WiredWX Hobby Weather ToolsLog in

 


Virus/Malware Help

3 posters

descriptionSolvedVirus/Malware Help 10th November 2017, 12:43 am

more_horiz
Hello,
Just did a system restore and I am back to the viruses,malware and adware. Whatever else too. Can you please guide me to clean my laptop ? TY Valerie

descriptionSolvedRe: Virus/Malware Help 10th November 2017, 12:52 am

more_horiz
Please read the instructions at below link.

READ THIS BEFORE POSTING

descriptionSolvedRe: Virus/Malware Help 10th November 2017, 1:03 am

more_horiz
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2017
Ran by Selena (administrator) on SELENA (09-11-2017 19:47:08)
Running from C:\Users\Selena\Desktop
Loaded Profiles: Selena (Available Profiles: Selena & Sassi_000)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\ns.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
() C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe
(ooVoo LLC) C:\Program Files (x86)\ooVoo\ooVoo.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPNetworkCommunicator.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-31] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2017-01-13] (Apple Inc.)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1928776 2016-11-09] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4377120 2015-06-19] (Fitbit, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] (Qualcomm Atheros Commnucations)
HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176 2012-12-13] ()
HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\...\Run: [HP Photosmart 5520 series (NET)] => C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\...\Run: [ooVoo.exe] => C:\Program Files (x86)\ooVoo\oovoo.exe [35253824 2013-08-04] (ooVoo LLC)
HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\...\Run: [HP Photosmart 6520 series (NET)] => C:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\...\Run: [HP Officejet 5740 series (NET)] => C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe [3483656 2014-08-22] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4377120 2015-06-19] (Fitbit, Inc.)
HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\...\Policies\Explorer: [NoLogOff] 0
HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\...\MountPoints2: {3504df07-a490-11e7-bf7d-2016d879d880} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\...\MountPoints2: {ed3e5033-d038-11e4-beea-2016d879d880} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-11-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2012-09-04]
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-09-28]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Sassi_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2013-09-23]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Selena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2013-05-14]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy\User: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7595F9EE-3572-46C0-B147-5C8F6A92F723}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{98D1B7AA-3C89-43B6-943A-F9B1474C2B87}: [DhcpNameServer] 192.11.128.24
Internet Explorer:
==================
HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\S-1-5-21-2252793316-4098098122-2232313737-1001 -> DefaultScope {EA97E0FE-1508-46B3-94A9-FA05B15F4D23} URL =
SearchScopes: HKU\S-1-5-21-2252793316-4098098122-2232313737-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NS&chn=1000&geo=US&ver=22.9.0.71&locale=en_US&guid=9BE9E927-F598-4049-B718-7C5484CFE2AE&doi=2016-09-01&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-2252793316-4098098122-2232313737-1001 -> {C25CECB7-586C-441C-9E69-5DC32F3810FD} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-2252793316-4098098122-2232313737-1001 -> {EA97E0FE-1508-46B3-94A9-FA05B15F4D23} URL =
BHO: Speed Test 127 -> {11C8C9C0-D918-44C0-8B5E-D297DA42F2C7} -> C:\Program Files (x86)\Speed Test 127\ScriptHost64.dll => No File
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-11-05] (Microsoft Corporation)
BHO: Oovoo Toolbar -> {4F564F32-5637-006A-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2V7\Passport_x64.dll [2016-11-09] (APN LLC.)
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\coIEPlg.dll => No File
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll [2013-01-28] (Qualcomm Atheros Commnucations)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-11-05] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Unit -> {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} -> C:\Users\Selena\AppData\Local\UnitLayers\temp.dat => No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2017-11-05] (Microsoft Corporation)
BHO-x32: Oovoo Toolbar -> {4F564F32-5637-006A-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2V7\Passport.dll [2016-11-09] (APN LLC.)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine32\22.10.0.85\coIEPlg.dll => No File
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-07] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.)
BHO-x32: Staging -> {C35B7206-62EB-F808-5475-18A6FDE7DD94} -> c:\Users\All Users\dl159\159.dll [2014-11-21] ()
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-11-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-07] (Oracle Corporation)
Toolbar: HKLM - Oovoo Toolbar - {4F564F32-5637-006A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2V7\Passport_x64.dll [2016-11-09] (APN LLC.)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\coIEPlg.dll No File
Toolbar: HKLM-x32 - Oovoo Toolbar - {4F564F32-5637-006A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2V7\Passport.dll [2016-11-09] (APN LLC.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine32\22.10.0.85\coIEPlg.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-2252793316-4098098122-2232313737-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-2252793316-4098098122-2232313737-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\coIEPlg.dll No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-11-05] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Selena\AppData\Roaming\Mozilla\Firefox\Profiles\6loyumzo.default [2017-11-09]
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\6loyumzo.default -> Google
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi [2016-02-02] [not signed]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.6.0.142\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.6.0.142\coFFAddon [2017-11-09]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.0.47\coFFPlgn => not found
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.6.0.142\coFFAddon
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-11-05] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-11-05] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2016-07-27] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-12] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2013-05-12] ()
FF Plugin HKU\S-1-5-21-2252793316-4098098122-2232313737-1001: pokki.com/PokkiDownloadHelper -> C:\Users\Selena\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll [2013-05-12] (Pokki)
Chrome:
=======
CHR DefaultProfile: Default
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\Exts\Chrome.crx [2017-09-28]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - 
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\Exts\Chrome.crx [2017-09-28]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nogdfjjfhknacchjpiccacoimeelkajb] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - 
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [201800 2016-11-09] () [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-24] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058416 2017-09-05] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-09-05] (Acer Incorporated)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5750816 2015-06-19] (Fitbit, Inc.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe [404376 2017-09-05] (McAfee, Inc.)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\NS.exe [326144 2017-07-14] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [8602992 2017-09-11] (Reimage®)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-12-13] (Dritek System INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.6.0.142\Definitions\BASHDefs\20171101.001\BHDrvx64.sys [1872024 2017-11-01] (Symantec Corporation)
S3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-28] (Qualcomm Atheros)
R1 ccSet_NS; C:\WINDOWS\system32\drivers\NSx64\160A000.055\ccSetx64.sys [187520 2017-07-14] (Symantec Corporation)
R1 ccSet_NST; C:\WINDOWS\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [508056 2017-11-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [158360 2017-11-05] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.6.0.142\Definitions\IPSDefs\20171103.001\IDSvia64.sys [1056920 2017-11-03] (Symantec Corporation)
R3 Ps2Kb2Hid; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [26736 2012-12-13] (Dritek System Inc.)
S3 SRTSP; C:\WINDOWS\System32\Drivers\NSx64\160A000.055\SRTSP64.SYS [810136 2017-07-14] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NSx64\160A000.055\SRTSPX64.SYS [49304 2017-07-14] (Symantec Corporation)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [16152 2014-04-19] ()
R0 SymEFASI; C:\WINDOWS\System32\drivers\NSx64\160A000.055\SYMEFASI64.SYS [1868416 2017-07-14] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NSx64\160A000.055\SymELAM.sys [24608 2017-07-14] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102568 2017-09-28] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NSx64\160A000.055\Ironx64.SYS [301288 2017-07-14] (Symantec Corporation)
R3 SymNetS; C:\WINDOWS\System32\Drivers\NSx64\160A000.055\SYMNETS.SYS [566912 2017-07-14] (Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.6.0.142\Definitions\SDSDefs\20160707.023\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.6.0.142\Definitions\SDSDefs\20160707.023\EX64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-09 19:47 - 2017-11-09 19:48 - 000026635 _____ C:\Users\Selena\Desktop\FRST.txt
2017-11-09 19:46 - 2017-11-09 19:47 - 000000000 ____D C:\FRST
2017-11-09 19:45 - 2017-11-09 19:45 - 002403328 _____ (Farbar) C:\Users\Selena\Desktop\FRST64.exe
2017-11-09 19:10 - 2017-11-09 19:10 - 000003218 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-11-06 19:43 - 2017-11-06 19:43 - 000000000 _____ C:\Recovery.txt
2017-11-06 16:23 - 2017-11-06 16:23 - 000000000 ____D C:\WINDOWS\system32\%LOCALAPPDATA%
2017-11-06 06:50 - 2017-11-06 06:50 - 000000200 _____ C:\Users\Selena\Desktop\Fulton Bank of New Jersey Online Banking.url
2017-11-05 20:53 - 2017-11-05 20:53 - 000000000 ____D C:\Users\Selena\AppData\Local\ESET
2017-11-05 20:31 - 2017-11-05 20:31 - 000001850 _____ C:\Users\Selena\Desktop\JRT.txt
2017-11-05 19:51 - 2017-11-09 21:58 - 000000000 ____D C:\AdwCleaner
2017-11-05 18:41 - 2017-11-05 18:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-05 18:41 - 2017-11-05 18:41 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-05 18:41 - 2017-11-05 18:41 - 000000000 ____D C:\Program Files\Malwarebytes
2017-11-05 15:42 - 2017-11-05 15:42 - 000003690 _____ C:\WINDOWS\System32\Tasks\ALU_SelfUpgrade
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-09 21:59 - 2015-12-07 20:01 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-11-09 21:59 - 2015-01-17 15:22 - 000000000 ____D C:\Users\Selena
2017-11-09 21:59 - 2015-01-17 15:22 - 000000000 ____D C:\Users\Sassi_000
2017-11-09 21:59 - 2014-04-19 19:24 - 000000000 ____D C:\Users\Selena\AppData\Local\SlimWare Utilities Inc
2017-11-09 21:59 - 2013-08-22 10:36 - 000000000 __RSD C:\WINDOWS\Media
2017-11-09 21:59 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2017-11-09 21:59 - 2013-06-06 16:37 - 000000000 ____D C:\Users\Selena\AppData\Local\UnitLayers
2017-11-09 21:59 - 2013-05-12 21:04 - 000000000 ____D C:\Users\Selena\AppData\Local\Pokki
2017-11-09 21:59 - 2012-07-26 03:12 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2017-11-09 21:58 - 2017-09-28 07:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-11-09 21:58 - 2017-09-28 07:21 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2017-11-09 21:58 - 2017-07-06 09:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-11-09 21:58 - 2016-06-24 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2017-11-09 21:58 - 2016-06-24 19:16 - 000000000 ____D C:\rei
2017-11-09 21:58 - 2015-11-22 16:59 - 000000000 ____D C:\Program Files\McAfee Security Scan
2017-11-09 21:58 - 2015-09-07 10:27 - 000000000 ____D C:\ProgramData\FitbitConnect
2017-11-09 21:58 - 2014-11-21 22:50 - 000000000 ____D C:\ProgramData\dl159
2017-11-09 21:58 - 2014-04-19 19:24 - 000000000 ____D C:\Users\Public\Documents\Downloaded Installers
2017-11-09 21:58 - 2014-04-19 19:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverUpdate
2017-11-09 21:58 - 2014-04-19 19:24 - 000000000 ____D C:\Program Files (x86)\DriverUpdate
2017-11-09 21:58 - 2014-01-15 12:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-09 21:58 - 2013-08-29 22:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Registry Optimizer
2017-11-09 21:58 - 2013-08-29 22:22 - 000000000 ____D C:\Program Files (x86)\WinZip Registry Optimizer
2017-11-09 21:58 - 2013-05-12 01:52 - 000000000 ____D C:\ProgramData\Atheros
2017-11-09 21:53 - 2013-08-22 10:36 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-09 21:47 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\registration
2017-11-09 21:44 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-11-09 21:44 - 2013-08-22 08:36 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-11-09 21:43 - 2016-04-18 17:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\NSx64
2017-11-09 21:43 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-11-09 21:41 - 2013-08-29 22:22 - 000000000 ____D C:\Users\Selena\AppData\Roaming\Nico Mak Computing
2017-11-09 21:40 - 2013-05-11 21:15 - 000000000 ____D C:\Users\Selena\AppData\Local\Packages
2017-11-09 21:38 - 2014-08-06 13:18 - 000000000 ____D C:\Users\Selena\AppData\Local\AskPartnerNetwork
2017-11-09 21:37 - 2016-06-24 19:17 - 000000000 ____D C:\ProgramData\Reimage Protector
2017-11-09 21:37 - 2014-06-29 07:53 - 000000000 ____D C:\Users\Sassi_000\AppData\Local\AskPartnerNetwork
2017-11-09 21:36 - 2016-06-24 19:17 - 000000000 ____D C:\Program Files\Reimage
2017-11-09 21:36 - 2016-03-06 12:16 - 000000000 ____D C:\Program Files (x86)\Yahoo!
2017-11-09 21:33 - 2013-08-29 22:22 - 000000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2017-11-09 19:35 - 2015-01-18 15:46 - 000003922 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4BB90CF9-61F4-4D5D-A344-878FF93F575B}
2017-11-09 19:22 - 2013-05-11 21:25 - 000003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2252793316-4098098122-2232313737-1001
2017-11-09 19:17 - 2013-05-12 01:54 - 000000000 __RDO C:\Users\Selena\OneDrive
2017-11-09 19:16 - 2014-11-21 03:44 - 000865068 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-09 19:16 - 2013-08-22 08:36 - 000000000 ____D C:\WINDOWS\Inf
2017-11-09 19:10 - 2017-03-12 13:32 - 000000000 ____D C:\Program Files\NortonInstaller
2017-11-09 19:10 - 2016-04-18 18:08 - 000002327 _____ C:\Users\Public\Desktop\Norton Security.lnk
2017-11-09 19:10 - 2016-04-18 17:56 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2017-11-09 19:10 - 2015-12-07 20:00 - 000000000 ____D C:\Program Files\Common Files\AV
2017-11-09 19:09 - 2013-08-22 09:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-09 19:02 - 2015-01-17 15:11 - 000053284 _____ C:\WINDOWS\system32\wpbbin.exe
2017-11-08 20:28 - 2016-07-27 16:42 - 000000000 ____D C:\Users\Selena\AppData\Local\ElevatedDiagnostics
2017-11-05 20:25 - 2013-05-14 21:55 - 000000000 ____D C:\Users\Selena\AppData\Local\CrashDumps
2017-11-05 19:09 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-05 18:19 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-11-05 17:50 - 2013-08-22 08:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2017-11-05 17:32 - 2013-08-18 18:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-11-05 17:13 - 2015-01-26 21:19 - 000000000 ____D C:\Users\Selena\AppData\Local\Deployment
2017-11-05 15:48 - 2012-07-26 02:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-05 15:44 - 2016-10-02 17:21 - 000004424 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-11-05 15:44 - 2014-01-15 20:14 - 000004288 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-11-05 15:34 - 2013-08-22 10:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-11-05 15:30 - 2017-09-21 14:39 - 000003170 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2252793316-4098098122-2232313737-1001
2017-11-05 15:30 - 2016-04-23 15:53 - 000002345 _____ C:\Users\Selena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-11-05 15:27 - 2013-05-12 20:29 - 000003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2252793316-4098098122-2232313737-1004
2017-11-05 15:25 - 2013-05-11 21:55 - 000000000 ____D C:\Program Files\Microsoft Office 15
2017-11-05 15:18 - 2013-08-28 14:28 - 000000000 ____D C:\Users\Sassi_000\AppData\Local\CrashDumps
2017-11-05 15:10 - 2015-02-23 10:14 - 000003934 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{68E87BA9-B917-457D-97F3-F7937D794863}
2017-11-05 15:09 - 2015-02-23 10:14 - 000000000 ____D C:\Users\Sassi_000\OneDrive
==================== Files in the root of some directories =======
2013-05-12 22:31 - 2013-05-12 22:31 - 000000057 _____ () C:\ProgramData\Ament.ini
2012-12-13 21:22 - 2012-12-13 21:22 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-11-08 19:25
==================== End of FRST.txt ============================

descriptionSolvedRe: Virus/Malware Help 10th November 2017, 1:10 am

more_horiz
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-11-2017
Ran by Selena (09-11-2017 19:48:35)
Running from C:\Users\Selena\Desktop
Windows 8.1 (Update) (X64) (2015-01-18 20:40:32)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
Administrator (S-1-5-21-2252793316-4098098122-2232313737-500 - Administrator - Disabled)
Guest (S-1-5-21-2252793316-4098098122-2232313737-501 - Limited - Disabled)
Sassi_000 (S-1-5-21-2252793316-4098098122-2232313737-1004 - Limited - Enabled) => C:\Users\Sassi_000
Selena (S-1-5-21-2252793316-4098098122-2232313737-1001 - Administrator - Enabled) => C:\Users\Selena
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Disabled - Out of date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security (Disabled - Out of date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton Security (Disabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0059 - NTI Corporation)
Acer Instant Update Service (HKLM\...\{8215A318-CC27-435E-B3EA-2E3443C8998C}) (Version: 1.00.3013 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3007 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3115 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3201 - Acer Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (HKLM-x32\...\WTA-b2d768aa-8c98-4cb3-a9d0-8cf2845bb526) (Version: 2.2.0.98 - WildTangent) Hidden
Aloha TriPeaks (HKLM-x32\...\WTA-2c644fb4-6bbb-4a56-b06b-d89e509ba8c5) (Version: 2.2.0.98 - WildTangent) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Backup Manager v4 (HKLM-x32\...\{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0059 - NTI Corporation) Hidden
Bejeweled 3 (HKLM-x32\...\WTA-d414d743-4b5e-4a9b-961f-edb1f686e592) (Version: 2.2.0.98 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre (HKLM-x32\...\{98B88424-054D-4866-8EC1-513616801BAE}) (Version: 1.1.0 - Kovid Goyal)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3108 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3108 - Acer Incorporated)
clear.fi SDK - Video 2 (HKLM-x32\...\{EBA33CAD-E071-48d5-A168-FBA4EEB42E93}) (Version: 2.1.1925 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (HKLM-x32\...\{35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}) (Version: 2.1.2008 - CyberLink Corp.) Hidden
Cradle Of Egypt Collector's Edition (HKLM-x32\...\WTA-bc8c20d0-4ff4-458b-b90e-637940967b34) (Version: 2.2.0.98 - WildTangent) Hidden
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
Delicious: Emily's True Love Premium Edition (HKLM-x32\...\WTA-7b418505-76d7-4dd4-9e27-5c5e4bc841bd) (Version: 2.2.0.98 - WildTangent) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.13 - Dolby Laboratories Inc)
Dora's World Adventure (HKLM-x32\...\WTA-8f4d0d1e-c825-44cf-8b26-edd7b5796a63) (Version: 2.2.0.95 - WildTangent) Hidden
DriverUpdate (HKLM-x32\...\{2B353DA2-A8FD-4238-B207-62A1921158D7}) (Version: 2.2.35415 - SlimWare Utilities, Inc.)
ETDWare PS/2-X64 11.6.10.001_WHQL (HKLM\...\Elantech) (Version: 11.6.10.001 - ELAN Microelectronic Corp.)
Fitbit Connect (HKLM-x32\...\{252787DA-515C-44B6-896F-CB644D518EA1}) (Version: 2.0.0.6598 - Fitbit Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.7 - Google Inc.) Hidden
HID Monitor (HKLM-x32\...\{3D535C93-9786-48D5-9DEF-97353F1CB936}) (Version: 1.1.3 - Acer Incorporated)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet 5740 series Basic Device Software (HKLM\...\{7FAA9D15-FF0B-4593-8D4A-0B941FD1977A}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
HP Officejet 5740 series Help (HKLM-x32\...\{F17D53C7-DCE8-469C-9690-CF8F5903519C}) (Version: 34.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 5520 series Basic Device Software (HKLM\...\{68C0736C-3E47-43A6-B14D-236BEF198A5F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5520 series Help (HKLM-x32\...\{7137E26A-10F7-4B1C-9980-0893579E92DA}) (Version: 27.0.0 - Hewlett Packard)
HP Photosmart 5520 series Product Improvement Study (HKLM\...\{DCC176F0-3CE3-4DA9-8FF9-3809C1B48C47}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 6520 series Basic Device Software (HKLM\...\{1151BCF8-3246-4E34-9C17-22E66318C41C}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 6520 series Help (HKLM-x32\...\{D3293275-1002-41F5-BC37-099B4251FF5B}) (Version: 28.0.0 - Hewlett Packard)
HP Photosmart 6520 series Product Improvement Study (HKLM\...\{F144E07C-4019-4092-BE25-B57819C97D2F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-08602b71-0436-4a6b-ae74-fa3d18711a39) (Version: 2.2.0.98 - WildTangent) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.6 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3004 - Acer Incorporated)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.599.11 - McAfee, Inc.)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4971.1002 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4971.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\...\OneDriveSetup.exe) (Version: 17.3.7074.1023 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 55.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 en-US)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
Mystery P.I. - Curious Case of Counterfeit Cove (HKLM-x32\...\WTA-8eac02a8-464c-4f89-8b0c-a389f9480336) (Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (HKLM\...\{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}) (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (HKLM-x32\...\{39F15B50-A977-4CA6-B1C3-6A8724CDA025}) (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.11.42 - Symantec Corporation)
Norton Security (HKLM-x32\...\NS) (Version: 22.10.0.85 - Symantec Corporation)
NTI Media Maker 9 (HKLM-x32\...\{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9008 - NTI Corporation) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9008 - NTI Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4971.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4971.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4971.1002 - Microsoft Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3200 - Acer)
ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.5.9056 - ooVoo LLC.)
Oovoo Toolbar (HKLM-x32\...\{4F564F32-5637-006A-76A7-A758B70C2D01}) (Version: 12.45.1.1203 - APN, LLC)
Pearson LockDown Browser (HKLM-x32\...\{1F8BAD3E-1EE5-43ED-B5DB-F6311DA7666A}) (Version: 1.04.23 - Respondus, Inc.)
Peggle Nights (HKLM-x32\...\WTA-5a01e247-e1eb-4929-a88c-4849ca92eb97) (Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (HKLM-x32\...\WTA-d952818d-64c9-4672-8014-523cc3789810) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-e299163f-f512-4d09-b797-e3926e7f8729) (Version: 2.2.0.98 - WildTangent) Hidden
Pokki (HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\...\Pokki) (Version: 0.269.5.367 - Pokki)
Pokki Download Helper (HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\...\PokkiDownloadHelper) (Version: 1.3.1.282 - Pokki)
Polar Bowler (HKLM-x32\...\WTA-25c99dc8-6928-40d6-9a1f-0868ba2bd3d4) (Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WTA-48a18b18-dfe8-4426-91da-1b18f7324ae2) (Version: 2.2.0.98 - WildTangent) Hidden
Product Improvement Study for HP Officejet 5740 series (HKLM\...\{308C7555-5D43-4D9A-BDC0-14B2948EF438}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.41 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.27028 - Realtek Semiconductor Corp.)
Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.8.3.8 - Reimage) <==== ATTENTION
Respondus LockDown Browser 2 (HKLM-x32\...\{BBC7F69B-7A94-41E9-8A4B-B55A8D06431F}) (Version: 2.00.0000 - Respondus)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (HKLM\...\{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}) (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (HKLM-x32\...\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}) (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Solid Savings (HKLM-x32\...\Solid Savings) (Version: 1.27.153.0 - Innovative Apps)
Speed Test 127 (HKLM-x32\...\Speed Test 127) (Version: 3.0.0.0 - BestOffers) <==== ATTENTION
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Tales of Lagoona (HKLM-x32\...\WTA-e1b8ed72-60ff-4459-9894-67c8a5d8c868) (Version: 2.2.0.110 - WildTangent) Hidden
Unit Layers (HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\...\Unit Layers) (Version: 9.0 - Unit Layers)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.10.16 - WildTangent) Hidden
WinZip Registry Optimizer (HKLM-x32\...\WinZip Registry Optimizer_is1) (Version: 1.0 - WinZip International LLC)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version:  - Yahoo Inc.)
Zuma's Revenge (HKLM-x32\...\WTA-52c97e3c-3fe9-41f8-b048-f8adb132b122) (Version: 2.2.0.98 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2252793316-4098098122-2232313737-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Selena\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-2252793316-4098098122-2232313737-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\buShell.dll -> No File
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\buShell.dll -> No File
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\buShell.dll -> No File
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\buShell.dll -> No File
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\buShell.dll -> No File
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\buShell.dll -> No File
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll [2013-01-28] (Qualcomm Atheros Commnucations)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\buShell.dll -> No File
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\NavShExt.dll -> No File
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\NavShExt.dll -> No File
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll [2013-01-28] (Qualcomm Atheros Commnucations)
ContextMenuHandlers3: [MWLIVShellExt] -> {B1B294FE-EC1E-4fef-AF68-D34CE3E38157} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\MWLIVShellExt.dll [2012-07-11] (Egis Technology Inc. )
ContextMenuHandlers3: [ShredderContextMenu] -> {521065F1-DE6C-4E46-BBCB-89B0D0BE860D} => C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll [2011-03-29] (Egis Technology Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2014-10-01] (Intel Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\buShell.dll -> No File
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\NavShExt.dll -> No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {06A4931B-8486-4E43-A4C7-14289F1EF1C1} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\WSCStub.exe [2017-07-14] (Symantec Corporation)
Task: {102DA1EA-5839-4C01-A133-A14FCC7BD991} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe [2016-06-15] (Reimage ltd.) <==== ATTENTION
Task: {139D0527-BB2E-41E7-A492-C45316A64DD9} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-11] (Egis Technology Inc.)
Task: {1706998D-062F-4671-A871-EF4E41F4993E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-07-06] (Microsoft Corporation)
Task: {1AC7C1C2-CF4D-4613-9426-31D119C9404B} - C:\Windows\System32\Tasks\HIDMonitor => Command(1): C:\Program Files\Acer Incorporated\HID Monitor\HIDMonitor.exe
Task: {1AC7C1C2-CF4D-4613-9426-31D119C9404B} - C:\Windows\System32\Tasks\HIDMonitor => Command(2): C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe [2012-08-23] ()
Task: {224696F5-1B1F-45DE-AF5C-112F841E5F35} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-07-06] (Microsoft Corporation)
Task: {30263A2B-43E4-4F51-BDD5-C00F50AA20BA} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2012-07-31] (Acer Incorporated)
Task: {3AF9CD53-23E9-4E66-ABBD-74D51E551AD5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {598F3ACE-877D-4CD9-815D-6BE386C12896} - System32\Tasks\HPCustParticipation HP Photosmart 6520 series => C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {5AA2E11D-700D-4A9D-89FF-E6A9F9A26D2C} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-22] ()
Task: {6F013AF7-25C3-4E6B-A17B-819A703DD1BE} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {71174CC7-58EF-49C7-B678-D7F6E0EBA427} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {73616E55-DAE1-45F3-9632-1DEA79CE887D} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe
Task: {738D318B-625A-4759-A4B4-3B7E8F31195A} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2017-09-11] (Reimage®) <==== ATTENTION
Task: {7B7E76B4-39DB-4A45-9D3A-68DBEDE17501} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {8AF0E832-468D-42E6-9489-61B9165EAD11} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-09-05] (Microsoft Corporation)
Task: {900A5C5F-7915-41A4-8645-505F4ED16A4F} - System32\Tasks\ALU_SelfUpgrade => C:\ProgramData\Acer\updater2\Download\52971984\D\UpgradeDownload.exe [2017-11-05] ()
Task: {901597B6-9F0D-4C07-9C1B-354CA544B1C9} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-11] (Egis Technology Inc.)
Task: {96500D00-3FA6-41D5-95AB-16DE62F10776} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-09-05] (Microsoft Corporation)
Task: {99007B09-4DE3-4FF8-B2B7-EE985004C0F3} - System32\Tasks\Default2Check => c:\Users\All Users\dtdata\R003.exe <==== ATTENTION
Task: {9B7DA187-350F-4647-808C-979DF41F1367} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {9D1F938D-EEC9-4725-A6C1-7E649F1191AC} - System32\Tasks\DTReg => C:\Users\Selena\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe <==== ATTENTION
Task: {B03A9E7D-7098-438A-929D-2EDCDEA6E21D} - System32\Tasks\Registry Optimizer => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe [2012-02-08] (WinZip Computing, S.L. (WinZip Computing))
Task: {B0AB7B25-7132-4A2C-8EE9-C53B7DFF6865} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-05] (Adobe Systems Incorporated)
Task: {B2CD17D1-2208-43DD-93E2-FB6CFB51C838} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_183_pepper.exe [2017-11-05] (Adobe Systems Incorporated)
Task: {B7D310ED-6C63-462A-8043-37BC8D67AC4A} - System32\Tasks\DTChk => C:\Users\Public\Util\DTChk.exe <==== ATTENTION
Task: {B9E8251C-693C-4A58-8D71-FFB3C604977B} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-22] ()
Task: {CB2642FB-6CAA-4FAB-863A-DA5EC6AC983B} - \PC Performer -> No File <==== ATTENTION
Task: {CC3FD4C5-10A5-459D-820A-07BA462B6DAF} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {DBE13D00-6901-4075-8F7B-5A6F4114F5B7} - System32\Tasks\HPCustParticipation HP Officejet 5740 series => C:\Program Files\HP\HP Officejet 5740 series\Bin\HPCustPartic.exe [2014-08-22] (Hewlett-Packard Development Company, LP)
Task: {DE6CC929-9F1D-4BAD-A143-8FBB3497CA80} - System32\Tasks\HP AR Program Upload - 820990ef8cf2472194a8acad0ba993fd4ad77d3a1088441192e1925ff14885c4 => C:\Program Files\HP\HP Photosmart 5520 series\bin\HPRewards.exe [2012-10-17] (TODO: )
Task: {E89AA2BB-23AE-422F-953B-80C8685EA6FA} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-29] ()
Task: {EC27926B-318F-4466-B965-B7966D881149} - System32\Tasks\Registry Optimizer_UPDATES => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe [2012-02-08] (WinZip Computing, S.L. (WinZip Computing))
Task: {EF87149B-1DF6-4C78-9AB4-E98268046ADD} - System32\Tasks\Registry Optimizer_DEFAULT => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe [2012-02-08] (WinZip Computing, S.L. (WinZip Computing))
Task: {F6AA6E72-E6B9-4801-8182-D3F357C0A0F4} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-21] ()
Task: {F783B41E-2130-42BD-A8BB-9140E2AF17D8} - System32\Tasks\Updater26278.exe => C:\Users\Selena\AppData\Local\Updater26278\Updater26278.exe <==== ATTENTION
Task: {FA2CF238-CCD1-40BD-8B2A-1CFFB6D8EE15} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-09-05] (Acer Incorporated)
Task: {FD6F27BF-6DB7-4A6B-9DDE-32275EB41DB4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DriverUpdate Startup.job => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
Task: C:\WINDOWS\Tasks\Registry Optimizer_DEFAULT.job => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: C:\WINDOWS\Tasks\Registry Optimizer_UPDATES.job => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============
2017-01-13 13:56 - 2017-01-13 13:56 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 001353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-25 17:36 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-08-23 17:02 - 2012-08-23 17:02 - 000030640 _____ () C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe
2017-03-24 13:37 - 2017-01-31 07:34 - 008909512 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-06-21 21:12 - 2012-06-21 21:12 - 001407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2013-01-28 16:45 - 2013-01-28 16:45 - 000011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-28 16:42 - 2013-01-28 16:42 - 000084992 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-28 16:47 - 2013-01-28 16:47 - 000012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2012-12-13 21:38 - 2012-12-13 21:38 - 001193176 _____ () C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
2012-08-22 18:04 - 2012-08-22 18:04 - 000044176 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2012-08-22 18:04 - 2012-08-22 18:04 - 000025232 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2015-07-03 13:44 - 2015-07-03 13:44 - 000183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2012-08-23 01:26 - 2012-08-23 01:26 - 000465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-08-23 01:25 - 2012-08-23 01:25 - 000125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-08-23 01:26 - 2012-08-23 01:26 - 000155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-08-23 01:25 - 2012-08-23 01:25 - 000118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-08-23 01:25 - 2012-08-23 01:25 - 001081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-08-23 01:25 - 2012-08-23 01:25 - 000052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-08-23 01:26 - 2012-08-23 01:26 - 000727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2012-12-13 21:20 - 2012-06-25 13:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-08-23 17:02 - 2012-08-23 17:02 - 000034736 _____ () C:\Program Files (x86)\Acer Incorporated\HID Monitor\ElanTPAPI.dll
2014-12-11 16:40 - 2014-12-11 16:40 - 040622592 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll
2017-07-06 09:12 - 2017-07-06 09:12 - 000325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 08:25 - 2017-09-28 07:21 - 000000097 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
0.0.0.1 mssplus.mcafee.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Selena\Pictures\2014-09-16\IMG_1384.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{5F1A9CDA-98CA-4BCD-9B0E-68A3DE9F76C8}] => (Allow) C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{EE627529-2398-46A5-8F66-917A1614FC01}] => (Allow) C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{0202F22F-E560-4599-B8BB-4FA02C19B1AD}] => (Allow) C:\Program Files\HP\HP Photosmart 6520 series\Bin\DeviceSetup.exe
FirewallRules: [{3D45E3FE-4B46-4A04-85A4-5D6224DDBF8B}] => (Allow) C:\Users\Selena\Downloads\VideoPerformerSetup.exe
FirewallRules: [{6A214F30-B4BE-494A-A505-58B02723A178}] => (Allow) C:\Users\Selena\Downloads\VideoPerformerSetup.exe
FirewallRules: [{AA5205FF-97E0-4BB7-A539-86C24A472E45}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CF276B63-757C-4689-851A-6D7798D0A7F9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1AFDEAD0-7FFA-4433-BB6D-744666868F4D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{329DEAB9-7C39-4B5D-AA3E-A3058F13506F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{477C15B7-CBE1-431A-B401-B80CF3D50412}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{C7B77552-975D-4ED3-A74E-2E099586D62F}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{EA2A9B76-FABE-4006-B0D2-B33D18C5DC55}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\DeviceSetup.exe
FirewallRules: [{4C47D775-4EAC-4163-9E70-0BF2510DC6A8}] => (Allow) C:\Users\Selena\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{315216DC-F377-4BFA-8AC7-A6515FFF42F8}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{45F3A569-C1CD-487A-9140-A0F96B57CB86}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{00FD6328-5F2B-4F2C-AB06-3060D5AFF5ED}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{2E1B7892-DB06-4D09-B9A4-B8EE560588A9}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{3B95EEF7-10DE-4552-BA53-838095A74E2E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{A34404EB-6C6A-4D36-8646-BCF3D8E63577}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\MusicPlayer.exe
FirewallRules: [{6C96C066-847E-4DE0-B632-5A004CF36525}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{048780B1-40C0-4B37-B139-FBF496E8255B}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{42DF6492-243B-4F7C-A354-4ABE336470F8}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{9113F70C-5A7D-4456-AF9F-117C76CF3939}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{74E48EF7-6B31-4EC1-A8EE-2A2F13345E6E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{BABCE0EA-E074-4E0C-9CAC-67CBC7515FDC}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{7E30F718-A4F9-4FF2-9A9A-46813C9EDD73}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{E839E7B2-59AE-4A70-BDFC-4DCB55E14FBE}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{5D3D7871-B02E-4C8E-BBB3-05A163D88FA6}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{538EF122-F0AD-4CEA-B395-B3654B2DA294}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{12A0EEDE-DB51-4814-A9E1-CA6723DC9C29}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{3417B5F3-EE0B-4E61-9E25-7ADBBEFBCA14}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
FirewallRules: [{FD0DBAFA-9E56-438A-80E4-5DEC528EC198}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
FirewallRules: [{95447142-D65D-4C91-B171-047BA51D0E69}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
FirewallRules: [{0CB54952-A233-4691-8F45-DEC4383D01E6}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{176340EA-7EDF-4849-959D-C8966700D6FB}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{B9A69778-251A-4621-8F26-02E3C27699C9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CE4234F6-6285-4624-B861-910FEC1E0DEF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F91435CF-CEF7-4E6A-ACC2-E808700625A8}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\FaxApplications.exe
FirewallRules: [{011B0431-ECC4-4233-A956-D10F8405A9C5}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\DigitalWizards.exe
FirewallRules: [{0929626F-0D5C-466C-92F9-F36CE957C3BD}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\SendAFax.exe
FirewallRules: [{7F081B01-3F1E-4EDD-9B6A-5C28AD414940}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\DeviceSetup.exe
FirewallRules: [{C5F4E979-8B57-4057-9F05-7406A10E0559}] => (Allow) LPort=5357
FirewallRules: [{6D79301C-080C-40C1-8D70-E3B86106B1A2}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{FA34140C-D7E4-41F3-AD6C-126D4BC62466}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{62C8F637-C120-425C-B41C-802674CE11A3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F5C3CACA-C3ED-40B1-A014-B9C46FE68CB6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FBD5AD8D-703B-47FA-B022-D5E05FF67280}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{67996050-B2F6-4F67-B6D6-4086D9A46499}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A079059F-59DF-45F0-A42B-D32370441AF1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C8A2DD53-8BC6-4C1F-9676-BDB330ED2E11}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{AEC3C76A-43B5-4E68-AA03-2E5E55F80A05}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{CC8E5933-2174-493A-96B7-404B9E2A54F3}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{CAD6A531-F34C-42C1-9DA2-64C638438DBA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{473BE1B3-0D40-4FAF-8218-1520C4D667A2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{AB89514A-F3F3-4EC8-9604-D8F29C21A0BC}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{1FC9BF52-964B-4BA2-8A36-41882BCBD9D2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
05-11-2017 17:27:12 Windows Update
05-11-2017 20:29:11 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

==================== Event log errors: =========================
Application errors:
==================
Error: (11/09/2017 07:28:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SELENA)
Description: Activation of app Microsoft.BingSports_8wekyb3d8bbwe!AppexSports failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (11/09/2017 07:20:59 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files\Microsoft Office 15\root\office15\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (11/09/2017 07:17:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Users\Selena\AppData\Local\Pokki\Engine\HostAppService.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Error: (11/09/2017 07:17:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Users\Selena\AppData\Local\Pokki\Engine\HostAppService.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Error: (11/09/2017 06:15:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SELENA)
Description: Activation of app Microsoft.BingTravel_8wekyb3d8bbwe!AppexTravel failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (11/09/2017 05:30:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SELENA)
Description: Activation of app Microsoft.BingSports_8wekyb3d8bbwe!AppexSports failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (11/09/2017 05:15:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SELENA)
Description: Activation of app Microsoft.BingNews_8wekyb3d8bbwe!AppexNews failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (11/09/2017 04:15:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SELENA)
Description: Activation of app Microsoft.BingTravel_8wekyb3d8bbwe!AppexTravel failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (11/09/2017 03:30:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SELENA)
Description: Activation of app Microsoft.BingSports_8wekyb3d8bbwe!AppexSports failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (11/09/2017 03:15:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SELENA)
Description: Activation of app Microsoft.BingNews_8wekyb3d8bbwe!AppexNews failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

System errors:
=============
Error: (11/09/2017 07:28:59 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a41\??\C:\WINDOWS\System32\config\COMPONENTS
Error: (11/09/2017 07:20:09 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a41\??\C:\WINDOWS\System32\config\COMPONENTS
Error: (11/09/2017 07:17:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (11/09/2017 07:17:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
Error: (11/09/2017 07:16:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (11/09/2017 07:16:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
Error: (11/09/2017 07:10:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BHDrvx64 service failed to start due to the following error:
The system cannot find the file specified.
Error: (11/09/2017 06:16:56 PM) (Source: DCOM) (EventID: 10010) (User: SELENA)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
Error: (11/09/2017 05:57:38 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The DNS Client service depends on the Network Store Interface Service service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (11/09/2017 05:57:38 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The DNS Client service depends on the Network Store Interface Service service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-3227U CPU @ 1.90GHz
Percentage of memory in use: 36%
Total physical RAM: 5939.6 MB
Available physical RAM: 3794.66 MB
Total Virtual: 6899.6 MB
Available Virtual: 4826 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:451.33 GB) (Free:358.13 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 33A5321B)
Partition: GPT.
==================== End of Addition.txt ============================

descriptionSolvedRe: Virus/Malware Help 10th November 2017, 4:55 pm

more_horiz
Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer. 

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*************************************************************************
Please download AdwareCleaner onto your Desktop. AdwCleaner

Before starting AdwCleaner, close all open programs and internet browsers, then double-click on the AdwCleaner icon.

Virus/Malware Help AdwCleaner-icon

If Windows prompts you as to whether or not you wish to run AdwCleaner, please allow it to run.
When the AdwCleaner program will open, click on the Scan button as shown below.

Virus/Malware Help Untitled

AdwCleaner will now start to search for malicious files that may be installed on your computer.
To remove the files that were detected in the previous step, please click on the Clean button.

Virus/Malware Help 3

AdwCleaner will now prompt you to save any open files or data as the program will need to reboot the computer. Please do so and then click on the OK button. AdwCleaner will now delete all detected adware from your computer. When it is done it will display an alert that explains what PUPs (Potentially Unwanted Programs) and Adware are. Please read through this information and then press the OK button. You will now be presented with an alert that states AdwCleaner needs to reboot your computer.
Please click on the OK button to allow AdwCleaner reboot your computer.A log will be produced. Please copy and paste this log in your next reply.
*********************************************
Virus/Malware Help Mbamicontw5 Please download Malwarebytes Anti-Malware from here.
Double Click mbam-setup.exe to install the application.

  • It should update automatically if the computer is connected to the internet.
  • Click on Threat Scan and click on Scan Now.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete make sure all the infections have "quarantine" selected in the Action box.
  • Click on "Apply actions" You may be asked to Restart your computer to completely remove the infections.
  • When disinfection is completed you can click on "Copy to Clipboard".
  • Paste the log in you next reply (CTRL+ V)

*************************************************
Please download Junkware Removal Tool to your desktop.

Warning! Once the scan is complete JRT will shut down your browser with NO warning.

Shut down your protection software now to avoid potential conflicts.

•Temporarily disable your Antivirus and any Antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

•Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator

•The tool will open and start scanning your system.

•Please be patient as this can take a while to complete depending on your system's specifications.

•On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

•Copy and Paste the JRT.txt log into your next message.
*****************************************
Download Security Check by screen317 from one of the following links and save it to your desktop.

Security Check

* Double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
******************************************
AV: Windows Defender (Disabled - Up to date)
AV: Norton Security (Disabled - Out of date)

The log shows that you have no AV running on your computer. Please enable Windows Defender. You may uninstall Norton security, Java 8 Update 73 and McAfee Security Scan Plus

descriptionSolvedRe: Virus/Malware Help 11th November 2017, 12:08 am

more_horiz
# AdwCleaner 7.0.4.0 - Logfile created on Sat Nov 11 00:02:06 2017



# Updated on 2017/27/10 by Malwarebytes



# Running on Windows 8.1 (X64)



# Mode: clean



# Support: https://www.malwarebytes.com/support



 



***** [ Services ] *****



 



Deleted: ReimageRealTimeProtector



Deleted: ReimageRealTimeProtector



Deleted: APNMCP



 



 



***** [ Folders ] *****



 



Deleted: C:\ProgramData\Reimage Protector



Deleted: C:\ProgramData\Application Data\Reimage Protector



Deleted: C:\Users\All Users\Reimage Protector



Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reimage repair



Deleted: C:\rei



Deleted: C:\Users\Selena\AppData\Local\unitlayers



Deleted: C:\Users\All Users\Documents\Downloaded Installers



Deleted: C:\Users\Public\Documents\Downloaded Installers



Deleted: C:\Program Files (x86)\Yahoo!\yset



Deleted: C:\Users\Selena\AppData\Local\Pokki



Deleted: C:\Program Files (x86)\AskPartnerNetwork



Deleted: C:\Users\Sassi_000\AppData\Local\AskPartnerNetwork



Deleted: C:\Users\Selena\AppData\Local\AskPartnerNetwork



Deleted: C:\Program Files\Reimage



Deleted: C:\Users\Selena\AppData\Local\slimware utilities inc



Deleted: C:\Users\Selena\AppData\Local\SlimWare Utilities Inc



Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverUpdate



Deleted: C:\Program Files (x86)\DriverUpdate



Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Registry Optimizer



Deleted: C:\Program Files (x86)\WinZip Registry Optimizer



 



 



***** [ Files ] *****



 



Deleted: C:\Users\All Users\Desktop\PC Scan & Repair by Reimage.lnk



Deleted: C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk



Deleted: C:\Users\Sassi_000\Downloads\ReimageRepair.exe



Deleted: C:\Users\Selena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Menu.lnk



Deleted: C:\Windows\SysNative\drivers\swdumon.sys



Deleted: C:\Users\Selena\Desktop\Speed Test.lnk



Deleted: C:\Users\All Users\Desktop\driverupdate.lnk



Deleted: C:\Users\Public\Desktop\driverupdate.lnk



Deleted: C:\Windows\Reimage.ini



Deleted: C:\Windows\Temp\reimage.log



Deleted: C:\Users\Selena\AppData\Local\Temp\reimage.log



Deleted: C:\Users\All Users\Desktop\WinZip Registry Optimizer.lnk



Deleted: C:\Users\Public\Desktop\WinZip Registry Optimizer.lnk



Deleted: C:\Users\Selena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk



 



 



***** [ DLL ] *****



 



No malicious DLLs cleaned.



 



***** [ WMI ] *****



 



No malicious WMI cleaned.



 



***** [ Shortcuts ] *****



 



No malicious shortcuts cleaned.



 



***** [ Tasks ] *****



 



Deleted: Registry Optimizer_UPDATES



Deleted: Registry Optimizer_DEFAULT



Deleted: DTChk



Deleted: DTReg



Deleted: Default2Check



Deleted: ReimageUpdater



Deleted: Reimage Reminder



Deleted: PC Performer



Deleted: Registry Optimizer



 



 



***** [ Registry ] *****



 



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\bestpriceninja.com



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\cloudfront.net



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\cmptch.com



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\coupontime.co



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\d2m2wsoho8qq12.cloudfront.net



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\d3sq3a6zadvt1r.cloudfront.net



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\eshopcomp.com



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\foxi69.tlscdn.com



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\inst.shoppingate.info



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\land.pckeeper.software



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearchresults.com



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\partners.cmptch.com



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pckeeper.software



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pstatic.bestpriceninja.com



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pstatic.eshopcomp.com



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\re-markit.co



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\reimageplus.com



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\reimageplus.com



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\shoppingate.info



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.cmptch.com



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.coupontime00.coupontime.co



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.re-markit00.re-markit.co



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\tlscdn.com



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ttdetect.staticimgfarm.com



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.mysearchresults.com



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.reimageplus.com



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.reimageplus.com



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com



Deleted: [Key] - HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Internet Explorer\DOMStorage\ask.com



Deleted: [Key] - HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Internet Explorer\DOMStorage\cloudfront.net



Deleted: [Key] - HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Internet Explorer\DOMStorage\nicekicks.com



Deleted: [Key] - HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Internet Explorer\DOMStorage\shopathome.com



Deleted: [Key] - HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\PokkiDownloadHelper



Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\PokkiDownloadHelper



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinZip Registry Optimizer_is1



Deleted: [Key] - HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\Software\InstalledBrowserExtensions



Deleted: [Key] - HKCU\Software\InstalledBrowserExtensions



Deleted: [Key] - HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\Software\Pokki



Deleted: [Key] - HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki



Deleted: [Key] - HKCU\Software\Pokki



Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Speed Test 127



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet



Deleted: [Key] - HKLM\SOFTWARE\NICO MAK COMPUTING\WinZip Registry Optimizer



Deleted: [Key] - HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\Software\NICO MAK COMPUTING\WinZip Registry Optimizer



Deleted: [Key] - HKCU\Software\NICO MAK COMPUTING\WinZip Registry Optimizer



Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}



Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4EB3FC20-7158-4DD5-A08E-707541E9341C}



Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}



Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}



Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}



Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}



Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}



Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}



Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}



Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}



Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}



Deleted: [Key] - HKCU\Software\Classes\TypeLib\{39B1EC90-428D-4033-9E32-ED28D02FF588}



Deleted: [Key] - HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\Software\Classes\TypeLib\{39B1EC90-428D-4033-9E32-ED28D02FF588}



Deleted: [Key] - HKCU\Software\Classes\CLSID\{22848257-6A2D-4D2A-8D56-C886D25B8B58}



Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{22848257-6A2D-4D2A-8D56-C886D25B8B58}



Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{22848257-6A2D-4D2A-8D56-C886D25B8B58}



Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}



Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}



Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}



Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}



Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}



Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}



Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}



Deleted: [Key] - HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}



Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{3013E03D-89D5-4580-8560-DB198297CC29}



Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}



Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}



Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}



Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}



Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{53FDCCB0-2404-4274-9002-5A3A1FD40426}



Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}



Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}



Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{75CC1BBE-D96F-45DF-A622-D60BFA8AF49E}



Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}



Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}



Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}



Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}



Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}



Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}



Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}



Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{B69509B5-4A90-4433-A2DE-BE439F6581F2}



Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}



Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}



Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}



Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}



Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}



Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E09EF104-3849-47F4-B005-A120558F3FEF}



Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}



Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}



Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}



Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{F2F1AE7C-149B-46D3-9498-12572C7AFE11}



Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}



Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{FB61B649-3FC8-4754-89A2-501456130AB5}



Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{884189CF-7C10-41E8-A014-F7B2BE40AADB}



Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BD125908-5F10-409F-9C01-F2207CA18887}



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4



Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\50D2BAFD096C90345A82B25A790BDF69



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\50D2BAFD096C90345A82B25A790BDF69



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4



Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15



Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|ApnTBMon



Deleted: [Key] - HKCU\Software\Classes\AllFileSystemObjects\shell\pokki



Deleted: [Key] - HKCU\Software\Classes\Directory\shell\pokki



Deleted: [Key] - HKCU\Software\Classes\Drive\shell\pokki



Deleted: [Key] - HKCU\Software\Classes\lnkfile\shell\pokki



Deleted: [Key] - HKCU\Software\Classes\MIME\Database\Content Type\application\x-pokkidownloadhelper



Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL



Deleted: [Key] - HKCU\Software\Classes\AppID\npPokkiDownloadHelper.dll



Deleted: [Key] - HKCU\Software\MozillaPlugins\pokki.com\PokkiDownloadHelper



Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL



Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL



Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL



Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|BackgroundHost64.exe



Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD|BackgroundHost64.exe



Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|BackgroundHost.exe



Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD|BackgroundHost.exe



Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext|DisableAddonLoadTimePerformanceNotifications



Deleted: [Key] - HKLM\SOFTWARE\AskPartnerNetwork



Deleted: [Key] - HKU\.DEFAULT\Software\AskPartnerNetwork



Deleted: [Key] - HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\Software\AskPartnerNetwork



Deleted: [Key] - HKU\S-1-5-18\Software\AskPartnerNetwork



Deleted: [Key] - HKCU\Software\AskPartnerNetwork



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair



Deleted: [Key] - HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.



Deleted: [Key] - HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.



Deleted: [Key] - HKLM\SOFTWARE\Reimage



Deleted: [Key] - HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\Software\Reimage



Deleted: [Key] - HKCU\Software\Reimage



Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe



Deleted: [Key] - HKLM\SOFTWARE\SlimWare Utilities Inc



Deleted: [Key] - HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\Software\SlimWare Utilities Inc



Deleted: [Key] - HKCU\Software\SlimWare Utilities Inc



Deleted: [Key] - HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\Software\AppDataLow\Software\Crossrider



Deleted: [Key] - HKCU\Software\AppDataLow\Software\Crossrider



Deleted: [Key] - HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\Software\AppDataLow\Software\Crossrider



Deleted: [Key] - HKCU\Software\AppDataLow\Software\Crossrider



 



 



***** [ Firefox (and derivatives) ] *****



 



Plugin deleted: OnlineMapFinder - Mindspark



 



 



***** [ Chromium (and derivatives) ] *****



 



No malicious Chromium entries deleted.



 



*************************



 



::Tracing keys deleted



::Winsock settings cleared



::Additional Actions: 0



 



 



 



*************************



 



C:/AdwCleaner/AdwCleaner[C0].txt - [17116 B] - [2017/11/6 1:0:19]



C:/AdwCleaner/AdwCleaner[S0].txt - [19420 B] - [2017/11/6 0:54:12]



C:/AdwCleaner/AdwCleaner[S1].txt - [23015 B] - [2017/11/11 0:0:36]



 



 



########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

descriptionSolvedRe: Virus/Malware Help 11th November 2017, 1:14 am

more_horiz
Virus/Malware Help Mbamicontw5

This does not work below... can you give me another button to click on please? TY
Please download Malwarebytes Anti-Malware from here.
Double Click mbam-setup.exe to install the application.

descriptionSolvedRe: Virus/Malware Help 11th November 2017, 2:53 am

more_horiz
Download and install: Please download Malwarebytes' scanner to your desktop.

descriptionSolvedRe: Virus/Malware Help 11th November 2017, 3:45 am

more_horiz
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 8.1 x64
Ran by Selena (Administrator) on Fri 11/10/2017 at 22:39:36.69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 1
Successfully deleted: C:\Users\Selena\AppData\Roaming\nico mak computing (Folder)

Registry: 6
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\SWDUMon (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EA97E0FE-1508-46B3-94A9-FA05B15F4D23} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F564F32-5637-006A-76A7-7A786E7484D7} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F564F32-5637-006A-76A7-7A786E7484D7} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{4F564F32-5637-006A-76A7-7A786E7484D7} (Registry Value)


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 11/10/2017 at 22:44:10.38
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

descriptionSolvedRe: Virus/Malware Help 11th November 2017, 3:49 am

more_horiz
Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 11/10/17
Scan Time: 10:08 PM
Log File: 91b810c2-c68d-11e7-90eb-2016d879d880.json
Administrator: Yes

-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.236
Update Package Version: 1.0.3226
License: Trial

-System Information-
OS: Windows 8.1
CPU: x64
File System: NTFS
User: SELENA\Selena

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 418747
Threats Detected: 313
Threats Quarantined: 312
Time Elapsed: 17 min, 58 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 47
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\REI_AxControl.ReiEngine.1, Quarantined, [1070], [327197],1.0.3226
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\REI_AxControl.ReiEngine, Quarantined, [1070], [327197],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\CLASSES\Speed Test 127.BackgroundHostObject.1, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{75CC1BBE-D96F-45DF-A622-D60BFA8AF49E}, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{75CC1BBE-D96F-45DF-A622-D60BFA8AF49E}, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\CLASSES\Speed Test 127.BackgroundHostObject, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\CLASSES\Speed Test 127.Navbar.1, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E09EF104-3849-47F4-B005-A120558F3FEF}, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E09EF104-3849-47F4-B005-A120558F3FEF}, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\CLASSES\Speed Test 127.Navbar, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\CLASSES\Speed Test 127.ScriptHostObject.1, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKU\S-1-5-21-2252793316-4098098122-2232313737-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\CLASSES\Speed Test 127.ScriptHostObject, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\CLASSES\Speed Test 127.Tool.1, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{FB61B649-3FC8-4754-89A2-501456130AB5}, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{FB61B649-3FC8-4754-89A2-501456130AB5}, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\CLASSES\Speed Test 127.Tool, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.CrossRider, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550255625578}, Quarantined, [223], [324197],1.0.3226
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\nogdfjjfhknacchjpiccacoimeelkajb, Quarantined, [63], [443385],1.0.3226
PUP.Optional.SolidSavings, HKU\S-1-5-21-2252793316-4098098122-2232313737-1004\SOFTWARE\APPDATALOW\SOFTWARE\Solid Savings, Quarantined, [3468], [243304],1.0.3226
PUP.Optional.SolidSavings, HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\SOFTWARE\APPDATALOW\SOFTWARE\Solid Savings, Quarantined, [3468], [243304],1.0.3226
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-2252793316-4098098122-2232313737-1004\SOFTWARE\AskPartnerNetwork, Quarantined, [9390], [186876],1.0.3226
PUP.Optional.WinZipRegOp, HKU\S-1-5-21-2252793316-4098098122-2232313737-1004\SOFTWARE\NICO MAK COMPUTING\WinZip Registry Optimizer, Quarantined, [12309], [254404],1.0.3226
PUP.Optional.ASK.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4F564F32-5637-006A-76A7-A758B70C2D01}, Quarantined, [12426], [245530],1.0.3226
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\AskPartnerNetwork, Quarantined, [9390], [186877],1.0.3226
PUP.Optional.Hosts, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Updater26278.exe, Quarantined, [2515], [186805],1.0.3226
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F783B41E-2130-42BD-A8BB-9140E2AF17D8}, Quarantined, [223], [346382],1.0.3226
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{418ad5ba-1c21-4a23-8218-3751a782daea}, Quarantined, [223], [237508],1.0.3226
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{45e32d3d-628f-4ea5-9f03-e0662bb11c31}, Quarantined, [223], [237509],1.0.3226
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7f1769f7-ede8-46dd-b0cf-78554c5a6f3f}, Quarantined, [223], [237510],1.0.3226
PUP.Optional.Staging, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C35B7206-62EB-F808-5475-18A6FDE7DD94}, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKLM\SOFTWARE\CLASSES\TYPELIB\{361474FA-43A4-7088-66F5-BED6EB5500C1}, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKLM\SOFTWARE\CLASSES\INTERFACE\{66EBAC84-2D58-FD6A-7D99-20491A619549}, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{66EBAC84-2D58-FD6A-7D99-20491A619549}, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{66EBAC84-2D58-FD6A-7D99-20491A619549}, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{361474FA-43A4-7088-66F5-BED6EB5500C1}, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{361474FA-43A4-7088-66F5-BED6EB5500C1}, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C35B7206-62EB-F808-5475-18A6FDE7DD94}, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C35B7206-62EB-F808-5475-18A6FDE7DD94}, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKU\S-1-5-21-2252793316-4098098122-2232313737-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C35B7206-62EB-F808-5475-18A6FDE7DD94}, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C35B7206-62EB-F808-5475-18A6FDE7DD94}, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKU\S-1-5-21-2252793316-4098098122-2232313737-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C35B7206-62EB-F808-5475-18A6FDE7DD94}, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C35B7206-62EB-F808-5475-18A6FDE7DD94}\InprocServer32, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C35B7206-62EB-F808-5475-18A6FDE7DD94}\InprocServer32, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C35B7206-62EB-F808-5475-18A6FDE7DD94}, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.DefaultTab, HKU\S-1-5-21-2252793316-4098098122-2232313737-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{7F6AFBF1-E065-4627-A2FD-810366367D01}, Quarantined, [3354], [167893],1.0.3226
PUP.Optional.DefaultTab, HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{7F6AFBF1-E065-4627-A2FD-810366367D01}, Quarantined, [3354], [167893],1.0.3226

Registry Value: 7
PUP.Optional.CrossRider, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550255625578}|, Quarantined, [223], [324197],1.0.3226
PUP.Optional.ASK.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4F564F32-5637-006A-76A7-A758B70C2D01}|INSTALLSOURCE, Quarantined, [12426], [245530],1.0.3226
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F783B41E-2130-42BD-A8BB-9140E2AF17D8}|PATH, Quarantined, [223], [346382],1.0.3226
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{418ad5ba-1c21-4a23-8218-3751a782daea}|APPNAME, Quarantined, [223], [237508],1.0.3226
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{45e32d3d-628f-4ea5-9f03-e0662bb11c31}|APPNAME, Quarantined, [223], [237509],1.0.3226
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7f1769f7-ede8-46dd-b0cf-78554c5a6f3f}|APPNAME, Quarantined, [223], [237510],1.0.3226
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|SOLID SAVINGS-BG.EXE, Quarantined, [1002], [260099],1.0.3226

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 18
PUP.Optional.MindSpark, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\OnlineMapFinder_9p, Quarantined, [262], [240302],1.0.3226
PUP.Optional.SpeedTest, C:\USERS\SELENA\APPDATA\ROAMING\speedtest127, Quarantined, [3470], [179785],1.0.3226
PUP.Optional.Staging, C:\PROGRAMDATA\DL159, Quarantined, [10677], [179825],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Sassi_000\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\USERS\SASSI_000\APPDATA\ROAMING\NICO MAK COMPUTING\WINZIP REGISTRY OPTIMIZER, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Selena\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\USERS\SELENA\APPDATA\ROAMING\NICO MAK COMPUTING\WINZIP REGISTRY OPTIMIZER, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\weatherIcons, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\offlinePhotos, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\_locales\en, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\_metadata, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\_locales, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\USERS\SASSI_000\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\nogdfjjfhknacchjpiccacoimeelkajb, Quarantined, [63], [443385],1.0.3226

File: 241
PUP.Optional.Hosts, C:\WINDOWS\SYSTEM32\TASKS\Updater26278.exe, Quarantined, [2515], [190266],1.0.3226
PUP.Optional.MindSpark, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\OnlineMapFinder_9p\4746C7E5-5F75-45C2-BE3C-6A383656770D.sqlite, Quarantined, [262], [240302],1.0.3226
PUP.Optional.WinYahoo, C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\BROWSER\EXTENSIONS\JID1-G80EC8LLEBK5FQ@JETPACK.XPI, Quarantined, [63], [256139],1.0.3226
PUP.Optional.SpeedTest, C:\Users\Selena\AppData\Roaming\speedtest127\speedtest127.xpi, Quarantined, [3470], [179785],1.0.3226
PUP.Optional.Staging, C:\ProgramData\dl159\159.dll, Quarantined, [10677], [179825],1.0.3226
PUP.Optional.DriverUpdate, C:\WINDOWS\TASKS\DRIVERUPDATE STARTUP.JOB, Quarantined, [1416], [335441],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Sassi_000\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\ExcludeList.rcp, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Sassi_000\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\log_01-10-2014.log, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Sassi_000\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\log_01-13-2014.log, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Sassi_000\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\log_01-28-2014.log, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Sassi_000\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\log_02-19-2014.log, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Sassi_000\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\log_05-24-2014.log, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Sassi_000\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\results.rcp, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Sassi_000\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\TempHLList.rcp, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Selena\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\ExcludeList.rcp, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Selena\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\rcpupdate.ini, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Selena\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\results.rcp, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Selena\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\TempHLList.rcp, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\weatherIcons\downArrow.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\weatherIcons\sprite-weathersmall.png, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\weatherIcons\upArrow.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\500px.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\8tracks.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\adobe.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\airbnb.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\amazon.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\aol.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\apple.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\bankofamerica.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\bbc.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\befrugal.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\behance.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\bestbuy.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\bing.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\careersyahoo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\chase.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\close_x.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\codepen.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\craigslist.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\dailymotion.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\dribbble.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\dropbox.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\ebay.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\espn.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\evernote.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\facebook.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\financeyahoo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\flickr.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\flickrLogo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\flickrLogo2.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\flickrLogo3.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\foxnews.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\gamesyahoo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\gear1.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\gear3.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\gettyimages.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\github.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\gmail.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\google.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\googledocs.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\googledrive.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\googleinbox.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\googlemaps.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\googlesheets.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\googlewebstore.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\grooveshark.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\homedepot.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\homesyahoo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\hotmail-outlook.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\icon.png, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\imdb.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\instagram.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\java.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\jsfiddle.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\kickstarter.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\linkedin.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\mag1.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\mag3.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\mag4.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\mag_purp.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\mailyahoo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\mapquest.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\mashable.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\medium.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\metacafe.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\mixbit.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\msn.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\nationalgeographic.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\netflix.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\newsyahoo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\newtab128.png, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\oracle.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\oracleapp.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\pandora.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\panelicon.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\paypal.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\pinterest.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\rdio.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\screenyahoo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\settings_white.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\cnn.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\googleplay.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\tumblr.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\share1.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\shoppingyahoo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\slideshare.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\soundcloud.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\sportsyahoo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\spotify.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\target.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\techcrunch.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\ted.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\theverge.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\time.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\trendingNow.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\turbotax.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\twitch.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\twitter.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\vimeo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\vine.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\walmart.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\weatherchannel.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\weatheryahoo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\website.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\wellsfargo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\wikipedia.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\wordpress.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\yahoo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\yahooautos.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\yahoofood.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\yahoomatch.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\yahootech.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\yahootravel.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\youtube.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\Y_NT128.png, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\Y_NT16.png, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\Y_NT64.png, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\offlinePhotos\alaska.jpg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\offlinePhotos\antelope.JPG, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\offlinePhotos\newmexico.JPG, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\offlinePhotos\sunset.JPG, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\_locales\en\messages.json, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\_metadata\verified_contents.json, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\bootstrap.min.css, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\bootstrap.min.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\brand.css, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\BrowserGap.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\Bucket.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\Constants.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\jquery.min.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\lato.ttf, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\latolight.ttf, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\main.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\manifest.json, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\newtab.css, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\newtab.html, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\newtab.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\notifyPresence.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\PhotoManager.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\Tracker.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\TrackerEncoder.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\TrendingNow.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\Weather.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\USERS\SASSI_000\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Removal Failed, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\USERS\SASSI_000\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\bootstrap.min.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\BrowserGap.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\Bucket.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\Constants.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\jquery.min.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\lato.ttf, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\latolight.ttf, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\main.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\newtab.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\notifyPresence.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\PhotoManager.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\Tracker.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\TrackerEncoder.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\TrendingNow.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\Weather.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\bootstrap.min.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\BrowserGap.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\Bucket.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\Constants.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\jquery.min.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\lato.ttf, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\latolight.ttf, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\main.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\newtab.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\notifyPresence.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\PhotoManager.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\Tracker.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\TrackerEncoder.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\TrendingNow.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\Weather.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.Staging, C:\USERS\ALL USERS\DL159\159.DLL, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [262], [348738],1.0.3226
PUP.Optional.Reimage, C:\USERS\SASSI_000\DOWNLOADS\REIMAGEREPAIR (3).EXE, Quarantined, [1070], [331559],1.0.3226
PUP.Optional.Reimage, C:\USERS\SASSI_000\DOWNLOADS\REIMAGEREPAIR (2).EXE, Quarantined, [1070], [331559],1.0.3226
PUP.Optional.Reimage, C:\USERS\SASSI_000\DOWNLOADS\REIMAGEREPAIR (1).EXE, Quarantined, [1070], [331559],1.0.3226
PUP.Optional.APNToolBar, C:\USERS\SELENA\DOCUMENTS\APNSETUP.EXE, Quarantined, [6490], [76242],1.0.3226

Physical Sector: 0
(No malicious items detected)


(end)

descriptionSolvedRe: Virus/Malware Help 11th November 2017, 3:52 am

more_horiz
Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 11/10/17
Scan Time: 10:08 PM
Log File: 91b810c2-c68d-11e7-90eb-2016d879d880.json
Administrator: Yes

-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.236
Update Package Version: 1.0.3226
License: Trial

-System Information-
OS: Windows 8.1
CPU: x64
File System: NTFS
User: SELENA\Selena

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 418747
Threats Detected: 313
Threats Quarantined: 312
Time Elapsed: 17 min, 58 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 47
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\REI_AxControl.ReiEngine.1, Quarantined, [1070], [327197],1.0.3226
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\REI_AxControl.ReiEngine, Quarantined, [1070], [327197],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\CLASSES\Speed Test 127.BackgroundHostObject.1, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{75CC1BBE-D96F-45DF-A622-D60BFA8AF49E}, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{75CC1BBE-D96F-45DF-A622-D60BFA8AF49E}, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\CLASSES\Speed Test 127.BackgroundHostObject, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\CLASSES\Speed Test 127.Navbar.1, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E09EF104-3849-47F4-B005-A120558F3FEF}, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E09EF104-3849-47F4-B005-A120558F3FEF}, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\CLASSES\Speed Test 127.Navbar, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\CLASSES\Speed Test 127.ScriptHostObject.1, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKU\S-1-5-21-2252793316-4098098122-2232313737-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\CLASSES\Speed Test 127.ScriptHostObject, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\CLASSES\Speed Test 127.Tool.1, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{FB61B649-3FC8-4754-89A2-501456130AB5}, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{FB61B649-3FC8-4754-89A2-501456130AB5}, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.SpeedTest, HKLM\SOFTWARE\CLASSES\Speed Test 127.Tool, Quarantined, [3470], [243396],1.0.3226
PUP.Optional.CrossRider, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550255625578}, Quarantined, [223], [324197],1.0.3226
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\nogdfjjfhknacchjpiccacoimeelkajb, Quarantined, [63], [443385],1.0.3226
PUP.Optional.SolidSavings, HKU\S-1-5-21-2252793316-4098098122-2232313737-1004\SOFTWARE\APPDATALOW\SOFTWARE\Solid Savings, Quarantined, [3468], [243304],1.0.3226
PUP.Optional.SolidSavings, HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\SOFTWARE\APPDATALOW\SOFTWARE\Solid Savings, Quarantined, [3468], [243304],1.0.3226
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-2252793316-4098098122-2232313737-1004\SOFTWARE\AskPartnerNetwork, Quarantined, [9390], [186876],1.0.3226
PUP.Optional.WinZipRegOp, HKU\S-1-5-21-2252793316-4098098122-2232313737-1004\SOFTWARE\NICO MAK COMPUTING\WinZip Registry Optimizer, Quarantined, [12309], [254404],1.0.3226
PUP.Optional.ASK.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4F564F32-5637-006A-76A7-A758B70C2D01}, Quarantined, [12426], [245530],1.0.3226
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\AskPartnerNetwork, Quarantined, [9390], [186877],1.0.3226
PUP.Optional.Hosts, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Updater26278.exe, Quarantined, [2515], [186805],1.0.3226
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F783B41E-2130-42BD-A8BB-9140E2AF17D8}, Quarantined, [223], [346382],1.0.3226
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{418ad5ba-1c21-4a23-8218-3751a782daea}, Quarantined, [223], [237508],1.0.3226
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{45e32d3d-628f-4ea5-9f03-e0662bb11c31}, Quarantined, [223], [237509],1.0.3226
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7f1769f7-ede8-46dd-b0cf-78554c5a6f3f}, Quarantined, [223], [237510],1.0.3226
PUP.Optional.Staging, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C35B7206-62EB-F808-5475-18A6FDE7DD94}, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKLM\SOFTWARE\CLASSES\TYPELIB\{361474FA-43A4-7088-66F5-BED6EB5500C1}, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKLM\SOFTWARE\CLASSES\INTERFACE\{66EBAC84-2D58-FD6A-7D99-20491A619549}, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{66EBAC84-2D58-FD6A-7D99-20491A619549}, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{66EBAC84-2D58-FD6A-7D99-20491A619549}, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{361474FA-43A4-7088-66F5-BED6EB5500C1}, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{361474FA-43A4-7088-66F5-BED6EB5500C1}, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C35B7206-62EB-F808-5475-18A6FDE7DD94}, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C35B7206-62EB-F808-5475-18A6FDE7DD94}, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKU\S-1-5-21-2252793316-4098098122-2232313737-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C35B7206-62EB-F808-5475-18A6FDE7DD94}, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C35B7206-62EB-F808-5475-18A6FDE7DD94}, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKU\S-1-5-21-2252793316-4098098122-2232313737-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C35B7206-62EB-F808-5475-18A6FDE7DD94}, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C35B7206-62EB-F808-5475-18A6FDE7DD94}\InprocServer32, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C35B7206-62EB-F808-5475-18A6FDE7DD94}\InprocServer32, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.Staging, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C35B7206-62EB-F808-5475-18A6FDE7DD94}, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.DefaultTab, HKU\S-1-5-21-2252793316-4098098122-2232313737-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{7F6AFBF1-E065-4627-A2FD-810366367D01}, Quarantined, [3354], [167893],1.0.3226
PUP.Optional.DefaultTab, HKU\S-1-5-21-2252793316-4098098122-2232313737-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{7F6AFBF1-E065-4627-A2FD-810366367D01}, Quarantined, [3354], [167893],1.0.3226

Registry Value: 7
PUP.Optional.CrossRider, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550255625578}|, Quarantined, [223], [324197],1.0.3226
PUP.Optional.ASK.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4F564F32-5637-006A-76A7-A758B70C2D01}|INSTALLSOURCE, Quarantined, [12426], [245530],1.0.3226
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F783B41E-2130-42BD-A8BB-9140E2AF17D8}|PATH, Quarantined, [223], [346382],1.0.3226
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{418ad5ba-1c21-4a23-8218-3751a782daea}|APPNAME, Quarantined, [223], [237508],1.0.3226
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{45e32d3d-628f-4ea5-9f03-e0662bb11c31}|APPNAME, Quarantined, [223], [237509],1.0.3226
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7f1769f7-ede8-46dd-b0cf-78554c5a6f3f}|APPNAME, Quarantined, [223], [237510],1.0.3226
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|SOLID SAVINGS-BG.EXE, Quarantined, [1002], [260099],1.0.3226

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 18
PUP.Optional.MindSpark, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\OnlineMapFinder_9p, Quarantined, [262], [240302],1.0.3226
PUP.Optional.SpeedTest, C:\USERS\SELENA\APPDATA\ROAMING\speedtest127, Quarantined, [3470], [179785],1.0.3226
PUP.Optional.Staging, C:\PROGRAMDATA\DL159, Quarantined, [10677], [179825],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Sassi_000\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\USERS\SASSI_000\APPDATA\ROAMING\NICO MAK COMPUTING\WINZIP REGISTRY OPTIMIZER, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Selena\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\USERS\SELENA\APPDATA\ROAMING\NICO MAK COMPUTING\WINZIP REGISTRY OPTIMIZER, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\weatherIcons, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\offlinePhotos, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\_locales\en, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\_metadata, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\_locales, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\USERS\SASSI_000\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\nogdfjjfhknacchjpiccacoimeelkajb, Quarantined, [63], [443385],1.0.3226

File: 241
PUP.Optional.Hosts, C:\WINDOWS\SYSTEM32\TASKS\Updater26278.exe, Quarantined, [2515], [190266],1.0.3226
PUP.Optional.MindSpark, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\OnlineMapFinder_9p\4746C7E5-5F75-45C2-BE3C-6A383656770D.sqlite, Quarantined, [262], [240302],1.0.3226
PUP.Optional.WinYahoo, C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\BROWSER\EXTENSIONS\JID1-G80EC8LLEBK5FQ@JETPACK.XPI, Quarantined, [63], [256139],1.0.3226
PUP.Optional.SpeedTest, C:\Users\Selena\AppData\Roaming\speedtest127\speedtest127.xpi, Quarantined, [3470], [179785],1.0.3226
PUP.Optional.Staging, C:\ProgramData\dl159\159.dll, Quarantined, [10677], [179825],1.0.3226
PUP.Optional.DriverUpdate, C:\WINDOWS\TASKS\DRIVERUPDATE STARTUP.JOB, Quarantined, [1416], [335441],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Sassi_000\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\ExcludeList.rcp, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Sassi_000\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\log_01-10-2014.log, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Sassi_000\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\log_01-13-2014.log, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Sassi_000\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\log_01-28-2014.log, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Sassi_000\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\log_02-19-2014.log, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Sassi_000\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\log_05-24-2014.log, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Sassi_000\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\results.rcp, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Sassi_000\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\TempHLList.rcp, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Selena\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\ExcludeList.rcp, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Selena\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\rcpupdate.ini, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Selena\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\results.rcp, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinZipRegOp, C:\Users\Selena\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\TempHLList.rcp, Quarantined, [12309], [180506],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\weatherIcons\downArrow.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\weatherIcons\sprite-weathersmall.png, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\weatherIcons\upArrow.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\500px.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\8tracks.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\adobe.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\airbnb.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\amazon.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\aol.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\apple.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\bankofamerica.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\bbc.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\befrugal.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\behance.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\bestbuy.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\bing.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\careersyahoo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\chase.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\close_x.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\codepen.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\craigslist.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\dailymotion.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\dribbble.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\dropbox.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\ebay.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\espn.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\evernote.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\facebook.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\financeyahoo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\flickr.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\flickrLogo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\flickrLogo2.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\flickrLogo3.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\foxnews.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\gamesyahoo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\gear1.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\gear3.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\gettyimages.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\github.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\gmail.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\google.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\googledocs.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\googledrive.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\googleinbox.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\googlemaps.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\googlesheets.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\googlewebstore.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\grooveshark.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\homedepot.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\homesyahoo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\hotmail-outlook.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\icon.png, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\imdb.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\instagram.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\java.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\jsfiddle.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\kickstarter.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\linkedin.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\mag1.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\mag3.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\mag4.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\mag_purp.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\mailyahoo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\mapquest.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\mashable.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\medium.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\metacafe.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\mixbit.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\msn.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\nationalgeographic.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\netflix.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\newsyahoo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\newtab128.png, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\oracle.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\oracleapp.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\pandora.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\panelicon.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\paypal.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\pinterest.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\rdio.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\screenyahoo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\settings_white.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\cnn.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\googleplay.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\tumblr.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\share1.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\shoppingyahoo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\slideshare.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\soundcloud.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\sportsyahoo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\spotify.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\target.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\techcrunch.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\ted.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\theverge.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\time.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\trendingNow.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\turbotax.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\twitch.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\twitter.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\vimeo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\vine.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\walmart.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\weatherchannel.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\weatheryahoo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\website.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\wellsfargo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\wikipedia.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\wordpress.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\yahoo.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\yahooautos.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\yahoofood.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\yahoomatch.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\yahootech.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\yahootravel.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\youtube.svg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\Y_NT128.png, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\Y_NT16.png, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\icons\Y_NT64.png, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\offlinePhotos\alaska.jpg, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\offlinePhotos\antelope.JPG, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\offlinePhotos\newmexico.JPG, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\offlinePhotos\sunset.JPG, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\_locales\en\messages.json, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\_metadata\verified_contents.json, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\bootstrap.min.css, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\bootstrap.min.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\brand.css, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\BrowserGap.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\Bucket.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\Constants.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\jquery.min.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\lato.ttf, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\latolight.ttf, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\main.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\manifest.json, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\newtab.css, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\newtab.html, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\newtab.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\notifyPresence.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\PhotoManager.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\Tracker.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\TrackerEncoder.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\TrendingNow.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Sassi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\Weather.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\USERS\SASSI_000\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Removal Failed, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\USERS\SASSI_000\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\bootstrap.min.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\BrowserGap.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\Bucket.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\Constants.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\jquery.min.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\lato.ttf, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\latolight.ttf, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\main.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\newtab.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\notifyPresence.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\PhotoManager.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\Tracker.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\TrackerEncoder.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\TrendingNow.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.0_0\Weather.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\bootstrap.min.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\BrowserGap.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\Bucket.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\Constants.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\jquery.min.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\lato.ttf, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\latolight.ttf, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\main.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\newtab.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\notifyPresence.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\PhotoManager.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\Tracker.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\TrackerEncoder.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\TrendingNow.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.WinYahoo, C:\Users\Selena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb\1.1.2_0\Weather.js, Quarantined, [63], [443385],1.0.3226
PUP.Optional.Staging, C:\USERS\ALL USERS\DL159\159.DLL, Quarantined, [10677], [294019],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark.Generic, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [850], [319354],1.0.3226
PUP.Optional.MindSpark, C:\USERS\SASSI_000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QCD0TTB6.DEFAULT\PREFS.JS, Replaced, [262], [348738],1.0.3226
PUP.Optional.Reimage, C:\USERS\SASSI_000\DOWNLOADS\REIMAGEREPAIR (3).EXE, Quarantined, [1070], [331559],1.0.3226
PUP.Optional.Reimage, C:\USERS\SASSI_000\DOWNLOADS\REIMAGEREPAIR (2).EXE, Quarantined, [1070], [331559],1.0.3226
PUP.Optional.Reimage, C:\USERS\SASSI_000\DOWNLOADS\REIMAGEREPAIR (1).EXE, Quarantined, [1070], [331559],1.0.3226
PUP.Optional.APNToolBar, C:\USERS\SELENA\DOCUMENTS\APNSETUP.EXE, Quarantined, [6490], [76242],1.0.3226

Physical Sector: 0
(No malicious items detected)


(end)

descriptionSolvedRe: Virus/Malware Help 11th November 2017, 3:58 am

more_horiz
Results of screen317's Security Check version 1.014 --- 12/23/15
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Defender
Norton Security
Malwarebytes
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 101
Java 8 Update 73
Java version 32-bit out of Date!
Adobe Flash Player 27.0.0.183
Mozilla Firefox (55.0.3)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamtray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

descriptionSolvedRe: Virus/Malware Help 11th November 2017, 11:29 pm

more_horiz
ESET Online Scanner
Note : If you use Internet Explorer to get the ESET Online Scanner, you won't have to download, nor install the tool, as everything will be ran in a contextual (pop-up) window of Internet Explorer. However, for every other browsers, you will have to download and install ESET Online Scanner. In this set of instruction, I'll use Google Chrome to download it and run it (since a lot of people will do it), however, except for the download and installation procedure, the same instructions applies if you use Internet Explorer. Please note that two or three prompts will appear if you use Internet Explorer asking you to reload the page, authorize the application, execute it, etc. Accept all of them in order to run ESET Online Scanner.

    Download and execute ESET OnlineScan (on this window, click on ESET Smart Installer to trigger the download). People accessing this URL via Internet Explorer will start the integration process of ESET Online Scanner in their browser;
    Once the installation is done (it requires Admin Rights), check the following settings (two of them are under Advanced Settings, click on it to display them) :

        Enable detection of potentially unwanted applications;
        Scan archives;
        Scan for potentially unsafe applications;
        Optional : If you want to scan more drives, click on Change... and select the drives you want to include in the scan;

   Virus/Malware Help Lilp6C2_1

    After you're done checking these options, click on Start and ESET Online Scanner will download it's virus signature database before starting the scan;
   
Virus/Malware Help PbI6QoP_1
    Once done, the scan will start automatically. Detections will appear at the bottom of the window. ESET Online Scanner can have an extremely long scan time that can last between 2 or 3 hours. So if you start the scan, do not interrupt it, let it complete until the end;
   
Virus/Malware Help IYk249p_1
    After the scan is finished, a summary window will appear to give you the information about the scan. Then you'll have to the option to see what threads were found and to manage the threats that were quarantined;
   
Virus/Malware Help SQWS56I

    Click on List of found threats, it'll display every threat identified during that scan, their type and what action was taken against them. Click on Copy to clipboard to copy these results on our clipboard and post them in your next reply;
   
Virus/Malware Help OkgGDKc_1

    Once you're done, click on the Back button;
    Check both checkboxes at the bottom: Uninstall application on close and Delete quarantined files before clicking on the Finish button;

descriptionSolvedRe: Virus/Malware Help 12th November 2017, 3:26 am

more_horiz
Below is the ESET scan. When we are done scanning, is there a scan to remove all the scans I downloaded or do I have to uninstall one by one? TY-Val


C:\AdwCleaner\Quarantine\aMeAjSWfch\CleanSchedule.exe Win32/Systweak.O potentially unwanted application
C:\AdwCleaner\Quarantine\aMeAjSWfch\WROUninstall.exe a variant of Win32/Systweak.P potentially unwanted application
C:\AdwCleaner\Quarantine\bbSqWy6yhK\Toolbar\Updater\IDC\IdcLdr.exe a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\AdwCleaner\Quarantine\bbSqWy6yhK\Toolbar\Updater\IDC\IdcSrv.dll a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\AdwCleaner\Quarantine\bbSqWy6yhK\Toolbar\Updater\IDC\IdcSrvStub.dll a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\APNSetup.exe a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\BrowserHost.dll a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\DeskBar.exe a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\searchhook.dll a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\ServiceLocator.exe a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\SO.dll a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\toolbar.dll a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\Toolbar.exe a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\ToolbarPS.dll a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\toolbar_x64.dll a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\TopSitesRT.exe a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\UpdateManager.exe a variant of Win32/Bundled.Toolbar.Ask.R potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Passport.dll a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Passport_x64.dll a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.10.0_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.10.2_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.10.3_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.10.6_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.15.0_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.15.5_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.16.0_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.16.1_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.16.2_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.18.0_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.19.0_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.21.0_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.24.1_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.27.0_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.28.1_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.29.0_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.3.0_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.34.1_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.35.0_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.38.0_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.40.2_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.40.4_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.40.6_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.45.1_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.5.1_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.6.0_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\AskToolbarInstaller-12.7.0_OVO2V7.msi a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\program files\AskPartnerNetwork\ChromeUtils\APNNativeMsgHost.exe a variant of Win32/Bundled.Toolbar.Ask.R potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\program files\AskPartnerNetwork\Toolbar\apnmcp.exe a variant of Win32/Bundled.Toolbar.Ask.R potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\program files\AskPartnerNetwork\Toolbar\BrowserHost.dll a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\program files\AskPartnerNetwork\Toolbar\DeskBar.exe a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\program files\AskPartnerNetwork\Toolbar\searchhook.dll a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\program files\AskPartnerNetwork\Toolbar\ServiceLocator.exe a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\program files\AskPartnerNetwork\Toolbar\SO.dll a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\program files\AskPartnerNetwork\Toolbar\toolbar.dll a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\program files\AskPartnerNetwork\Toolbar\Toolbar.exe a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\program files\AskPartnerNetwork\Toolbar\ToolbarPS.dll a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\program files\AskPartnerNetwork\Toolbar\toolbar_x64.dll a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\program files\AskPartnerNetwork\Toolbar\TopSitesRT.exe a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\program files\AskPartnerNetwork\Toolbar\UpdateManager.exe a variant of Win32/Bundled.Toolbar.Ask.R potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\program files\AskPartnerNetwork\Toolbar\Updater\tbnhlpr.exe a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\program files\AskPartnerNetwork\Toolbar\Updater\tbnhlpr_x64.exe a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe a variant of Win32/Bundled.Toolbar.Ask.S potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr_x64.exe a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv.dll a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub.dll a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub_x64.dll a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv_x64.dll a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport.dll a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport_x64.dll a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\OVO2V7\Source\program files\VNT\vntldr.exe a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\AdwCleaner\Quarantine\gxIX4a2dRE\Toolbar\Updater\tbnhlpr_x64.exe a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\AdwCleaner\Quarantine\IDCdJOyapn\Toolbar\Updater\IDC\IdcLdr.exe a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application
C:\AdwCleaner\Quarantine\IDCdJOyapn\Toolbar\Updater\IDC\IdcLdr_x64.exe a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application
C:\AdwCleaner\Quarantine\IDCdJOyapn\Toolbar\Updater\IDC\IdcSrv.dll a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application
C:\AdwCleaner\Quarantine\IDCdJOyapn\Toolbar\Updater\IDC\IdcSrvStub.dll a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application
C:\AdwCleaner\Quarantine\IDCdJOyapn\Toolbar\Updater\IDC\IdcSrvStub_x64.dll a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application
C:\AdwCleaner\Quarantine\IDCdJOyapn\Toolbar\Updater\IDC\IdcSrv_x64.dll a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application
C:\Users\Sassi_000\AppData\Local\Microsoft\Windows\INetCache\IE\WANYIEPT\ccsetup536.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Windows\Installer\3db6f.msi a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\AskToolbarInstaller-OVO2V7[10].7z a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application,Win32/Bundled.Toolbar.Ask.P potentially unsafe application,Win32/Bundled.Toolbar.Ask.Q potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask.R potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask.S potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\AskToolbarInstaller-OVO2V7[1].7z a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application,Win32/Bundled.Toolbar.Ask.P potentially unsafe application,Win32/Bundled.Toolbar.Ask.Q potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask.R potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\AskToolbarInstaller-OVO2V7[2].7z a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application,Win32/Bundled.Toolbar.Ask.P potentially unsafe application,Win32/Bundled.Toolbar.Ask.Q potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask.R potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\AskToolbarInstaller-OVO2V7[3].7z a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application,Win32/Bundled.Toolbar.Ask.P potentially unsafe application,Win32/Bundled.Toolbar.Ask.Q potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask.R potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\AskToolbarInstaller-OVO2V7[4].7z a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application,Win32/Bundled.Toolbar.Ask.P potentially unsafe application,Win32/Bundled.Toolbar.Ask.Q potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask.R potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\AskToolbarInstaller-OVO2V7[5].7z a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application,Win32/Bundled.Toolbar.Ask.P potentially unsafe application,Win32/Bundled.Toolbar.Ask.Q potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask.R potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask.S potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\AskToolbarInstaller-OVO2V7[6].7z a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application,Win32/Bundled.Toolbar.Ask.P potentially unsafe application,Win32/Bundled.Toolbar.Ask.Q potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask.R potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask.S potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\AskToolbarInstaller-OVO2V7[7].7z a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application,Win32/Bundled.Toolbar.Ask.P potentially unsafe application,Win32/Bundled.Toolbar.Ask.Q potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask.R potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask.S potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\AskToolbarInstaller-OVO2V7[8].7z a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application,Win32/Bundled.Toolbar.Ask.P potentially unsafe application,Win32/Bundled.Toolbar.Ask.Q potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask.R potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask.S potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\AskToolbarInstaller-OVO2V7[9].7z a variant of Win32/Bundled.Toolbar.Ask.N potentially unsafe application,Win32/Bundled.Toolbar.Ask.P potentially unsafe application,Win32/Bundled.Toolbar.Ask.Q potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask.R potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask.S potentially unsafe application

descriptionSolvedRe: Virus/Malware Help 12th November 2017, 12:04 pm

more_horiz
Question: It does run better but it does take a bit of time going on to another page sometimes. It either says it is recovering a page or it is a long script  It seems like I hear something always running in background. Any suggestions.

descriptionSolvedRe: Virus/Malware Help

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum