Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My Computer Is Infected With Something And Requests Your Help!


  • Please log in to reply

#1
thefunkymunky

thefunkymunky

    Member

  • Member
  • PipPip
  • 14 posts

Symptoms:

 

1.     Takes forever for pages to load.

 

2.     I get the error message "Not Responding" all day long.

 

3.     Pages freeze up all the time.

 

4.     Pages will just close on their own.

 

5.     I will find web browser settings have changed.

 

6.     And just today out of nowhere the "blue screen of death" flashed  

        open then closed and my computer rebooted itself.

 

 

Actions I Have Taken:

 

1.     I run Malwarebytes

 

2.     I have Avast Premium Antivirus installed and running.

 

 

 

Before I copy and paste FRST and addition, I just wanted to say that I thank you in advance for all your time and attention in this matter. 

 

 

tazzi

 

 

 

 

 

FRST

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2017
Ran by Admin (administrator) on ADMIN-PC (06-12-2017 23:18:31)
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Dashlane, Inc.) C:\Users\Admin\AppData\Roaming\Dashlane\Dashlane.exe
(Dashlane, Inc.) C:\Users\Admin\AppData\Roaming\Dashlane\DashlanePlugin.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_27_0_0_187_ActiveX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-11-20] (AVAST Software)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3050736 2013-04-18] (Synaptics Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2293186248-3531008930-3088351783-1000\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2293186248-3531008930-3088351783-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-2293186248-3531008930-3088351783-1000\...\Run: [Dashlane] => C:\Users\Admin\AppData\Roaming\Dashlane\Dashlane.exe [456656 2017-11-22] (Dashlane, Inc.)
HKU\S-1-5-21-2293186248-3531008930-3088351783-1000\...\Run: [DashlanePlugin] => C:\Users\Admin\AppData\Roaming\Dashlane\DashlanePlugin.exe [502736 2017-11-22] (Dashlane, Inc.)
HKU\S-1-5-21-2293186248-3531008930-3088351783-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3050A J611 series (Network).lnk [2017-12-05]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 3050A J611 series (Network).lnk -> C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{47E63411-A8F7-4DD0-9894-39B76771EED1}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
 
Internet Explorer:
==================
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-31] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-31] (Oracle Corporation)
BHO-x32: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\Admin\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2017-11-22] (Dashlane, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-31] (Oracle Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-31] (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\Admin\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2017-11-22] (Dashlane, Inc.)
IE Session Restore: HKU\S-1-5-21-2293186248-3531008930-3088351783-1000 -> is enabled.
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2016-01-04] (Belarc, Inc.)
 
FireFox:
========
FF DefaultProfile: 1qehvtox.default-1505676788578
FF DefaultProfile: [email protected]
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1qehvtox.default-1505676788578 [2017-12-06]
FF Extension: (Dashlane) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1qehvtox.default-1505676788578\Extensions\[email protected] [2017-12-05]
FF Extension: (Disable Media WMF NV12 format) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1qehvtox.default-1505676788578\features\{5e2e29d5-d0ca-421c-bc96-1ae0fe5028da}\[email protected] [2017-12-05] [Lagacy]
FF HKU\S-1-5-21-2293186248-3531008930-3088351783-1000\...\Firefox\Extensions: [{442718d9-475e-452a-b3e1-fb1ee16b8e9f}] - C:\Users\Admin\AppData\Roaming\Dashlane\5.2.0.12122\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}
FF Extension: (No Name) - C:\Users\Admin\AppData\Roaming\Dashlane\5.2.0.12122\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f} [2017-11-22] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-12-05] ()
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-31] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-31] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-12-05] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-31] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://start.toshiba.com/g/
CHR DefaultSearchKeyword: Default -> google.com___
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2017-12-06]
CHR Extension: (Slides) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-31]
CHR Extension: (Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-31]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-25]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-25]
CHR Extension: (Honey) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2017-12-06]
CHR Extension: (Streamit Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdhffnngpimfmdhbgcnmhndfafkelmgj [2017-12-02]
CHR Extension: (Adobe Acrobat) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-07-29]
CHR Extension: (Dashlane - Password Manager) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2017-11-29]
CHR Extension: (Sheets) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-31]
CHR Extension: (Google Docs Offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-25]
CHR Extension: (Caroline Gardner) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlajhhigpcohfpjjmnbifacfbdoponci [2017-07-27]
CHR Extension: (ShareQuizzes Advertising) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm [2017-12-05]
CHR Extension: (Grammarly for Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2017-12-02]
CHR Extension: (100sofRecipes  ) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa [2017-12-05]
CHR Extension: (FromDocToPDF) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk [2017-12-05]
CHR Extension: (MarineAquariumLite) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed [2017-12-05]
CHR Extension: (Lumosity Break) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlfladdiadejinmdmnmcfciecomjdfii [2017-07-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-21]
CHR Extension: (Search for Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg [2017-12-05]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-25]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-16]
CHR HKU\S-1-5-21-2293186248-3531008930-3088351783-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7549928 2017-11-20] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-11-20] (AVAST Software)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [183584 2017-11-20] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [321032 2017-11-20] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [198968 2017-11-20] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343288 2017-11-20] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57728 2017-11-20] (AVAST Software s.r.o.)
S3 aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [121304 2017-11-14] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [47008 2017-11-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [148288 2017-11-20] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110376 2017-11-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84416 2017-11-20] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026232 2017-11-20] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [455376 2017-11-20] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [203976 2017-11-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [364464 2017-11-20] (AVAST Software)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30960 2015-05-29] (Intel Corporation)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2017-12-05] (Malwarebytes)
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [420832 2017-04-26] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [2584792 2015-01-13] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [3709656 2015-01-06] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-19] (Synaptics Incorporated)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-12-06 23:18 - 2017-12-06 23:20 - 000017079 _____ C:\Users\Admin\Desktop\FRST.txt
2017-12-06 23:18 - 2017-12-06 23:18 - 000000000 ____D C:\FRST
2017-12-06 23:17 - 2017-12-06 23:17 - 002390528 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2017-12-06 23:16 - 2017-12-06 23:16 - 000112034 _____ C:\Users\Admin\Desktop\Malware and Spyware Cleaning Guide - Virus, Spyware, Malware Removal.html
2017-12-06 23:16 - 2017-12-06 23:16 - 000000000 ____D C:\Users\Admin\Desktop\Malware and Spyware Cleaning Guide - Virus, Spyware, Malware Removal_files
2017-12-06 22:53 - 2017-12-06 22:55 - 000000000 ____D C:\Users\Admin\Desktop\Medical
2017-12-06 09:15 - 2017-12-06 09:15 - 000015928 _____ C:\Users\Admin\Documents\Common Stamp Abbreviations.html
2017-12-06 09:15 - 2017-12-06 09:15 - 000000000 ____D C:\Users\Admin\Documents\Common Stamp Abbreviations_files
2017-12-06 07:12 - 2017-12-06 07:12 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2017-12-06 07:12 - 2017-12-06 07:12 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2017-12-06 02:19 - 2017-12-06 02:19 - 000466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2017-12-06 02:19 - 2017-12-06 02:19 - 000444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2017-12-06 02:19 - 2017-12-06 02:19 - 000122904 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2017-12-06 02:19 - 2017-12-06 02:19 - 000109080 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2017-12-06 02:19 - 2017-12-06 02:19 - 000000000 ____D C:\Program Files (x86)\OpenAL
2017-12-06 02:18 - 2017-12-06 02:19 - 000000000 ____D C:\Program Files (x86)\Cradle of Persia
2017-12-06 02:18 - 2017-12-06 02:18 - 000001931 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk
2017-12-06 02:18 - 2017-12-06 02:18 - 000001248 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\More Great Games.lnk
2017-12-06 02:18 - 2017-12-06 02:18 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cradle of Persia
2017-12-06 02:18 - 2017-12-06 02:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cradle of Persia
2017-12-06 02:18 - 2017-12-06 02:18 - 000000000 ____D C:\ProgramData\Big Fish
2017-12-06 02:18 - 2017-12-06 02:18 - 000000000 ____D C:\Program Files (x86)\bfgclient
2017-12-06 02:17 - 2017-12-06 02:18 - 000000000 ____D C:\Users\Admin\AppData\Local\Big Fish
2017-12-06 02:17 - 2017-12-06 02:18 - 000000000 ____D C:\BigFishCache
2017-12-06 02:14 - 2017-12-06 22:43 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Download Free Games Notifier
2017-12-06 02:14 - 2017-12-06 02:16 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Download Free Games
2017-12-06 01:09 - 2017-12-06 01:09 - 000000000 ____D C:\ProgramData\Awem
2017-12-06 01:07 - 2017-12-06 01:07 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iWin Games
2017-12-06 00:53 - 2017-12-06 00:53 - 000000000 ____D C:\Users\Admin\Documents\Webshots Data
2017-12-06 00:53 - 2017-12-06 00:53 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Webshots
2017-12-05 19:53 - 2017-12-05 19:53 - 000311256 _____ (Mozilla) C:\Users\Admin\Downloads\Firefox Installer.exe
2017-12-01 10:10 - 2017-12-01 10:11 - 000228095 _____ C:\Users\Admin\Documents\Forms_2522-EE.pdf
2017-11-29 15:52 - 2017-11-29 15:52 - 000707610 _____ C:\Users\Admin\Documents\Scan0001.pdf
2017-11-29 15:51 - 2017-11-29 15:51 - 000707610 _____ C:\Users\Admin\Documents\Scan.pdf
2017-11-29 15:44 - 2017-11-29 16:34 - 000000000 ____D C:\Users\Admin\Desktop\SSA & SSI DOCUMENTS
2017-11-28 19:42 - 2017-11-28 19:42 - 001207442 _____ C:\Users\Admin\Documents\Postal Price List.pdf
2017-11-23 09:16 - 2017-11-23 09:16 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-11-20 18:04 - 2017-11-20 18:03 - 000365168 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-11-20 18:04 - 2017-11-20 18:03 - 000183584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2017-11-18 02:41 - 2017-12-05 19:15 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-11-16 00:13 - 2017-11-16 00:13 - 000000000 ____D C:\ProgramData\iWin
2017-11-16 00:09 - 2017-11-16 00:10 - 000111520 _____ (iWin inc.) C:\Users\Admin\Downloads\zumas-revengeSetup.exe
2017-11-15 17:49 - 2017-11-15 17:49 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2017-11-15 00:28 - 2017-11-14 13:33 - 000121304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2017-11-09 13:20 - 2016-12-08 12:54 - 002666708 _____ C:\Users\Admin\Documents\Adams ID (2).pdf
2017-11-09 13:19 - 2017-11-13 11:53 - 000000000 ____D C:\Users\Admin\Desktop\Web Pics
2017-11-08 13:16 - 2017-11-08 13:16 - 000001321 _____ C:\Users\Admin\Documents\CertExchangejanetcollins.fdf
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-12-06 23:18 - 2009-07-13 20:45 - 000028704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-12-06 23:18 - 2009-07-13 20:45 - 000028704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-12-06 23:00 - 2017-07-25 12:29 - 000000000 ____D C:\Users\Admin\Desktop\Personal
2017-12-06 22:57 - 2017-10-04 20:50 - 000000000 ____D C:\Users\Admin\Desktop\CarolWrightGifts.com _ Checkout _ Login_files
2017-12-06 22:52 - 2017-07-27 13:44 - 000000000 ____D C:\Users\Admin\Desktop\Tor Browser
2017-12-06 22:52 - 2017-07-25 12:28 - 000000000 ____D C:\Users\Admin\Desktop\Installs
2017-12-06 22:51 - 2017-07-25 12:30 - 000000000 ____D C:\Users\Admin\Desktop\GAMES
2017-12-06 22:50 - 2017-07-25 12:30 - 000000000 ____D C:\Users\Admin\Desktop\Computer
2017-12-06 22:41 - 2017-10-14 02:29 - 000000000 ____D C:\Users\Admin\AppData\Local\GamesManager
2017-12-06 21:35 - 2017-07-27 13:47 - 000000000 _____ C:\Users\Admin\AppData\LocalLow\rightsCheck_1.txt
2017-12-06 19:55 - 2017-07-27 05:14 - 000000000 ___SD C:\Users\Admin\AppData\LocalLow\Temp
2017-12-06 02:31 - 2017-08-10 03:54 - 000000000 ____D C:\ProgramData\TEMP
2017-12-06 02:18 - 2009-07-13 21:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-12-06 00:59 - 2009-07-13 21:13 - 000781298 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-06 00:59 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\inf
2017-12-05 21:36 - 2017-09-17 02:47 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2017-12-05 19:57 - 2017-07-25 12:37 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-12-05 19:57 - 2017-07-25 12:37 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-05 19:57 - 2017-07-25 12:37 - 000004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-12-05 19:57 - 2017-07-25 12:37 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-12-05 19:57 - 2017-07-25 12:37 - 000000000 ____D C:\Windows\system32\Macromed
2017-12-05 19:57 - 2017-07-25 12:37 - 000000000 ____D C:\Users\Admin\AppData\Local\Adobe
2017-12-05 19:55 - 2017-09-17 02:47 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Mozilla
2017-12-05 19:54 - 2017-09-17 11:27 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-12-05 19:54 - 2017-09-16 23:12 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-12-05 19:54 - 2017-09-16 23:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-12-05 19:17 - 2017-11-04 18:17 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane
2017-12-05 19:17 - 2017-07-27 05:17 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Dashlane
2017-12-05 19:15 - 2009-07-13 21:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-05 18:05 - 2017-07-25 12:58 - 000004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-12-05 17:27 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\system32\NDF
2017-12-01 09:00 - 2017-07-25 12:18 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-20 18:04 - 2017-07-25 12:58 - 000455384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys.151122989409203
2017-11-20 18:04 - 2017-07-25 12:58 - 000455376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-11-20 18:04 - 2017-07-25 12:58 - 000364464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-11-20 18:04 - 2017-07-25 12:58 - 000203976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-11-20 18:04 - 2017-07-25 12:58 - 000148288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-11-20 18:04 - 2017-07-25 12:58 - 000084416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-11-20 18:03 - 2017-07-25 12:58 - 001026232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-11-20 18:03 - 2017-07-25 12:58 - 000343288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-11-20 18:03 - 2017-07-25 12:58 - 000321032 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-11-20 18:03 - 2017-07-25 12:58 - 000198968 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-11-20 18:03 - 2017-07-25 12:58 - 000110376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-11-20 18:03 - 2017-07-25 12:58 - 000057728 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-11-20 18:03 - 2017-07-25 12:58 - 000047008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-11-16 00:10 - 2017-10-14 02:29 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pogo Games
2017-11-15 21:25 - 2017-07-25 12:19 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-11-15 19:18 - 2017-07-25 12:37 - 000004474 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-11-14 13:37 - 2017-07-25 12:20 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-14 07:26 - 2017-07-25 12:20 - 000003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-14 07:26 - 2017-07-25 12:20 - 000003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-08 13:25 - 2017-07-25 12:29 - 000000000 ____D C:\Users\Admin\Desktop\Misc
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-11-29 17:54
 

 

==================== End of FRST.txt ============================
 
 
 
 
 
Additional:
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2017
Ran by Admin (06-12-2017 23:20:47)
Running from C:\Users\Admin\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2017-07-25 19:43:57)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Admin (S-1-5-21-2293186248-3531008930-3088351783-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2293186248-3531008930-3088351783-500 - Administrator - Disabled)
Guest (S-1-5-21-2293186248-3531008930-3088351783-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2293186248-3531008930-3088351783-1002 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Angry Birds Seasons (HKLM-x32\...\{E52AA845-C780-4CE4-A040-840073FFA12D}) (Version: 4.1.0 - Rovio Entertainment Ltd.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.8.2318 - AVAST Software)
Belarc Advisor 8.5c (HKLM-x32\...\Belarc Advisor) (Version: 8.5.3.0 - Belarc Inc.)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.52.52 - Conexant)
Cradle of Persia (HKLM-x32\...\BFG-Cradle of Persia) (Version:  - )
Dashlane (HKU\S-1-5-21-2293186248-3531008930-3088351783-1000\...\Dashlane) (Version: 5.2.0.12122 - Dashlane, Inc.)
Games Manager (HKU\S-1-5-21-2293186248-3531008930-3088351783-1000\...\GamesManager) (Version: 2.16.2.1015 - iWin Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HP Deskjet 3050A J611 series Basic Device Software (HKLM\...\{1B77E249-B8D5-4E5E-8848-693ACEF84E6D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Help (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Deskjet 3050A J611 series Product Improvement Study (HKLM\...\{A772BF60-20A5-4279-A18B-B9D8DBC9B30A}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 57.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0.1 (x64 en-US)) (Version: 57.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.1 - Mozilla)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.3 (HKLM-x32\...\{EEA30AEB-8BA7-465B-85D4-098BB99733E7}) (Version: 4.13.9783 - Apache Software Foundation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31236 - Realtek Semiconductor Corp.)
Realtek PC Camera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10296 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.2.0 - Synaptics Incorporated)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Zuma's Revenge (HKLM-x32\...\Zuma's Revenge) (Version: 1.0.4.9495 - iWin.com)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-20] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-20] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-20] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-02-19] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-20] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {026BA908-68E6-4454-A2D6-4CF8BE5A5201} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-11-20] (AVAST Software)
Task: {29444D17-E77B-4344-B5B0-A560A2FA596E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-25] (Google Inc.)
Task: {5B5A5D20-9437-4B54-AA1D-301077DEB508} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-25] (Google Inc.)
Task: {5DD014D0-3635-4C6E-95E4-F351D41D67C6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {6588B09E-B822-40B7-B73A-457D4AFAB092} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_187_pepper.exe [2017-11-15] (Adobe Systems Incorporated)
Task: {9142B4B0-E75B-4A2D-BAAE-05CA93DB2A98} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2017-12-06] (AVAST Software)
Task: {B0C27D3F-7CD9-4F5A-A377-7E050F4F12D9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd)
Task: {B5C813A6-B83F-40C8-A6CA-641D8EB081F7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-05] (Adobe Systems Incorporated)
Task: {E8E0CA3C-67F3-4162-B963-F1972251A35E} - System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\Admin\Desktop\GAMES\Play Pogo Games.lnk -> C:\Users\Admin\AppData\Local\GamesManager\GamesManager.exe (iWin Inc) -> -config.channel=00000002 -config.uri=hxxp://gm/iwin/index.html
ShortcutWithArgument: C:\Users\Admin\Desktop\GAMES\Zuma's Revenge.lnk -> C:\Users\Admin\AppData\Local\GamesManager\GamesManager.exe (iWin Inc) -> -config.channel=00000002 -config.sku=2459991736120122674 -config.uri=hxxp://gm/iwin/index.html
ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pogo Games\Play Pogo Games.lnk -> C:\Users\Admin\AppData\Local\GamesManager\GamesManager.exe (iWin Inc) -> -config.channel=00000002 -config.uri=hxxp://gm/iwin/index.html
ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pogo Games\Games\Launch - Zuma's Revenge.lnk -> C:\Users\Admin\AppData\Local\GamesManager\GamesManager.exe (iWin Inc) -> -config.channel=00000002 -config.sku=2459991736120122674 -config.uri=hxxp://gm/iwin/index.html
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-11-04 13:53 - 2017-11-01 07:55 - 002299344 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-11-20 18:03 - 2017-11-20 18:03 - 000067408 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
2017-11-20 18:03 - 2017-11-20 18:03 - 000169832 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2017-11-20 18:03 - 2017-11-20 18:03 - 000859216 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2017-11-20 18:03 - 2017-11-20 18:03 - 000292408 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2017-11-20 18:03 - 2017-11-20 18:03 - 000281536 _____ () C:\Program Files\AVAST Software\Avast\x64\tasks_core.dll
2017-11-14 13:37 - 2017-11-10 01:57 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libglesv2.dll
2017-11-14 13:37 - 2017-11-10 01:57 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libegl.dll
2017-11-20 18:03 - 2017-11-20 18:03 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-11-20 18:03 - 2017-11-20 18:03 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-11-20 18:03 - 2017-11-20 18:03 - 000237808 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-11-20 18:03 - 2017-11-20 18:03 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-11-20 18:03 - 2017-11-20 18:03 - 000151104 _____ () C:\Program Files\AVAST Software\Avast\network_notifications.dll
2017-12-04 04:50 - 2017-12-04 04:50 - 005892848 _____ () C:\Program Files\AVAST Software\Avast\defs\17120402\algo.dll
2017-11-20 18:03 - 2017-11-20 18:03 - 000710056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-11-20 18:03 - 2017-11-20 18:03 - 000245608 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-07-25 12:58 - 2017-07-25 12:58 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-09-29 12:05 - 2016-09-29 12:05 - 000988160 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
2016-09-29 12:04 - 2016-09-29 12:04 - 000170496 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll
2016-09-29 12:04 - 2016-09-29 12:04 - 000136192 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxmlsec-mscrypto.dll
2016-09-29 12:04 - 2016-09-29 12:04 - 000303616 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxmlsec.dll
2017-07-31 14:31 - 2017-07-31 14:31 - 072940016 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:2D0C22DC [130]
AlternateDataStreams: C:\ProgramData\TEMP:66AA0486 [136]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 18:34 - 2009-06-10 13:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2293186248-3531008930-3088351783-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Malwarebytes TrayApp => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RtsCM => RTSCM64.EXE
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TCP Query User{0D14B4A6-41C9-42E0-9D6F-56C418FD75E4}F:\drivers\snappy drivers complete 2017 full\sdi_rus\sdi_x64_r1751.exe] => (Block) F:\drivers\snappy drivers complete 2017 full\sdi_rus\sdi_x64_r1751.exe
FirewallRules: [UDP Query User{65CB921B-4D9E-4A66-9568-E7ECF8A98F09}F:\drivers\snappy drivers complete 2017 full\sdi_rus\sdi_x64_r1751.exe] => (Block) F:\drivers\snappy drivers complete 2017 full\sdi_rus\sdi_x64_r1751.exe
FirewallRules: [{35FF4964-EBBE-42C9-A6D9-97589368E5DF}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe
FirewallRules: [{2160C6D4-5A13-4F11-A55A-5C5130D725C5}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{86C8E0DF-6DA4-4547-BDB1-67C2096D71DA}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{4EE9C450-7A75-49B9-B0C7-BC8F32238E13}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8C1C54AE-57FA-4845-8718-29FE93B93FC5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{95D8CEFC-1FBA-48B0-AB8B-519E4A57BB7F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
15-11-2017 17:50:29 Scheduled Checkpoint
23-11-2017 07:49:14 Scheduled Checkpoint
30-11-2017 16:37:57 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/06/2017 10:43:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: bfgclient.exe, version: 3.3.0.2, time stamp: 0x53179a91
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x000222d2
Faulting process id: 0x2d94
Faulting application start time: 0x01d36e7b91d09a99
Faulting application path: C:\Program Files (x86)\bfgclient\bfgclient.exe
Faulting module path: C:\Windows\SysWOW64\ntdll.dll
Report Id: fc4182d9-db19-11e7-b21b-60eb69aa70e6
 
Error: (12/06/2017 10:43:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program bfgclient.exe version 3.3.0.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 2f20
 
Start Time: 01d36e7b8d5ab931
 
Termination Time: 248
 
Application Path: C:\Program Files (x86)\bfgclient\bfgclient.exe
 
Report Id:
 
Error: (12/06/2017 02:43:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17840 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1910
 
Start Time: 01d36e7e9f1e7c46
 
Termination Time: 5
 
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
 
Report Id:
 
Error: (12/06/2017 12:52:54 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Activation context generation failed for "E:\Desktop\freeagent\FreeAgent Drive\Webshots\3.1.5.7619\wsaxupdater.exe".Error in manifest or policy file "E:\Desktop\freeagent\FreeAgent Drive\Webshots\3.1.5.7619\wsaxupdater.exe" on line 9.
The element description appears as a child of element urn:schemas-microsoft-com:asm.v1^description which is not supported by this version of Windows.
 
Error: (12/05/2017 07:54:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: regsvr32.exe, version: 6.1.7600.16385, time stamp: 0x4a5bcdd6
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x0000000000027695
Faulting process id: 0x10d4
Faulting application start time: 0x01d36e45d7b1cd3c
Faulting application path: C:\Windows\system32\regsvr32.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: 1b467c39-da39-11e7-b21b-60eb69aa70e6
 
Error: (12/05/2017 07:16:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (12/02/2017 09:44:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 62.0.3202.94 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: e88
 
Start Time: 01d36912830e9fd4
 
Termination Time: 332
 
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
Report Id:
 
Error: (11/29/2017 09:00:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17840, time stamp: 0x555fe1bb
Faulting module name: MSHTML.dll, version: 11.0.9600.17842, time stamp: 0x5565cf99
Exception code: 0xc0000005
Fault offset: 0x0053e8f0
Faulting process id: 0xeec
Faulting application start time: 0x01d369179bea2399
Faulting application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Faulting module path: C:\Windows\system32\MSHTML.dll
Report Id: 59b49f99-d58b-11e7-8ff3-60eb69aa70e6
 
Error: (11/29/2017 05:03:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (11/28/2017 03:18:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
 
System errors:
=============
Error: (12/06/2017 09:36:21 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {0002DF01-0000-0000-C000-000000000046} did not register with DCOM within the required timeout.
 
Error: (12/06/2017 02:46:17 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the hidserv service.
 
Error: (12/06/2017 07:11:56 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avast! Antivirus service.
 
Error: (12/05/2017 07:15:10 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126
 
Error: (12/05/2017 07:15:09 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:14:08 PM on ‎12/‎5/‎2017 was unexpected.
 
Error: (12/05/2017 05:02:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126
 
Error: (12/05/2017 02:38:13 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126
 
Error: (12/02/2017 02:34:10 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.
 
Error: (11/29/2017 05:02:34 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126
 
Error: (11/29/2017 05:02:30 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 5:01:09 AM on ‎11/‎29/‎2017 was unexpected.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 85%
Total physical RAM: 3893.86 MB
Available physical RAM: 562.14 MB
Total Virtual: 8583.38 MB
Available Virtual: 1455.7 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.66 GB) (Free:413.24 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 248FF037)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

  • 0

Advertisements


#2
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)

Did Malwarebytes find anything ?

Next

Download AdwCleaner from here. Save the file to the desktop.
NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.
Close all open windows and browsers.
  • XP users: Double click the AdwCleaner icon to start the program.
  • Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
    You will see the following console:
iO5EZayK.png
  • Click the Scan button and wait for the scan to finish.
  • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
  • Click the Clean button.
  • Everything checked will be moved to Quarantine.
  • When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this
adwcleaner_delete_restart.jpg
  • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[C0].txt

  • 0

#3
thefunkymunky

thefunkymunky

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

How will I know which elements not to remove?

 

 

Thank you so much for your reply!


  • 0

#4
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
If you see something that you recognize but you probably will not so just hit the clean button.

I have to run to the store for a bit so I'm posting the next instruction for you be back in an hour.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.
start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:2D0C22DC [130]
AlternateDataStreams: C:\ProgramData\TEMP:66AA0486 [136]
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
RemoveProxy:
hosts:
Emptytemp:
  • Click Format and ensure Wordwrap is unchecked.
  • Save as Fixlist.txt to your Desktop (Must be in this location)
  • Run FRST/FRST64 and press the Fix button just once and wait.
  • If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
  • The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.
  • 0

#5
thefunkymunky

thefunkymunky

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Here is the log file for the Malwarebytes scan.

 

 

Malwarebytes

www.malwarebytes.com
 
-Log Details-
Scan Date: 12/10/17
Scan Time: 1:52 PM
Log File: 67fcdaf0-ddf4-11e7-a349-60eb69aa70e6.json
Administrator: Yes
 
-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.262
Update Package Version: 1.0.3461
License: Free
 
-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Admin-PC\Admin
 
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 265903
Threats Detected: 225
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 7 min, 49 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 0
(No malicious items detected)
 
Registry Value: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 52
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\_metadata, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\config, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\icons, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\libs, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\MALLPEJGEAFDAHHFLMLIIAHJDPGBEGPK, No Action By User, [228], [322621],1.0.3461
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\vendor\jquery, No Action By User, [8541], [443105],1.0.3461
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\images, No Action By User, [8541], [443105],1.0.3461
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\vendor, No Action By User, [8541], [443105],1.0.3461
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\_metadata, No Action By User, [8541], [443105],1.0.3461
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab, No Action By User, [8541], [443105],1.0.3461
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\icons, No Action By User, [8541], [443105],1.0.3461
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0, No Action By User, [8541], [443105],1.0.3461
PUP.Optional.SearchNet.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\PDMEJGDBEPHAPAGDFIONDMMEPKBPCHHG, No Action By User, [8541], [443105],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\_metadata, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\_metadata, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\icons, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\icons, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\code, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\html, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\main, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\code, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\html, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\main, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\css, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\lib, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\src, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\css, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\lib, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\src, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\js, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\js, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\JLNMKFKBEKKMJLGLFNMJLKDMAGDJDFCM, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lfimkjjipnocjiiacmdbdnlojkgdompa, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\_metadata, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\config, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\icons, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\libs, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\LFIMKJJIPNOCJIIACMDBDNLOJKGDOMPA, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\moiiphobnfkcebehgeongkfomgmcoaed, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\_metadata, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\config, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\icons, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\libs, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\MOIIPHOBNFKCEBEHGEONGKFOMGMCOAED, No Action By User, [1374], [456843],1.0.3461
 
File: 173
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\config\config.json, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\icons\icon128.png, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\icons\icon16.png, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\icons\icon19disabled.png, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\icons\icon19on.png, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\icons\icon48.png, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\ajax.js, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\background.js, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\chrome.js, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\content_script.js, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\dlp.js, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\dlpHelper.js, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\extension_detect.js, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\index.js, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\logger.js, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\pageUtils.js, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\product.js, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\storage.js, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\TabManager.js, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\TemplateParser.js, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\ul.js, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\urlFragmentActions.js, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\urlUtils.js, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\util.js, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\webtooltabAPI.js, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\libs\PartnerId.js, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\_metadata\verified_contents.json, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\dynamicNewTab.html, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\manifest.json, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\product.html, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\stubby.html, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, No Action By User, [228], [322621],1.0.3461
PUP.Optional.MindSpark, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, No Action By User, [228], [322621],1.0.3461
PUP.Optional.SearchNet.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, No Action By User, [8541], [443105],1.0.3461
PUP.Optional.SearchNet.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, No Action By User, [8541], [443105],1.0.3461
PUP.Optional.SearchNet.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\PDMEJGDBEPHAPAGDFIONDMMEPKBPCHHG\1.0.0_0\MANIFEST.JSON, No Action By User, [8541], [443105],1.0.3461
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\icons\128.png, No Action By User, [8541], [443105],1.0.3461
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\icons\16.png, No Action By User, [8541], [443105],1.0.3461
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\icons\32.png, No Action By User, [8541], [443105],1.0.3461
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\icons\48.png, No Action By User, [8541], [443105],1.0.3461
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\images\pb_yahoo.png, No Action By User, [8541], [443105],1.0.3461
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\vendor\jquery\jquery-2.2.3.min.js, No Action By User, [8541], [443105],1.0.3461
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\vendor\jquery\jquery-ui.css, No Action By User, [8541], [443105],1.0.3461
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\vendor\search_autocomplete.js, No Action By User, [8541], [443105],1.0.3461
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\blank.css, No Action By User, [8541], [443105],1.0.3461
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\blank.html, No Action By User, [8541], [443105],1.0.3461
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\blank.js, No Action By User, [8541], [443105],1.0.3461
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\_metadata\verified_contents.json, No Action By User, [8541], [443105],1.0.3461
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\background.js, No Action By User, [8541], [443105],1.0.3461
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\content.js, No Action By User, [8541], [443105],1.0.3461
PUP.Optional.Cmptch.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\JLNMKFKBEKKMJLGLFNMJLKDMAGDJDFCM\158.2757.1017.23_0\MANIFEST.JSON, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\code\abolishvalue.js, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\css\backcomp.css, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\css\style.css, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\html\background.html, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\icons\128.png, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\icons\16.png, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\icons\19.png, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\icons\32.png, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\icons\38.png, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\icons\48.png, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\icons\64.png, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\js\vast.js, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\lib\require.js, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\main\deletepath.js, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\main\deletepathA.js, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\main\deletepathB.js, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\src\sendgate.js, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\_metadata\verified_contents.json, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\isboolaccountant.js, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.2757.1017.23_0\throwclock.js, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\code\abolishvalue.js, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\css\backcomp.css, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\css\style.css, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\html\background.html, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\icons\128.png, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\icons\16.png, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\icons\19.png, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\icons\32.png, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\icons\38.png, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\icons\48.png, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\icons\64.png, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\js\vast.js, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\lib\require.js, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\main\deletepath.js, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\main\deletepathA.js, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\main\deletepathB.js, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\src\sendgate.js, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\_metadata\verified_contents.json, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\isboolaccountant.js, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\manifest.json, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\throwclock.js, No Action By User, [14982], [456908],1.0.3461
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lfimkjjipnocjiiacmdbdnlojkgdompa\000003.log, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lfimkjjipnocjiiacmdbdnlojkgdompa\CURRENT, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lfimkjjipnocjiiacmdbdnlojkgdompa\LOCK, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lfimkjjipnocjiiacmdbdnlojkgdompa\LOG, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lfimkjjipnocjiiacmdbdnlojkgdompa\LOG.old, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lfimkjjipnocjiiacmdbdnlojkgdompa\MANIFEST-000001, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\LFIMKJJIPNOCJIIACMDBDNLOJKGDOMPA\13.321.12.17393_0\MANIFEST.JSON, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\config\config.json, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\icons\icon128.png, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\icons\icon16.png, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\icons\icon19disabled.png, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\icons\icon19on.png, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\icons\icon48.png, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\ajax.js, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\background.js, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\chrome.js, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\content_script.js, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\dlp.js, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\dlpHelper.js, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\extension_detect.js, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\index.js, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\logger.js, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\pageUtils.js, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\product.js, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\storage.js, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\TabManager.js, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\TemplateParser.js, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\ul.js, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\urlFragmentActions.js, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\urlUtils.js, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\util.js, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\webtooltabAPI.js, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\libs\PartnerId.js, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\_metadata\verified_contents.json, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\dynamicNewTab.html, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\product.html, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\stubby.html, No Action By User, [1374], [467555],1.0.3461
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\moiiphobnfkcebehgeongkfomgmcoaed\000003.log, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\moiiphobnfkcebehgeongkfomgmcoaed\CURRENT, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\moiiphobnfkcebehgeongkfomgmcoaed\LOCK, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\moiiphobnfkcebehgeongkfomgmcoaed\LOG, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\moiiphobnfkcebehgeongkfomgmcoaed\LOG.old, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\moiiphobnfkcebehgeongkfomgmcoaed\MANIFEST-000001, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\MOIIPHOBNFKCEBEHGEONGKFOMGMCOAED\13.321.12.21040_0\MANIFEST.JSON, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\config\config.json, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\icons\icon128.png, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\icons\icon16.png, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\icons\icon19disabled.png, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\icons\icon19on.png, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\icons\icon48.png, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\ajax.js, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\background.js, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\chrome.js, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\content_script.js, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\dlp.js, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\dlpHelper.js, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\extension_detect.js, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\index.js, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\logger.js, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\pageUtils.js, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\product.js, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\storage.js, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\TabManager.js, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\TemplateParser.js, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\ul.js, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\urlFragmentActions.js, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\urlUtils.js, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\util.js, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\webtooltabAPI.js, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\libs\PartnerId.js, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\_metadata\verified_contents.json, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\dynamicNewTab.html, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\product.html, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\stubby.html, No Action By User, [1374], [456843],1.0.3461
PUP.Optional.IWin, C:\$RECYCLE.BIN\S-1-5-21-2293186248-3531008930-3088351783-1000\$RPXOMJY.EXE, No Action By User, [2298], [448355],1.0.3461
 
Physical Sector: 0
(No malicious items detected)
 
 
(end)

  • 0

#6
thefunkymunky

thefunkymunky

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Here is the adware scan:

 

 

# AdwCleaner 7.0.5.0 - Logfile created on Mon Dec 11 06:19:38 2017

# Updated on 2017/29/11 by Malwarebytes 
# Running on Windows 7 Home Premium (X64)
# Mode: clean
 
***** [ Services ] *****
 
No malicious services deleted.
 
***** [ Folders ] *****
 
Deleted: C:\ProgramData\iwin games
Deleted: C:\ProgramData\Application Data\iwin games
Deleted: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iwin games
Deleted: C:\Users\All Users\iwin games
Deleted: C:\ProgramData\iWin
Deleted: C:\ProgramData\Application Data\iWin
Deleted: C:\Users\Admin\AppData\Roaming\iWin
Deleted: C:\Users\All Users\iWin
Deleted: C:\Users\Admin\AppData\Roaming\Pogo Games
Deleted: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pogo Games
 
 
***** [ Files ] *****
 
No malicious files deleted.
 
***** [ DLL ] *****
 
No malicious DLLs cleaned.
 
***** [ WMI ] *****
 
No malicious WMI cleaned.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts cleaned.
 
***** [ Tasks ] *****
 
No malicious tasks deleted.
 
***** [ Registry ] *****
 
Deleted: [Key] - HKLM\SOFTWARE\PogoDGC
Deleted: [Key] - HKU\S-1-5-21-2293186248-3531008930-3088351783-1000\Software\PogoDGC
Deleted: [Key] - HKCU\Software\PogoDGC
Deleted: [Key] - HKU\S-1-5-21-2293186248-3531008930-3088351783-1000\Software\drpsu
Deleted: [Key] - HKCU\Software\drpsu
 
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries deleted.
 
***** [ Chromium (and derivatives) ] *****
 
Plugin deleted: MarineAquariumLite - 
Plugin deleted: FromDocToPDF - 
 
 
*************************
 
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
 
 
 
*************************
 
C:/AdwCleaner/AdwCleaner[S0].txt - [2103 B] - [2017/12/11 6:18:30]
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

  • 0

#7
thefunkymunky

thefunkymunky

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Here is the adware scan:

 

 

# AdwCleaner 7.0.5.0 - Logfile created on Mon Dec 11 06:19:38 2017

# Updated on 2017/29/11 by Malwarebytes 
# Running on Windows 7 Home Premium (X64)
# Mode: clean
 
***** [ Services ] *****
 
No malicious services deleted.
 
***** [ Folders ] *****
 
Deleted: C:\ProgramData\iwin games
Deleted: C:\ProgramData\Application Data\iwin games
Deleted: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iwin games
Deleted: C:\Users\All Users\iwin games
Deleted: C:\ProgramData\iWin
Deleted: C:\ProgramData\Application Data\iWin
Deleted: C:\Users\Admin\AppData\Roaming\iWin
Deleted: C:\Users\All Users\iWin
Deleted: C:\Users\Admin\AppData\Roaming\Pogo Games
Deleted: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pogo Games
 
 
***** [ Files ] *****
 
No malicious files deleted.
 
***** [ DLL ] *****
 
No malicious DLLs cleaned.
 
***** [ WMI ] *****
 
No malicious WMI cleaned.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts cleaned.
 
***** [ Tasks ] *****
 
No malicious tasks deleted.
 
***** [ Registry ] *****
 
Deleted: [Key] - HKLM\SOFTWARE\PogoDGC
Deleted: [Key] - HKU\S-1-5-21-2293186248-3531008930-3088351783-1000\Software\PogoDGC
Deleted: [Key] - HKCU\Software\PogoDGC
Deleted: [Key] - HKU\S-1-5-21-2293186248-3531008930-3088351783-1000\Software\drpsu
Deleted: [Key] - HKCU\Software\drpsu
 
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries deleted.
 
***** [ Chromium (and derivatives) ] *****
 
Plugin deleted: MarineAquariumLite - 
Plugin deleted: FromDocToPDF - 
 
 
*************************
 
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
 
 
 
*************************
 
C:/AdwCleaner/AdwCleaner[S0].txt - [2103 B] - [2017/12/11 6:18:30]
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

  • 0

#8
thefunkymunky

thefunkymunky

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Here is the adware scan:

 

 

# AdwCleaner 7.0.5.0 - Logfile created on Mon Dec 11 06:19:38 2017

# Updated on 2017/29/11 by Malwarebytes 
# Running on Windows 7 Home Premium (X64)
# Mode: clean
 
***** [ Services ] *****
 
No malicious services deleted.
 
***** [ Folders ] *****
 
Deleted: C:\ProgramData\iwin games
Deleted: C:\ProgramData\Application Data\iwin games
Deleted: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iwin games
Deleted: C:\Users\All Users\iwin games
Deleted: C:\ProgramData\iWin
Deleted: C:\ProgramData\Application Data\iWin
Deleted: C:\Users\Admin\AppData\Roaming\iWin
Deleted: C:\Users\All Users\iWin
Deleted: C:\Users\Admin\AppData\Roaming\Pogo Games
Deleted: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pogo Games
 
 
***** [ Files ] *****
 
No malicious files deleted.
 
***** [ DLL ] *****
 
No malicious DLLs cleaned.
 
***** [ WMI ] *****
 
No malicious WMI cleaned.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts cleaned.
 
***** [ Tasks ] *****
 
No malicious tasks deleted.
 
***** [ Registry ] *****
 
Deleted: [Key] - HKLM\SOFTWARE\PogoDGC
Deleted: [Key] - HKU\S-1-5-21-2293186248-3531008930-3088351783-1000\Software\PogoDGC
Deleted: [Key] - HKCU\Software\PogoDGC
Deleted: [Key] - HKU\S-1-5-21-2293186248-3531008930-3088351783-1000\Software\drpsu
Deleted: [Key] - HKCU\Software\drpsu
 
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries deleted.
 
***** [ Chromium (and derivatives) ] *****
 
Plugin deleted: MarineAquariumLite - 
Plugin deleted: FromDocToPDF - 
 
 
*************************
 
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
 
 
 
*************************
 
C:/AdwCleaner/AdwCleaner[S0].txt - [2103 B] - [2017/12/11 6:18:30]
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

  • 0

#9
thefunkymunky

thefunkymunky

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Here is the Fixlog scan:

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 09-12-2017

Ran by Admin (10-12-2017 22:33:01) Run:1
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:2D0C22DC [130]
AlternateDataStreams: C:\ProgramData\TEMP:66AA0486 [136]
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
RemoveProxy:
hosts:
Emptytemp:
*****************
 
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
C:\ProgramData\TEMP => ":2D0C22DC" ADS removed successfully
C:\ProgramData\TEMP => ":66AA0486" ADS removed successfully
 
========= bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= End of CMD: =========
 
 
========= netsh winsock reset catalog =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
 
========= ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-2293186248-3531008930-3088351783-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-2293186248-3531008930-3088351783-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18730650 B
Java, Flash, Steam htmlcache => 4382 B
Windows/system/drivers => 2586863 B
Edge => 0 B
Chrome => 628642721 B
Firefox => 37029917 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66356 B
systemprofile32 => 66228 B
LocalService => 66228 B
NetworkService => 66228 B
Admin => 350178858 B
 
RecycleBin => 171304299 B
EmptyTemp: => 1.1 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 22:33:49 ====

  • 0

#10
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
Hello,

On the Malwarebytes scan it says No Action By User, That means nothing was removed. You need to quarantine all that was found. Please do that an post anther Malwarebytes log.

select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that that all Threats are selected, and click Remove Selected or quarantine .
  • Reboot your computer if prompted.

  • 0

#11
thefunkymunky

thefunkymunky

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Goodevening Zep516,

 

          My apologies. I always quarantine & remove the scan results then reboot. I guess I copied the results of the scan and sent to you before I did that. Below you will find a copy of a new scan. I have a question though. As you will notice this scan shows 193 potential threats and yesterdays scan produced 225 threats. Is that normal? To have so many threats in just one day? I scan approximately every other day and have seen scan results with +700 potential threats in just a twenty-four hour period.

 

          Again I thank you so much for all your time and attention with my issues. You are very appreciated. Peace to you and yours.

 

 

Respectfully,

tazzi

 

 

 

 

MB Scan 12-11-2017

 

 

  Malwarebytes

www.malwarebytes.com
 
-Log Details-
Scan Date: 12/11/17
Scan Time: 8:20 PM
Log File: bd171f50-def3-11e7-8643-60eb69aa70e6.json
Administrator: Yes
 
-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.262
Update Package Version: 1.0.3470
License: Free
 
-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Admin-PC\Admin
 
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 264957
Threats Detected: 193
Threats Quarantined: 193
Time Elapsed: 5 min, 3 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 0
(No malicious items detected)
 
Registry Value: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 42
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\_metadata, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\config, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\icons, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\libs, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\js, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\MALLPEJGEAFDAHHFLMLIIAHJDPGBEGPK, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\moiiphobnfkcebehgeongkfomgmcoaed, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\_metadata, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\config, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\icons, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\libs, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\js, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\MOIIPHOBNFKCEBEHGEONGKFOMGMCOAED, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lfimkjjipnocjiiacmdbdnlojkgdompa, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\_metadata, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\config, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\icons, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\libs, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\LFIMKJJIPNOCJIIACMDBDNLOJKGDOMPA, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\_metadata, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\icons, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\code, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\html, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\main, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\css, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\lib, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\src, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\js, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\JLNMKFKBEKKMJLGLFNMJLKDMAGDJDFCM, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\vendor\jquery, Quarantined, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\images, Quarantined, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\vendor, Quarantined, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\_metadata, Quarantined, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab, Quarantined, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\icons, Quarantined, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0, Quarantined, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\PDMEJGDBEPHAPAGDFIONDMMEPKBPCHHG, Quarantined, [8542], [443105],1.0.3470
 
File: 151
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\config\config.json, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\icons\icon128.png, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\icons\icon16.png, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\icons\icon19disabled.png, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\icons\icon19on.png, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\icons\icon48.png, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\js\ajax.js, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\js\background.js, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\js\chrome.js, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\js\content_script.js, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\js\dlp.js, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\js\dlpHelper.js, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\js\extension_detect.js, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\js\index.js, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\js\logger.js, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\js\pageUtils.js, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\js\product.js, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\js\storage.js, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\js\TabManager.js, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\js\TemplateParser.js, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\js\ul.js, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\js\urlFragmentActions.js, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\js\urlUtils.js, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\js\util.js, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\js\webtooltabAPI.js, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\libs\PartnerId.js, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\_metadata\verified_contents.json, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\dynamicNewTab.html, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\manifest.json, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\product.html, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_1\stubby.html, Quarantined, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [228], [322621],1.0.3470
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\moiiphobnfkcebehgeongkfomgmcoaed\000003.log, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\moiiphobnfkcebehgeongkfomgmcoaed\CURRENT, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\moiiphobnfkcebehgeongkfomgmcoaed\LOCK, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\moiiphobnfkcebehgeongkfomgmcoaed\LOG, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\moiiphobnfkcebehgeongkfomgmcoaed\LOG.old, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\moiiphobnfkcebehgeongkfomgmcoaed\MANIFEST-000001, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\MOIIPHOBNFKCEBEHGEONGKFOMGMCOAED\13.321.12.21040_1\MANIFEST.JSON, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\config\config.json, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\icons\icon128.png, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\icons\icon16.png, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\icons\icon19disabled.png, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\icons\icon19on.png, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\icons\icon48.png, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\js\ajax.js, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\js\background.js, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\js\chrome.js, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\js\content_script.js, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\js\dlp.js, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\js\dlpHelper.js, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\js\extension_detect.js, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\js\index.js, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\js\logger.js, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\js\pageUtils.js, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\js\product.js, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\js\storage.js, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\js\TabManager.js, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\js\TemplateParser.js, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\js\ul.js, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\js\urlFragmentActions.js, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\js\urlUtils.js, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\js\util.js, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\js\webtooltabAPI.js, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\libs\PartnerId.js, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\_metadata\verified_contents.json, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\dynamicNewTab.html, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\product.html, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_1\stubby.html, Quarantined, [1376], [456843],1.0.3470
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lfimkjjipnocjiiacmdbdnlojkgdompa\000003.log, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lfimkjjipnocjiiacmdbdnlojkgdompa\CURRENT, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lfimkjjipnocjiiacmdbdnlojkgdompa\LOCK, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lfimkjjipnocjiiacmdbdnlojkgdompa\LOG, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lfimkjjipnocjiiacmdbdnlojkgdompa\LOG.old, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lfimkjjipnocjiiacmdbdnlojkgdompa\MANIFEST-000001, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\LFIMKJJIPNOCJIIACMDBDNLOJKGDOMPA\13.321.12.17393_0\MANIFEST.JSON, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\config\config.json, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\icons\icon128.png, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\icons\icon16.png, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\icons\icon19disabled.png, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\icons\icon19on.png, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\icons\icon48.png, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\ajax.js, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\background.js, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\chrome.js, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\content_script.js, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\dlp.js, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\dlpHelper.js, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\extension_detect.js, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\index.js, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\logger.js, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\pageUtils.js, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\product.js, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\storage.js, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\TabManager.js, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\TemplateParser.js, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\ul.js, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\urlFragmentActions.js, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\urlUtils.js, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\util.js, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\webtooltabAPI.js, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\libs\PartnerId.js, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\_metadata\verified_contents.json, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\dynamicNewTab.html, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\product.html, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\stubby.html, Quarantined, [1376], [467555],1.0.3470
PUP.Optional.Cmptch.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\JLNMKFKBEKKMJLGLFNMJLKDMAGDJDFCM\158.3695.1062.28_0\MANIFEST.JSON, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\code\abolishvalue.js, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\css\backcomp.css, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\css\style.css, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\html\background.html, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\icons\128.png, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\icons\16.png, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\icons\19.png, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\icons\32.png, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\icons\38.png, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\icons\48.png, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\icons\64.png, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\js\vast.js, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\lib\require.js, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\main\deletepath.js, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\main\deletepathA.js, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\main\deletepathB.js, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\src\sendgate.js, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\_metadata\verified_contents.json, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\isboolaccountant.js, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\throwclock.js, Quarantined, [14982], [456908],1.0.3470
PUP.Optional.SearchNet.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\PDMEJGDBEPHAPAGDFIONDMMEPKBPCHHG\1.0.0_0\MANIFEST.JSON, Quarantined, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\icons\128.png, Quarantined, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\icons\16.png, Quarantined, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\icons\32.png, Quarantined, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\icons\48.png, Quarantined, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\images\pb_yahoo.png, Quarantined, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\vendor\jquery\jquery-2.2.3.min.js, Quarantined, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\vendor\jquery\jquery-ui.css, Quarantined, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\vendor\search_autocomplete.js, Quarantined, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\blank.css, Quarantined, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\blank.html, Quarantined, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\blank.js, Quarantined, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\_metadata\verified_contents.json, Quarantined, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\background.js, Quarantined, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\content.js, Quarantined, [8542], [443105],1.0.3470
 
Physical Sector: 0
(No malicious items detected)
 
 
(end)

  • 0

#12
thefunkymunky

thefunkymunky

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Hello Again Zep516!

 

 

I don't know if it matters but after I sent you that last MB scan I did a complete scan minus the rootkits on the computer and here are the results:

 

 

MB Scan Complete 12-11-2017

 

Malwarebytes

www.malwarebytes.com
 
-Log Details-
Scan Date: 12/11/17
Scan Time: 9:13 PM
Log File: 382ede10-defb-11e7-a046-60eb69aa70e6.json
Administrator: Yes
 
-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.262
Update Package Version: 1.0.3470
License: Premium
 
-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Admin-PC\Admin
 
-Scan Summary-
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 239522
Threats Detected: 192
Threats Quarantined: 192
Time Elapsed: 27 min, 32 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 0
(No malicious items detected)
 
Registry Value: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 42
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\_metadata, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\config, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\icons, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\libs, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\_metadata, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\icons, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\code, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\html, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\main, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\css, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\lib, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\src, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\js, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\JLNMKFKBEKKMJLGLFNMJLKDMAGDJDFCM, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\moiiphobnfkcebehgeongkfomgmcoaed, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\_metadata, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\config, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\icons, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\libs, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\MOIIPHOBNFKCEBEHGEONGKFOMGMCOAED\13.321.12.21040_0, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lfimkjjipnocjiiacmdbdnlojkgdompa, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\_metadata, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\config, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\icons, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\libs, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\LFIMKJJIPNOCJIIACMDBDNLOJKGDOMPA\13.321.12.17393_0, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\vendor\jquery, Delete-on-Reboot, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\images, Delete-on-Reboot, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\vendor, Delete-on-Reboot, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\_metadata, Delete-on-Reboot, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab, Delete-on-Reboot, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\icons, Delete-on-Reboot, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0, Delete-on-Reboot, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\PDMEJGDBEPHAPAGDFIONDMMEPKBPCHHG, Delete-on-Reboot, [8542], [443105],1.0.3470
 
File: 150
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\config\config.json, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\icons\icon128.png, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\icons\icon16.png, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\icons\icon19disabled.png, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\icons\icon19on.png, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\icons\icon48.png, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\ajax.js, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\background.js, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\chrome.js, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\content_script.js, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\dlp.js, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\dlpHelper.js, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\extension_detect.js, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\index.js, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\logger.js, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\pageUtils.js, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\product.js, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\storage.js, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\TabManager.js, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\TemplateParser.js, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\ul.js, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\urlFragmentActions.js, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\urlUtils.js, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\util.js, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\js\webtooltabAPI.js, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\libs\PartnerId.js, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\_metadata\verified_contents.json, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\dynamicNewTab.html, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\manifest.json, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\product.html, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk\13.321.12.16049_0\stubby.html, Delete-on-Reboot, [228], [322621],1.0.3470
PUP.Optional.MindSpark, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [228], [322621],1.0.3470
PUP.Optional.Cmptch.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\JLNMKFKBEKKMJLGLFNMJLKDMAGDJDFCM\158.3695.1062.28_0\MANIFEST.JSON, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\code\abolishvalue.js, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\css\backcomp.css, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\css\style.css, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\html\background.html, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\icons\128.png, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\icons\16.png, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\icons\19.png, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\icons\32.png, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\icons\38.png, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\icons\48.png, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\icons\64.png, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\js\vast.js, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\lib\require.js, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\main\deletepath.js, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\main\deletepathA.js, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\main\deletepathB.js, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\src\sendgate.js, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\_metadata\verified_contents.json, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\isboolaccountant.js, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.Cmptch.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnmkfkbekkmjlglfnmjlkdmagdjdfcm\158.3695.1062.28_0\throwclock.js, Delete-on-Reboot, [14982], [456908],1.0.3470
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\moiiphobnfkcebehgeongkfomgmcoaed\000003.log, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\moiiphobnfkcebehgeongkfomgmcoaed\CURRENT, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\moiiphobnfkcebehgeongkfomgmcoaed\LOCK, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\moiiphobnfkcebehgeongkfomgmcoaed\LOG, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\moiiphobnfkcebehgeongkfomgmcoaed\MANIFEST-000001, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\MOIIPHOBNFKCEBEHGEONGKFOMGMCOAED\13.321.12.21040_0\CONFIG\CONFIG.JSON, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\icons\icon128.png, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\icons\icon16.png, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\icons\icon19disabled.png, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\icons\icon19on.png, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\icons\icon48.png, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\ajax.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\background.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\chrome.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\content_script.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\dlp.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\dlpHelper.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\extension_detect.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\index.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\logger.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\pageUtils.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\product.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\storage.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\TabManager.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\TemplateParser.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\ul.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\urlFragmentActions.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\urlUtils.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\util.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\js\webtooltabAPI.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\libs\PartnerId.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\_metadata\verified_contents.json, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\dynamicNewTab.html, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\manifest.json, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\product.html, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moiiphobnfkcebehgeongkfomgmcoaed\13.321.12.21040_0\stubby.html, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lfimkjjipnocjiiacmdbdnlojkgdompa\000003.log, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lfimkjjipnocjiiacmdbdnlojkgdompa\CURRENT, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lfimkjjipnocjiiacmdbdnlojkgdompa\LOCK, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lfimkjjipnocjiiacmdbdnlojkgdompa\LOG, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lfimkjjipnocjiiacmdbdnlojkgdompa\MANIFEST-000001, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\LFIMKJJIPNOCJIIACMDBDNLOJKGDOMPA\13.321.12.17393_0\CONFIG\CONFIG.JSON, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\icons\icon128.png, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\icons\icon16.png, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\icons\icon19disabled.png, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\icons\icon19on.png, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\icons\icon48.png, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\ajax.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\background.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\chrome.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\content_script.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\dlp.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\dlpHelper.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\extension_detect.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\index.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\logger.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\pageUtils.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\product.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\storage.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\TabManager.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\TemplateParser.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\ul.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\urlFragmentActions.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\urlUtils.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\util.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\js\webtooltabAPI.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\libs\PartnerId.js, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\_metadata\verified_contents.json, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\dynamicNewTab.html, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\manifest.json, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\product.html, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfimkjjipnocjiiacmdbdnlojkgdompa\13.321.12.17393_0\stubby.html, Delete-on-Reboot, [1376], [456842],1.0.3470
PUP.Optional.SearchNet.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\PDMEJGDBEPHAPAGDFIONDMMEPKBPCHHG\1.0.0_0\MANIFEST.JSON, Delete-on-Reboot, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\icons\128.png, Delete-on-Reboot, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\icons\16.png, Delete-on-Reboot, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\icons\32.png, Delete-on-Reboot, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\icons\48.png, Delete-on-Reboot, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\images\pb_yahoo.png, Delete-on-Reboot, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\vendor\jquery\jquery-2.2.3.min.js, Delete-on-Reboot, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\vendor\jquery\jquery-ui.css, Delete-on-Reboot, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\vendor\search_autocomplete.js, Delete-on-Reboot, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\blank.css, Delete-on-Reboot, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\blank.html, Delete-on-Reboot, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\newtab\blank.js, Delete-on-Reboot, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\_metadata\verified_contents.json, Delete-on-Reboot, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\background.js, Delete-on-Reboot, [8542], [443105],1.0.3470
PUP.Optional.SearchNet.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdmejgdbephapagdfiondmmepkbpchhg\1.0.0_0\content.js, Delete-on-Reboot, [8542], [443105],1.0.3470
PUP.Optional.IWin, C:\USERS\ADMIN\DESKTOP\GAMES\CRADLEOFPERSIASETUP.EXE, Delete-on-Reboot, [2300], [448355],1.0.3470
PUP.Optional.ShieldAppsPCU, C:\USERS\ADMIN\DESKTOP\INSTALLS\PCCLEANINGUTILITYSETUP.EXE, Delete-on-Reboot, [8371], [441975],1.0.3470
 
Physical Sector: 0
(No malicious items detected)
 
 
(end)

  • 0

#13
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
Hello,

How's the computer doing now ?

Thanks
Joe :)
  • 0

#14
thefunkymunky

thefunkymunky

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Hello Joe!

 

     It's running some better but I'm still getting a lot of "stopped responding long running script" messages as well as freezing up.

 

tazzi


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP