desktop\FRST64.exe
2015-07-11 21:00 - 2015-07-11 21:00 - 00236219 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_55a1b19f.dmp
2015-07-11 19:18 - 2015-07-11 19:18 - 01187520 _____ (Adobe Systems Incorporated) C:\Users\John\Downloads\flashplayer18au_ha_install.exe
2015-07-11 19:08 - 2015-07-11 19:08 - 00246002 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_55a1afe0.dmp
2015-07-11 19:01 - 2015-07-11 19:01 - 00228597 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_55a1ae45.dmp
2015-07-11 18:58 - 2015-07-11 18:58 - 00240751 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_55a1ad8d.dmp
2015-07-11 00:52 - 2015-07-11 00:52 - 00000000 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_55a04c21.dmp
2015-07-09 23:58 - 2015-07-09 23:58 - 00239321 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_559eda95.dmp
2015-07-09 11:04 - 2015-07-09 11:04 - 00191877 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_559e92bd.dmp
2015-07-08 19:28 - 2015-07-08 19:28 - 00298639 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_559d699f.dmp
2015-07-08 13:31 - 2015-07-12 09:18 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-08 13:31 - 2015-07-11 20:09 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-08 13:31 - 2015-07-08 13:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayOn
2015-07-08 13:31 - 2015-07-08 13:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayLater
2015-07-08 13:26 - 2015-07-08 13:26 - 02715192 _____ (MediaMall Technologies, Inc.) C:\Users\John\Downloads\PlayLaterSetup.1.6.46.exe
2015-07-08 13:21 - 2015-07-08 13:22 - 30819648 _____ (MediaMall Technologies, Inc.) C:\Users\John\Downloads\PlayLaterPatch.1.6.46.exe
2015-07-07 22:50 - 2015-07-07 22:50 - 00000000 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_559c8f9f.dmp
2015-07-06 23:21 - 2015-07-07 15:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-06 18:03 - 2015-07-06 18:03 - 00225889 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_559afd81.dmp
2015-07-06 13:10 - 2015-07-06 13:10 - 00227387 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_559a7854.dmp
2015-07-05 21:55 - 2015-07-05 21:55 - 00193605 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_5599abc2.dmp
2015-07-05 00:12 - 2015-07-05 00:12 - 00206203 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_5598b3d7.dmp
2015-07-04 15:37 - 2015-07-04 15:37 - 00251409 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_55980ba0.dmp
2015-07-04 11:34 - 2015-07-04 11:34 - 00001820 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-04 11:34 - 2015-07-04 11:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-04 11:34 - 2015-07-04 11:34 - 00000000 ____D C:\Program Files\iTunes
2015-07-04 11:34 - 2015-07-04 11:34 - 00000000 ____D C:\Program Files\iPod
2015-07-04 11:34 - 2015-07-04 11:34 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-04 11:33 - 2015-07-04 11:33 - 00194499 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_559690b8.dmp
2015-07-04 11:29 - 2015-07-04 11:29 - 00001882 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-07-04 11:29 - 2015-07-04 11:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-07-04 11:29 - 2015-07-04 11:29 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-07-04 11:28 - 2015-07-04 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-07-02 15:52 - 2015-07-02 15:52 - 00235496 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_5595a23f.dmp
2015-07-02 10:50 - 2015-07-02 10:50 - 00191480 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_5595531d.dmp
2015-07-01 19:50 - 2015-07-01 19:50 - 00188934 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_55946133.dmp
2015-07-01 17:33 - 2015-07-01 17:33 - 00001151 _____ C:\Users\Public\Desktop\Faasoft Audio Converter.lnk
2015-07-01 17:33 - 2015-07-01 17:33 - 00000000 ____D C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Faasoft
2015-07-01 17:31 - 2015-07-01 17:32 - 11888574 _____ (Faasoft Corporation) C:\Users\John\Downloads\f-audio-converter(1).exe
2015-07-01 17:12 - 2015-07-02 09:28 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2015-07-01 17:12 - 2015-07-02 09:28 - 00000000 ____D C:\Program Files (x86)\NCH Software
2015-07-01 17:12 - 2015-07-01 17:12 - 00656448 _____ (NCH Software) C:\Users\John\Downloads\switchsetup.exe
2015-07-01 17:12 - 2015-07-01 17:12 - 00000000 ____D C:\ProgramData\NCH Software
2015-07-01 16:52 - 2015-07-01 16:52 - 00190636 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_55945558.dmp
2015-07-01 16:30 - 2015-07-01 16:33 - 00000000 ____D C:\Users\John\AppData\Roaming\freac
2015-07-01 16:29 - 2015-07-01 16:29 - 07531408 _____ C:\Users\John\Downloads\freac-1.0.23.exe
2015-07-01 16:26 - 2015-07-01 16:26 - 00000000 ____D C:\Users\John\AppData\Roaming\Faasoft Video Converter
2015-07-01 16:24 - 2015-07-01 17:33 - 00000000 ____D C:\Program Files (x86)\Faasoft
2015-07-01 16:18 - 2015-07-02 10:11 - 00000000 ____D C:\Users\John\Documents\Faasoft Audio Converter
2015-07-01 16:16 - 2015-07-01 16:16 - 00000000 ____D C:\Users\John\AppData\Roaming\Faasoft Audio Converter
2015-07-01 16:14 - 2015-07-01 16:14 - 11888574 _____ (Faasoft Corporation) C:\Users\John\Downloads\f-audio-converter.exe
2015-07-01 16:09 - 2015-07-01 16:09 - 00000000 ____D C:\Users\John\Documents\Any Video Converter
2015-07-01 16:09 - 2015-07-01 16:09 - 00000000 ____D C:\Users\John\AppData\Roaming\Anvsoft
2015-07-01 16:09 - 2015-07-01 16:09 - 00000000 ____D C:\Program Files (x86)\Anvsoft
2015-07-01 16:08 - 2015-07-01 16:08 - 34599616 _____ C:\Users\John\Downloads\any-audio-converter.exe
2015-07-01 14:49 - 2015-07-01 14:50 - 05736682 _____ (Igor Pavlov) C:\Users\John\Downloads\foobar2000 Full Encoder Pack 2015-06-28.exe
2015-07-01 14:48 - 2015-07-01 14:48 - 00219606 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_559428e8.dmp
2015-07-01 14:23 - 2015-07-01 17:32 - 00000000 ____D C:\Users\John\AppData\Roaming\foobar2000
2015-07-01 14:23 - 2015-07-01 14:23 - 00000891 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
2015-07-01 14:23 - 2015-07-01 14:23 - 00000809 _____ C:\Users\Public\Desktop\foobar2000.lnk
2015-07-01 14:15 - 2015-07-01 14:15 - 03875496 _____ (foobar2000.org) C:\Users\John\Downloads\foobar2000_v1.3.8(1).exe
2015-07-01 13:49 - 2015-07-01 13:49 - 01529924 _____ (foobar2000.org) C:\Users\John\Downloads\Free_Encoder_Pack_2015-06-02(1).exe
2015-07-01 12:46 - 2015-07-01 12:47 - 01529924 _____ (foobar2000.org) C:\Users\John\Downloads\Free_Encoder_Pack_2015-06-02.exe
2015-07-01 12:38 - 2015-07-01 12:39 - 03875496 _____ (foobar2000.org) C:\Users\John\Downloads\foobar2000_v1.3.8.exe
2015-07-01 09:05 - 2015-07-01 09:05 - 00233146 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_5593f32e.dmp
2015-06-29 10:10 - 2015-06-29 10:10 - 00218232 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_55915f10.dmp
2015-06-28 18:02 - 2015-07-04 11:34 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-06-28 17:59 - 2015-06-28 18:01 - 121283888 _____ (Apple Inc.) C:\Users\John\Downloads\itunes64setup(1).exe
2015-06-28 17:52 - 2015-06-28 17:52 - 00000000 ____D C:\Users\John\AppData\Roaming\TaiG
2015-06-25 18:51 - 2015-06-25 18:51 - 10756558 _____ C:\Users\John\Downloads\DDWRT-QuickSetup.exe
2015-06-18 20:49 - 2015-06-18 20:49 - 00000000 ____D C:\Users\Laura\AppData\Local\GWX
2015-06-18 20:48 - 2015-06-18 20:48 - 00002367 _____ C:\Users\Laura\Desktop\Safe Money.lnk
2015-06-18 20:48 - 2015-06-18 20:48 - 00000000 ____D C:\Users\Laura\AppData\Local\Wondershare
2015-06-18 20:48 - 2015-06-18 20:48 - 00000000 ____D C:\Users\Laura\AppData\Local\Google
2015-06-18 20:48 - 2015-06-18 20:48 - 00000000 ____D C:\Users\Laura\AppData\Local\CyberLink
2015-06-17 00:23 - 2015-06-17 00:23 - 00094208 _____ (Apple Inc.) C:\Windows\SysWOW64\QuickTimeVR.qtx
2015-06-17 00:23 - 2015-06-17 00:23 - 00069632 _____ (Apple Inc.) C:\Windows\SysWOW64\QuickTime.qts

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-12 10:05 - 2014-10-16 11:31 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-07-12 09:44 - 2015-02-09 21:12 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-12 09:36 - 2011-06-29 13:51 - 00089241 _____ C:\Windows\setupact.log
2015-07-11 21:27 - 2009-07-13 23:45 - 00031088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-11 21:27 - 2009-07-13 23:45 - 00031088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-11 20:57 - 2013-01-29 14:01 - 00536187 _____ C:\Windows\SysWOW64\debug.log
2015-07-11 20:23 - 2015-02-09 21:12 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-11 20:09 - 2012-04-03 08:33 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-11 20:09 - 2011-11-02 19:43 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-11 19:20 - 2014-08-26 20:39 - 00000000 ____D C:\Users\John\AppData\Local\Adobe
2015-07-11 19:15 - 2014-11-20 11:30 - 00002896 _____ C:\Windows\System32\Tasks\AutoKMS
2015-07-11 19:15 - 2014-11-20 11:29 - 00000266 _____ C:\Windows\Tasks\AutoKMS.job
2015-07-11 19:15 - 2014-09-04 17:06 - 00000464 __RSH C:\ProgramData\ntuser.pol
2015-07-11 19:15 - 2011-10-31 12:14 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-11 19:15 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-11 19:14 - 2011-10-31 11:46 - 01639506 _____ C:\Windows\WindowsUpdate.log
2015-07-11 19:08 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-10 17:55 - 2015-04-04 10:01 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-10 17:55 - 2015-04-04 10:01 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-10 13:19 - 2014-04-21 10:26 - 00034440 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\visctap0901.sys
2015-07-09 23:31 - 2014-04-21 10:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TorGuard
2015-07-09 23:31 - 2014-04-21 10:26 - 00000000 ____D C:\Program Files\TorGuard.Viscosity
2015-07-09 23:30 - 2012-06-24 19:05 - 00000000 ____D C:\Users\John\AppData\Roaming\BitTorrent
2015-07-09 10:28 - 2015-04-08 12:08 - 00000000 ____D C:\Users\John\AppData\Local\Deployment
2015-07-09 10:26 - 2010-11-20 22:47 - 00200652 _____ C:\Windows\PFRO.log
2015-07-08 13:34 - 2013-08-05 17:59 - 00000000 ____D C:\ProgramData\MediaMall
2015-07-08 13:32 - 2013-08-05 18:00 - 00000000 ____D C:\Program Files (x86)\MediaMall
2015-07-08 13:31 - 2014-05-08 18:14 - 00002090 _____ C:\Users\Public\Desktop\PlayOn.lnk
2015-07-08 13:31 - 2013-08-06 11:42 - 00001006 _____ C:\Users\Public\Desktop\PlayLater.lnk
2015-07-08 13:29 - 2011-10-31 12:59 - 00000000 ____D C:\Windows\Downloaded Installations
2015-07-07 15:25 - 2015-02-09 21:13 - 00002220 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-06 10:30 - 2015-03-17 09:26 - 00000000 ____D C:\Users\John\Documents\English Class
2015-07-04 17:39 - 2011-11-02 19:35 - 00000000 ____D C:\Users\John\AppData\Roaming\Apple Computer
2015-07-04 11:38 - 2012-10-10 16:16 - 00000000 ____D C:\Users\John\Documents\Outlook Files
2015-07-04 11:34 - 2011-11-02 19:33 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-03 08:59 - 2015-06-11 09:41 - 00000000 ____D C:\Users\John\Documents\Rent Receipts
2015-07-03 08:59 - 2011-11-01 21:25 - 00000000 ____D C:\Users\John
2015-07-02 16:05 - 2011-11-02 19:29 - 00000000 ____D C:\MP3
2015-07-01 17:50 - 2014-10-06 17:05 - 00000069 _____ C:\Windows\NeroDigital.ini
2015-07-01 17:50 - 2011-11-12 01:40 - 00000975 _____ C:\Users\John\AppData\Roaming\default.rss
2015-07-01 13:51 - 2011-10-31 12:33 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-01 12:19 - 2011-11-06 18:04 - 00000000 ____D C:\Users\John\AppData\Roaming\Nero
2015-06-23 23:29 - 2009-07-14 00:08 - 00032628 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-23 17:18 - 2014-12-24 00:02 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-23 13:30 - 2010-11-20 22:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-18 20:48 - 2014-10-18 16:56 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

==================== Files in the root of some directories =======

2011-11-12 01:40 - 2015-07-01 17:50 - 0000975 _____ () C:\Users\John\AppData\Roaming\default.rss
2012-06-25 19:45 - 2012-06-25 19:45 - 0000000 _____ () C:\Users\John\AppData\Roaming\downloads.m3u
2011-11-27 13:24 - 2012-03-11 15:04 - 0000268 ____H () C:\Users\John\AppData\Roaming\Track Settings
2012-03-11 15:05 - 2012-03-11 15:05 - 0000268 ____H () C:\Users\John\AppData\Roaming\Trance Pad
2011-11-27 13:24 - 2012-03-11 15:04 - 0000268 ____H () C:\Users\John\AppData\Roaming\Transportation
2012-08-20 14:22 - 2013-04-16 10:37 - 0000268 ___RH () C:\Users\John\AppData\Roaming\Vocals
2014-04-29 12:16 - 2014-04-29 12:16 - 169928142 _____ () C:\Users\John\AppData\Local\ACCCx2_5_1_369.2.zip.aamdownload
2014-04-29 12:16 - 2014-04-29 12:16 - 0001986 _____ () C:\Users\John\AppData\Local\ACCCx2_5_1_369.2.zip.aamdownload.aamd
2012-03-11 15:19 - 2012-03-11 15:19 - 0008192 _____ () C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-05 15:42 - 2014-04-05 15:42 - 0000017 _____ () C:\Users\John\AppData\Local\resmon.resmoncfg
2012-08-20 14:22 - 2013-04-16 10:37 - 0000012 ___RH () C:\ProgramData\Analog Sync
2012-02-14 13:25 - 2015-02-02 13:36 - 0001385 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2012-08-20 14:22 - 2013-04-16 10:37 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2011-11-27 13:25 - 2012-03-11 15:05 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2011-11-27 13:24 - 2012-03-11 15:04 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2011-11-27 13:24 - 2012-03-11 15:04 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2012-03-11 15:04 - 2012-03-11 15:04 - 0000268 ___RH () C:\ProgramData\Tremolo
2012-03-11 15:05 - 2012-03-11 15:05 - 0000268 ___RH () C:\ProgramData\Tribal Masks
2012-03-11 15:04 - 2012-03-11 15:04 - 0000268 ___RH () C:\ProgramData\Trumpet Section
2012-08-20 14:22 - 2013-04-16 10:37 - 0000268 ___RH () C:\ProgramData\Woodwinds

ZeroAccess:
C:\Windows\Installer\{f7206540-76db-7474-2888-88bf92c5cf75}

Some files in TEMP:
====================
C:\Users\John\AppData\Local\Temp\AAMHelper.exe
C:\Users\John\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\John\AppData\Local\Temp\AsNrMDVEbLWbvusmNOII.DLL
C:\Users\John\AppData\Local\Temp\BnoNZDvZdloeBAXNhjbY.DLL
C:\Users\John\AppData\Local\Temp\BvKoyjkVtsZbQavKzgpC.DLL
C:\Users\John\AppData\Local\Temp\FreemakeAudioConverterFull.exe
C:\Users\John\AppData\Local\Temp\FreemakeAudioConverter_1.1.0.66.exe
C:\Users\John\AppData\Local\Temp\FreemakeVideoConverterFull.exe
C:\Users\John\AppData\Local\Temp\geEosTOSFb.DLL
C:\Users\John\AppData\Local\Temp\GodFzVvlLlUsAgfPWYjf.DLL
C:\Users\John\AppData\Local\Temp\GSZgGbpytB.DLL
C:\Users\John\AppData\Local\Temp\oVsTzwhheCkjBaErPDga.DLL
C:\Users\John\AppData\Local\Temp\Samsung_Magician_Setup_v45.exe
C:\Users\John\AppData\Local\Temp\SVLQQPfmAU.DLL
C:\Users\John\AppData\Local\Temp\wHCksmnNtQyoWXiljMeD.DLL


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-03 00:33

==================== End of log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:11-07-2015
Ran by John at 2015-07-12 10:05:51
Running from C:\Users\John\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-777044968-2926712198-4189444973-500 - Administrator - Disabled)
Guest (S-1-5-21-777044968-2926712198-4189444973-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-777044968-2926712198-4189444973-1012 - Limited - Enabled)
John (S-1-5-21-777044968-2926712198-4189444973-1000 - Administrator - Enabled) => C:\Users\John
Laura (S-1-5-21-777044968-2926712198-4189444973-1003 - Limited - Enabled) => C:\Users\Laura
UpdatusUser (S-1-5-21-777044968-2926712198-4189444973-1005 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Nero SoundTrax Help (x32 Version: 4.4.32.0 - Nero AG) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Alt.Binz 0.39.4 (HKLM-x32\...\Alt.Binz) (Version: 0.39.4 - Rdl)
Anti-phishing Domain Advisor (HKLM-x32\...\Anti-phishing Domain Advisor) (Version: 1.1.0.1 - Visicom Media Inc. (Powered by Panda Security))
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{06A333EA-4E9D-4848-865F-FE5A1E12AB30}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Backblaze (HKLM-x32\...\Backblaze) (Version:  - Backblaze, Inc)
BDtoAVCHD 1.7.8 (HKLM-x32\...\{0213E592-8C74-429F-83C5-78B1B6744EC7}) (Version: 1.7.8 - Joel Gali)
Binreader (HKLM-x32\...\{3D47B2C0-8748-4450-99AE-0746A5A74C8E}) (Version: 1.0.0 - Binreader)
BisonCam (HKLM-x32\...\{5BBC4803-C96E-4D3E-9D1D-2E43774C4062}) (Version: 9.2.1.71.52 - BisonCam)
BitTorrent (HKU\S-1-5-21-777044968-2926712198-4189444973-1000\...\BitTorrent) (Version: 7.9.3.40299 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM-x32\...\{8854EE3C-5031-499F-B5EB-51A82F1B28EF}) (Version: 2.21.0 - Kovid Goyal)
Citrix Presentation Server Client (HKLM-x32\...\{B2AE44CB-2AAB-4C08-A54B-D264BD604DA8}) (Version: 10.00.52110 - Citrix Systems, Inc.)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.0.0.6685 - Citrix Systems, Inc.)
Combined Community Codec Pack 2014-07-13 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2014.07.13.0 - CCCP Project)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2608 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1607 - CyberLink Corp.)
CyberLink PowerDVD 15 (HKLM-x32\...\{DE85B8F3-D088-4D6E-A970-EE0BC7883A66}) (Version: 15.0.1510.58 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Documents To Go Desktop for iOS (HKLM-x32\...\DTGDesktop) (Version: 4.0001.010 - DataViz, Inc.)
DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden
EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKU\S-1-5-21-777044968-2926712198-4189444973-1000\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts)
Epson Connect (HKLM-x32\...\{64BA551C-9AF6-495C-93F3-D1270E0045FC}) (Version:  - )
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM-x32\...\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery (HKLM-x32\...\EEPPPlugIn) (Version:  - SEIKO EPSON Corporation)
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery Setup (x32 Version: 1.00.0000 - SEIKO EPSON Corporation) Hidden
Epson Event Manager (HKLM-x32\...\{44F72193-F59C-4303-BAE8-E3E4BC1C122C}) (Version: 3.01.0003 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{E904F572-D7DB-43C1-929F-043F267FC77D}) (Version: 1.22.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.20.00 - SEIKO EPSON CORPORATION)
EPSON L355 Series Printer Uninstall (HKLM\...\EPSON L355 Series) (Version:  - SEIKO EPSON Corporation)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
Faasoft Audio Converter 5.2.23.5604 (HKLM-x32\...\{6A4806A7-4A4C-458C-B42F-BB508CA69F3F}_is1) (Version:  - Faasoft Corporation)
FileZilla Client 3.5.3 (HKLM-x32\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project)
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
Free Video to iPad Converter version 5.0.17.903 (HKLM-x32\...\Free Video to iPad Converter_is1) (Version: 5.0.17.903 - DVDVideoSoft Ltd.)
Freemake Audio Converter version 1.1.3 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.3 - Ellora Assets Corporation)
Freemake Video Converter version 4.1.6 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.6 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GrabIt 1.7.2 Beta 6 (build 1008) (HKLM-x32\...\GrabIt_is1) (Version:  - Ilan Shemes)
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
Hotkey 3.3028 (HKLM-x32\...\InstallShield_{164714B6-46BC-4649-9A30-A6ED32F03B5A}) (Version: 3.3028 - NoteBook)
Hotkey 3.3028 (x32 Version: 3.3028 - NoteBook) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
iCopyBot for Windows 7.2.7 (HKLM-x32\...\iCopyBot for Windows) (Version: 7.2.7 - VOWSoft, Ltd.)
iFunbox (v2.1.2228.731), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.1.2228.731 - )
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{AF162E20-417F-4946-A06D-65734984957F}) (Version: 14.00.0000 - Intel Corporation)
iRip (HKLM-x32\...\{98FA0A89-358D-4D39-A666-D4D321A44971}) (Version: 1.1.0 - The Little App Factory)
ITE Infrared Transceiver (HKLM-x32\...\{40580068-9B10-40B5-9548-536CE88AB23C}) (Version: 1.00.0000 - ITE)
iTunes (HKLM\...\{0FB81B1A-1329-4905-8080-058E530CD6D9}) (Version: 12.2.0.145 - Apple Inc.)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java SE Development Kit 7 Update 67 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170670}) (Version: 1.7.0.670 - Oracle)
JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.26.6 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.62.0 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
JustCloud Setup (x32 Version: 1.0.0.08 - JustCloud) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Macrium Reflect Professional Edition (HKLM\...\MacriumReflect) (Version: 5.2 - Paramount Software (UK) Ltd.)
Macrium Reflect Professional Edition (Version: 5.2.6462 - Paramount Software (UK) Ltd.) Hidden
Menu Templates - Starter Kit (x32 Version: 9.4.6.0 - Nero AG) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Miro Video Converter (HKLM-x32\...\Miro Video Converter) (Version: 0.8.0 - Participatory Culture Foundation)
Movie Templates - Starter Kit (x32 Version: 9.4.6.0 - Nero AG) Hidden
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 17.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 17.0.5 (x86 en-US)) (Version: 17.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyHarmony (HKU\S-1-5-21-777044968-2926712198-4189444973-1000\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
Nero 9 (HKLM-x32\...\{0b5080e9-3b6e-4902-b448-c52159e20604}) (Version:  - Nero AG)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.9.2 - Nikon)
NVIDIA 3D Vision Controller Driver 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 314.22 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 314.22 - NVIDIA Corporation)
NVIDIA 3D Vision Video Player (HKLM-x32\...\{594F6A23-9FF2-4D03-8761-97483E55CE79}) (Version: 1.5.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 314.22 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.23.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.23.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.12.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.12.12 - NVIDIA Corporation)
Octoshape add-in for Adobe Flash Player (HKU\S-1-5-21-777044968-2926712198-4189444973-1000\...\Octoshape add-in for Adobe Flash Player) (Version:  - )
OLYMPUS A-GPS Utility (HKLM-x32\...\{C73F6E04-F3C9-46F1-833E-306AC1DC8C97}) (Version: 1.0.0 - OLYMPUS IMAGING CORP.)
Online Plug-in (x32 Version: 13.0.0.6685 - Citrix Systems, Inc.) Hidden
OpenVPN 2.3.0-I005  (HKLM\...\OpenVPN) (Version: 2.3.0-I005 - )
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.3.0 - Nikon)
Picture Control Utility 2 (HKLM\...\{D4893C47-704F-4B84-8486-9DE4974ACA6F}) (Version: 2.0.1 - Nikon)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.5.1 - Nikon)
PlayLater (HKLM-x32\...\{FD1F149A-C14F-4C1D-A5E2-E6BE3A61A75A}) (Version: 1.6.46 - MediaMall Technologies, Inc.)
PlayOn (HKLM-x32\...\{DC5DEE99-7D1C-4A45-B2E8-E4B1F513329B}) (Version: 3.10.46 - MediaMall Technologies, Inc.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.9 - Power Software Ltd)
Protector Suite 2009 (HKLM\...\{0F841121-4DB6-4B31-839F-7F5AB3BB3423}) (Version: 5.9.3.6379 - UPEK Inc.)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
RAPID Mode (Version: 1.0.1.81 - Samsung Electronics Co., Ltd.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6307 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden
Rosetta Stone Ltd Services (HKLM-x32\...\{2110AF8F-F6E9-4712-A185-1B839C60822E}) (Version: 2.2.1.1 - Rosetta Stone Ltd.)
Rosetta Stone Version 3 (HKLM-x32\...\{99011A6E-5200-11DE-BDB8-7ACD56D89593}) (Version: 3.4.5.0 - Rosetta Stone Ltd.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Software Updater (HKLM-x32\...\{E1BAD1BA-C0E8-4018-9281-E7D2C6B07474}) (Version: 4.3.6 - SEIKO EPSON CORPORATION)
SoundTrax (x32 Version: 4.4.32.0 - Nero AG) Hidden
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 1.4.3.21029 - Blizzard Entertainment)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.14.0 - Synaptics Incorporated)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
THX TruStudio Pro (HKLM-x32\...\{82F99DC9-389A-4528-940C-88248731A620}) (Version: TAMB-CVS1D-1-LB R07 - Creative Technology Limited)
TorGuard 1.0.0 (1097) (HKLM\...\{6B859FAA-B180-4779-A754-086A308C49CC-ViscosityV~7814C94C_is1) (Version: 1.0.0 - VPNetworks LLC)
TrojanHunter 5.5 (HKLM-x32\...\TrojanHunter_is1) (Version: 5.5 - Mischel Internet Security)
TurboTax 2011 (HKLM-x32\...\TurboTax 2011) (Version:  - Intuit, Inc)
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.8.5 - Tweaking.com)
Unity Web Player (HKU\S-1-5-21-777044968-2926712198-4189444973-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.10.2 - Nikon)
WebCam Installer (HKLM-x32\...\{AAE521B6-2F19-447F-8CB6-6D1E3A19F3ED}) (Version: 3.32 - WebCam)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

06-07-2015 18:41:17 Scheduled Checkpoint
07-07-2015 15:13:35 Windows Update
08-07-2015 13:31:22 Installed PlayLater
09-07-2015 23:31:12 Device Driver Package Install: SparkLabs VPN Network adapters
10-07-2015 17:55:41 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2013-01-12 14:25 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {10BDECDE-A065-462D-A217-A20FAFBA2319} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-11] (Adobe Systems Incorporated)
Task: {2EE41FA5-D625-439C-A32D-BB6E86C70702} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2012-07-17] ()
Task: {329F41F6-A5E6-4FD6-A2E4-44179EFC1C93} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-09] (Google Inc.)
Task: {49CAC970-179D-45F9-90F4-8A310573B107} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-09] (Google Inc.)
Task: {49E86A1A-ED9F-4156-B5D0-0214FABA8092} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION
Task: {50CAAE3E-B06B-4326-A00B-1E18BF1B39A3} - System32\Tasks\{381C7D36-DFCE-4585-B7F9-AFB2C84390F7} => pcalua.exe -a C:\Users\John\Downloads\install_backblaze.exe -d C:\Users\John\Downloads
Task: {6196A9FE-E233-4C93-9E75-DC1F2DC6EE58} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {7EAF7783-423A-44E1-B010-436DBDCDBE40} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {A6C60DF3-FFEB-4537-A3B2-2D89C8FE6E58} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {BC842465-2184-450E-881F-EAD3D253987D} - System32\Tasks\{4A931D54-E9BE-4400-8D2C-9B7E62AC3B71} => pcalua.exe -a C:\Users\John\Downloads\S-VNX2__-020301WF-NSAEN-64BIT_.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {D0D9B56C-427C-4B22-8A0D-5868B8D39C14} - System32\Tasks\{3C3B8694-343F-4DE7-B830-63FB49769ACE} => Firefox.exe http://ui.skype.com/...#38;page=tsMain
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2010-11-02 14:58 - 2010-11-02 14:58 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-03-07 11:29 - 2015-05-15 19:01 - 00235712 _____ () C:\Program Files (x86)\Backblaze\bzserv.exe
2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-01-02 09:42 - 2010-01-02 09:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-11-02 14:58 - 2010-11-02 14:58 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-10-31 13:07 - 2010-11-12 14:38 - 00241152 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2014-03-07 11:29 - 2015-05-15 19:01 - 00490176 _____ () C:\Program Files (x86)\Backblaze\bzbui.exe
2013-01-14 13:22 - 2013-03-14 23:16 - 00086304 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-30 16:12 - 2014-08-30 16:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kpcengine.2.3.dll
2010-08-03 17:39 - 2010-08-03 17:39 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-03 17:39 - 2010-08-03 17:39 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-09-04 17:06 - 2014-08-05 09:22 - 01489408 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-09-04 17:06 - 2014-05-19 16:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2015-04-12 10:36 - 2015-03-19 01:46 - 00867592 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\common\UNO\UNO.dll
2015-04-12 10:36 - 2013-12-10 06:31 - 00074240 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Common\Koan\_ctypes.pyd
2015-04-12 10:36 - 2013-12-10 06:31 - 00285184 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Common\Koan\_hashlib.pyd
2015-04-12 10:36 - 2013-12-10 06:31 - 00040960 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Common\Koan\_socket.pyd
2015-04-12 10:36 - 2013-12-10 06:31 - 00721920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Common\Koan\_ssl.pyd
2014-12-02 09:24 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2010-01-09 20:18 - 2010-01-09 20:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:34 - 2010-01-21 01:34 - 08793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-08-30 16:12 - 2014-11-19 11:44 - 00332584 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email protected]\nponlinebanking.dll
2014-08-30 16:12 - 2014-11-19 11:44 - 00459048 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email protected]\npcontentblocker.dll
2014-08-30 16:12 - 2014-11-19 11:44 - 00587048 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email protected]\npvkplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-777044968-2926712198-4189444973-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\John\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 190.157.8.33 - 181.48.0.232

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Anti-phishing Domain Advisor => "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
MSCONFIG\startupreg: THGuard => "C:\Program Files (x86)\TrojanHunter 5.5\THGuard.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{4121E59B-97AD-469F-97A6-BB137C1A1374}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{3F058AE9-6777-4D3E-A759-D9EB42907EC9}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{3B275B5C-704A-4522-8A7F-B0DE906D8CA0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{98047BD2-AF2B-4584-BAC5-9E856C08CE7D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{1297F6E6-4B44-4A67-8E91-A5036A8AC9CB}C:\program files (x86)\bittorrent\bittorrent.exe] => (Block) C:\program files (x86)\bittorrent\bittorrent.exe
FirewallRules: [UDP Query User{5BA302C7-0802-48C4-99D5-F083C4D2EECE}C:\program files (x86)\bittorrent\bittorrent.exe] => (Block) C:\program files (x86)\bittorrent\bittorrent.exe
FirewallRules: [{249E256B-54CD-4A0A-835D-3909E4F370E7}] => (Allow) C:\Users\John\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{6CAA5347-30D0-4BB1-8444-6A683B22296E}] => (Allow) C:\Users\John\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{6DDA9ABA-26D8-40AB-BC20-5F5CF422E153}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [UDP Query User{227DB363-6146-438C-92DD-4FBF7D355A48}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [{91FD69AD-2749-4AA0-B39D-8CD688F3D121}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{41625CE9-D9ED-4B41-956A-F60D185882D3}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [TCP Query User{BB7394F8-042E-4D50-AAF4-F1F03D7A1496}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{5DAEDF9F-83D8-4F83-A23E-92945691D18E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{57B0EBEA-6B95-4B26-9BBB-18032D300F67}] => (Allow) LPort=3306
FirewallRules: [{A7D35646-A57D-4AA7-84AA-DE61C25D958D}] => (Allow) LPort=3306
FirewallRules: [{44207FBA-9CF8-42E8-B6EB-7CF4646BCF0E}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{803E0E53-D879-42B2-94DA-DA1C7C706952}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{4BF5E6D7-AB2A-4074-8DCB-543F65CBD7AC}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{CD17F013-E561-4CF1-94A1-6E337A3B90F6}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{FC8F50C6-55CC-495B-86A2-B48B36597749}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{9E5D8C66-9E22-4463-BFE2-42DA2AA65BBA}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{BFD355BE-4E9D-4AB7-B713-001EE981F442}] => (Allow) F:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{74A56AFE-BE6D-4441-9F9F-046DAC75AE22}] => (Allow) F:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{FCE45A9D-DDB1-49D9-BF63-E76B9FA38DC7}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{92F0C351-CF4B-48CE-99CA-E1D4315EE7AC}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{430DC851-19BB-460B-9382-E2CC4A0881BC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD.exe
FirewallRules: [{47445B4B-D8A0-4BF2-B19D-34F0E192B43D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\CLMSServerPDVD15.exe
FirewallRules: [{A1610976-8052-42F9-8B6F-E6A66AA4782D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe
FirewallRules: [{C4CF89D0-94B5-4E9A-984F-49F1FA5DEF01}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVDMovie.exe
FirewallRules: [{C0CE489A-3EEB-4FC5-8970-ACD357F3520A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{8A8E3C42-AAF1-455A-8645-A75F76A0A00B}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{F101ABA2-4747-4889-AC02-6CCCEDA48344}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{963316A2-0035-467F-A00F-BE36EE132062}] => (Allow) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
FirewallRules: [{2B99D1BF-D136-4567-BC3D-496C495F9BA7}] => (Allow) C:\Program Files (x86)\MediaMall\SettingsManager.exe
FirewallRules: [{3EB59697-EFBC-4A47-A31C-151FD98839B2}] => (Allow) C:\Program Files (x86)\MediaMall\PlayLater.exe
FirewallRules: [{E3788022-0DFC-4B26-9EDA-0C29D4221EC2}] => (Allow) C:\Program Files (x86)\MediaMall\PlayMark.exe
FirewallRules: [{1B3E09A0-3841-4A87-BA67-8E1539D363D4}] => (Allow) C:\Program Files (x86)\MediaMall\Surfer.exe

==================== Faulty Device Manager Devices =============

Name: Viscosity Virtual Adapter V9.1
Description: Viscosity Virtual Adapter V9.1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SparkLabs VPN
Service: visctap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Viscosity Virtual Adapter V9.1 #2
Description: Viscosity Virtual Adapter V9.1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SparkLabs VPN
Service: visctap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Viscosity Virtual Adapter V9.1 #3
Description: Viscosity Virtual Adapter V9.1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SparkLabs VPN
Service: visctap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/12/2015 12:03:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nvxdsync.exe, version: 8.17.13.1422, time stamp: 0x5142846f
Faulting module name: ntdll.dll, version: 6.1.7601.18869, time stamp: 0x556366f2
Exception code: 0xc0000374
Fault offset: 0x00000000000bfc22
Faulting process id: 0x7e4
Faulting application start time: 0xnvxdsync.exe0
Faulting application path: nvxdsync.exe1
Faulting module path: nvxdsync.exe2
Report Id: nvxdsync.exe3

Error: (07/11/2015 07:20:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x002efb46
Faulting process id: 0x71c
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3

Error: (07/04/2015 11:32:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ATH.exe, version: 17.492.0.29, time stamp: 0x54941c4c
Faulting module name: objc.dll, version: 1.528.0.126, time stamp: 0x549407f2
Exception code: 0xc0000005
Fault offset: 0x00006be4
Faulting process id: 0x19f8
Faulting application start time: 0xATH.exe0
Faulting application path: ATH.exe1
Faulting module path: ATH.exe2
Report Id: ATH.exe3

Error: (07/04/2015 11:32:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ATH.exe, version: 17.492.0.29, time stamp: 0x54941c4c
Faulting module name: objc.dll, version: 1.528.0.126, time stamp: 0x549407f2
Exception code: 0xc0000005
Fault offset: 0x00006be4
Faulting process id: 0x1c84
Faulting application start time: 0xATH.exe0
Faulting application path: ATH.exe1
Faulting module path: ATH.exe2
Report Id: ATH.exe3

Error: (07/01/2015 12:06:05 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (07/01/2015 12:06:05 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (07/01/2015 12:06:05 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (06/25/2015 08:20:49 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={27F58C12-17F5-43E2-A316-6C9E75AE0C44}: The user John-PC\John dialed a connection named %s Connection which has failed. The error code returned on failure is 691.

Error: (06/25/2015 08:20:39 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={C27E1FF2-604A-4A5F-826B-15F726788702}: The user John-PC\John dialed a connection named %s Connection which has failed. The error code returned on failure is 691.

Error: (06/23/2015 06:01:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nvxdsync.exe, version: 8.17.13.1422, time stamp: 0x5142846f
Faulting module name: ntdll.dll, version: 6.1.7601.18869, time stamp: 0x556366f2
Exception code: 0xc0000374
Fault offset: 0x00000000000bfc22
Faulting process id: 0x74c
Faulting application start time: 0xnvxdsync.exe0
Faulting application path: nvxdsync.exe1
Faulting module path: nvxdsync.exe2
Report Id: nvxdsync.exe3


System errors:
=============
Error: (07/11/2015 07:17:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (07/11/2015 07:17:27 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (07/11/2015 07:09:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (07/11/2015 07:09:48 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (07/11/2015 07:03:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (07/11/2015 07:03:04 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (07/11/2015 06:58:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (07/11/2015 06:58:31 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (07/11/2015 03:08:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (07/11/2015 03:08:09 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).


Microsoft Office:
=========================
Error: (07/12/2015 12:03:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvxdsync.exe8.17.13.14225142846fntdll.dll6.1.7601.18869556366f2c000037400000000000bfc227e401d0bc37d6bbeed7C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Windows\SYSTEM32\ntdll.dll59cd0b09-2853-11e5-a216-0090f5c384a9

Error: (07/11/2015 07:20:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d6727a7unknown0.0.0.000000000c0000005002efb4671c01d0bc387ea85b72C:\Windows\SysWOW64\explorer.exeunknownc2dfe20e-282b-11e5-a216-0090f5c384a9

Error: (07/04/2015 11:32:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ATH.exe17.492.0.2954941c4cobjc.dll1.528.0.126549407f2c000000500006be419f801d0b66b218a526aC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exeC:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll51610e6a-226a-11e5-a5ff-0090f5c384a9

Error: (07/04/2015 11:32:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ATH.exe17.492.0.2954941c4cobjc.dll1.528.0.126549407f2c000000500006be41c8401d0b597e8d12441C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exeC:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll5160e75a-226a-11e5-a5ff-0090f5c384a9

Error: (07/01/2015 12:06:05 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest

Error: (07/01/2015 12:06:05 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest

Error: (07/01/2015 12:06:05 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest

Error: (06/25/2015 08:20:49 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {27F58C12-17F5-43E2-A316-6C9E75AE0C44}John-PC\John%s Connection691

Error: (06/25/2015 08:20:39 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {C27E1FF2-604A-4A5F-826B-15F726788702}John-PC\John%s Connection691

Error: (06/23/2015 06:01:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvxdsync.exe8.17.13.14225142846fntdll.dll6.1.7601.18869556366f2c000037400000000000bfc2274c01d0ae022f190262C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Windows\SYSTEM32\ntdll.dllcce08dbc-19fb-11e5-8ef6-0090f5c384a9


CodeIntegrity Errors:
===================================
  Date: 2014-08-04 20:36:32.581
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-04 20:36:32.543
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-04 17:17:34.291
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-04 17:17:34.291
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-04 17:17:34.291
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-04 17:17:34.260
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-04 17:17:34.260
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-04 17:17:34.260
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-01 10:13:07.330
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-01 10:13:07.320
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i7-2820QM CPU @ 2.30GHz
Percentage of memory in use: 96%
Total physical RAM: 8169.4 MB
Available physical RAM: 302.23 MB
Total Virtual: 16337 MB
Available Virtual: 12927.11 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:953.77 GB) (Free:302.62 GB) NTFS
Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: () (Fixed) (Total:698.54 GB) (Free:83.02 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 953.9 GB) (Disk ID: 01557017)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=953.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 097E2604)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)

==================== End of log ============================

 

 


  • 0

Advertisements


#2
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
WARNING
(ZeroAccess Rootkit )
:

One or more of the identified infections is a backdoor trojan/rootkit.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

If the infected computer was used for online banking, has credit card information or other sensitive data on it, you should immediately disconnect it from the Internet until your system is cleaned. ALL passwords should be changed immediately to include those used for banking, email, eBay, paypal and online forums. You should consider them to be compromised. You should change each password by using a clean computer and not the infected one. If not, an attacker may get the new passwords and transaction information. If using a router, you will need to reset it with a strong logon/password so the malware cannot gain control before connecting again. Banking and credit card institutions should be notified as soon as possible due to the possibility of the security breach.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS.

Because your computer was compromised please read the following links:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

When should I re-format? How should I reinstall?


Did you run combofix and do you have the log file ?
  • 0

#3
BluePoet

BluePoet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

Please let me know if there is a way to remove this from my system.  I recently moved to a new country and my connection is slow (even normally; it's not running worse than usual.  I tried running a few programs to remove or at least detect the infection, but none did.  I ran ComboFIx in safe mode and do not have the network change problems, nor problems running ComboFix.  I fixes nothing, but the log file is as follows:

 

ComboFix 15-07-12.01 - John 07/12/2015  12:37:17.5.8 - x64 NETWORK
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.8169.7098 [GMT -5:00]
Running from: c:\users\John\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Enabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Kaspersky Internet Security *Enabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Internet Security *Enabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\programdata\ntuser.pol
c:\users\John\AppData\Local\assembly\tmp
c:\windows\PFRO.log
c:\windows\SysWow64\DEBUG.log
.
.
(((((((((((((((((((((((((   Files Created from 2015-06-12 to 2015-07-12  )))))))))))))))))))))))))))))))
.
.
2015-07-12 17:42 . 2015-07-12 17:42    --------    d-----w-    c:\users\UpdatusUser\AppData\Local\temp
2015-07-12 17:42 . 2015-07-12 17:42    --------    d-----w-    c:\users\Public\AppData\Local\temp
2015-07-12 17:42 . 2015-07-12 17:42    --------    d-----w-    c:\users\Laura\AppData\Local\temp
2015-07-12 17:42 . 2015-07-12 17:42    --------    d-----w-    c:\users\Default\AppData\Local\temp
2015-07-12 16:51 . 2015-07-12 16:51    12872    ----a-w-    c:\windows\system32\bootdelete.exe
2015-07-12 16:48 . 2015-07-12 17:09    --------    d-----w-    c:\program files\HitmanPro
2015-07-12 16:47 . 2015-07-12 16:52    --------    d-----w-    c:\programdata\HitmanPro
2015-07-12 16:42 . 2015-07-12 16:42    27256    ----a-w-    c:\windows\system32\drivers\FixZeroAccess.sys
2015-07-12 15:03 . 2015-07-12 15:07    --------    d-----w-    C:\FRST
2015-07-10 22:55 . 2015-06-12 07:50    12221144    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{87840DC4-45BD-4352-BCBF-20EF8F30DF16}\mpengine.dll
2015-07-08 18:30 . 2015-07-08 18:30    --------    d-----w-    c:\program files (x86)\Common Files\ffdshowEx
2015-07-04 16:34 . 2015-07-04 16:34    --------    d-----w-    c:\program files\iPod
2015-07-04 16:34 . 2015-07-04 16:34    --------    d-----w-    c:\program files\iTunes
2015-07-04 16:34 . 2015-07-04 16:34    --------    d-----w-    c:\program files (x86)\iTunes
2015-07-04 16:29 . 2015-07-04 16:29    159744    ----a-w-    c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2015-07-04 16:29 . 2015-07-04 16:29    159744    ----a-w-    c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2015-07-04 16:29 . 2015-07-04 16:29    159744    ----a-w-    c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2015-07-04 16:29 . 2015-07-04 16:29    159744    ----a-w-    c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2015-07-04 16:29 . 2015-07-04 16:29    159744    ----a-w-    c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2015-07-04 16:29 . 2015-07-04 16:29    --------    d-----w-    c:\program files (x86)\QuickTime
2015-07-01 22:12 . 2015-07-01 22:12    --------    d-----w-    c:\programdata\NCH Software
2015-07-01 22:12 . 2015-07-02 14:28    --------    d-----w-    c:\program files (x86)\NCH Software
2015-07-01 21:30 . 2015-07-01 21:33    --------    d-----w-    c:\users\John\AppData\Roaming\freac
2015-07-01 21:26 . 2015-07-01 21:26    --------    d-----w-    c:\users\John\AppData\Roaming\Faasoft Video Converter
2015-07-01 21:24 . 2015-07-01 22:33    --------    d-----w-    c:\program files (x86)\Faasoft
2015-07-01 21:16 . 2015-07-01 21:16    --------    d-----w-    c:\users\John\AppData\Roaming\Faasoft Audio Converter
2015-07-01 21:09 . 2015-07-01 21:09    --------    d-----w-    c:\users\John\AppData\Roaming\Anvsoft
2015-07-01 21:09 . 2015-07-01 21:09    --------    d-----w-    c:\program files (x86)\Anvsoft
2015-07-01 19:23 . 2015-07-01 22:32    --------    d-----w-    c:\users\John\AppData\Roaming\foobar2000
2015-06-28 23:02 . 2015-07-04 16:34    --------    d-----w-    c:\programdata\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-06-28 22:52 . 2015-06-28 22:52    --------    d-----w-    c:\users\John\AppData\Roaming\TaiG
2015-06-19 01:49 . 2015-06-19 01:49    --------    d-----w-    c:\users\Laura\AppData\Local\GWX
2015-06-19 01:48 . 2015-06-19 01:48    --------    d-----w-    c:\users\Laura\AppData\Local\Wondershare
2015-06-19 01:48 . 2015-06-19 01:48    --------    d-----w-    c:\users\Laura\AppData\Local\CyberLink
2015-06-19 01:48 . 2015-06-19 01:48    --------    d-----w-    c:\users\Laura\AppData\Local\Google
2015-06-17 05:23 . 2015-06-17 05:23    94208    ----a-w-    c:\windows\SysWow64\QuickTimeVR.qtx
2015-06-17 05:23 . 2015-06-17 05:23    69632    ----a-w-    c:\windows\SysWow64\QuickTime.qts
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-12 01:09 . 2012-04-03 13:33    778416    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-12 01:09 . 2011-11-03 00:43    142512    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-10 18:19 . 2014-04-21 15:26    34440    ----a-w-    c:\windows\system32\drivers\visctap0901.sys
2015-06-23 18:30 . 2010-11-21 03:27    300704    ------w-    c:\windows\system32\MpSigStub.exe
2015-06-11 04:08 . 2015-06-11 04:08    6112072    ----a-w-    c:\windows\system32\usbaaplrc.dll
2015-06-11 04:08 . 2015-06-11 04:08    54784    ----a-w-    c:\windows\system32\drivers\usbaapl64.sys
2015-06-10 20:16 . 2011-11-16 23:28    140135120    ----a-w-    c:\windows\system32\MRT.exe
2015-06-01 19:16 . 2015-06-10 20:16    389840    ----a-w-    c:\windows\system32\iedkcs32.dll
2015-05-27 14:35 . 2015-06-10 20:15    24917504    ----a-w-    c:\windows\system32\mshtml.dll
2015-05-25 18:24 . 2015-06-10 20:12    5569984    ----a-w-    c:\windows\system32\ntoskrnl.exe
2015-05-25 18:23 . 2015-06-10 20:12    95680    ----a-w-    c:\windows\system32\drivers\ksecdd.sys
2015-05-25 18:23 . 2015-06-10 20:12    155584    ----a-w-    c:\windows\system32\drivers\ksecpkg.sys
2015-05-25 18:21 . 2015-06-10 20:12    1728960    ----a-w-    c:\windows\system32\ntdll.dll
2015-05-25 18:19 . 2015-06-10 20:12    362496    ----a-w-    c:\windows\system32\wow64win.dll
2015-05-25 18:19 . 2015-06-10 20:12    243712    ----a-w-    c:\windows\system32\wow64.dll
2015-05-25 18:19 . 2015-06-10 20:12    13312    ----a-w-    c:\windows\system32\wow64cpu.dll
2015-05-25 18:19 . 2015-06-10 20:12    215040    ----a-w-    c:\windows\system32\winsrv.dll
2015-05-25 18:19 . 2015-06-10 20:12    1255424    ----a-w-    c:\windows\system32\diagtrack.dll
2015-05-25 18:19 . 2015-06-10 20:12    210944    ----a-w-    c:\windows\system32\wdigest.dll
2015-05-25 18:19 . 2015-06-10 20:12    879104    ----a-w-    c:\windows\system32\tdh.dll
2015-05-25 18:19 . 2015-06-10 20:12    86528    ----a-w-    c:\windows\system32\TSpkg.dll
2015-05-25 18:19 . 2015-06-10 20:12    29184    ----a-w-    c:\windows\system32\sspisrv.dll
2015-05-25 18:19 . 2015-06-10 20:12    136192    ----a-w-    c:\windows\system32\sspicli.dll
2015-05-25 18:19 . 2015-06-10 20:12    503808    ----a-w-    c:\windows\system32\srcore.dll
2015-05-25 18:19 . 2015-06-10 20:12    50176    ----a-w-    c:\windows\system32\srclient.dll
2015-05-25 18:19 . 2015-06-10 20:12    28160    ----a-w-    c:\windows\system32\secur32.dll
2015-05-25 18:19 . 2015-06-10 20:12    113664    ----a-w-    c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-10 20:12    342016    ----a-w-    c:\windows\system32\schannel.dll
2015-05-25 18:19 . 2015-06-10 20:12    314880    ----a-w-    c:\windows\system32\msv1_0.dll
2015-05-25 18:19 . 2015-06-10 20:12    309760    ----a-w-    c:\windows\system32\ncrypt.dll
2015-05-25 18:19 . 2015-06-10 20:12    16384    ----a-w-    c:\windows\system32\ntvdm64.dll
2015-05-25 18:19 . 2015-06-10 20:12    728576    ----a-w-    c:\windows\system32\kerberos.dll
2015-05-25 18:19 . 2015-06-10 20:12    424960    ----a-w-    c:\windows\system32\KernelBase.dll
2015-05-25 18:19 . 2015-06-10 20:12    1461760    ----a-w-    c:\windows\system32\lsasrv.dll
2015-05-25 18:19 . 2015-06-10 20:12    1162752    ----a-w-    c:\windows\system32\kernel32.dll
2015-05-25 18:18 . 2015-06-10 20:12    43520    ----a-w-    c:\windows\system32\csrsrv.dll
2015-05-25 18:18 . 2015-06-10 20:12    22016    ----a-w-    c:\windows\system32\credssp.dll
2015-05-25 18:18 . 2015-06-10 20:12    879104    ----a-w-    c:\windows\system32\advapi32.dll
2015-05-25 18:18 . 2015-06-10 20:12    47104    ----a-w-    c:\windows\system32\typeperf.exe
2015-05-25 18:18 . 2015-06-10 20:12    404992    ----a-w-    c:\windows\system32\tracerpt.exe
2015-05-25 18:18 . 2015-06-10 20:12    112640    ----a-w-    c:\windows\system32\smss.exe
2015-05-25 18:18 . 2015-06-10 20:12    296960    ----a-w-    c:\windows\system32\rstrui.exe
2015-05-25 18:18 . 2015-06-10 20:12    43008    ----a-w-    c:\windows\system32\relog.exe
2015-05-25 18:18 . 2015-06-10 20:12    31232    ----a-w-    c:\windows\system32\lsass.exe
2015-05-25 18:18 . 2015-06-10 20:12    104448    ----a-w-    c:\windows\system32\logman.exe
2015-05-25 18:18 . 2015-06-10 20:12    19456    ----a-w-    c:\windows\system32\diskperf.exe
2015-05-25 18:18 . 2015-06-10 20:12    338432    ----a-w-    c:\windows\system32\conhost.exe
2015-05-25 18:18 . 2015-06-10 20:12    64000    ----a-w-    c:\windows\system32\auditpol.exe
2015-05-25 18:14 . 2015-06-10 20:12    60416    ----a-w-    c:\windows\system32\msobjs.dll
2015-05-25 18:14 . 2015-06-10 20:12    146432    ----a-w-    c:\windows\system32\msaudite.dll
2015-05-25 18:11 . 2015-06-10 20:12    6656    ----a-w-    c:\windows\system32\apisetschema.dll
2015-05-25 18:11 . 2015-06-10 20:12    6144    ---ha-w-    c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    4608    ---ha-w-    c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    4608    ---ha-w-    c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    5120    ---ha-w-    c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 20:12    686080    ----a-w-    c:\windows\system32\adtschema.dll
2015-05-25 18:07 . 2015-06-10 20:12    3989440    ----a-w-    c:\windows\SysWow64\ntkrnlpa.exe
2015-05-25 18:07 . 2015-06-10 20:12    3934144    ----a-w-    c:\windows\SysWow64\ntoskrnl.exe
2015-05-25 18:04 . 2015-06-10 20:12    1310744    ----a-w-    c:\windows\SysWow64\ntdll.dll
2015-05-25 18:01 . 2015-06-10 20:12    172032    ----a-w-    c:\windows\SysWow64\wdigest.dll
2015-05-25 18:01 . 2015-06-10 20:12    65536    ----a-w-    c:\windows\SysWow64\TSpkg.dll
2015-05-25 18:01 . 2015-06-10 20:12    635392    ----a-w-    c:\windows\SysWow64\tdh.dll
2015-05-25 18:01 . 2015-06-10 20:12    43008    ----a-w-    c:\windows\SysWow64\srclient.dll
2015-05-25 18:01 . 2015-06-10 20:12    92160    ----a-w-    c:\windows\SysWow64\sechost.dll
2015-05-25 18:01 . 2015-06-10 20:12    248832    ----a-w-    c:\windows\SysWow64\schannel.dll
2015-05-25 18:01 . 2015-06-10 20:12    22016    ----a-w-    c:\windows\SysWow64\secur32.dll
2015-05-25 18:01 . 2015-06-10 20:12    221184    ----a-w-    c:\windows\SysWow64\ncrypt.dll
2015-05-25 18:01 . 2015-06-10 20:12    14336    ----a-w-    c:\windows\SysWow64\ntvdm64.dll
2015-05-25 18:01 . 2015-06-10 20:12    259584    ----a-w-    c:\windows\SysWow64\msv1_0.dll
2015-05-25 18:01 . 2015-06-10 20:12    551424    ----a-w-    c:\windows\SysWow64\kerberos.dll
2015-05-25 18:01 . 2015-06-10 20:12    17408    ----a-w-    c:\windows\SysWow64\credssp.dll
2015-05-25 18:01 . 2015-06-10 20:12    641536    ----a-w-    c:\windows\SysWow64\advapi32.dll
2015-05-25 18:01 . 2015-06-10 20:12    44032    ----a-w-    c:\windows\apppatch\acwow64.dll
2015-05-25 18:00 . 2015-06-10 20:12    40448    ----a-w-    c:\windows\SysWow64\typeperf.exe
2015-05-25 18:00 . 2015-06-10 20:12    364544    ----a-w-    c:\windows\SysWow64\tracerpt.exe
2015-05-25 18:00 . 2015-06-10 20:12    25600    ----a-w-    c:\windows\SysWow64\setup16.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iFunBoxConnector"="c:\program files (x86)\i-Funbox DevTeam\ifb_conn.exe" [2012-11-20 812544]
"PlayOn"="c:\program files (x86)\MediaMall\PlayOn.exe" [2015-07-08 67904]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2015-04-26 43816]
"Backblaze"="c:\program files (x86)\Backblaze\bzbui.exe" [2015-05-16 490176]
"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2010-01-16 717696]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2015-04-26 43816]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-11-01 1374720]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2010-08-03 107816]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-05-15 60712]
"ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2011-08-11 358336]
"Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2013-12-27 570880]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"FUFAXRCV"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe" [2011-03-09 495616]
"FUFAXSTM"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [2011-03-09 856064]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
"Wondershare Helper Compact.exe"="c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2014-08-05 2020704]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2012-01-26 1058400]
"PowerDVD15Agent"="c:\program files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe" [2015-03-19 950296]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2015-06-17 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2015-06-29 157992]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Backblaze"="c:\program files (x86)\Backblaze\bzbui.exe" [2015-05-16 490176]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Hotkey.lnk.disabled [2011-10-31 865]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages    REG_MULTI_SZ       scecli c:\program files\Protector Suite\psqlpwd.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys;c:\windows\SYSNATIVE\DRIVERS\ctxusbm.sys [x]
R1 klhk;klhk;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
R1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
R1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
R2 {687703DE-DC6D-4649-892B-B8497854A6AB};Power Control [2015/04/12 10:37];c:\program files (x86)\CyberLink\PowerDVD15\Common\NavFilter\000.fcl;c:\program files (x86)\CyberLink\PowerDVD15\Common\NavFilter\000.fcl [x]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
R2 AVP15.0.1;Kaspersky Anti-Virus Service 15.0.1;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [x]
R2 bzserv;Backblaze Service;c:\program files (x86)\Backblaze\bzserv.exe;c:\program files (x86)\Backblaze\bzserv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\EPSON\EpsonCustomerParticipation\EPCP.exe;c:\program files\EPSON\EpsonCustomerParticipation\EPCP.exe [x]
R2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [x]
R2 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x]
R2 ReflectService.exe;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe;c:\program files\Macrium\Reflect\ReflectService.exe [x]
R2 RosettaStoneLtdController;RosettaStoneLtdController;c:\program files (x86)\RosettaStoneLtdServices\RosettaStoneLtdController.exe;c:\program files (x86)\RosettaStoneLtdServices\RosettaStoneLtdController.exe [x]
R2 SamsungRapidSvc;Samsung RAPID Mode Service;c:\windows\system32\RAPID\SamsungRapidSvc.exe;c:\windows\SYSNATIVE\RAPID\SamsungRapidSvc.exe [x]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
R2 TorGuardService;ViscosityVPP VPNetworks LLC Service;c:\program files\TorGuard.Viscosity\TorGuardService.exe;c:\program files\TorGuard.Viscosity\TorGuardService.exe [x]
R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
R3 MediaMall Server;MediaMall Server;c:\program files (x86)\MediaMall\MediaMallServer.exe;c:\program files (x86)\MediaMall\MediaMallServer.exe [x]
R3 MFE_RR;MFE_RR;c:\users\John\AppData\Local\Temp\mfe_rr.sys;c:\users\John\AppData\Local\Temp\mfe_rr.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 visctap0901;Viscosity Virtual Adapter V9.1;c:\windows\system32\DRIVERS\visctap0901.sys;c:\windows\SYSNATIVE\DRIVERS\visctap0901.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 PowerBiosServer;PowerBiosServer;c:\program files (x86)\Hotkey\PowerBiosServer.exe;c:\program files (x86)\Hotkey\PowerBiosServer.exe [x]
S0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK);c:\windows\system32\DRIVERS\cm_km_w.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km_w.sys [x]
S0 SamsungRapidDiskFltr;SAMSUNG RAPID Mode Disk Filter Driver;c:\windows\system32\DRIVERS\SamsungRapidDiskFltr.sys;c:\windows\SYSNATIVE\DRIVERS\SamsungRapidDiskFltr.sys [x]
S0 SamsungRapidFSFltr;SamsungRapidFSFltr;c:\windows\system32\DRIVERS\SamsungRapidFSFltr.sys;c:\windows\SYSNATIVE\DRIVERS\SamsungRapidFSFltr.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 Klwtp;Klwtp;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x]
S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys;c:\windows\SYSNATIVE\DRIVERS\JME.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\DRIVERS\nvstusb.sys;c:\windows\SYSNATIVE\DRIVERS\nvstusb.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-07-07 20:25    991048    ----a-w-    c:\program files (x86)\Google\Chrome\Application\43.0.2357.132\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-07-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 01:09]
.
2015-07-12 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2012-07-17 22:47]
.
2015-07-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-02-10 02:12]
.
2015-07-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-02-10 02:12]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2010-04-27 22:48    5947656    ----a-w-    c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2010-04-27 22:48    5947656    ----a-w-    c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-11 11776104]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-11-02 1933584]
"PSQLLauncher"="c:\program files\Protector Suite\launcher.exe" [2010-04-27 84744]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2010-09-14 25600]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-09-20 557768]
"SamsungRapidApp"="c:\program files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe" [2014-09-16 281776]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: {{09A10376-994C-4BBF-9121-F50CF7BA237E} - {F2A56BFE-7911-451A-BC74-A9C3C2E95126} - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll
TCP: DhcpNameServer = 190.157.8.33 181.48.0.232
FF - ProfilePath - c:\users\John\AppData\Roaming\Mozilla\Firefox\Profiles\z5xtwheb.default-1347206686710\
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
FF - user.js: plugin.state.npcontentblocker - 2
FF - user.js: plugin.state.nponlinebanking - 2
FF - user.js: plugin.state.npvkplugin - 2
FF - user.js: plugin.state.npvkplugin - 2
FF - user.js: plugin.state.npvkplugin - 2
FF - user.js: plugin.state.npvkplugin - 2
FF - user.js: plugin.state.npvkplugin - 2
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-DelaypluginInstall - c:\programdata\Wondershare\Video Converter Ultimate\DelayPluginI.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\{687703DE-DC6D-4649-892B-B8497854A6AB}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD15\Common\NavFilter\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_203_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_203_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_203_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_203_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_203.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_203.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_203.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_203.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*]
"v5Setup"="07-GECC-2UED-PNJF-1T54-N1F3-ZRCNXGN"
.
Completion time: 2015-07-12  12:44:34
ComboFix-quarantined-files.txt  2015-07-12 17:44
ComboFix2.txt  2013-01-14 16:20
ComboFix3.txt  2013-01-12 19:31
.
Pre-Run: 359,728,996,352 bytes free
Post-Run: 359,289,348,096 bytes free
.
- - End Of File - - B07EEF3263FFBF775C9CEA0AE7970C45
A36C5E4F47E84449FF07ED3517B43A31
 


  • 0

#4
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Hello,

A few items to fix

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.
start
CloseProcesses:
CreateRestorePoint:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-777044968-2926712198-4189444973-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {21A51130-7285-49FE-B3F6-2385CC71CDEA} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {21A51130-7285-49FE-B3F6-2385CC71CDEA} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {21A51130-7285-49FE-B3F6-2385CC71CDEA} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {21A51130-7285-49FE-B3F6-2385CC71CDEA} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-777044968-2926712198-4189444973-1000 -> DefaultScope {21A51130-7285-49FE-B3F6-2385CC71CDEA} URL =
Winsock: Catalog5 01 mswsock.dll File not found ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File not found ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not ' & $found1 & ' ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not ' & $found1 & ' ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
S4 PowerBiosServer; "C:\Program Files (x86)\Hotkey\PowerBiosServer.exe" [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\Windows\Installer\{f7206540-76db-7474-2888-88bf92c5cf75}
Task: {49E86A1A-ED9F-4156-B5D0-0214FABA8092} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION
C:\Program Files (x86)\MyPC Backup
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
RemoveProxy:
hosts:
Emptytemp:
Click Format and ensure Wordwrap is unchecked.
Save as Fixlist.txt to your Desktop (Must be in this location)
Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

Post the fixlog.txt. That log will be found on the desktop.
  • 0

#5
BluePoet

BluePoet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

Running malwarebytes and restarting seems to have helped.  I still have the fix file.  Should I run it anyway or leave well enough alone?  I am able to change passwords and can switch networks as well, which was the original problem.


  • 0

#6
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Please don't run anything more, unless instructed, it cause confusion in the log reports that I use for reference.

Post the fixlog.txt and await further instructions please.

Thanks
Joe :)
  • 0

#7
BluePoet

BluePoet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

Done.  Here is the log file:

 

Fix result of Farbar Recovery Scan Tool (x64) Version:11-07-2015
Ran by John at 2015-07-12 13:36:50 Run:1
Running from C:\Users\John\Desktop
Loaded Profiles: John & Laura (Available Profiles: John & Laura & UpdatusUser)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CloseProcesses:
CreateRestorePoint:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-777044968-2926712198-4189444973-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {21A51130-7285-49FE-B3F6-2385CC71CDEA} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {21A51130-7285-49FE-B3F6-2385CC71CDEA} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {21A51130-7285-49FE-B3F6-2385CC71CDEA} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {21A51130-7285-49FE-B3F6-2385CC71CDEA} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-777044968-2926712198-4189444973-1000 -> DefaultScope {21A51130-7285-49FE-B3F6-2385CC71CDEA} URL =
Winsock: Catalog5 01 mswsock.dll File not found ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File not found ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not ' & $found1 & ' ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not ' & $found1 & ' ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
S4 PowerBiosServer; "C:\Program Files (x86)\Hotkey\PowerBiosServer.exe" [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\Windows\Installer\{f7206540-76db-7474-2888-88bf92c5cf75}
Task: {49E86A1A-ED9F-4156-B5D0-0214FABA8092} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION
C:\Program Files (x86)\MyPC Backup
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
RemoveProxy:
hosts:
Emptytemp:
*****************

Processes closed successfully.
Restore point was successfully created.
C:\Windows\system32\GroupPolicy\Machine => moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully.
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
"HKU\S-1-5-21-777044968-2926712198-4189444973-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{21A51130-7285-49FE-B3F6-2385CC71CDEA}" => key removed successfully
HKCR\CLSID\{21A51130-7285-49FE-B3F6-2385CC71CDEA} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{21A51130-7285-49FE-B3F6-2385CC71CDEA}" => key removed successfully
HKCR\Wow6432Node\CLSID\{21A51130-7285-49FE-B3F6-2385CC71CDEA} => key not found.
HKU\S-1-5-21-777044968-2926712198-4189444973-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
Winsock: Catalog5 entry 000000000001\\LibraryPath  was set successfully to %SystemRoot%\system32\NLAapi.dll
Winsock: Catalog5 entry 000000000005\\LibraryPath  was set successfully to %SystemRoot%\System32\mswsock.dll
Winsock: Catalog5-x64 entry 000000000001\\LibraryPath  was set successfully to %SystemRoot%\system32\NLAapi.dll
Winsock: Catalog5-x64 entry 000000000005\\LibraryPath  was set successfully to %SystemRoot%\System32\mswsock.dll
PowerBiosServer => Service removed successfully
catchme => Service removed successfully
VGPU => Service removed successfully
"C:\Windows\Installer\{f7206540-76db-7474-2888-88bf92c5cf75}" => File/Folder not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{49E86A1A-ED9F-4156-B5D0-0214FABA8092}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49E86A1A-ED9F-4156-B5D0-0214FABA8092}" => key removed successfully
C:\Windows\System32\Tasks\LaunchApp => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchApp" => key removed successfully
"C:\Program Files (x86)\MyPC Backup" => File/Folder not found.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc" => key removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => key not found.
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => key not found.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc" => key removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => key not found.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => key not found.

=========  bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


=========  netsh winsock reset catalog =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


=========  ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-777044968-2926712198-4189444973-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-777044968-2926712198-4189444973-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-777044968-2926712198-4189444973-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-777044968-2926712198-4189444973-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 813.3 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 13:37:21 ====


  • 0

#8
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Next instruction.

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

  • 0

#9
BluePoet

BluePoet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

The Rootkit tool found no objects or threats.  Nothing was removed and no reboot was needed.  Log file below:

 

13:45:16.0027 0x16ec  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
13:45:20.0161 0x16ec  ============================================================
13:45:20.0161 0x16ec  Current date / time: 2015/07/12 13:45:20.0161
13:45:20.0161 0x16ec  SystemInfo:
13:45:20.0161 0x16ec  
13:45:20.0161 0x16ec  OS Version: 6.1.7601 ServicePack: 1.0
13:45:20.0161 0x16ec  Product type: Workstation
13:45:20.0161 0x16ec  ComputerName: JOHN-PC
13:45:20.0161 0x16ec  UserName: John
13:45:20.0161 0x16ec  Windows directory: C:\Windows
13:45:20.0161 0x16ec  System windows directory: C:\Windows
13:45:20.0161 0x16ec  Running under WOW64
13:45:20.0161 0x16ec  Processor architecture: Intel x64
13:45:20.0161 0x16ec  Number of processors: 8
13:45:20.0161 0x16ec  Page size: 0x1000
13:45:20.0161 0x16ec  Boot type: Normal boot
13:45:20.0161 0x16ec  ============================================================
13:45:20.0442 0x16ec  KLMD registered as C:\Windows\system32\drivers\78068847.sys
13:45:20.0520 0x16ec  System UUID: {2C2A9F84-DF11-12BF-C948-5E3DC2327B86}
13:45:20.0832 0x16ec  Drive \Device\Harddisk0\DR0 - Size: 0xEE77A56000 ( 953.87 Gb ), SectorSize: 0x200, Cylinders: 0x1E667, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:45:21.0160 0x16ec  Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:45:21.0222 0x16ec  ============================================================
13:45:21.0222 0x16ec  \Device\Harddisk0\DR0:
13:45:21.0222 0x16ec  MBR partitions:
13:45:21.0222 0x16ec  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:45:21.0222 0x16ec  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x77389800
13:45:21.0222 0x16ec  \Device\Harddisk1\DR1:
13:45:21.0222 0x16ec  MBR partitions:
13:45:21.0222 0x16ec  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:45:21.0222 0x16ec  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x57512000
13:45:21.0222 0x16ec  ============================================================
13:45:21.0238 0x16ec  C: <-> \Device\Harddisk0\DR0\Partition2
13:45:21.0238 0x16ec  D: <-> \Device\Harddisk1\DR1\Partition1
13:45:21.0269 0x16ec  E: <-> \Device\Harddisk1\DR1\Partition2
13:45:21.0269 0x16ec  ============================================================
13:45:21.0269 0x16ec  Initialize success
13:45:21.0269 0x16ec  ============================================================
13:45:24.0202 0x0bec  ============================================================
13:45:24.0202 0x0bec  Scan started
13:45:24.0202 0x0bec  Mode: Manual;
13:45:24.0202 0x0bec  ============================================================
13:45:24.0202 0x0bec  KSN ping started
13:45:39.0209 0x0bec  KSN ping finished: true
13:45:39.0772 0x0bec  ================ Scan system memory ========================
13:45:39.0772 0x0bec  System memory - ok
13:45:39.0772 0x0bec  ================ Scan services =============================
13:45:39.0803 0x0bec  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
13:45:39.0803 0x0bec  1394ohci - ok
13:45:39.0818 0x0bec  [ B33CF4DE909A5B30F526D82053A63C8E, ABF5BB962C038E545C18B96E686E072D780C907096C7BB341297AF31D3703ABD ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
13:45:39.0834 0x0bec  ABBYY.Licensing.FineReader.Sprint.9.0 - ok
13:45:39.0850 0x0bec  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:45:39.0850 0x0bec  ACPI - ok
13:45:39.0850 0x0bec  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:45:39.0850 0x0bec  AcpiPmi - ok
13:45:39.0850 0x0bec  [ A542C712794FB8FBD27E37271C730F36, 8C327BFAC10C7BBD48277D4FEB862D58CA1F22DC10F0632BB8B18CF54A507216 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:45:39.0865 0x0bec  AdobeARMservice - ok
13:45:39.0881 0x0bec  [ B8F7DF2DD3AA8A5AA865162F011636AD, 733AC203ABEEC3295E2CB5FC623260406EA1CF8A4DD317C637F014C9D6612DEB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:45:39.0896 0x0bec  AdobeFlashPlayerUpdateSvc - ok
13:45:39.0896 0x0bec  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:45:39.0912 0x0bec  adp94xx - ok
13:45:39.0912 0x0bec  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:45:39.0928 0x0bec  adpahci - ok
13:45:39.0928 0x0bec  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:45:39.0928 0x0bec  adpu320 - ok
13:45:39.0928 0x0bec  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:45:39.0943 0x0bec  AeLookupSvc - ok
13:45:39.0943 0x0bec  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
13:45:39.0959 0x0bec  AFD - ok
13:45:39.0959 0x0bec  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
13:45:39.0959 0x0bec  agp440 - ok
13:45:39.0959 0x0bec  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
13:45:39.0959 0x0bec  ALG - ok
13:45:39.0974 0x0bec  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:45:39.0974 0x0bec  aliide - ok
13:45:39.0974 0x0bec  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
13:45:39.0974 0x0bec  amdide - ok
13:45:39.0974 0x0bec  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:45:39.0974 0x0bec  AmdK8 - ok
13:45:39.0974 0x0bec  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
13:45:39.0974 0x0bec  AmdPPM - ok
13:45:39.0990 0x0bec  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:45:39.0990 0x0bec  amdsata - ok
13:45:39.0990 0x0bec  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
13:45:39.0990 0x0bec  amdsbs - ok
13:45:39.0990 0x0bec  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:45:39.0990 0x0bec  amdxata - ok
13:45:40.0006 0x0bec  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
13:45:40.0006 0x0bec  AppID - ok
13:45:40.0006 0x0bec  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:45:40.0006 0x0bec  AppIDSvc - ok
13:45:40.0006 0x0bec  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
13:45:40.0006 0x0bec  Appinfo - ok
13:45:40.0021 0x0bec  [ 2F2BD5EFFA8E91295F4DB493D85534B5, FF6758DC06751028960C9A165767EDAD78B2868599D1A01CAC8108E1699A92DE ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:45:40.0021 0x0bec  Apple Mobile Device - ok
13:45:40.0021 0x0bec  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
13:45:40.0021 0x0bec  AppMgmt - ok
13:45:40.0021 0x0bec  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
13:45:40.0037 0x0bec  arc - ok
13:45:40.0037 0x0bec  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:45:40.0037 0x0bec  arcsas - ok
13:45:40.0037 0x0bec  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:45:40.0052 0x0bec  aspnet_state - ok
13:45:40.0052 0x0bec  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:45:40.0052 0x0bec  AsyncMac - ok
13:45:40.0052 0x0bec  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
13:45:40.0052 0x0bec  atapi - ok
13:45:40.0130 0x0bec  [ 3EFD964D52221360AF0673CD61C2F4F5, 76D636CAF2E4FEDAAC6B0D958865A901340CF836EE4FCE59F1D5291E3BEC9F1E ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:45:40.0224 0x0bec  atikmdag - ok
13:45:40.0240 0x0bec  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:45:40.0240 0x0bec  AudioEndpointBuilder - ok
13:45:40.0255 0x0bec  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:45:40.0271 0x0bec  AudioSrv - ok
13:45:40.0271 0x0bec  [ AB1AF0BA03DCB6A879BC22F472EACEEA, A75B73D0B1FE885F6DC2C7A0B755A6E12F9DC54CE702A1FFC3F283196793627A ] AVP15.0.1       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
13:45:40.0286 0x0bec  AVP15.0.1 - ok
13:45:40.0286 0x0bec  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:45:40.0286 0x0bec  AxInstSV - ok
13:45:40.0302 0x0bec  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
13:45:40.0302 0x0bec  b06bdrv - ok
13:45:40.0318 0x0bec  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:45:40.0318 0x0bec  b57nd60a - ok
13:45:40.0318 0x0bec  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:45:40.0318 0x0bec  BDESVC - ok
13:45:40.0333 0x0bec  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:45:40.0333 0x0bec  Beep - ok
13:45:40.0333 0x0bec  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
13:45:40.0349 0x0bec  BFE - ok
13:45:40.0364 0x0bec  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
13:45:40.0380 0x0bec  BITS - ok
13:45:40.0396 0x0bec  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:45:40.0396 0x0bec  blbdrive - ok
13:45:40.0396 0x0bec  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:45:40.0411 0x0bec  Bonjour Service - ok
13:45:40.0411 0x0bec  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:45:40.0411 0x0bec  bowser - ok
13:45:40.0411 0x0bec  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
13:45:40.0411 0x0bec  BrFiltLo - ok
13:45:40.0411 0x0bec  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
13:45:40.0411 0x0bec  BrFiltUp - ok
13:45:40.0427 0x0bec  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
13:45:40.0427 0x0bec  BridgeMP - ok
13:45:40.0427 0x0bec  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
13:45:40.0427 0x0bec  Browser - ok
13:45:40.0442 0x0bec  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:45:40.0442 0x0bec  Brserid - ok
13:45:40.0442 0x0bec  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:45:40.0442 0x0bec  BrSerWdm - ok
13:45:40.0442 0x0bec  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:45:40.0442 0x0bec  BrUsbMdm - ok
13:45:40.0458 0x0bec  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:45:40.0458 0x0bec  BrUsbSer - ok
13:45:40.0458 0x0bec  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
13:45:40.0458 0x0bec  BthEnum - ok
13:45:40.0458 0x0bec  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:45:40.0458 0x0bec  BTHMODEM - ok
13:45:40.0458 0x0bec  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
13:45:40.0474 0x0bec  BthPan - ok
13:45:40.0474 0x0bec  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
13:45:40.0489 0x0bec  BTHPORT - ok
13:45:40.0489 0x0bec  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
13:45:40.0489 0x0bec  bthserv - ok
13:45:40.0489 0x0bec  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
13:45:40.0505 0x0bec  BTHUSB - ok
13:45:40.0505 0x0bec  [ 6274B72505D356942A172C2144EBE97A, CAF0AD76EFE340FDD0402761EAF27EFF9F6929FE936F579B64620C733DE091C8 ] bzserv          C:\Program Files (x86)\Backblaze\bzserv.exe
13:45:40.0505 0x0bec  bzserv - ok
13:45:40.0520 0x0bec  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:45:40.0520 0x0bec  cdfs - ok
13:45:40.0520 0x0bec  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:45:40.0520 0x0bec  cdrom - ok
13:45:40.0520 0x0bec  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:45:40.0536 0x0bec  CertPropSvc - ok
13:45:40.0536 0x0bec  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
13:45:40.0536 0x0bec  circlass - ok
13:45:40.0536 0x0bec  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
13:45:40.0552 0x0bec  CLFS - ok
13:45:40.0552 0x0bec  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:45:40.0552 0x0bec  clr_optimization_v2.0.50727_32 - ok
13:45:40.0552 0x0bec  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:45:40.0567 0x0bec  clr_optimization_v2.0.50727_64 - ok
13:45:40.0567 0x0bec  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:45:40.0567 0x0bec  clr_optimization_v4.0.30319_32 - ok
13:45:40.0583 0x0bec  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:45:40.0583 0x0bec  clr_optimization_v4.0.30319_64 - ok
13:45:40.0583 0x0bec  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:45:40.0583 0x0bec  CmBatt - ok
13:45:40.0583 0x0bec  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:45:40.0583 0x0bec  cmdide - ok
13:45:40.0598 0x0bec  [ AFA1BFF926592FD0C3AB97D838652EF9, C38BC4BBD4EDF779993B2FECF96C1FD55B085F3FBEB3E1AE3C892DFD369D611D ] cm_km_w         C:\Windows\system32\DRIVERS\cm_km_w.sys
13:45:40.0598 0x0bec  cm_km_w - ok
13:45:40.0614 0x0bec  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
13:45:40.0614 0x0bec  CNG - ok
13:45:40.0614 0x0bec  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:45:40.0614 0x0bec  Compbatt - ok
13:45:40.0614 0x0bec  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:45:40.0630 0x0bec  CompositeBus - ok
13:45:40.0630 0x0bec  COMSysApp - ok
13:45:40.0630 0x0bec  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:45:40.0630 0x0bec  crcdisk - ok
13:45:40.0630 0x0bec  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:45:40.0645 0x0bec  CryptSvc - ok
13:45:40.0645 0x0bec  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
13:45:40.0661 0x0bec  CSC - ok
13:45:40.0676 0x0bec  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
13:45:40.0676 0x0bec  CscService - ok
13:45:40.0692 0x0bec  [ BF62FF663AE55E4ED99DE76881C2C0F1, 87018B61B2310558EB9C96887D92FA5ED06B9A4D69999F6B6F7BDD2D486FAA0D ] ctxusbm         C:\Windows\system32\DRIVERS\ctxusbm.sys
13:45:40.0692 0x0bec  ctxusbm - ok
13:45:40.0692 0x0bec  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:45:40.0708 0x0bec  DcomLaunch - ok
13:45:40.0723 0x0bec  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
13:45:40.0723 0x0bec  defragsvc - ok
13:45:40.0723 0x0bec  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:45:40.0723 0x0bec  DfsC - ok
13:45:40.0739 0x0bec  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:45:40.0739 0x0bec  Dhcp - ok
13:45:40.0770 0x0bec  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
13:45:40.0786 0x0bec  DiagTrack - ok
13:45:40.0786 0x0bec  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
13:45:40.0786 0x0bec  discache - ok
13:45:40.0801 0x0bec  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
13:45:40.0801 0x0bec  Disk - ok
13:45:40.0801 0x0bec  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
13:45:40.0801 0x0bec  dmvsc - ok
13:45:40.0801 0x0bec  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:45:40.0817 0x0bec  Dnscache - ok
13:45:40.0817 0x0bec  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:45:40.0817 0x0bec  dot3svc - ok
13:45:40.0832 0x0bec  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
13:45:40.0832 0x0bec  DPS - ok
13:45:40.0832 0x0bec  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:45:40.0832 0x0bec  drmkaud - ok
13:45:40.0848 0x0bec  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:45:40.0864 0x0bec  DXGKrnl - ok
13:45:40.0864 0x0bec  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
13:45:40.0879 0x0bec  EapHost - ok
13:45:40.0926 0x0bec  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
13:45:40.0988 0x0bec  ebdrv - ok
13:45:40.0988 0x0bec  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] EFS             C:\Windows\System32\lsass.exe
13:45:40.0988 0x0bec  EFS - ok
13:45:41.0004 0x0bec  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:45:41.0020 0x0bec  ehRecvr - ok
13:45:41.0020 0x0bec  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
13:45:41.0020 0x0bec  ehSched - ok
13:45:41.0035 0x0bec  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:45:41.0035 0x0bec  elxstor - ok
13:45:41.0051 0x0bec  [ 757305C7AD34222F4A46D86FE0BEE241, 94540DC1EA19821EACC796EF4FE247005B02E417B30E91383D1260E9D9A8B747 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
13:45:41.0066 0x0bec  EpsonCustomerParticipation - ok
13:45:41.0066 0x0bec  [ 20ECD0A490A121CB34F553FAD1DBBD39, 17C9DA33E78FBC7582B0AA53C611929B80FBBE1343B84A179D515B51C964D218 ] EpsonScanSvc    C:\Windows\system32\EscSvc64.exe
13:45:41.0066 0x0bec  EpsonScanSvc - ok
13:45:41.0066 0x0bec  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:45:41.0066 0x0bec  ErrDev - ok
13:45:41.0082 0x0bec  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
13:45:41.0098 0x0bec  EventSystem - ok
13:45:41.0113 0x0bec  [ F8F610093E1D7FDFA477FC34D15D5C60, 9CBBCEEA7ED6CA6C09B60CD8A2EA6744F4F701B76E235287CEBCE8BD744B0BD7 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
13:45:41.0144 0x0bec  EvtEng - ok
13:45:41.0144 0x0bec  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:45:41.0160 0x0bec  exfat - ok
13:45:41.0160 0x0bec  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:45:41.0160 0x0bec  fastfat - ok
13:45:41.0176 0x0bec  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
13:45:41.0191 0x0bec  Fax - ok
13:45:41.0191 0x0bec  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
13:45:41.0191 0x0bec  fdc - ok
13:45:41.0191 0x0bec  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
13:45:41.0191 0x0bec  fdPHost - ok
13:45:41.0191 0x0bec  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:45:41.0207 0x0bec  FDResPub - ok
13:45:41.0207 0x0bec  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:45:41.0207 0x0bec  FileInfo - ok
13:45:41.0207 0x0bec  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:45:41.0207 0x0bec  Filetrace - ok
13:45:41.0222 0x0bec  [ 8669BE94F63944E4F899C3950B520241, 9991E57B3C366D59BD186CEAA78D4590EDB2BC127250CF4D1522CBE413453E72 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:45:41.0238 0x0bec  FLEXnet Licensing Service - ok
13:45:41.0254 0x0bec  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
13:45:41.0254 0x0bec  flpydisk - ok
13:45:41.0254 0x0bec  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:45:41.0269 0x0bec  FltMgr - ok
13:45:41.0285 0x0bec  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
13:45:41.0300 0x0bec  FontCache - ok
13:45:41.0300 0x0bec  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:45:41.0300 0x0bec  FontCache3.0.0.0 - ok
13:45:41.0316 0x0bec  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:45:41.0316 0x0bec  FsDepends - ok
13:45:41.0316 0x0bec  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:45:41.0316 0x0bec  Fs_Rec - ok
13:45:41.0316 0x0bec  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:45:41.0332 0x0bec  fvevol - ok
13:45:41.0332 0x0bec  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:45:41.0332 0x0bec  gagp30kx - ok
13:45:41.0332 0x0bec  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:45:41.0332 0x0bec  GEARAspiWDM - ok
13:45:41.0347 0x0bec  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:45:41.0363 0x0bec  gpsvc - ok
13:45:41.0363 0x0bec  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:45:41.0363 0x0bec  gupdate - ok
13:45:41.0378 0x0bec  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:45:41.0378 0x0bec  gupdatem - ok
13:45:41.0378 0x0bec  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:45:41.0378 0x0bec  hcw85cir - ok
13:45:41.0378 0x0bec  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:45:41.0394 0x0bec  HdAudAddService - ok
13:45:41.0394 0x0bec  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:45:41.0394 0x0bec  HDAudBus - ok
13:45:41.0394 0x0bec  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
13:45:41.0394 0x0bec  HidBatt - ok
13:45:41.0410 0x0bec  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:45:41.0410 0x0bec  HidBth - ok
13:45:41.0410 0x0bec  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
13:45:41.0410 0x0bec  HidIr - ok
13:45:41.0410 0x0bec  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
13:45:41.0410 0x0bec  hidserv - ok
13:45:41.0410 0x0bec  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:45:41.0425 0x0bec  HidUsb - ok
13:45:41.0425 0x0bec  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:45:41.0425 0x0bec  hkmsvc - ok
13:45:41.0425 0x0bec  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:45:41.0441 0x0bec  HomeGroupListener - ok
13:45:41.0441 0x0bec  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:45:41.0441 0x0bec  HomeGroupProvider - ok
13:45:41.0441 0x0bec  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:45:41.0456 0x0bec  HpSAMD - ok
13:45:41.0456 0x0bec  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:45:41.0472 0x0bec  HTTP - ok
13:45:41.0472 0x0bec  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:45:41.0472 0x0bec  hwpolicy - ok
13:45:41.0488 0x0bec  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:45:41.0488 0x0bec  i8042prt - ok
13:45:41.0488 0x0bec  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:45:41.0503 0x0bec  iaStorV - ok
13:45:41.0503 0x0bec  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
13:45:41.0503 0x0bec  IDriverT - ok
13:45:41.0519 0x0bec  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:45:41.0534 0x0bec  idsvc - ok
13:45:41.0534 0x0bec  IEEtwCollectorService - ok
13:45:41.0550 0x0bec  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:45:41.0550 0x0bec  iirsp - ok
13:45:41.0566 0x0bec  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
13:45:41.0581 0x0bec  IKEEXT - ok
13:45:41.0628 0x0bec  [ 2CC2F7C5990BB76767038F4B16D17A56, 78D12EFC0AB81B87706D3F7ADFF3FA9C5AD05C7F02169DDBE7E2D2A67B47D9DE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:45:41.0659 0x0bec  IntcAzAudAddService - ok
13:45:41.0675 0x0bec  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
13:45:41.0675 0x0bec  intelide - ok
13:45:41.0675 0x0bec  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:45:41.0675 0x0bec  intelppm - ok
13:45:41.0675 0x0bec  [ D46E04D83A3E174A98DC90FE23AB08DE, 0285B4A311645D292A26B276511877B46A42526BDBFBC12E3BD876A74F074720 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
13:45:41.0675 0x0bec  IntuitUpdateServiceV4 - ok
13:45:41.0675 0x0bec  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:45:41.0690 0x0bec  IPBusEnum - ok
13:45:41.0690 0x0bec  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:45:41.0690 0x0bec  IpFilterDriver - ok
13:45:41.0706 0x0bec  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:45:41.0706 0x0bec  iphlpsvc - ok
13:45:41.0722 0x0bec  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:45:41.0722 0x0bec  IPMIDRV - ok
13:45:41.0722 0x0bec  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:45:41.0722 0x0bec  IPNAT - ok
13:45:41.0737 0x0bec  [ 4331CE358AD3E7587B2170100EBA43BD, A291707CA48C42E9B29F9E7D54AF88A58FE734DE4E87AF1ABF013877E6012558 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:45:41.0753 0x0bec  iPod Service - ok
13:45:41.0753 0x0bec  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:45:41.0753 0x0bec  IRENUM - ok
13:45:41.0753 0x0bec  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:45:41.0753 0x0bec  isapnp - ok
13:45:41.0753 0x0bec  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:45:41.0768 0x0bec  iScsiPrt - ok
13:45:41.0768 0x0bec  [ 8D990A44B4F2B68E2C56A3724EC3EB84, 5768FC5B156FC9CEEA735C933B50ADD8AE018F5609B83634F001E847E3101ACA ] itecir          C:\Windows\system32\DRIVERS\itecir.sys
13:45:41.0768 0x0bec  itecir - ok
13:45:41.0768 0x0bec  [ ABE4CA2661C8E90404A16FC543C28723, 95945DE853AAC71A01F6EDA7AF23250DA2473B150926E3E3037200834D1F5B78 ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
13:45:41.0784 0x0bec  JMCR - ok
13:45:41.0784 0x0bec  [ A4F45625CCD360DE35DA5051FDA0B47F, CE30568DAB53D129A4099C4E5EAAE5BFCDBB8DD08166ECA73ED3A9BD0FE6C0EF ] JME             C:\Windows\system32\DRIVERS\JME.sys
13:45:41.0784 0x0bec  JME - ok
13:45:41.0784 0x0bec  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:45:41.0784 0x0bec  kbdclass - ok
13:45:41.0784 0x0bec  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:45:41.0784 0x0bec  kbdhid - ok
13:45:41.0800 0x0bec  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] KeyIso          C:\Windows\system32\lsass.exe
13:45:41.0800 0x0bec  KeyIso - ok
13:45:41.0800 0x0bec  [ D93E72DCC2A99E67931BB79485563146, 7EF496A82E69A53465ED7D45E890275E44C979AD5E9C5E482E0DBE5DC9AD9AD3 ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
13:45:41.0815 0x0bec  kl1 - ok
13:45:41.0815 0x0bec  [ CEF0410B784E8CEB0175103CDE52E7FA, 729A45D76D1886E5ECDF23F96925CEBB90A31EFA5A798D69D9C5A684380B6E36 ] kldisk          C:\Windows\system32\DRIVERS\kldisk.sys
13:45:41.0815 0x0bec  kldisk - ok
13:45:41.0815 0x0bec  [ 09F851161CB4B3D92CDE85B3845DCECC, C86EE26F13DB904CD0CB92BEE282188D5E56ECE071F4D6E53F9AAB6D911C5DE0 ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
13:45:41.0831 0x0bec  klflt - ok
13:45:41.0831 0x0bec  [ 7A64190934B66C17F41D3921353BAEDD, D212A6ECB1CBCC665336DF982B5061A72CD88CB5BF6B2EB14B11B8BE756A670E ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
13:45:41.0831 0x0bec  klhk - ok
13:45:41.0846 0x0bec  [ B8B20727DD8B9753614E089682473563, CA39E9A517CC8B1E04860E0AFB03B0CD7FBDE66143B6CA26FB9DC0EBF80F8F48 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
13:45:41.0862 0x0bec  KLIF - ok
13:45:41.0862 0x0bec  [ FEAD1F401CBE9383A642877A6EA1398F, 0529A96D406DAB1C0715692441BDBC1C05123EB62005B806A8EFF5B0B6DCD5DB ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
13:45:41.0862 0x0bec  KLIM6 - ok
13:45:41.0878 0x0bec  [ 3FAE739F2AFEA18BCBB9C5E7DC6E889D, 5990C074BCB8E2172AE0A2AC0A31E6636B3C3EF0A5BB1F593E62D22D53FC5BF0 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
13:45:41.0878 0x0bec  klkbdflt - ok
13:45:41.0878 0x0bec  [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
13:45:41.0878 0x0bec  klmouflt - ok
13:45:41.0878 0x0bec  [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
13:45:41.0878 0x0bec  klpd - ok
13:45:41.0878 0x0bec  [ 43957361D346A4263873932D572613F2, 719E61CADF6FB49C24370899329BDE198E55DEB175F5701382EE16311D8576D9 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
13:45:41.0878 0x0bec  kltdi - ok
13:45:41.0893 0x0bec  [ 926BA68DA79545EB6D99BB009B781E5E, EB1DB801044EB4228D38D85A8B6853EFE887B7D4E1EA1F0B8F75DD4886C96467 ] Klwtp           C:\Windows\system32\DRIVERS\klwtp.sys
13:45:41.0893 0x0bec  Klwtp - ok
13:45:41.0893 0x0bec  [ D4CEEAC11C65F49D0F42E74440E829BF, 7E289BB5E400326BADDD61CBB99CB268A3E99103CF16968E1D9141C205EE309C ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
13:45:41.0893 0x0bec  kneps - ok
13:45:41.0893 0x0bec  [ BF69D973523D539A35807946C6DA7E16, 38F2C59B0857131961DBEA48C4A5DFA9BE7B564941935086B8DC8DBEF896F3EC ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:45:41.0909 0x0bec  KSecDD - ok
13:45:41.0909 0x0bec  [ 272C27711C8AA6E7815EE33F8ACA9C66, 0A5A10A7A3E87DB92E06395A6676B94FE8B7AD6704864075D443CDC9BABDB4DF ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:45:41.0909 0x0bec  KSecPkg - ok
13:45:41.0909 0x0bec  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:45:41.0909 0x0bec  ksthunk - ok
13:45:41.0924 0x0bec  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:45:41.0924 0x0bec  KtmRm - ok
13:45:41.0940 0x0bec  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
13:45:41.0940 0x0bec  LanmanServer - ok
13:45:41.0940 0x0bec  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:45:41.0940 0x0bec  LanmanWorkstation - ok
13:45:41.0956 0x0bec  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:45:41.0956 0x0bec  lltdio - ok
13:45:41.0956 0x0bec  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:45:41.0971 0x0bec  lltdsvc - ok
13:45:41.0971 0x0bec  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:45:41.0971 0x0bec  lmhosts - ok
13:45:41.0971 0x0bec  [ 50C7CE53EF461870410355F1F2E7D515, D6E84C63D74E4603D37FD7CC88BF51DE23CD17DB1D1AD4ADBED62F949F3C470C ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
13:45:41.0987 0x0bec  LMS - ok
13:45:41.0987 0x0bec  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:45:41.0987 0x0bec  LSI_FC - ok
13:45:41.0987 0x0bec  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:45:41.0987 0x0bec  LSI_SAS - ok
13:45:42.0002 0x0bec  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
13:45:42.0002 0x0bec  LSI_SAS2 - ok
13:45:42.0002 0x0bec  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:45:42.0002 0x0bec  LSI_SCSI - ok
13:45:42.0002 0x0bec  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:45:42.0018 0x0bec  luafv - ok
13:45:42.0018 0x0bec  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:45:42.0018 0x0bec  Mcx2Svc - ok
13:45:42.0112 0x0bec  [ D9E13761DA405F1FB1954843694CE208, DB7FA8786A1C8A0C6CA7477BEB8E3F38209B51C218E31CA5B6CFDF31D8F3BDF1 ] MediaMall Server C:\Program Files (x86)\MediaMall\MediaMallServer.exe
13:45:42.0205 0x0bec  MediaMall Server - ok
13:45:42.0221 0x0bec  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
13:45:42.0221 0x0bec  megasas - ok
13:45:42.0221 0x0bec  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
13:45:42.0236 0x0bec  MegaSR - ok
13:45:42.0236 0x0bec  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
13:45:42.0236 0x0bec  MEIx64 - ok
13:45:42.0236 0x0bec  MFE_RR - ok
13:45:42.0236 0x0bec  Microsoft SharePoint Workspace Audit Service - ok
13:45:42.0252 0x0bec  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
13:45:42.0252 0x0bec  MMCSS - ok
13:45:42.0252 0x0bec  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
13:45:42.0252 0x0bec  Modem - ok
13:45:42.0252 0x0bec  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:45:42.0252 0x0bec  monitor - ok
13:45:42.0252 0x0bec  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:45:42.0252 0x0bec  mouclass - ok
13:45:42.0252 0x0bec  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:45:42.0268 0x0bec  mouhid - ok
13:45:42.0268 0x0bec  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:45:42.0268 0x0bec  mountmgr - ok
13:45:42.0268 0x0bec  [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:45:42.0268 0x0bec  MozillaMaintenance - ok
13:45:42.0283 0x0bec  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:45:42.0283 0x0bec  mpio - ok
13:45:42.0283 0x0bec  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:45:42.0283 0x0bec  mpsdrv - ok
13:45:42.0299 0x0bec  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:45:42.0314 0x0bec  MpsSvc - ok
13:45:42.0314 0x0bec  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:45:42.0330 0x0bec  MRxDAV - ok
13:45:42.0330 0x0bec  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:45:42.0330 0x0bec  mrxsmb - ok
13:45:42.0346 0x0bec  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:45:42.0346 0x0bec  mrxsmb10 - ok
13:45:42.0346 0x0bec  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:45:42.0346 0x0bec  mrxsmb20 - ok
13:45:42.0346 0x0bec  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
13:45:42.0346 0x0bec  msahci - ok
13:45:42.0361 0x0bec  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:45:42.0361 0x0bec  msdsm - ok
13:45:42.0361 0x0bec  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
13:45:42.0361 0x0bec  MSDTC - ok
13:45:42.0377 0x0bec  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:45:42.0377 0x0bec  Msfs - ok
13:45:42.0377 0x0bec  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:45:42.0377 0x0bec  mshidkmdf - ok
13:45:42.0377 0x0bec  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:45:42.0377 0x0bec  msisadrv - ok
13:45:42.0377 0x0bec  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:45:42.0392 0x0bec  MSiSCSI - ok
13:45:42.0392 0x0bec  msiserver - ok
13:45:42.0392 0x0bec  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:45:42.0392 0x0bec  MSKSSRV - ok
13:45:42.0392 0x0bec  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:45:42.0392 0x0bec  MSPCLOCK - ok
13:45:42.0392 0x0bec  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:45:42.0392 0x0bec  MSPQM - ok
13:45:42.0408 0x0bec  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:45:42.0408 0x0bec  MsRPC - ok
13:45:42.0408 0x0bec  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:45:42.0424 0x0bec  mssmbios - ok
13:45:42.0424 0x0bec  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:45:42.0424 0x0bec  MSTEE - ok
13:45:42.0424 0x0bec  [ C83829C280F0207677B7AAA151EF9C4D, 3CD9E5C42391DCD6D7AC99C1100237BD54A57F1F5511811D6382D6EFB97D444E ] msvad_simple    C:\Windows\system32\drivers\povrtdev.sys
13:45:42.0424 0x0bec  msvad_simple - ok
13:45:42.0424 0x0bec  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
13:45:42.0424 0x0bec  MTConfig - ok
13:45:42.0424 0x0bec  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
13:45:42.0424 0x0bec  Mup - ok
13:45:42.0439 0x0bec  [ F6EA50DBC391F04CA49427010657CCB3, 4D45B7CF42E090416F6702CF47C69094FE1D98AA3D2279AAFCC934FE091417AE ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
13:45:42.0439 0x0bec  MyWiFiDHCPDNS - ok
13:45:42.0455 0x0bec  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
13:45:42.0455 0x0bec  napagent - ok
13:45:42.0470 0x0bec  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:45:42.0470 0x0bec  NativeWifiP - ok
13:45:42.0486 0x0bec  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:45:42.0502 0x0bec  NDIS - ok
13:45:42.0517 0x0bec  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:45:42.0517 0x0bec  NdisCap - ok
13:45:42.0517 0x0bec  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:45:42.0517 0x0bec  NdisTapi - ok
13:45:42.0517 0x0bec  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:45:42.0517 0x0bec  Ndisuio - ok
13:45:42.0517 0x0bec  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:45:42.0533 0x0bec  NdisWan - ok
13:45:42.0533 0x0bec  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:45:42.0533 0x0bec  NDProxy - ok
13:45:42.0548 0x0bec  [ B90E093E7A7250906F1054418B5339C0, F9A0BAC5B4B29F14B5CACA1047F8928A495EFD56E485492BF71C856B296476D6 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
13:45:42.0564 0x0bec  Nero BackItUp Scheduler 4.0 - ok
13:45:42.0564 0x0bec  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:45:42.0564 0x0bec  NetBIOS - ok
13:45:42.0580 0x0bec  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:45:42.0580 0x0bec  NetBT - ok
13:45:42.0580 0x0bec  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] Netlogon        C:\Windows\system32\lsass.exe
13:45:42.0580 0x0bec  Netlogon - ok
13:45:42.0595 0x0bec  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
13:45:42.0595 0x0bec  Netman - ok
13:45:42.0611 0x0bec  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:45:42.0611 0x0bec  NetMsmqActivator - ok
13:45:42.0611 0x0bec  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:45:42.0611 0x0bec  NetPipeActivator - ok
13:45:42.0626 0x0bec  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
13:45:42.0642 0x0bec  netprofm - ok
13:45:42.0642 0x0bec  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:45:42.0642 0x0bec  NetTcpActivator - ok
13:45:42.0642 0x0bec  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:45:42.0642 0x0bec  NetTcpPortSharing - ok
13:45:42.0782 0x0bec  [ 30933BB56FB611D0252BAD488ADFB533, 660B96A1BB6158224E518E6847E16C5A876C516C39FACFF87ABC9A200447B809 ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
13:45:42.0923 0x0bec  NETwNs64 - ok
13:45:42.0938 0x0bec  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:45:42.0938 0x0bec  nfrd960 - ok
13:45:42.0938 0x0bec  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:45:42.0954 0x0bec  NlaSvc - ok
13:45:42.0954 0x0bec  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:45:42.0954 0x0bec  Npfs - ok
13:45:42.0954 0x0bec  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
13:45:42.0954 0x0bec  nsi - ok
13:45:42.0954 0x0bec  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:45:42.0954 0x0bec  nsiproxy - ok
13:45:42.0985 0x0bec  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:45:43.0016 0x0bec  Ntfs - ok
13:45:43.0016 0x0bec  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
13:45:43.0016 0x0bec  Null - ok
13:45:43.0032 0x0bec  [ A7127E86F9FFE2A53E271B56B2C4CEDF, 9C8D60290B66976BBC6E6FE0C2B8EBBCF65B019C95116565CA75098E9F66C05D ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
13:45:43.0032 0x0bec  nusb3hub - ok
13:45:43.0032 0x0bec  [ 49BBEC6F48D5F9284B03ABF3A959B19B, 688AFDFA9E2F0AB3BDE22EC55C70FD592AA0236557DA9310E1557C083307CEC5 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
13:45:43.0032 0x0bec  nusb3xhc - ok
13:45:43.0048 0x0bec  [ B4F53BCA4C688FF47F04FA90098F896E, 6051CFC0CFE659A2C4CFC1029F19CF1B1B98A1A5E59C2B3A10D7B3407A7FA5C0 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
13:45:43.0048 0x0bec  NVHDA - ok
13:45:43.0235 0x0bec  [ 4EE399576F76D38C04745DB739BBC8C7, 7D7FB6013D5D3EE1908F37188AA440EE6EF80A432204EB59AE190ACD14CD1FE0 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:45:43.0391 0x0bec  nvlddmkm - ok
13:45:43.0406 0x0bec  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:45:43.0406 0x0bec  nvraid - ok
13:45:43.0406 0x0bec  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:45:43.0406 0x0bec  nvstor - ok
13:45:43.0422 0x0bec  [ 4E769C9006553699E874518BAFBEA2C3, 4D1C12E0EDD1CC722394292E7EBA52CA8C9990D9599473729C6C1D54281018BF ] NvStUSB         C:\Windows\system32\DRIVERS\nvstusb.sys
13:45:43.0422 0x0bec  NvStUSB - ok
13:45:43.0453 0x0bec  [ 7335C3D78A7746D76D37F6722CC4A466, 18BDD51AB0EB4084E1DA2F27B8D4FCF488ED9161C034BB3CDFF5BE33F84C1D37 ] nvsvc           C:\Windows\system32\nvvsvc.exe
13:45:43.0469 0x0bec  nvsvc - ok
13:45:43.0484 0x0bec  [ B7C53DA1C73FF39F4A6248643EFD979A, 528C4984F09F66D4CBA5A9B7C78FBAA04E558309B0D66EB1C29AD2B30D9993F7 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:45:43.0500 0x0bec  nvUpdatusService - ok
13:45:43.0516 0x0bec  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:45:43.0516 0x0bec  nv_agp - ok
13:45:43.0516 0x0bec  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:45:43.0516 0x0bec  ohci1394 - ok
13:45:43.0516 0x0bec  [ 1EBDEE4EFC02BAC216039DDB0FCDA883, 94FAD2A79CA1BD0D4C6AE884F533F116159FEC8C49D473530D4CA8FE4E237358 ] OpenVPNService  C:\Program Files\OpenVPN\bin\openvpnserv.exe
13:45:43.0516 0x0bec  OpenVPNService - ok
13:45:43.0531 0x0bec  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:45:43.0531 0x0bec  ose - ok
13:45:43.0609 0x0bec  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:45:43.0687 0x0bec  osppsvc - ok
13:45:43.0703 0x0bec  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:45:43.0703 0x0bec  p2pimsvc - ok
13:45:43.0718 0x0bec  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
13:45:43.0734 0x0bec  p2psvc - ok
13:45:43.0734 0x0bec  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
13:45:43.0734 0x0bec  Parport - ok
13:45:43.0734 0x0bec  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:45:43.0734 0x0bec  partmgr - ok
13:45:43.0750 0x0bec  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:45:43.0750 0x0bec  PcaSvc - ok
13:45:43.0750 0x0bec  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
13:45:43.0765 0x0bec  pci - ok
13:45:43.0765 0x0bec  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:45:43.0765 0x0bec  pciide - ok
13:45:43.0765 0x0bec  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:45:43.0765 0x0bec  pcmcia - ok
13:45:43.0781 0x0bec  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:45:43.0781 0x0bec  pcw - ok
13:45:43.0781 0x0bec  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:45:43.0796 0x0bec  PEAUTH - ok
13:45:43.0828 0x0bec  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
13:45:43.0843 0x0bec  PeerDistSvc - ok
13:45:43.0874 0x0bec  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:45:43.0874 0x0bec  PerfHost - ok
13:45:43.0906 0x0bec  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
13:45:43.0921 0x0bec  pla - ok
13:45:43.0937 0x0bec  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:45:43.0952 0x0bec  PlugPlay - ok
13:45:43.0952 0x0bec  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:45:43.0952 0x0bec  PNRPAutoReg - ok
13:45:43.0952 0x0bec  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:45:43.0968 0x0bec  PNRPsvc - ok
13:45:43.0968 0x0bec  [ 4F0878FD62D5F7444C5F1C4C66D9D293, B381217D6202C06EE992EBDE061FA20376FF71F698022D0A80168CCD1059453C ] Point64         C:\Windows\system32\DRIVERS\point64.sys
13:45:43.0968 0x0bec  Point64 - ok
13:45:43.0984 0x0bec  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:45:43.0984 0x0bec  PolicyAgent - ok
13:45:43.0999 0x0bec  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
13:45:43.0999 0x0bec  Power - ok
13:45:43.0999 0x0bec  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:45:43.0999 0x0bec  PptpMiniport - ok
13:45:43.0999 0x0bec  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
13:45:43.0999 0x0bec  Processor - ok
13:45:44.0015 0x0bec  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:45:44.0015 0x0bec  ProfSvc - ok
13:45:44.0015 0x0bec  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] ProtectedStorage C:\Windows\system32\lsass.exe
13:45:44.0015 0x0bec  ProtectedStorage - ok
13:45:44.0030 0x0bec  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:45:44.0030 0x0bec  Psched - ok
13:45:44.0046 0x0bec  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:45:44.0077 0x0bec  ql2300 - ok
13:45:44.0077 0x0bec  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:45:44.0093 0x0bec  ql40xx - ok
13:45:44.0093 0x0bec  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
13:45:44.0093 0x0bec  QWAVE - ok
13:45:44.0108 0x0bec  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:45:44.0108 0x0bec  QWAVEdrv - ok
13:45:44.0108 0x0bec  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:45:44.0108 0x0bec  RasAcd - ok
13:45:44.0108 0x0bec  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:45:44.0108 0x0bec  RasAgileVpn - ok
13:45:44.0108 0x0bec  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
13:45:44.0108 0x0bec  RasAuto - ok
13:45:44.0124 0x0bec  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:45:44.0124 0x0bec  Rasl2tp - ok
13:45:44.0124 0x0bec  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
13:45:44.0140 0x0bec  RasMan - ok
13:45:44.0140 0x0bec  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:45:44.0140 0x0bec  RasPppoe - ok
13:45:44.0140 0x0bec  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:45:44.0155 0x0bec  RasSstp - ok
13:45:44.0155 0x0bec  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:45:44.0155 0x0bec  rdbss - ok
13:45:44.0171 0x0bec  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:45:44.0171 0x0bec  rdpbus - ok
13:45:44.0171 0x0bec  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:45:44.0171 0x0bec  RDPCDD - ok
13:45:44.0171 0x0bec  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
13:45:44.0171 0x0bec  RDPDR - ok
13:45:44.0171 0x0bec  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:45:44.0171 0x0bec  RDPENCDD - ok
13:45:44.0186 0x0bec  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:45:44.0186 0x0bec  RDPREFMP - ok
13:45:44.0186 0x0bec  [ 76D8CC526512ECAE2AEF63B1A6D018A1, 7281AFEBA5455BB879D4BA2DBADDCF6DAC87C1040605907CC907142609985B17 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:45:44.0186 0x0bec  RdpVideoMiniport - ok
13:45:44.0186 0x0bec  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:45:44.0202 0x0bec  RDPWD - ok
13:45:44.0202 0x0bec  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:45:44.0202 0x0bec  rdyboost - ok
13:45:44.0233 0x0bec  [ D8C61A07953974AB87D6D54C3DFB52F1, D97AA1BDB53AAD1E87DFE68588A74C60572C82A585942BF4DA57C4053C89678F ] ReflectService.exe C:\Program Files\Macrium\Reflect\ReflectService.exe
13:45:44.0249 0x0bec  ReflectService.exe - ok
13:45:44.0264 0x0bec  [ 9276F4D4109FC349925D28E00E533146, 581645CA9EF3F46378001C54D058BF1EB075FF256F110A09734DB5DA6EBA7A7B ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
13:45:44.0280 0x0bec  RegSrvc - ok
13:45:44.0280 0x0bec  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:45:44.0280 0x0bec  RemoteAccess - ok
13:45:44.0280 0x0bec  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:45:44.0296 0x0bec  RemoteRegistry - ok
13:45:44.0296 0x0bec  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
13:45:44.0296 0x0bec  RFCOMM - ok
13:45:44.0311 0x0bec  [ 7F7EBF43F4789DDC044098D696149391, 4B493F15BA35383CD3139FC1FE3101062090EE2C2748019E483CF96639E26D7E ] RosettaStoneLtdController C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdController.exe
13:45:44.0311 0x0bec  RosettaStoneLtdController - ok
13:45:44.0311 0x0bec  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:45:44.0311 0x0bec  RpcEptMapper - ok
13:45:44.0327 0x0bec  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
13:45:44.0327 0x0bec  RpcLocator - ok
13:45:44.0327 0x0bec  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\System32\rpcss.dll
13:45:44.0342 0x0bec  RpcSs - ok
13:45:44.0342 0x0bec  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:45:44.0342 0x0bec  rspndr - ok
13:45:44.0358 0x0bec  [ BAEFEE35D27A5440D35092CE10267BEC, FB550D38C01E07B1170C52C1441874B56DD3BECB10CBE8E132EE3276A05C796E ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
13:45:44.0358 0x0bec  RTL8167 - ok
13:45:44.0358 0x0bec  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
13:45:44.0358 0x0bec  s3cap - ok
13:45:44.0358 0x0bec  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] SamSs           C:\Windows\system32\lsass.exe
13:45:44.0358 0x0bec  SamSs - ok
13:45:44.0374 0x0bec  [ EA9C5A00B1FCD8CC60245BD66B5120CE, 20699B583D3C60138D3FFFE5DD45F394A67820464928AC001BF8C1ED2DE66331 ] SamsungRapidDiskFltr C:\Windows\system32\DRIVERS\SamsungRapidDiskFltr.sys
13:45:44.0374 0x0bec  SamsungRapidDiskFltr - ok
13:45:44.0374 0x0bec  [ 966D55C3EBE86897C2ADFC680A2F954A, FEFAADC4FEA30E228013CA67BD4B19C72985ABDE0A258330942B2BCE47E8D510 ] SamsungRapidFSFltr C:\Windows\system32\DRIVERS\SamsungRapidFSFltr.sys
13:45:44.0374 0x0bec  SamsungRapidFSFltr - ok
13:45:44.0389 0x0bec  [ 534E728704E465B09F94548A54E9E38C, C613B69CBB41D932FF96C01E3B0E73F7FB021D31C62D63F939D4DA92945EC8CA ] SamsungRapidSvc C:\Windows\system32\RAPID\SamsungRapidSvc.exe
13:45:44.0389 0x0bec  SamsungRapidSvc - ok
13:45:44.0389 0x0bec  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:45:44.0389 0x0bec  sbp2port - ok
13:45:44.0389 0x0bec  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:45:44.0405 0x0bec  SCardSvr - ok
13:45:44.0405 0x0bec  [ 3AC948640421E3891A49AA83C6B77B7A, 537EA4CE047436B07D6309889AB4E2CB1CECA3BCE624FA204BEAE50717534B59 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
13:45:44.0405 0x0bec  SCDEmu - ok
13:45:44.0405 0x0bec  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:45:44.0405 0x0bec  scfilter - ok
13:45:44.0436 0x0bec  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
13:45:44.0452 0x0bec  Schedule - ok
13:45:44.0452 0x0bec  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:45:44.0452 0x0bec  SCPolicySvc - ok
13:45:44.0452 0x0bec  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
13:45:44.0467 0x0bec  sdbus - ok
13:45:44.0467 0x0bec  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:45:44.0467 0x0bec  SDRSVC - ok
13:45:44.0467 0x0bec  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:45:44.0467 0x0bec  secdrv - ok
13:45:44.0483 0x0bec  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
13:45:44.0483 0x0bec  seclogon - ok
13:45:44.0483 0x0bec  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
13:45:44.0483 0x0bec  SENS - ok
13:45:44.0483 0x0bec  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:45:44.0483 0x0bec  SensrSvc - ok
13:45:44.0483 0x0bec  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
13:45:44.0498 0x0bec  Serenum - ok
13:45:44.0498 0x0bec  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
13:45:44.0498 0x0bec  Serial - ok
13:45:44.0498 0x0bec  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:45:44.0498 0x0bec  sermouse - ok
13:45:44.0514 0x0bec  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
13:45:44.0514 0x0bec  SessionEnv - ok
13:45:44.0514 0x0bec  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:45:44.0514 0x0bec  sffdisk - ok
13:45:44.0514 0x0bec  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:45:44.0514 0x0bec  sffp_mmc - ok
13:45:44.0514 0x0bec  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:45:44.0514 0x0bec  sffp_sd - ok
13:45:44.0514 0x0bec  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
13:45:44.0514 0x0bec  sfloppy - ok
13:45:44.0530 0x0bec  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:45:44.0530 0x0bec  SharedAccess - ok
13:45:44.0545 0x0bec  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:45:44.0545 0x0bec  ShellHWDetection - ok
13:45:44.0561 0x0bec  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
13:45:44.0561 0x0bec  SiSRaid2 - ok
13:45:44.0561 0x0bec  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:45:44.0561 0x0bec  SiSRaid4 - ok
13:45:44.0561 0x0bec  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:45:44.0561 0x0bec  Smb - ok
13:45:44.0576 0x0bec  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:45:44.0576 0x0bec  SNMPTRAP - ok
13:45:44.0576 0x0bec  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:45:44.0576 0x0bec  spldr - ok
13:45:44.0592 0x0bec  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
13:45:44.0592 0x0bec  Spooler - ok
13:45:44.0654 0x0bec  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
13:45:44.0717 0x0bec  sppsvc - ok
13:45:44.0717 0x0bec  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:45:44.0717 0x0bec  sppuinotify - ok
13:45:44.0732 0x0bec  [ 602884696850C86434530790B110E8EB, C9B734F070E55732B274C70381EA28AB574EF6AD3F606D3DC9B9B0038F3EDEEA ] sptd            C:\Windows\system32\Drivers\sptd.sys
13:45:44.0732 0x0bec  Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB, sha256: C9B734F070E55732B274C70381EA28AB574EF6AD3F606D3DC9B9B0038F3EDEEA
13:45:44.0732 0x0bec  sptd - detected LockedFile.Multi.Generic ( 1 )
13:45:48.0024 0x0bec  Detect skipped due to KSN trusted
13:45:48.0024 0x0bec  sptd - ok
13:45:48.0040 0x0bec  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:45:48.0055 0x0bec  srv - ok
13:45:48.0055 0x0bec  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:45:48.0071 0x0bec  srv2 - ok
13:45:48.0071 0x0bec  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:45:48.0071 0x0bec  srvnet - ok
13:45:48.0086 0x0bec  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:45:48.0086 0x0bec  SSDPSRV - ok
13:45:48.0086 0x0bec  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:45:48.0086 0x0bec  SstpSvc - ok
13:45:48.0102 0x0bec  [ 81F177C1954453AF407604160BD149CB, D6B05F7E399690233C71C1E4B88F95D566BC6A14D145715A8A8C0FFD591147F0 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:45:48.0102 0x0bec  Stereo Service - ok
13:45:48.0102 0x0bec  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:45:48.0102 0x0bec  stexstor - ok
13:45:48.0118 0x0bec  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
13:45:48.0133 0x0bec  stisvc - ok
13:45:48.0133 0x0bec  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
13:45:48.0133 0x0bec  storflt - ok
13:45:48.0133 0x0bec  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
13:45:48.0133 0x0bec  storvsc - ok
13:45:48.0149 0x0bec  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:45:48.0149 0x0bec  swenum - ok
13:45:48.0149 0x0bec  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
13:45:48.0164 0x0bec  SwitchBoard - ok
13:45:48.0180 0x0bec  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
13:45:48.0180 0x0bec  swprv - ok
13:45:48.0196 0x0bec  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
13:45:48.0196 0x0bec  Synth3dVsc - ok
13:45:48.0211 0x0bec  [ F4DB1D9E6A42D491F0F8E21854301C0B, 7B038121D85D7C147C2FA8D5D34BF44B8792E7CD6E468C9884A109A0B6C9E84A ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
13:45:48.0242 0x0bec  SynTP - ok
13:45:48.0274 0x0bec  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
13:45:48.0305 0x0bec  SysMain - ok
13:45:48.0305 0x0bec  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:45:48.0305 0x0bec  TabletInputService - ok
13:45:48.0305 0x0bec  [ D0B07EED9DDEC5C69521C689B7BF455F, A9F1C76FBF833E25A8470116A9BB7F7121A86138B31B54C098F1E22C11109044 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
13:45:48.0305 0x0bec  tap0901 - ok
13:45:48.0320 0x0bec  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:45:48.0320 0x0bec  TapiSrv - ok
13:45:48.0320 0x0bec  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
13:45:48.0336 0x0bec  TBS - ok
13:45:48.0367 0x0bec  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:45:48.0398 0x0bec  Tcpip - ok
13:45:48.0430 0x0bec  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:45:48.0461 0x0bec  TCPIP6 - ok
13:45:48.0461 0x0bec  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:45:48.0461 0x0bec  tcpipreg - ok
13:45:48.0461 0x0bec  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:45:48.0461 0x0bec  TDPIPE - ok
13:45:48.0461 0x0bec  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:45:48.0461 0x0bec  TDTCP - ok
13:45:48.0476 0x0bec  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:45:48.0476 0x0bec  tdx - ok
13:45:48.0476 0x0bec  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:45:48.0476 0x0bec  TermDD - ok
13:45:48.0476 0x0bec  [ 2B5BDFF688EC9871D7EC5837833374E9, BD6C629FA2938987ABF95B790B20F0B7D4D023D5013E575F343A802D6213074E ] terminpt        C:\Windows\system32\drivers\terminpt.sys
13:45:48.0476 0x0bec  terminpt - ok
13:45:48.0492 0x0bec  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
13:45:48.0508 0x0bec  TermService - ok
13:45:48.0508 0x0bec  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
13:45:48.0508 0x0bec  Themes - ok
13:45:48.0523 0x0bec  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
13:45:48.0523 0x0bec  THREADORDER - ok
13:45:48.0523 0x0bec  [ C0DAC57D79F8A2668E62DF329CCCAD03, 5A61C84A9F5FFD673D863B5EDD11CC580379F6D5E32A93F3232A689459DD32BA ] TorGuardService C:\Program Files\TorGuard.Viscosity\TorGuardService.exe
13:45:48.0523 0x0bec  TorGuardService - ok
13:45:48.0523 0x0bec  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
13:45:48.0539 0x0bec  TrkWks - ok
13:45:48.0539 0x0bec  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:45:48.0539 0x0bec  TrustedInstaller - ok
13:45:48.0539 0x0bec  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:45:48.0539 0x0bec  tssecsrv - ok
13:45:48.0554 0x0bec  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:45:48.0554 0x0bec  TsUsbFlt - ok
13:45:48.0554 0x0bec  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
13:45:48.0554 0x0bec  TsUsbGD - ok
13:45:48.0554 0x0bec  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
13:45:48.0554 0x0bec  tsusbhub - ok
13:45:48.0570 0x0bec  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:45:48.0570 0x0bec  tunnel - ok
13:45:48.0570 0x0bec  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:45:48.0570 0x0bec  uagp35 - ok
13:45:48.0570 0x0bec  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:45:48.0586 0x0bec  udfs - ok
13:45:48.0586 0x0bec  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:45:48.0586 0x0bec  UI0Detect - ok
13:45:48.0586 0x0bec  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:45:48.0601 0x0bec  uliagpkx - ok
13:45:48.0601 0x0bec  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:45:48.0601 0x0bec  umbus - ok
13:45:48.0601 0x0bec  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
13:45:48.0601 0x0bec  UmPass - ok
13:45:48.0601 0x0bec  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
13:45:48.0617 0x0bec  UmRdpService - ok
13:45:48.0664 0x0bec  [ 374EBDA379A8F38E0CFC2211611E7167, 0D6C3002B28E27C052227488CEE69FA99399421FF777EB48031E6080A759F532 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
13:45:48.0695 0x0bec  UNS - ok
13:45:48.0710 0x0bec  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
13:45:48.0710 0x0bec  upnphost - ok
13:45:48.0726 0x0bec  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
13:45:48.0726 0x0bec  USBAAPL64 - ok
13:45:48.0726 0x0bec  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:45:48.0726 0x0bec  usbccgp - ok
13:45:48.0726 0x0bec  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:45:48.0742 0x0bec  usbcir - ok
13:45:48.0742 0x0bec  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
13:45:48.0742 0x0bec  usbehci - ok
13:45:48.0742 0x0bec  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:45:48.0757 0x0bec  usbhub - ok
13:45:48.0757 0x0bec  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:45:48.0757 0x0bec  usbohci - ok
13:45:48.0757 0x0bec  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:45:48.0757 0x0bec  usbprint - ok
13:45:48.0757 0x0bec  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
13:45:48.0757 0x0bec  usbscan - ok
13:45:48.0773 0x0bec  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:45:48.0773 0x0bec  USBSTOR - ok
13:45:48.0773 0x0bec  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
13:45:48.0773 0x0bec  usbuhci - ok
13:45:48.0773 0x0bec  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
13:45:48.0788 0x0bec  usbvideo - ok
13:45:48.0788 0x0bec  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
13:45:48.0788 0x0bec  UxSms - ok
13:45:48.0788 0x0bec  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] VaultSvc        C:\Windows\system32\lsass.exe
13:45:48.0788 0x0bec  VaultSvc - ok
13:45:48.0788 0x0bec  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:45:48.0788 0x0bec  vdrvroot - ok
13:45:48.0804 0x0bec  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
13:45:48.0820 0x0bec  vds - ok
13:45:48.0820 0x0bec  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:45:48.0820 0x0bec  vga - ok
13:45:48.0820 0x0bec  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:45:48.0820 0x0bec  VgaSave - ok
13:45:48.0820 0x0bec  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:45:48.0835 0x0bec  vhdmp - ok
13:45:48.0835 0x0bec  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:45:48.0835 0x0bec  viaide - ok
13:45:48.0835 0x0bec  [ 8126E3A8D29FF3422C2143EA4F65AF57, F7560B5E18FF51C588A33DD91104D37A9FAE47C81FB96287AEDA06328F85F1EC ] visctap0901     C:\Windows\system32\DRIVERS\visctap0901.sys
13:45:48.0835 0x0bec  visctap0901 - ok
13:45:48.0835 0x0bec  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
13:45:48.0851 0x0bec  vmbus - ok
13:45:48.0851 0x0bec  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
13:45:48.0851 0x0bec  VMBusHID - ok
13:45:48.0851 0x0bec  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:45:48.0851 0x0bec  volmgr - ok
13:45:48.0866 0x0bec  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:45:48.0866 0x0bec  volmgrx - ok
13:45:48.0882 0x0bec  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:45:48.0882 0x0bec  volsnap - ok
13:45:48.0882 0x0bec  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:45:48.0898 0x0bec  vsmraid - ok
13:45:48.0913 0x0bec  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
13:45:48.0944 0x0bec  VSS - ok
13:45:48.0944 0x0bec  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:45:48.0944 0x0bec  vwifibus - ok
13:45:48.0960 0x0bec  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:45:48.0960 0x0bec  vwififlt - ok
13:45:48.0960 0x0bec  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
13:45:48.0960 0x0bec  vwifimp - ok
13:45:48.0976 0x0bec  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
13:45:48.0976 0x0bec  W32Time - ok
13:45:48.0976 0x0bec  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:45:48.0976 0x0bec  WacomPen - ok
13:45:48.0991 0x0bec  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:45:48.0991 0x0bec  WANARP - ok
13:45:48.0991 0x0bec  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:45:48.0991 0x0bec  Wanarpv6 - ok
13:45:49.0007 0x0bec  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:45:49.0038 0x0bec  WatAdminSvc - ok
13:45:49.0069 0x0bec  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
13:45:49.0085 0x0bec  wbengine - ok
13:45:49.0100 0x0bec  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:45:49.0100 0x0bec  WbioSrvc - ok
13:45:49.0100 0x0bec  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:45:49.0116 0x0bec  wcncsvc - ok
13:45:49.0116 0x0bec  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:45:49.0116 0x0bec  WcsPlugInService - ok
13:45:49.0116 0x0bec  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
13:45:49.0132 0x0bec  Wd - ok
13:45:49.0147 0x0bec  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:45:49.0147 0x0bec  Wdf01000 - ok
13:45:49.0163 0x0bec  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:45:49.0163 0x0bec  WdiServiceHost - ok
13:45:49.0163 0x0bec  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:45:49.0163 0x0bec  WdiSystemHost - ok
13:45:49.0178 0x0bec  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
13:45:49.0178 0x0bec  WebClient - ok
13:45:49.0178 0x0bec  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:45:49.0194 0x0bec  Wecsvc - ok
13:45:49.0194 0x0bec  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:45:49.0194 0x0bec  wercplsupport - ok
13:45:49.0194 0x0bec  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:45:49.0194 0x0bec  WerSvc - ok
13:45:49.0210 0x0bec  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:45:49.0210 0x0bec  WfpLwf - ok
13:45:49.0210 0x0bec  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:45:49.0210 0x0bec  WIMMount - ok
13:45:49.0210 0x0bec  WinDefend - ok
13:45:49.0210 0x0bec  WinHttpAutoProxySvc - ok
13:45:49.0225 0x0bec  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:45:49.0225 0x0bec  Winmgmt - ok
13:45:49.0256 0x0bec  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
13:45:49.0288 0x0bec  WinRM - ok
13:45:49.0303 0x0bec  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:45:49.0303 0x0bec  WinUsb - ok
13:45:49.0319 0x0bec  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:45:49.0334 0x0bec  Wlansvc - ok
13:45:49.0381 0x0bec  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:45:49.0412 0x0bec  wlidsvc - ok
13:45:49.0412 0x0bec  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
13:45:49.0412 0x0bec  WmiAcpi - ok
13:45:49.0428 0x0bec  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:45:49.0428 0x0bec  wmiApSrv - ok
13:45:49.0428 0x0bec  WMPNetworkSvc - ok
13:45:49.0428 0x0bec  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:45:49.0428 0x0bec  WPCSvc - ok
13:45:49.0444 0x0bec  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:45:49.0444 0x0bec  WPDBusEnum - ok
13:45:49.0444 0x0bec  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:45:49.0444 0x0bec  ws2ifsl - ok
13:45:49.0444 0x0bec  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
13:45:49.0459 0x0bec  wscsvc - ok
13:45:49.0459 0x0bec  WSearch - ok
13:45:49.0506 0x0bec  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:45:49.0537 0x0bec  wuauserv - ok
13:45:49.0553 0x0bec  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:45:49.0553 0x0bec  WudfPf - ok
13:45:49.0553 0x0bec  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:45:49.0553 0x0bec  WUDFRd - ok
13:45:49.0568 0x0bec  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:45:49.0568 0x0bec  wudfsvc - ok
13:45:49.0568 0x0bec  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:45:49.0568 0x0bec  WwanSvc - ok
13:45:49.0584 0x0bec  [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
13:45:49.0600 0x0bec  yukonw7 - ok
13:45:49.0600 0x0bec  [ 62F07EB3AF56DBF61B7A3D3D6122160D, 106649270060E2E9A6C5DF5ED4EC91E2E68447918BA07333244C1C38CC859E35 ] {687703DE-DC6D-4649-892B-B8497854A6AB} C:\Program Files (x86)\CyberLink\PowerDVD15\Common\NavFilter\000.fcl
13:45:49.0600 0x0bec  {687703DE-DC6D-4649-892B-B8497854A6AB} - ok
13:45:49.0600 0x0bec  ================ Scan global ===============================
13:45:49.0615 0x0bec  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
13:45:49.0615 0x0bec  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
13:45:49.0631 0x0bec  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
13:45:49.0631 0x0bec  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:45:49.0631 0x0bec  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
13:45:49.0646 0x0bec  [ Global ] - ok
13:45:49.0646 0x0bec  ================ Scan MBR ==================================
13:45:49.0646 0x0bec  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:45:49.0678 0x0bec  \Device\Harddisk0\DR0 - ok
13:45:49.0974 0x0bec  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
13:45:50.0192 0x0bec  \Device\Harddisk1\DR1 - ok
13:45:50.0192 0x0bec  ================ Scan VBR ==================================
13:45:50.0192 0x0bec  [ AFDC08289FAB7E925FF8551513637F4B ] \Device\Harddisk0\DR0\Partition1
13:45:50.0192 0x0bec  \Device\Harddisk0\DR0\Partition1 - ok
13:45:50.0192 0x0bec  [ DECD5EC8772A38D439F1CA79D37E867E ] \Device\Harddisk0\DR0\Partition2
13:45:50.0208 0x0bec  \Device\Harddisk0\DR0\Partition2 - ok
13:45:50.0208 0x0bec  [ AFDC08289FAB7E925FF8551513637F4B ] \Device\Harddisk1\DR1\Partition1
13:45:50.0208 0x0bec  \Device\Harddisk1\DR1\Partition1 - ok
13:45:50.0208 0x0bec  [ CE3E5485900478D1837A51158EBB3F87 ] \Device\Harddisk1\DR1\Partition2
13:45:50.0208 0x0bec  \Device\Harddisk1\DR1\Partition2 - ok
13:45:50.0208 0x0bec  ================ Scan generic autorun ======================
13:45:50.0208 0x0bec  SynTPEnh - ok
13:45:50.0411 0x0bec  [ 33FB7C579FB2591443D4255FED6E9087, 77D122B4BBAF13B89A3C00D0392B109B6088A0F5BD36FD959E28D1E3CE846E86 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
13:45:50.0583 0x0bec  RtHDVCpl - ok
13:45:50.0629 0x0bec  [ 2169BF2F156B6C9BA2697F49362BCB61, 474149CDFB9A30F3104E3B382E647BB14CEC4CED947F4FAE9EABDA31016923F5 ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
13:45:50.0661 0x0bec  IntelWireless - ok
13:45:50.0661 0x0bec  [ CAB302E5273F02A454C8D5E207C95BA9, BC730C1EB4032AB81CA86A6127A50EA7101751D228A23D001731EF5C4FBEFEC3 ] C:\Program Files\Protector Suite\launcher.exe
13:45:50.0661 0x0bec  PSQLLauncher - ok
13:45:50.0661 0x0bec  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\RunDLL32.exe
13:45:50.0676 0x0bec  THXCfg64 - ok
13:45:50.0707 0x0bec  [ 5B72629C8144D1A96490D4C090D28DA1, 114891B9E7E05D2B86C8E3CD7B4096088491E338C3B1902F9352D40B47DD418C ] c:\Program Files\Microsoft IntelliPoint\ipoint.exe
13:45:50.0754 0x0bec  IntelliPoint - ok
13:45:50.0770 0x0bec  [ ABB241C563C9E817B95DFA59974268C7, 10E5D544681C6619C338417A71F66785F5BC0807F315071783B6B57F7CDEB13D ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
13:45:50.0770 0x0bec  AdobeAAMUpdater-1.0 - ok
13:45:50.0785 0x0bec  [ 6F4E71A0C3817FC8F36532796632A259, 3BF731130158C1F78DA21D7B8026CBB6EFA0F0F5F8DE4994728CA3D0A06B8819 ] C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
13:45:50.0785 0x0bec  SamsungRapidApp - ok
13:45:50.0785 0x0bec  [ 9D51EA92A612B37E76E5E4621650C50A, 00BD61C8527A80C0F684882379A0AC2E5A54E8BBECC797087B960CDC8454C373 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
13:45:50.0785 0x0bec  NUSB3MON - ok
13:45:50.0817 0x0bec  [ 193B1D98DCD8FF8D1FCD0F990DC5EDA5, 87BBFE567C15413764A7CAD85A5107C214DE923B5A6147D69F8EC1BED94210EF ] C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
13:45:50.0832 0x0bec  THX Audio Control Panel - ok
13:45:50.0832 0x0bec  [ C419DF63E0121D72411285780C2FC6CC, F47F854D327C589D174D3BB5B55D5C05F5ACA73DF52A6BEF47596B9010190291 ] C:\Windows\UpdReg.EXE
13:45:50.0832 0x0bec  UpdReg - ok
13:45:50.0848 0x0bec  [ 35048D8E8A0BF7A797CD5757ACD7EED0, 890FCF24869614B3990B575A588ECB35C25A5B896F21BF9C66D43C93787FDD7A ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
13:45:50.0848 0x0bec  CLMLServer - ok
13:45:50.0848 0x0bec  [ 0080EB1CDD83F14C01534B1DC754234D, D0FC9B95A12D0C92730F8031B3DB287D1309008CF15EA0C02FC14B56FAE8C320 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
13:45:50.0848 0x0bec  APSDaemon - ok
13:45:50.0863 0x0bec  [ 6503AF9D81F9E088C1260D609FA8757D, 62F5094BDC3A1D40E028D372331FD1FF86E5DC5C4BC16C419A836D7E5EEF5193 ] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
13:45:50.0863 0x0bec  ConnectionCenter - ok
13:45:50.0879 0x0bec  [ 5183EC20A788D7A78C7B408FDEA6F303, E93956ED56889FC0EA736A1787CF44CE09D21022B12DBDCD47A754EAB5A1A797 ] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe
13:45:50.0879 0x0bec  Nikon Message Center 2 - ok
13:45:50.0895 0x0bec  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
13:45:50.0895 0x0bec  SwitchBoard - ok
13:45:50.0926 0x0bec  [ E1636F57581CAB5D995FD54D2991EF57, BB6B3D005054D386D596A4BA4D9D2F1284D7C845C1CD5EE63775B4569559E0EB ] C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe
13:45:50.0957 0x0bec  AdobeCS5.5ServiceManager - ok
13:45:50.0957 0x0bec  [ 7FA30B0DE75D61B4E8E8734B2BB6CA6C, C545C83A6F7B6CDFA2C0393553AE3CCCE6FCC11CCB4026470D414B06EC679581 ] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
13:45:50.0973 0x0bec  FUFAXRCV - ok
13:45:50.0988 0x0bec  [ E476F00C910C1A96978FB30859E10919, 3F0DDF6DC7DB346BFB8AD9DD76F53143415FEED620A49B35A16168606A1942B4 ] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
13:45:51.0004 0x0bec  FUFAXSTM - ok
13:45:51.0004 0x0bec  [ 67BD916F01424DEB8AB8CD9E0096F277, D1E4A7BA332DA229138E89E5C4550A58ADD896B85728DF6BA33F1DE57D586E77 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
13:45:51.0004 0x0bec  BCSSync - ok
13:45:51.0035 0x0bec  [ 763CF780485BE99AB60418294C2167C9, DAF046C58586DB4E04027C7049CD39E2A2611E4A2F2F7828185B1442E9D0041A ] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
13:45:51.0066 0x0bec  Wondershare Helper Compact.exe - ok
13:45:51.0097 0x0bec  [ 86F33213C450FED3C7E32F9473415E7E, 75F3B3739DD12D8B7F93BEA912B864BF8BAEFA061720A87CF1F55030334C2558 ] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
13:45:51.0113 0x0bec  EEventManager - ok
13:45:51.0129 0x0bec  [ D335E990178EF4EA4D1104945D137FA6, BB2F7CA8CBCAD3E45CB7384FA5C5C8508F57AF82A66BBE25539A556B76A50C89 ] C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe
13:45:51.0144 0x0bec  PowerDVD15Agent - ok
13:45:51.0144 0x0bec  [ C2CE42005E3381A95460876020518440, 562EB30DA9A1DB58DB221423177C0680E69A4C38EEE2D5FD936633B2EB8A616E ] C:\Program Files (x86)\QuickTime\QTTask.exe
13:45:51.0160 0x0bec  QuickTime Task - ok
13:45:51.0160 0x0bec  [ 244C37564EC42EF4FB12F763C4861434, 5C216909E7C66F4E4AF2BC51AC40C46A9C95DBD2BA347DC0781E25D58044B513 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
13:45:51.0160 0x0bec  iTunesHelper - ok
13:45:51.0175 0x0bec  [ FC169AE00FCE9E01B276F2A5AA01C977, B289F55EE368CC0C9EB7A885777549C16CDE1D833A7D2A7469D8E958AF36592A ] C:\Program Files (x86)\i-Funbox DevTeam\ifb_conn.exe
13:45:51.0191 0x0bec  iFunBoxConnector - ok
13:45:51.0191 0x0bec  [ DE1444CEDD9CEEC23F6339665EBEB38F, 7527070DB4FA5DA0A5CBD83601B56CD76311FECD7EB49BA96EE257011760701C ] C:\Program Files (x86)\MediaMall\PlayOn.exe
13:45:51.0191 0x0bec  PlayOn - ok
13:45:51.0207 0x0bec  [ 944E77A49DBAF8F6BB473118C116E59E, 0DA67736F1841A270AB24C13BA8FF4021A8950EB58B4985774F4B224B832B0DA ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
13:45:51.0207 0x0bec  ApplePhotoStreams - ok
13:45:51.0207 0x0bec  [ 358EEF69D380995458019176ADB278B6, 167D46A7414A2C58F6C34B0C7C57A946E5FE7F73480C924D26E4C2FAFAF0737E ] C:\Program Files (x86)\Backblaze\bzbui.exe
13:45:51.0222 0x0bec  Backblaze - ok
13:45:51.0238 0x0bec  [ AD21D4C8D41075B2FCEB6AB6468199A6, 86605B5983B2E0B4D99980E5C1EC8F8DB7FF3AE0C33BA29C35661A4BD5560961 ] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
13:45:51.0238 0x0bec  OfficeSyncProcess - ok
13:45:51.0253 0x0bec  [ F341DD6145F779CE5B732BC6BC6A3370, 67CE7E6DD5969C8DE34473E01D60D52FABC740B056287C2E261A36F97993ED0D ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
13:45:51.0253 0x0bec  iCloudServices - ok
13:45:51.0269 0x0bec  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:45:51.0285 0x0bec  Sidebar - ok
13:45:51.0285 0x0bec  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:45:51.0300 0x0bec  mctadmin - ok
13:45:51.0300 0x0bec  Waiting for KSN requests completion. In queue: 145
13:45:52.0314 0x0bec  Waiting for KSN requests completion. In queue: 145
13:45:53.0328 0x0bec  Waiting for KSN requests completion. In queue: 145
13:45:54.0342 0x0bec  Waiting for KSN requests completion. In queue: 145
13:45:55.0356 0x0bec  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\wmiav.exe ( 15.0.1.415 ), 0x41000 ( enabled : updated )
13:45:55.0372 0x0bec  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\wmifw.exe ( 15.0.1.415 ), 0x41010 ( enabled )
13:45:58.0305 0x0bec  ============================================================
13:45:58.0305 0x0bec  Scan finished
13:45:58.0305 0x0bec  ============================================================
13:45:58.0305 0x187c  Detected object count: 0
13:45:58.0305 0x187c  Actual detected object count: 0
 


  • 0

#10
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
I would like to see the Malwarebytes log that you ran,

Posting the Malwarebytes log.
  • open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • post that saved log to your next reply.
Next

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the logfile button and the log will open in Notepad.
  • NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished and the PC has rebooted.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner
Next

thisisujrt.gif Please download Junkware Removal Tool to your Desktop.

Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete, depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
Please post the contents of JRT.txt into your reply.
In your next reply post;
  • The AdwCleaner [SO].txt Log
  • The JRT.txt Log
Thanks
Joe :)
  • 0

Advertisements


#11
BluePoet

BluePoet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

I could not find the Malwarebytes file, so I ran it again but did not fix anything.  Here is the log:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 7/12/2015
Scan Time: 2:06 PM
Logfile:
Administrator: Yes

Version: 2.1.8.1057
Malware Database: v2015.07.12.03
Rootkit Database: v2015.07.10.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: John

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 537447
Time Elapsed: 14 min, 33 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 4
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\CLASSES\Toolbar.CT2790392, , [d112825ec4c6da5cf1b8246a18ec26da],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Toolbar.CT2790392, , [ebf810d0d2b8290df2b7503eb450bf41],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\MHFDCMEHMJCCLGOPDODKJDICOHAGIPID, , [09da15cbaae043f3c081a261986bb947],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-777044968-2926712198-4189444973-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\MHFDCMEHMJCCLGOPDODKJDICOHAGIPID, , [4d96e2fe79114bebce74f60d32d15ba5],

Registry Values: 3
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mhfdcmehmjcclgopdodkjdicohagipid|path, C:\Users\John\AppData\Local\CRE\mhfdcmehmjcclgopdodkjdicohagipid.crx, , [09da15cbaae043f3c081a261986bb947]
PUP.Optional.FreeMakeConverter.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|[email protected], C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\, , [f3f02eb2137795a13b9bea31c93a718f]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-777044968-2926712198-4189444973-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\mhfdcmehmjcclgopdodkjdicohagipid|path, C:\Users\John\AppData\Local\CRE\mhfdcmehmjcclgopdodkjdicohagipid.crx, , [4d96e2fe79114bebce74f60d32d15ba5]

Registry Data: 0
(No malicious items detected)

Folders: 116
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\APISupport, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\lib, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\options, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\tabs, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\tabs\back, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\toolbarAPI, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\mam, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\mam\scripts, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\mam\scripts\contentScripts, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\nativeMessaging, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\plugins, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\aboutBox, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\aboutBox\images, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\aboutBox\js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\res, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\api, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\msd, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\images, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\js\resources, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spbd, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spbd\images, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spsd, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spsd\images, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\images, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\restart, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\restart\images, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gadgetFrame, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf\css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf\img, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf\js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\img, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\APPLICATION_BUTTON, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\APPLICATION_BUTTON\Js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\APPLICATION_BUTTON\resources, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\HIGHLIGHTER, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\HIGHLIGHTER\css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\HIGHLIGHTER\js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS\css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS\img, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS\js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS\js\resources, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\dark, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\light, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\Optimizer, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\Optimizer\js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\agreement, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\css\custom-theme, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\images, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\css\custom-theme, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\resources, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\buildSettings, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\Css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\resources, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\view, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\view\script, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\view\style, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\view\style\rsx, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\TWITTER, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\TWITTER\img, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\TWITTER\js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\core, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.alerts, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.alerts\images, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.jscrollpane, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\sl, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\_locales, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\_locales\en, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\CRE, , [9b48d9070d7d9f97c47c40c360a3956b],
PUP.Optional.Conduit.A, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid, , [f9ea6c74ec9edb5ba5b8d420b54d8080],

Files: 577
PUP.BundleInstaller.OI, C:\Users\John\Downloads\MiroVideoConverter_Setup.exe, , [2fb416cad9b13ef866e18506e719af51],
PUP.Optional.Mypcbackup, C:\Users\John\Downloads\MyPCBackup_Setup.exe, , [776c7769cdbda78f87effd63ef1657a9],
PUP.Optional.OpenCandy, C:\Users\John\Downloads\uTorrent.exe, , [8b58924e85059c9a99555b465aaaab55],
PUP.Optional.FirSeriaInstaller, C:\Users\John\Downloads\Free Simpsons Tapped Out Hack Updated 2013.exe, , [4a9904dcddad201649295799629e6799],
PUP.Optional.OpenCandy, C:\Users\John\Downloads\FreemakeVideoConverterSetup(1).exe, , [13d0fce4d9b17fb7da6e559554acd42c],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\CT2790392.txt, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\128x128.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\19x19.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\48x48.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\AbstractionLayerBack.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\AbstractionLayerFront.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\blank.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\CT2790392_public.txt, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\initdata.json, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\manifest.json, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\shouldShowTB.txt, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\APISupport\APISupport.dll, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\framework.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\bcview.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\chromeBackstage.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\chromeBackstage.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\chromeBackstageLoader.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\communicator.back.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\compatibility.end.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\compatibility.service.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\compatibility.start.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\contentScript.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\iframeHost.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\iframeHost.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\JSONStringify.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\logger.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\match.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\nativeMsgCom.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\navigationHandler.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\pluginLoader.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\pricegongMigration.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\toolbarEnv.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\updatesManager.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\verlyEarly.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\lib\jquery-1.5.min.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\options\Options.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\tabs\back\postNavigation.htm, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\toolbarAPI\toolbarAPI.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\mam\background.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\mam\settings.json, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\mam\scripts\background.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\mam\scripts\iframeHost.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\mam\scripts\iframeHost.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\mam\scripts\popup.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\mam\scripts\contentScripts\contentScript.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\nativeMessaging\nmHostConfig.json, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\nativeMessaging\nmHostManifest.json, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\plugins\ChromeApiPlugin.dll, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\initData.json, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\html\SearchBackground.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\html\searchInNewTabAPI.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\MostVisited.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\Applications.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\Bookmarks.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\CntRedirect.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\DeveloperMode.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\EmbeddedConfig.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\enable_disable.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\EventHandler.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\Global.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\LocationService.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\LogMsg.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\NewTabAPI.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\RecentlyClosed.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\SearchBox.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\SearchBoxIframe.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\ServiceMap.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\Settings.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\startupSequence.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\Thumbnails.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\Toolbar.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\Translation.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\Usage.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\about_memory.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\alert_overlay.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\apps_page.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\bubble.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\chrome_shared.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\chrome_shared2.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\chrome_shared2_touch.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\dialogs.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\expandable_bubble.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\footer_menu.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\list.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\menu.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\most_visited_page.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\nav_dot.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\new_tab.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\new_tab_theme.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\overlay.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\spinner.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\suggestions_page.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\table.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\tabs.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\throbber.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\tile_page.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\trash.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\tree.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\ui_account_tweaks.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\widgets.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\html\alert_overlay.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\html\appLauncher.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\html\loadfile.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\html\NewTabBackground.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\html\new_tab.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\html\Options.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\html\redirect.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\html\trash.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\close_bar_mask.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\exclamationIcon.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\history_section.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\app_promo_button.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\check.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\checkbox_black.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\checkbox_white.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\closed_window.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\close_bar.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\close_bar_2x.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\close_bar_h.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\close_bar_h_2x.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\close_bar_mask_2x.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\close_bar_p.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\close_bar_p_2x.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\detected_sd.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\detected_usb.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\disabled_select.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\disclosure_triangle_mask.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\downloads_section.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\favicon.ico, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\favicon.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\folder_closed.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\folder_closed_rtl.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\folder_open.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\folder_open_rtl.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\gear.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\google-transparent.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\guest_icon_standalone.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\help.gif, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\icon128.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\icon16.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\icon48.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\icon_checkmark.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\icon_file.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\icon_folder.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\icon_warning.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\icon_warning2.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\IDR_PRODUCT_LOGO.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\ImagesRepository.json, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\insert.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\minus.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\nub.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\nub_mask.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\otr_icon_standalone.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\phishing_icon.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\plus.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\select.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\small_bubble.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\spinner.svg, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\star_small.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\success.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\throbber.svg, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\thumbnailPlaceHolder.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\trash.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\trashBinN.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\WebStore128.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\x-hover.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\x.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\__IDR_PRODUCT_LOGO.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\context_menu_handler.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\i18n_template.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\alert_overlay.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\appLauncher.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\apps_page.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\autocomplete_list.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\Base64.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\bubble.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\card_slider.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\color-thief.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\command.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\command_line.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\context_menu_button.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\cr.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\database.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\dialogs.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\dot_list.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\drag_wrapper.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\event_target.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\event_tracker.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\expandable_bubble.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\focus_outline_manager.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\i18n_process.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\i18n_template2.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\jquery.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\link_controller.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\loadFile.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\load_time_data.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\local_strings.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\logerror.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\logging.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\md5.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\media_common.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\menu.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\menu_button.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\menu_item.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\most_visited_page.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\nav_dot.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\NewTabBackground.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\newTabBeforeStart.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\newTabLoadTimeData.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\new_tab.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\options.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\other_sessions.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\overlay.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\page_list_view.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\page_switcher.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\parse_html_subset.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\position_util.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\promise.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\quantize.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\recently_closed.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\repeating_button.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\SearchBoxPage.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\search_history.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\splitter.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\suggestions_page.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\tile_page.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\touch_handler.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\trash.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\tree.css.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\tree.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\ui.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\ui_account_tweaks.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\util.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\ZipFile.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\backstage.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\version.txt, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\al.view.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\aboutBox\aboutBox.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\aboutBox\images\logo.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\aboutBox\images\OK-Button-Default.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\aboutBox\images\OK-Button-MouseOver.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\aboutBox\images\OK-Button-OnClick.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\aboutBox\images\truste.gif, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\aboutBox\images\x.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\aboutBox\js\aboutBox.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\appManager.controller.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\appManager.model.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\appManager.view.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\css\toolbar.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\minibrowser24.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\ajax-loader.gif, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\buttonSprites.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\chevron_sprites.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\fallback24.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\ie8_mouseover_button.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\ie8_onclick_button.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\loader-icon.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\menu_arrow.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\minibrowser.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\mp_sprites.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\new_chevron_sprites.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\rounded_corners_left_transparent.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\rounded_corners_left_white.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\rounded_corners_left_white_34.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\rounded_corners_right_transparent.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\rounded_corners_right_white.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\rounded_corners_right_white_34.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\separator.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\separator_hover.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\uus.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\res\yoxscroll.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\api\toolbarapi.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\api\webAppApi.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\api\webAppApiFront.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\msd\excanvas.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\msd\trusted.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\msd\trusted.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\msd\untrusted.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\msd\untrusted.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\msd\untrusted.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\options.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\css\jquery.jscrollpane.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\css\options.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\css\reset.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\images\bg-hide-click.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\images\bg-hide.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\images\checkbox-check-off.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\images\checkbox-check-on.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\images\ic_Closer.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\images\ic_Closer_hover.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\images\logo.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\images\minibrowser.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\images\scroller.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\images\sprite-ok-button.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\images\truste.gif, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\images\x.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\js\html5SupportIe.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\js\options.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\js\resources\html5shiv.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\js\resources\jquery.jscrollpane.min.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\js\resources\jquery.mousewheel.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\js\searchProtectorManager.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spbd\bubble.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spbd\bubble.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spbd\main.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spbd\images\information.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spbd\images\x-default-LTR.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spbd\images\x-default-RTL.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spbd\images\x-mouseover-LTR.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spbd\images\x-mouseover-RTL.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spsd\main.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spsd\SearchProtector.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spsd\settings.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spsd\images\ok-button.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spsd\images\separation-line.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spsd\images\warning.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menus.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\popups.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\DialogsAPI.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\excanvas.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\generalDialogStyle.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\PIE.htc, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\settings.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\main.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\ToolbarFirstTimeDialog.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\ToolbarFirstTimeDialog.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\images\app-store-icon.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\images\arrow.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\images\dialog_tip_left.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\images\dialog_tip_right.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\images\divider.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\images\emailNotifier.gif, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\images\facebook.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\images\radio.GIF, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\images\Thumbs.db, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\images\truste_welcome.GIF, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\images\weather.GIF, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\restart\main.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\restart\restartDialog.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\restart\restartDialog.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\restart\images\2.0--spec--kicker.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\restart\images\content-pattern.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\restart\images\content-sep.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\restart\images\OK-Button-Default.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\restart\images\OK-Button-MouseOver.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\restart\images\OK-Button-OnClick.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\restart\images\x.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gadgetFrame\gf.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gadgetFrame\lgf.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf\gf.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf\lgf.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf\css\gf.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf\css\gf_ie.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf\img\ie_back.gif, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf\img\loader.gif, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf\img\resize.gif, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf\img\sprites.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf\js\gf.view.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf\js\lgf.view.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\popup.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\css\menu.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\img\arrow-down-strong.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\img\arrow-down.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\img\arrow-left-strong.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\img\arrow-left.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\img\arrow-right-strong.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\img\arrow-right.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\img\arrows.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\js\jquery.ellipsis.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\js\jquery.scrollTo-1.4.2-min.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\js\menu.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\js\renderHandler.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\js\scrollers.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\js\showHandler.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\browserAppApi.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\APPLICATION_BUTTON\bgpage.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\APPLICATION_BUTTON\Js\bgpage.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\APPLICATION_BUTTON\resources\defaultEngineImage.gif, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\bgPage.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\popup.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\css\en.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\css\en_rtl.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\css\jquery.jscrollpane.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\AccountManager.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\bgPage.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\EN.model.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\IMAPExecuter.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\Inboxer.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\Invoker.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\MailDecoder.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\MailMerger.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\POP3Executer.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\Popup.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\providerHelper.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\Providers.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\SettingsManager.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\Timer.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\Translation.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\Utils.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\HIGHLIGHTER\bgpage.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\HIGHLIGHTER\embedded.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\HIGHLIGHTER\popup.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\HIGHLIGHTER\css\embedded.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\HIGHLIGHTER\css\popup.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\HIGHLIGHTER\css\reset.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\HIGHLIGHTER\js\bgpage.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\HIGHLIGHTER\js\embedded.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\HIGHLIGHTER\js\higlighter_script.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\HIGHLIGHTER\js\popup.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS\bgpage.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS\popup.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS\css\popup.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS\img\arrows.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS\img\badges.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS\img\icons.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS\js\bgpage.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS\js\popup.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS\js\resources\webAppUtils.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\bgpage.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\embedded.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\NotificationPopup.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\Settings.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\css\gadget.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\css\general.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\css\Main.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\css\newMain.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\css\settings.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\css\ui.stepper.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\closeIcon.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\downArrow.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\settingsIcon.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\upArrow.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\dark\close.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\dark\Next.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\dark\Next_hover.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\dark\powered-by.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\dark\Prev.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\dark\Prev_hover.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\dark\settings.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\light\close.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\light\Next.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\light\Next_hover.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\light\powered-by.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\light\Prev.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\light\Prev_hover.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\light\settings.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\js\AppName.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\js\bgpage.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\js\bgpageEarly.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\js\commons.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\js\jquery.ezmark.min.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\js\notification.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\js\NotificationSettings.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\js\notificationUIManger.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\js\Settings.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\js\stepper.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\js\ToolbarAndAppsSettings.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\Optimizer\bgpage.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\Optimizer\js\bgpage.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\bgpage.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\bgpage.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\pg_offers.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\pg_offers.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\agreement\agree.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\agreement\agree.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\agreement\Close.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\agreement\Image.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\agreement\Logo.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\agreement\OK_Btn.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\agreement\Topbg.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\css\gadget.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\css\ie7styles.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\css\iestyle.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\css\custom-theme\jquery-ui-1.8.10.custom.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\images\icon.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\bgpage.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\embedded.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\popup2.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\css\gadget.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\css\jquery.jscrollpane.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\css\reset.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\css\stations.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\css\custom-theme\jquery-ui-1.8.10.custom.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\bgpage.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\bgpageEarly.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\embedded.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\embeddedEarly.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\localization.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\player.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\popup.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\resources\BrowserDetect.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\resources\jquery-ui-1.8.10.custom.min.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\resources\jquery.jscrollpane.min.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\resources\jquery.scrollTo-1.4.2-min.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\resources\radioCommon.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\resources\system.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\resources\utils.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\bgpage.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\embedded.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\information.popup.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\buildSettings\SearchApp_Ant.xml, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\Css\information.popup.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\js\bgpage.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\js\common.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\js\contentManager.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\js\historyProvider.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\js\information.popup.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\js\layoutManager.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\js\searchListener.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\js\selectionListener.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\js\suggestProvider.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\resources\history--x-default.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\resources\history--x-mouseover.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\resources\menu.icon.apps.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\view\script\view.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\view\style\default.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\view\style\rsx\dd-arrow.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\view\style\rsx\ie8.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\TWITTER\bgpage.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\TWITTER\popup.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\TWITTER\popup.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\TWITTER\img\icons.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\TWITTER\img\inbox.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\TWITTER\img\scroll_down.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\TWITTER\img\scroll_up.png, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\TWITTER\js\bgpage.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\TWITTER\js\localization.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\TWITTER\js\popup.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\bgpage.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\popup.html, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\css\gadget.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\css\ie7styles.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\css\iestyle.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\js\bgpage.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\js\common.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\js\date-functions.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\js\gadget.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\js\jquery.autocomplete.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\js\jquery.textshadow.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\js\logic.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\js\main.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\js\xPath.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\core\corelibs.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\core\framework.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\core\utils.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\al.view.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\al.viewPerformanceLog.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\background.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\ie_fix.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.min.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.mousewheel.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.text-overflow.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.tmpl.min.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.xml2json.custom.min.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.xml2json.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\json2.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\json2.min.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\script2injectEmbedded.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\script2injectPopup.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\sdk.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.alerts\jquery.alerts.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.alerts\jquery.alerts.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.alerts\images\help.gif, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.alerts\images\important.gif, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.alerts\images\info.gif, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.alerts\images\title.gif, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.jscrollpane\jquery.jscrollpane.css, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.jscrollpane\jquery.jscrollpane.min.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\sl\serviceLayer.js, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\_locales\en\messages.json, , [38ab8a56f99184b2e6579271b152fc04],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\CRE\mhfdcmehmjcclgopdodkjdicohagipid.crx, , [9b48d9070d7d9f97c47c40c360a3956b],

Physical Sectors: 0
(No malicious items detected).

 

AdwCleaner log is in next post.


  • 0

#12
BluePoet

BluePoet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

Adwcleaner log (before clean):

 

# AdwCleaner v4.208 - Logfile created 12/07/2015 at 14:25:04
# Updated 09/07/2015 by Xplode
# Database : 2015-07-11.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : John - JOHN-PC
# Running from : C:\Users\John\Desktop\adwcleaner_4.208.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\z5xtwheb.default-1347206686710\user.js
File Found : C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\e9704kcp.default\user.js
Folder Found : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Found : C:\Program Files (x86)\JustCloud

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Mozilla Firefox v39.0 (x86 en-US)


-\\ Google Chrome v43.0.2357.132

[C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}

*************************

AdwCleaner[R0].txt - [1531 bytes] - [12/07/2015 14:25:04]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1590 bytes] ##########
 


  • 0

#13
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
OK,

Let malwarebytes remove all those items. Did you run Junk ware removal(JRT) tool ? If not do so.

Combofix makes changes to the computer it's important we remove it by following:
  • turn off all active protection software
  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and paste the following into the box ComboFix /Uninstall and click OK.
  • Note the space between the X and the /Uninstall, it needs to be there.

    Let me know when that is done

  • 0

#14
BluePoet

BluePoet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

I did run JRT.  I will run Antimalware bytes again, and post the result. JRT log is below:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.4.5 (07.12.2015:1)
OS: Windows 7 Ultimate x64
Ran by John on Sun 07/12/2015 at 14:36:46.54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

By the way, my trackpad stopped scrolling somewhere along the line.  I will post again after running Malwarebytes and removing combofix.




~~~ Services

Successfully deleted: [Service] mediamall server [Reboot required]



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{7DC274FF-15F0-4C7A-AC2B-6613696CB505}



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\John\appdata\local\{044669AE-DA52-4E7F-AB9A-5D06AA180B46}
Successfully deleted: [Empty Folder] C:\Users\John\appdata\local\{431DF1AF-4F1B-4311-B29F-2DC02010E645}
Successfully deleted: [Empty Folder] C:\Users\John\appdata\local\{4CD4AA9D-1EA9-47CE-9AE0-E303530889D2}
Successfully deleted: [Empty Folder] C:\Users\John\appdata\local\{9A21D8B1-5CED-4AAF-89DA-2A83AFBB6AC2}
Successfully deleted: [Empty Folder] C:\Users\John\appdata\local\{DF7D51B3-99A6-4350-B0CB-29A6FA9C72A2}
Successfully deleted: [Empty Folder] C:\Users\John\appdata\local\{E36CB28E-39DE-4520-BB0C-D0173E3A330E}
Successfully deleted: [Folder] C:\Program Files (x86)\mediamall
Successfully deleted: [Folder] C:\ProgramData\mediamall
Successfully deleted: [Folder] C:\Users\John\appdata\local\cre
Successfully deleted: [Folder] C:\Users\John\AppData\Roaming\getrighttogo



~~~ FireFox

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@playon.tv/playontoolbar
Emptied folder: C:\Users\John\AppData\Roaming\mozilla\firefox\profiles\z5xtwheb.default-1347206686710\minidumps [259 files]



~~~ Chrome


[C:\Users\John\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\John\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\John\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\John\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 07/12/2015 at 14:41:51.27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


  • 0

#15
BluePoet

BluePoet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

Scrolling is back after reboot.  Here is the new malwarebytes log.  Now I will get rid of ComboFix:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 7/12/2015
Scan Time: 2:50 PM
Logfile:
Administrator: Yes

Version: 2.1.8.1057
Malware Database: v2015.07.12.04
Rootkit Database: v2015.07.10.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: John

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 530802
Time Elapsed: 15 min, 12 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\MHFDCMEHMJCCLGOPDODKJDICOHAGIPID, Quarantined, [e7fd964a64269f97e16f3fc4ea19847c],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-777044968-2926712198-4189444973-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\MHFDCMEHMJCCLGOPDODKJDICOHAGIPID, Quarantined, [776d7d63375348ee6ee3a45fbc475da3],

Registry Values: 2
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mhfdcmehmjcclgopdodkjdicohagipid|path, C:\Users\John\AppData\Local\CRE\mhfdcmehmjcclgopdodkjdicohagipid.crx, Quarantined, [e7fd964a64269f97e16f3fc4ea19847c]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-777044968-2926712198-4189444973-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\mhfdcmehmjcclgopdodkjdicohagipid|path, C:\Users\John\AppData\Local\CRE\mhfdcmehmjcclgopdodkjdicohagipid.crx, Quarantined, [776d7d63375348ee6ee3a45fbc475da3]

Registry Data: 0
(No malicious items detected)

Folders: 115
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\APISupport, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\lib, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\options, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\tabs, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\tabs\back, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\toolbarAPI, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\mam, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\mam\scripts, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\mam\scripts\contentScripts, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\nativeMessaging, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\plugins, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\aboutBox, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\aboutBox\images, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\aboutBox\js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\res, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\api, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\msd, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\images, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\js\resources, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spbd, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spbd\images, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spsd, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spsd\images, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\images, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\restart, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\restart\images, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gadgetFrame, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf\css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf\img, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf\js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\img, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\APPLICATION_BUTTON, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\APPLICATION_BUTTON\Js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\APPLICATION_BUTTON\resources, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\HIGHLIGHTER, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\HIGHLIGHTER\css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\HIGHLIGHTER\js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS\css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS\img, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS\js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS\js\resources, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\dark, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\light, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\Optimizer, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\Optimizer\js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\agreement, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\css\custom-theme, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\images, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\css\custom-theme, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\resources, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\buildSettings, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\Css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\resources, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\view, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\view\script, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\view\style, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\view\style\rsx, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\TWITTER, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\TWITTER\img, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\TWITTER\js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\core, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.alerts, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.alerts\images, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.jscrollpane, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\sl, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\_locales, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\_locales\en, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.Conduit.A, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid, Quarantined, [4e96e0007b0f84b23c308173f70ba060],

Files: 576
PUP.BundleInstaller.OI, C:\Users\John\Downloads\MiroVideoConverter_Setup.exe, Quarantined, [7371db05bccee2546add2269976960a0],
PUP.Optional.Mypcbackup, C:\Users\John\Downloads\MyPCBackup_Setup.exe, Quarantined, [74708b5595f53cfaa5e47ee226df24dc],
PUP.Optional.OpenCandy, C:\Users\John\Downloads\uTorrent.exe, Quarantined, [bb2927b968222214e6172b76768ebd43],
PUP.Optional.FirSeriaInstaller, C:\Users\John\Downloads\Free Simpsons Tapped Out Hack Updated 2013.exe, Quarantined, [27bdce1213773afc254d8c64e81811ef],
PUP.Optional.OpenCandy, C:\Users\John\Downloads\FreemakeVideoConverterSetup(1).exe, Quarantined, [8e56964adeac64d2272141a9916faa56],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\CT2790392.txt, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\128x128.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\19x19.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\48x48.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\AbstractionLayerBack.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\AbstractionLayerFront.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\blank.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\CT2790392_public.txt, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\initdata.json, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\manifest.json, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\shouldShowTB.txt, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\APISupport\APISupport.dll, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\framework.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\bcview.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\chromeBackstage.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\chromeBackstage.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\chromeBackstageLoader.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\communicator.back.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\compatibility.end.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\compatibility.service.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\compatibility.start.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\contentScript.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\iframeHost.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\iframeHost.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\JSONStringify.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\logger.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\match.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\nativeMsgCom.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\navigationHandler.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\pluginLoader.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\pricegongMigration.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\toolbarEnv.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\updatesManager.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\verlyEarly.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\lib\jquery-1.5.min.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\options\Options.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\tabs\back\postNavigation.htm, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\js\toolbarAPI\toolbarAPI.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\mam\background.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\mam\settings.json, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\mam\scripts\background.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\mam\scripts\iframeHost.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\mam\scripts\iframeHost.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\mam\scripts\popup.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\mam\scripts\contentScripts\contentScript.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\nativeMessaging\nmHostConfig.json, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\nativeMessaging\nmHostManifest.json, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\plugins\ChromeApiPlugin.dll, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\initData.json, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\html\SearchBackground.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\html\searchInNewTabAPI.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\MostVisited.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\Applications.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\Bookmarks.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\CntRedirect.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\DeveloperMode.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\EmbeddedConfig.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\enable_disable.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\EventHandler.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\Global.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\LocationService.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\LogMsg.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\NewTabAPI.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\RecentlyClosed.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\SearchBox.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\SearchBoxIframe.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\ServiceMap.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\Settings.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\startupSequence.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\Thumbnails.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\Toolbar.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\Translation.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\API\Usage.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\about_memory.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\alert_overlay.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\apps_page.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\bubble.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\chrome_shared.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\chrome_shared2.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\chrome_shared2_touch.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\dialogs.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\expandable_bubble.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\footer_menu.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\list.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\menu.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\most_visited_page.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\nav_dot.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\new_tab.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\new_tab_theme.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\overlay.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\spinner.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\suggestions_page.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\table.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\tabs.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\throbber.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\tile_page.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\trash.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\tree.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\ui_account_tweaks.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\css\widgets.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\html\alert_overlay.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\html\appLauncher.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\html\loadfile.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\html\NewTabBackground.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\html\new_tab.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\html\Options.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\html\redirect.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\html\trash.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\close_bar_mask.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\exclamationIcon.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\history_section.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\app_promo_button.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\check.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\checkbox_black.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\checkbox_white.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\closed_window.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\close_bar.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\close_bar_2x.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\close_bar_h.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\close_bar_h_2x.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\close_bar_mask_2x.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\close_bar_p.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\close_bar_p_2x.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\detected_sd.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\detected_usb.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\disabled_select.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\disclosure_triangle_mask.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\downloads_section.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\favicon.ico, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\favicon.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\folder_closed.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\folder_closed_rtl.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\folder_open.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\folder_open_rtl.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\gear.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\google-transparent.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\guest_icon_standalone.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\help.gif, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\icon128.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\icon16.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\icon48.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\icon_checkmark.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\icon_file.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\icon_folder.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\icon_warning.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\icon_warning2.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\IDR_PRODUCT_LOGO.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\ImagesRepository.json, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\insert.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\minus.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\nub.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\nub_mask.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\otr_icon_standalone.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\phishing_icon.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\plus.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\select.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\small_bubble.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\spinner.svg, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\star_small.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\success.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\throbber.svg, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\thumbnailPlaceHolder.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\trash.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\trashBinN.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\WebStore128.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\x-hover.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\x.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\img\__IDR_PRODUCT_LOGO.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\context_menu_handler.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\i18n_template.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\alert_overlay.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\appLauncher.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\apps_page.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\autocomplete_list.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\Base64.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\bubble.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\card_slider.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\color-thief.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\command.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\command_line.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\context_menu_button.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\cr.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\database.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\dialogs.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\dot_list.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\drag_wrapper.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\event_target.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\event_tracker.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\expandable_bubble.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\focus_outline_manager.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\i18n_process.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\i18n_template2.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\jquery.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\link_controller.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\loadFile.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\load_time_data.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\local_strings.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\logerror.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\logging.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\md5.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\media_common.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\menu.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\menu_button.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\menu_item.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\most_visited_page.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\nav_dot.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\NewTabBackground.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\newTabBeforeStart.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\newTabLoadTimeData.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\new_tab.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\options.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\other_sessions.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\overlay.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\page_list_view.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\page_switcher.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\parse_html_subset.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\position_util.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\promise.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\quantize.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\recently_closed.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\repeating_button.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\SearchBoxPage.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\search_history.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\splitter.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\suggestions_page.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\tile_page.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\touch_handler.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\trash.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\tree.css.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\tree.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\ui.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\ui_account_tweaks.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\util.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\Search\NewTabPages\js\ZipFile.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\backstage.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\version.txt, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\al.view.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\aboutBox\aboutBox.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\aboutBox\images\logo.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\aboutBox\images\OK-Button-Default.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\aboutBox\images\OK-Button-MouseOver.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\aboutBox\images\OK-Button-OnClick.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\aboutBox\images\truste.gif, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\aboutBox\images\x.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\aboutBox\js\aboutBox.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\appManager.controller.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\appManager.model.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\appManager.view.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\css\toolbar.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\minibrowser24.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\ajax-loader.gif, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\buttonSprites.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\chevron_sprites.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\fallback24.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\ie8_mouseover_button.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\ie8_onclick_button.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\loader-icon.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\menu_arrow.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\minibrowser.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\mp_sprites.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\new_chevron_sprites.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\rounded_corners_left_transparent.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\rounded_corners_left_white.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\rounded_corners_left_white_34.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\rounded_corners_right_transparent.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\rounded_corners_right_white.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\rounded_corners_right_white_34.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\separator.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\separator_hover.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\img\uus.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ac\res\yoxscroll.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\api\toolbarapi.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\api\webAppApi.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\api\webAppApiFront.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\msd\excanvas.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\msd\trusted.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\msd\trusted.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\msd\untrusted.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\msd\untrusted.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\msd\untrusted.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\options.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\css\jquery.jscrollpane.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\css\options.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\css\reset.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\images\bg-hide-click.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\images\bg-hide.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\images\checkbox-check-off.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\images\checkbox-check-on.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\images\ic_Closer.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\images\ic_Closer_hover.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\images\logo.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\images\minibrowser.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\images\scroller.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\images\sprite-ok-button.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\images\truste.gif, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\images\x.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\js\html5SupportIe.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\js\options.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\js\resources\html5shiv.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\js\resources\jquery.jscrollpane.min.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\options\js\resources\jquery.mousewheel.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\js\searchProtectorManager.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spbd\bubble.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spbd\bubble.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spbd\main.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spbd\images\information.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spbd\images\x-default-LTR.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spbd\images\x-default-RTL.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spbd\images\x-mouseover-LTR.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spbd\images\x-mouseover-RTL.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spsd\main.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spsd\SearchProtector.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spsd\settings.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spsd\images\ok-button.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spsd\images\separation-line.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\sp\spsd\images\warning.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menus.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\popups.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\DialogsAPI.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\excanvas.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\generalDialogStyle.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\PIE.htc, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\settings.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\main.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\ToolbarFirstTimeDialog.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\ToolbarFirstTimeDialog.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\images\app-store-icon.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\images\arrow.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\images\dialog_tip_left.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\images\dialog_tip_right.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\images\divider.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\images\emailNotifier.gif, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\images\facebook.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\images\radio.GIF, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\images\Thumbs.db, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\images\truste_welcome.GIF, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\ftd\images\weather.GIF, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\restart\main.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\restart\restartDialog.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\restart\restartDialog.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\restart\images\2.0--spec--kicker.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\restart\images\content-pattern.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\restart\images\content-sep.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\restart\images\OK-Button-Default.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\restart\images\OK-Button-MouseOver.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\restart\images\OK-Button-OnClick.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\dlg\restart\images\x.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gadgetFrame\gf.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gadgetFrame\lgf.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf\gf.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf\lgf.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf\css\gf.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf\css\gf_ie.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf\img\ie_back.gif, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf\img\loader.gif, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf\img\resize.gif, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf\img\sprites.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf\js\gf.view.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\gf\js\lgf.view.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\popup.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\css\menu.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\img\arrow-down-strong.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\img\arrow-down.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\img\arrow-left-strong.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\img\arrow-left.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\img\arrow-right-strong.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\img\arrow-right.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\img\arrows.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\js\jquery.ellipsis.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\js\jquery.scrollTo-1.4.2-min.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\js\menu.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\js\renderHandler.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\js\scrollers.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\ui\menu\js\showHandler.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\browserAppApi.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\APPLICATION_BUTTON\bgpage.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\APPLICATION_BUTTON\Js\bgpage.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\APPLICATION_BUTTON\resources\defaultEngineImage.gif, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\bgPage.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\popup.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\css\en.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\css\en_rtl.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\css\jquery.jscrollpane.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\AccountManager.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\bgPage.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\EN.model.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\IMAPExecuter.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\Inboxer.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\Invoker.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\MailDecoder.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\MailMerger.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\POP3Executer.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\Popup.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\providerHelper.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\Providers.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\SettingsManager.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\Timer.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\Translation.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\EMAIL_NOTIFIER\js\Utils.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\HIGHLIGHTER\bgpage.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\HIGHLIGHTER\embedded.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\HIGHLIGHTER\popup.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\HIGHLIGHTER\css\embedded.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\HIGHLIGHTER\css\popup.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\HIGHLIGHTER\css\reset.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\HIGHLIGHTER\js\bgpage.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\HIGHLIGHTER\js\embedded.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\HIGHLIGHTER\js\higlighter_script.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\HIGHLIGHTER\js\popup.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS\bgpage.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS\popup.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS\css\popup.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS\img\arrows.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS\img\badges.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS\img\icons.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS\js\bgpage.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS\js\popup.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\MULTI_RSS\js\resources\webAppUtils.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\bgpage.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\embedded.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\NotificationPopup.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\Settings.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\css\gadget.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\css\general.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\css\Main.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\css\newMain.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\css\settings.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\css\ui.stepper.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\closeIcon.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\downArrow.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\settingsIcon.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\upArrow.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\dark\close.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\dark\Next.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\dark\Next_hover.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\dark\powered-by.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\dark\Prev.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\dark\Prev_hover.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\dark\settings.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\light\close.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\light\Next.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\light\Next_hover.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\light\powered-by.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\light\Prev.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\light\Prev_hover.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\images\light\settings.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\js\AppName.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\js\bgpage.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\js\bgpageEarly.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\js\commons.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\js\jquery.ezmark.min.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\js\notification.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\js\NotificationSettings.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\js\notificationUIManger.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\js\Settings.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\js\stepper.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\NOTIFICATION\js\ToolbarAndAppsSettings.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\Optimizer\bgpage.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\Optimizer\js\bgpage.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\bgpage.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\bgpage.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\pg_offers.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\pg_offers.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\agreement\agree.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\agreement\agree.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\agreement\Close.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\agreement\Image.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\agreement\Logo.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\agreement\OK_Btn.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\agreement\Topbg.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\css\gadget.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\css\ie7styles.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\css\iestyle.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\css\custom-theme\jquery-ui-1.8.10.custom.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\PRICE_GONG\images\icon.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\bgpage.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\embedded.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\popup2.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\css\gadget.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\css\jquery.jscrollpane.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\css\reset.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\css\stations.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\css\custom-theme\jquery-ui-1.8.10.custom.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\bgpage.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\bgpageEarly.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\embedded.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\embeddedEarly.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\localization.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\player.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\popup.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\resources\BrowserDetect.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\resources\jquery-ui-1.8.10.custom.min.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\resources\jquery.jscrollpane.min.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\resources\jquery.scrollTo-1.4.2-min.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\resources\radioCommon.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\resources\system.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\RADIO_PLAYER\js\resources\utils.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\bgpage.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\embedded.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\information.popup.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\buildSettings\SearchApp_Ant.xml, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\Css\information.popup.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\js\bgpage.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\js\common.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\js\contentManager.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\js\historyProvider.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\js\information.popup.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\js\layoutManager.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\js\searchListener.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\js\selectionListener.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\js\suggestProvider.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\resources\history--x-default.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\resources\history--x-mouseover.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\resources\menu.icon.apps.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\view\script\view.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\view\style\default.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\view\style\rsx\dd-arrow.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\SEARCH\view\style\rsx\ie8.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\TWITTER\bgpage.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\TWITTER\popup.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\TWITTER\popup.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\TWITTER\img\icons.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\TWITTER\img\inbox.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\TWITTER\img\scroll_down.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\TWITTER\img\scroll_up.png, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\TWITTER\js\bgpage.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\TWITTER\js\localization.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\TWITTER\js\popup.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\bgpage.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\popup.html, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\css\gadget.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\css\ie7styles.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\css\iestyle.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\js\bgpage.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\js\common.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\js\date-functions.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\js\gadget.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\js\jquery.autocomplete.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\js\jquery.textshadow.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\js\logic.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\js\main.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\al\wa\WEATHER\js\xPath.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\core\corelibs.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\core\framework.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\core\utils.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\al.view.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\al.viewPerformanceLog.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\background.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\ie_fix.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.min.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.mousewheel.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.text-overflow.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.tmpl.min.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.xml2json.custom.min.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.xml2json.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\json2.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\json2.min.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\script2injectEmbedded.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\script2injectPopup.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\sdk.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.alerts\jquery.alerts.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.alerts\jquery.alerts.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.alerts\images\help.gif, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.alerts\images\important.gif, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.alerts\images\info.gif, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.alerts\images\title.gif, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.jscrollpane\jquery.jscrollpane.css, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\lib\jquery.jscrollpane\jquery.jscrollpane.min.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\tb\sl\serviceLayer.js, Quarantined, [d1137e6256346ec83a12ff0421e253ad],
PUP.Optional.ConduitTB.Gen, C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.31.4.510_0\_locales\en\messages.json, Quarantined, [d1137e6256346ec83a12ff0421e253ad],

Physical Sectors: 0
(No malicious items detected)


(end)


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP