Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.

Booting and running very slowly

Solved 
7K views 33 replies 3 participants last post by  Joeicam 
#1 ·
Hi All, My Dell Inspiron laptop has recently started to take an age yo boot up and then every program or browser runs really slow. Here is my Sys.info file:

Tech Support Guy System Info Utility version 1.0.0.4
OS Version: Microsoft Windows 10 Home, 64 bit
Processor: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 4
RAM: 4002 Mb
Graphics Card: Intel(R) HD Graphics 3000, 1809 Mb
Hard Drives: C: 451 GB (290 GB Free);
Motherboard: Dell Inc., 01FF8R
Antivirus: Windows Defender, Enabled and Updated

Thank you
Grant
 
#27 ·
Hi Joe and thank you. My machine is working much faster and now only takes around 5 minutes to boot up. One minor problem I have encountered is that since downloading and running AVG removal tool at the start of my thread on startup my machine now offers dual boot options as per the screenshot below.
Communication Device Gadget Font Material property Electric blue


Its a minor annoyance but I would prefer to boot straight to windows. Clicking the avg option btw boots the machine into safe mode.
I have carried out all tasks you requested and tried to post them all here but I am still getting the to many character error and so I will have to make a couple of replies to get the information to you.
Fix result of Farbar Recovery Scan Tool (x64) Version: 30.01.2019
Ran by Grant (30-01-2019 14:40:59) Run:2
Running from C:\Users\Grant\Desktop
Loaded Profiles: Grant (Available Profiles: Grant & DOM & olls & dads iphone)
Boot Mode: Normal
==============================================

fixlist content:
*****************
FirewallRules: [{9D98E20E-F66C-48B6-86A0-5D75750BA335}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe No File
FirewallRules: [{F06122B4-4B34-4A26-811C-AD304F80FB32}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe No File
FirewallRules: [{0539B323-2998-46E0-9637-39FD9A218937}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{1B532351-BB8F-412D-A7F9-13800939510A}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe No File
C:\Program Files\Common Files\mcafee

*****************

"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9D98E20E-F66C-48B6-86A0-5D75750BA335}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F06122B4-4B34-4A26-811C-AD304F80FB32}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0539B323-2998-46E0-9637-39FD9A218937}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1B532351-BB8F-412D-A7F9-13800939510A}" => removed successfully
"C:\Program Files\Common Files\mcafee" => not found

==== End of Fixlog 14:41:00 ====
Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 1/30/19
Scan Time: 2:52 PM
Log File: aa0c1e82-249e-11e9-9fe4-24b6fd03a942.json

-Software Information-
Version: 3.6.1.2711
Components Version: 1.0.527
Update Package Version: 1.0.9036
License: Trial

-System Information-
OS: Windows 10 (Build 17134.523)
CPU: x64
File System: NTFS
User: GRANT-PC\Grant

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 447438
Threats Detected: 449
Threats Quarantined: 449
Time Elapsed: 30 min, 54 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 11
PUP.Optional.WinYahoo.TskLnk, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{6CEB842B-3C6B-55AB-8DEB-252B5D6BF6AB}, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{F4A91C69-A429-CDE9-15A9-BD69C5296EE9}, Quarantined, [751], [484244],1.0.9036
PUP.Optional.DriverTuner, HKU\S-1-5-21-98693253-3412605275-1652980643-1003\SOFTWARE\DriverTuner, Quarantined, [2920], [469705],1.0.9036
PUP.Optional.DriverTuner, HKU\S-1-5-21-98693253-3412605275-1652980643-1003\SOFTWARE\DriverTuner_Init, Quarantined, [2920], [469705],1.0.9036
PUP.Optional.WinYahoo, HKU\S-1-5-21-98693253-3412605275-1652980643-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BFREPORT, Quarantined, [237], [262014],1.0.9036
PUP.Optional.HermesTab.ChrPRST, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\EHLCEEIJGGPDGFCEFMIPCMDELICKJGFG, Quarantined, [6944], [514922],1.0.9036
PUP.Optional.HermesTab.ChrPRST, HKU\S-1-5-21-98693253-3412605275-1652980643-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\EHLCEEIJGGPDGFCEFMIPCMDELICKJGFG, Quarantined, [6944], [514922],1.0.9036
PUP.Optional.HermesTab.ChrPRST, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ehlceeijggpdgfcefmipcmdelickjgfg, Quarantined, [6944], [514922],1.0.9036
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, HKU\S-1-5-21-98693253-3412605275-1652980643-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, Quarantined, [2043], [183362],1.0.9036

Registry Value: 6
PUP.Optional.NotChromeRun, HKU\S-1-5-21-98693253-3412605275-1652980643-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|GOOGLECHROMEAUTOLAUNCH_8F6DD9B4870666331B33C8C79D3CA7EE, Quarantined, [6834], [241243],1.0.9036
PUP.Optional.WinYahoo, HKU\S-1-5-21-98693253-3412605275-1652980643-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BFREPORT|FILENAME, Quarantined, [237], [262014],1.0.9036
PUP.Optional.HermesTab.ChrPRST, HKU\S-1-5-21-98693253-3412605275-1652980643-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|EHLCEEIJGGPDGFCEFMIPCMDELICKJGFG, Quarantined, [6944], [514922],1.0.9036
PUP.Optional.HermesTab.ChrPRST, HKU\S-1-5-21-98693253-3412605275-1652980643-1004\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|EHLCEEIJGGPDGFCEFMIPCMDELICKJGFG, Quarantined, [6944], [514922],1.0.9036
PUP.Optional.SearchManager, HKU\S-1-5-21-98693253-3412605275-1652980643-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, HKU\S-1-5-21-98693253-3412605275-1652980643-1004\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, Quarantined, [2043], [183362],1.0.9036

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 51
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\HowToRemove, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\USERS\GRANT\APPDATA\LOCAL\{D87EEE22-FCD6-829A-914E-A772B5265BEA}, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\USERS\GRANT\APPDATA\LOCAL\{F54FC313-D1E7-AFAB-BC7F-8A43981776DB}, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\PROGRAMDATA\{569493F7-DCD6-1931-5A10-8773C0520CBD}, Quarantined, [751], [484243],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\PROGRAMDATA\{B13C745F-3B7E-FE99-BDB8-60DB27FAEB15}, Quarantined, [751], [484243],1.0.9036
PUP.Optional.HermesTab.ChrPRST, C:\Users\olls\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehlceeijggpdgfcefmipcmdelickjgfg\1.0.6_0\_metadata, Quarantined, [6944], [514922],1.0.9036
PUP.Optional.HermesTab.ChrPRST, C:\Users\olls\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehlceeijggpdgfcefmipcmdelickjgfg\1.0.6_0, Quarantined, [6944], [514922],1.0.9036
PUP.Optional.HermesTab.ChrPRST, C:\USERS\OLLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\EHLCEEIJGGPDGFCEFMIPCMDELICKJGFG, Quarantined, [6944], [514922],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\converter, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\weather, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\films, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\icons, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\tiles, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\maps, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\_locales\pt_BR, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\fonts, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\_locales\en, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\_locales\fr, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\_locales\hi, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\_locales\vi, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\skin\icons, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\_metadata, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\_locales, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\vendor, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\skin, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\USERS\GRANT\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\sitesThumbnails, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\converter, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\weather, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\icons, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\tiles, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\maps, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\_locales\pt_BR, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\fonts, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\_locales\en, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\_locales\fr, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\_locales\hi, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\_locales\vi, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\skin\icons, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\_metadata, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\_locales, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\vendor, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\skin, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\USERS\GRANT\APPDATA\LOCAL\CHROMIUM\USER DATA\Default\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, Quarantined, [2043], [453140],1.0.9036

File: 381
PUP.Optional.SearchManager, C:\USERS\GRANT\APPDATA\LOCAL\CHROMIUM\USER DATA\DEFAULT\LOCAL STORAGE\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage, Quarantined, [2043], [260989],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\USERS\GRANT\APPDATA\LOCAL\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\ceri, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\HowToRemove\chromium-min.jpg, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\HowToRemove\control panel-min-min.JPG, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\HowToRemove\down.png, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\HowToRemove\ff menu.JPG, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\HowToRemove\ff search engine-min.png, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\HowToRemove\HowToRemove.html, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\HowToRemove\hp-min ff.png, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\HowToRemove\hp-min ie.png, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\HowToRemove\search engine.gif, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\HowToRemove\setup pages.gif, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\HowToRemove\sp-min.png, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\HowToRemove\start-min.jpg, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\HowToRemove\up.png, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\bapi_chmm.dat, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\bapi_ff.dat, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\bapi_ie.dat, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\install.log, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\liso, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\rido, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\sari, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\sato.dat, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\Sqlite3.dll, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\tati.cfg, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\uninst.dat, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{D87EEE22-FCD6-829A-914E-A772B5265BEA}\uninst.exe, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\USERS\GRANT\APPDATA\LOCAL\{F54FC313-D1E7-AFAB-BC7F-8A43981776DB}\ceri, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{F54FC313-D1E7-AFAB-BC7F-8A43981776DB}\bapi_ff.dat, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{F54FC313-D1E7-AFAB-BC7F-8A43981776DB}\bapi_ie.dat, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{F54FC313-D1E7-AFAB-BC7F-8A43981776DB}\feno, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{F54FC313-D1E7-AFAB-BC7F-8A43981776DB}\install.log, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{F54FC313-D1E7-AFAB-BC7F-8A43981776DB}\liso, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{F54FC313-D1E7-AFAB-BC7F-8A43981776DB}\Sqlite3.dll, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{F54FC313-D1E7-AFAB-BC7F-8A43981776DB}\uninst.dat, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{F54FC313-D1E7-AFAB-BC7F-8A43981776DB}\uninst.exe, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\Users\Grant\AppData\Local\{F54FC313-D1E7-AFAB-BC7F-8A43981776DB}\uninstp.dat, Quarantined, [751], [484244],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\PROGRAMDATA\{569493F7-DCD6-1931-5A10-8773C0520CBD}\tini, Quarantined, [751], [484243],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{569493F7-DCD6-1931-5A10-8773C0520CBD}\aowLC, Quarantined, [751], [484243],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{569493F7-DCD6-1931-5A10-8773C0520CBD}\cotofa, Quarantined, [751], [484243],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{569493F7-DCD6-1931-5A10-8773C0520CBD}\hdat1, Quarantined, [751], [484243],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{569493F7-DCD6-1931-5A10-8773C0520CBD}\hdat2, Quarantined, [751], [484243],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{569493F7-DCD6-1931-5A10-8773C0520CBD}\oPkLg, Quarantined, [751], [484243],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{569493F7-DCD6-1931-5A10-8773C0520CBD}\rice.txt, Quarantined, [751], [484243],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\PROGRAMDATA\{B13C745F-3B7E-FE99-BDB8-60DB27FAEB15}\tara, Quarantined, [751], [484243],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{B13C745F-3B7E-FE99-BDB8-60DB27FAEB15}\aowLC, Quarantined, [751], [484243],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{B13C745F-3B7E-FE99-BDB8-60DB27FAEB15}\cotofa, Quarantined, [751], [484243],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{B13C745F-3B7E-FE99-BDB8-60DB27FAEB15}\hdat1, Quarantined, [751], [484243],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{B13C745F-3B7E-FE99-BDB8-60DB27FAEB15}\hdat2, Quarantined, [751], [484243],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{B13C745F-3B7E-FE99-BDB8-60DB27FAEB15}\oPkLg, Quarantined, [751], [484243],1.0.9036
PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{B13C745F-3B7E-FE99-BDB8-60DB27FAEB15}\rice.txt, Quarantined, [751], [484243],1.0.9036
PUP.Optional.HermesTab.ChrPRST, C:\Users\olls\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehlceeijggpdgfcefmipcmdelickjgfg\1.0.6_0\_metadata\verified_contents.json, Quarantined, [6944], [514922],1.0.9036
PUP.Optional.HermesTab.ChrPRST, C:\Users\olls\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehlceeijggpdgfcefmipcmdelickjgfg\1.0.6_0\ctn.js, Quarantined, [6944], [514922],1.0.9036
PUP.Optional.HermesTab.ChrPRST, C:\Users\olls\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehlceeijggpdgfcefmipcmdelickjgfg\1.0.6_0\jquery-3.1.1.min.js, Quarantined, [6944], [514922],1.0.9036
PUP.Optional.HermesTab.ChrPRST, C:\Users\olls\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehlceeijggpdgfcefmipcmdelickjgfg\1.0.6_0\manifest.json, Quarantined, [6944], [514922],1.0.9036
PUP.Optional.HermesTab.ChrPRST, C:\Users\olls\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehlceeijggpdgfcefmipcmdelickjgfg\1.0.6_0\ntab.html, Quarantined, [6944], [514922],1.0.9036
PUP.Optional.HermesTab.ChrPRST, C:\Users\olls\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehlceeijggpdgfcefmipcmdelickjgfg\1.0.6_0\ntab.js, Quarantined, [6944], [514922],1.0.9036
PUP.Optional.HermesTab.ChrPRST, C:\Users\olls\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehlceeijggpdgfcefmipcmdelickjgfg\1.0.6_0\pp.pdf, Quarantined, [6944], [514922],1.0.9036
PUP.Optional.HermesTab.ChrPRST, C:\Users\olls\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehlceeijggpdgfcefmipcmdelickjgfg\1.0.6_0\search.png, Quarantined, [6944], [514922],1.0.9036
PUP.Optional.HermesTab.ChrPRST, C:\Users\olls\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehlceeijggpdgfcefmipcmdelickjgfg\1.0.6_0\searchicon.png, Quarantined, [6944], [514922],1.0.9036
PUP.Optional.HermesTab.ChrPRST, C:\Users\olls\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehlceeijggpdgfcefmipcmdelickjgfg\1.0.6_0\stats.js, Quarantined, [6944], [514922],1.0.9036
PUP.Optional.HermesTab.ChrPRST, C:\Users\olls\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehlceeijggpdgfcefmipcmdelickjgfg\1.0.6_0\style.css, Quarantined, [6944], [514922],1.0.9036
PUP.Optional.HermesTab.ChrPRST, C:\Users\olls\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehlceeijggpdgfcefmipcmdelickjgfg\1.0.6_0\tnc.pdf, Quarantined, [6944], [514922],1.0.9036
PUP.Optional.HermesTab.ChrPRST, C:\USERS\GRANT\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [6944], [514922],1.0.9036
PUP.Optional.HermesTab.ChrPRST, C:\USERS\OLLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [6944], [514922],1.0.9036
PUP.Optional.HermesTab.ChrPRST, C:\USERS\OLLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [6944], [514922],1.0.9036
PUP.Optional.HermesTab.ChrPRST, C:\DOCUMENTS AND SETTINGS\ALL USERS\NTUSER.POL, Quarantined, [6944], [-1],0.0.0
PUP.Optional.HermesTab.ChrPRST, C:\PROGRAMDATA\NTUSER.POL, Quarantined, [6944], [-1],0.0.0
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\fonts\HelveticaNeue-Thin.otf, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\fonts\HelveticaNeueLT-Roman.woff, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\fonts\neue-bold.woff, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\fonts\neue.woff, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\converter\close-FF8A5A.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\converter\collection-9B9B9B.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\converter\collection-FF691E.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\converter\doc-icon-FFFFFF.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\converter\error-FF691E.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\converter\pdf-2-doc-9B9B9B.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\converter\pdf-2-doc-FFFFFF.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\converter\pdf-icon-FFFFFF.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\converter\success-FF8A5A.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\converter\tab-arrow-FF691E.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\converter\upload-FF691E.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\films\amazon-FFFFFF.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\films\amazon.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\films\close.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\films\enlarge-000000-FFFFFF.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\films\enlarge-FFCA00-000000.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\films\hulu-FFFFFF.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\films\hulu.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\films\minimize-000000-FFFFFF.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\films\netflix-FFFFFF.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\films\netflix.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\films\refresh-FFFFFF-000000.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\films\shrink-FFCA00-000000.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\films\shuffle-000000.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\films\shuffle-FFFFFF.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\films\vudu-FFFFFF.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\films\vudu.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\icons\128.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\icons\16.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\icons\48.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\icons\close.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\icons\favicon.ico, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\icons\trends.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\maps\bing-maps-FFFFFF.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\maps\from-to-icon-8881FF.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\maps\google-maps-FFFFFF.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\maps\location-icon-8881FF.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\maps\search-4A4A4A.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\maps\search-8881FF.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\maps\switch-8881FF.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\maps\tab-arrow-8881FF.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\maps\whereto-logo-8881FF.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\maps\whereto-logo-FFFFFF.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails\facebook_tile_v2.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails\aliexpress.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails\aliexpress_tile_v2.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails\amazon.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails\amazon_tile_v2.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails\booking.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails\booking_tile_v2.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails\ebay.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails\ebay_tile_v2.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails\expedia.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails\expedia_tile_v2.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails\facebook.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails\gmail.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails\gmail_tile_v2.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails\google-translate-icon-FFFFFF.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails\gtranslte.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails\pinterest.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails\pinterest_tile_v2.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails\twitter.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails\twitter_tile_v2.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails\wix.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails\wix_tile_v2.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails\yahoo.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails\yahoo_tile_v2.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails\youtube.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sitesThumbnails\youtube_tile_v2.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\tiles\DOC-to-PDF.jpg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\tiles\PDF-to-DOC.jpg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\tiles\Translation.jpg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\tiles\View-PDF.jpg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\weather\01d.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\weather\01n.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\weather\02d.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\weather\02n.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\weather\03d.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\weather\03n.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\weather\04d.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\weather\04n.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\weather\09d.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\weather\09n.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\weather\10d.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\weather\10n.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\weather\11d.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\weather\11n.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\weather\13d.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\weather\13n.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\weather\50d.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\weather\50n.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\down.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\alot.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\angle-arrow-down.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\bing.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\bing_large.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\bluesky-bg.jpg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\brush.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\bt.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\clock.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\cloud.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\cupcake-bg.jpg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\desk-bg.jpg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\doodle.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\enhanced_google.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\eyeglass.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\eyeglass_transparent.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\films-bg.jpg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\gmx_large.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\google.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\google_large.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\hero-bg.jpg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\just-the-box-empty.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\just-the-box.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\mountain-bg.jpg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\pointer2.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\radio-selected.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\radio-unselected.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\sea-bg.jpg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\search-D7D7D7.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\search-FFFFFF.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\settings.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\smallMagnifier.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\star-unselected.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\star.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\todoc.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\toggle-off.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\toggle-on.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\topdf.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\transparent_img.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\yahoo.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\yahoo.svg, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\yahoo_large.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\yandex.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\_enhanced_google.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\_gmx_large.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\bundle.v0.0.1.min.css, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\skin\icons\16.png, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\vendor\md5.min.js, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\vendor\react-dom.min.js, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\vendor\react-with-addons.min.js, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\_locales\en\messages.json, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\_locales\fr\messages.json, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\_locales\hi\messages.json, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\_locales\pt_BR\messages.json, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\_locales\vi\messages.json, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\_metadata\computed_hashes.json, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\_metadata\verified_contents.json, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\2bfc185be71f44cd73ac81511fc1f5a5.woff, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\b495e340f4ef8924fea0284c1bf9e7ac.woff, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\background.html, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\background.v0.0.1.min.js, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\c5a5cbf4dbcaa7064f2bc77f52101aec.otf, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\client.v0.0.1.min.js, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\common.js.v0.0.1.min.js, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\e5d3501d500d07b0a1e952b0f8a81d78.woff, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\e_.json, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\index.html, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\manifest.json, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\responseConfig.json, Quarantined, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\USERS\GRANT\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\USERS\GRANT\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [2043], [183362],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\fonts\HelveticaNeue-Thin.otf, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\fonts\HelveticaNeueLT-Roman.woff, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\fonts\neue-bold.woff, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\fonts\neue.woff, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\converter\close-FF8A5A.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\converter\collection-9B9B9B.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\converter\collection-FF691E.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\converter\doc-icon-FFFFFF.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\converter\error-FF691E.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\converter\pdf-2-doc-9B9B9B.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\converter\pdf-2-doc-FFFFFF.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\converter\pdf-icon-FFFFFF.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\converter\success-FF8A5A.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\converter\tab-arrow-FF691E.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\converter\upload-FF691E.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\icons\128.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\icons\16.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\icons\48.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\icons\close.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\icons\favicon.ico, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\icons\trends.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\maps\bing-maps-FFFFFF.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\maps\from-to-icon-8881FF.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\maps\google-maps-FFFFFF.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\maps\location-icon-8881FF.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\maps\search-4A4A4A.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\maps\search-8881FF.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\maps\switch-8881FF.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\maps\tab-arrow-8881FF.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\maps\whereto-logo-8881FF.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\maps\whereto-logo-FFFFFF.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\sitesThumbnails\aliexpress_tile_v2.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\sitesThumbnails\amazon_tile_v2.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\sitesThumbnails\booking_tile_v2.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\sitesThumbnails\ebay.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\sitesThumbnails\ebay_tile_v2.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\sitesThumbnails\facebook.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\sitesThumbnails\facebook_tile_v2.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\sitesThumbnails\gmail.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\sitesThumbnails\gmail_tile_v2.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\sitesThumbnails\google-translate-icon-FFFFFF.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\sitesThumbnails\gtranslte.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\sitesThumbnails\pinterest.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\sitesThumbnails\twitter.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\sitesThumbnails\twitter_tile_v2.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\sitesThumbnails\wix_tile_v2.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\sitesThumbnails\yahoo.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\sitesThumbnails\yahoo_tile_v2.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\sitesThumbnails\youtube.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\sitesThumbnails\youtube_tile_v2.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\tiles\DOC-to-PDF.jpg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\tiles\PDF-to-DOC.jpg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\tiles\Translation.jpg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\tiles\View-PDF.jpg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\weather\01d.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\weather\01n.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\weather\02d.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\weather\02n.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\weather\03d.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\weather\03n.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\weather\04d.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\weather\04n.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\weather\09d.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\weather\09n.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\weather\10d.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\weather\10n.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\weather\11d.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\weather\11n.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\weather\13d.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\weather\13n.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\weather\50d.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\weather\50n.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\enhanced_google.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\angle-arrow-down.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\bing.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\bing_large.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\bluesky-bg.jpg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\brush.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\bt.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\clock.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\cloud.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\cupcake-bg.jpg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\desk-bg.jpg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\doodle.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\down.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\eyeglass.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\eyeglass_transparent.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\gmx_large.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\google.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\google_large.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\hero-bg.jpg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\just-the-box-empty.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\just-the-box.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\mountain-bg.jpg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\pointer2.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\radio-selected.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\radio-unselected.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\sea-bg.jpg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\search-D7D7D7.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\settings.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\smallMagnifier.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\star-unselected.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\star.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\todoc.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\toggle-off.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\toggle-on.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\topdf.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\transparent_img.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\yahoo.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\yahoo.svg, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\yahoo_large.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\yandex.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\_enhanced_google.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\images\_gmx_large.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\content\bundle.v0.0.1.min.css, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\skin\icons\16.png, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\vendor\md5.min.js, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\vendor\react-dom.min.js, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\vendor\react-with-addons.min.js, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\_locales\en\messages.json, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\_locales\fr\messages.json, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\_locales\hi\messages.json, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\_locales\pt_BR\messages.json, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\_locales\vi\messages.json, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\_metadata\verified_contents.json, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\2bfc185be71f44cd73ac81511fc1f5a5.woff, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\b495e340f4ef8924fea0284c1bf9e7ac.woff, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\background.html, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\background.v0.0.1.min.js, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\c5a5cbf4dbcaa7064f2bc77f52101aec.otf, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\client.v0.0.1.min.js, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\common.js.v0.0.1.min.js, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\e5d3501d500d07b0a1e952b0f8a81d78.woff, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\e_.json, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\index.html, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\manifest.json, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\popupTab2.html, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\popupTab2.js, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.SearchManager, C:\Users\Grant\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.2.65_0\responseConfig.json, Quarantined, [2043], [453140],1.0.9036
PUP.Optional.DriverTuner, C:\$RECYCLE.BIN\S-1-5-21-98693253-3412605275-1652980643-1003\$RLM0EIQ.EXE, Quarantined, [2920], [469706],1.0.9036
PUP.Optional.DriverTuner, C:\USERS\DOM\DOWNLOADS\SETUP.EXE, Quarantined, [2920], [469706],1.0.9036
PUP.Optional.ChipDe, C:\USERS\GRANT\DOWNLOADS\GIMP.EXE, Quarantined, [493], [621518],1.0.9036
PUP.Optional.AirInstaller, C:\USERS\DOM\DOWNLOADS\WINZIP.EXE, Quarantined, [6107], [53819],1.0.9036
PUP.Optional.InstallCore, C:\USERS\GRANT\APPDATA\LOCAL\NEPUMUG\HOCOKOM.EXE, Quarantined, [417], [574764],1.0.9036
Adware.DealPly.IMP, C:\USERS\GRANT\APPDATA\LOCAL\UPDATETASK1\SYNCTASK.EXE, Quarantined, [11144], [518540],1.0.9036
PUP.Optional.SearchManager.BITSRST, C:\USERS\GRANT\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [264], [626729],1.0.9036
PUP.Optional.SearchManager.BITSRST, C:\USERS\GRANT\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [264], [626729],1.0.9036

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)

(end)
 

Attachments

#28 ·
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30.01.2019
Ran by Grant (administrator) on GRANT-PC (30-01-2019 18:30:10)
Running from C:\Users\Grant\Desktop
Loaded Profiles: Grant & (Available Profiles: Grant & DOM & olls & dads iphone)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1901.7-0\MsMpEng.exe
(Telefónica) C:\Program Files (x86)\O2\Connection Manager\ImpWiFiSvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1901.7-0\NisSrv.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [708952 2013-07-08] (Alps Electric Co., Ltd.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3668336 2011-03-24] (Dell Inc.)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [644696 2007-05-14] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2750488 2015-05-15] (CANON INC.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-10-22] (Apple Inc.)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [RoxWatchTray] => c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-26] (Dell, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (CANON INC.)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182410984\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30796352 2018-10-24] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182411155\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182411374\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-98693253-3412605275-1652980643-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2018-11-26] (Apple Inc.)
HKU\S-1-5-21-98693253-3412605275-1652980643-1000\...\Run: [Chromium] => c:\users\grant\appdata\local\chromium\application\chrome.exe [828416 2017-01-25] (The Chromium Authors)
HKU\S-1-5-21-98693253-3412605275-1652980643-1000\...\Run: [Screenpresso] => C:\Users\Grant\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe [13416512 2018-06-21] (Learnpulse)
HKU\S-1-5-21-98693253-3412605275-1652980643-1000\...\Run: [Dashlane] => "C:\Users\Grant\AppData\Roaming\Dashlane\Dashlane.exe" autoLaunchAtStartup
HKU\S-1-5-21-98693253-3412605275-1652980643-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-10-22] (Apple Inc.)
HKU\S-1-5-21-98693253-3412605275-1652980643-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-98693253-3412605275-1652980643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182411760\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2018-11-26] (Apple Inc.)
HKU\S-1-5-21-98693253-3412605275-1652980643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182411760\...\Run: [Chromium] => c:\users\grant\appdata\local\chromium\application\chrome.exe [828416 2017-01-25] (The Chromium Authors)
HKU\S-1-5-21-98693253-3412605275-1652980643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182411760\...\Run: [Screenpresso] => C:\Users\Grant\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe [13416512 2018-06-21] (Learnpulse)
HKU\S-1-5-21-98693253-3412605275-1652980643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182411760\...\Run: [Dashlane] => "C:\Users\Grant\AppData\Roaming\Dashlane\Dashlane.exe" autoLaunchAtStartup
HKU\S-1-5-21-98693253-3412605275-1652980643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182411760\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-10-22] (Apple Inc.)
HKU\S-1-5-21-98693253-3412605275-1652980643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182411760\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-98693253-3412605275-1652980643-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182413229\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-98693253-3412605275-1652980643-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182413654\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-10-22] (Apple Inc.)
HKU\S-1-5-21-98693253-3412605275-1652980643-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182413654\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-98693253-3412605275-1652980643-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182414311\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-10-22] (Apple Inc.)
HKU\S-1-5-21-98693253-3412605275-1652980643-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182414311\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2018-11-26] (Apple Inc.)
HKU\S-1-5-21-98693253-3412605275-1652980643-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182414311\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30796352 2018-10-24] (Garmin Ltd. or its subsidiaries)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-12] (Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-12-29]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{5F62D821-BF4A-4F8A-9056-6DDB6AD5AB2C}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{b46508e4-a841-4acc-aa3b-fc104ba1cc05}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{EA6D2417-1472-4B8F-BC9F-84D99D16DB14}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{f74b3f49-10da-4bbc-8de9-ef1e8d596cbd}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKU\S-1-5-21-98693253-3412605275-1652980643-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182413229\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-gb/?ocid=iehp
HKU\S-1-5-21-98693253-3412605275-1652980643-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182414311\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-gb/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-98693253-3412605275-1652980643-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182414311 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-11-23] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-07-17] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-30] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-30] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/AUW/Core/Player/2020PlayerAX_IKEA_Win32.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-17] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-17] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-17] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-17] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: 09ux9407.default
FF ProfilePath: C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\09ux9407.default [2019-01-24]
FF Extension: (Google Code Correction) - C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\09ux9407.default\features\{a50d5cdc-97ed-4db7-bd26-449a434f3ee1}\google-code-correction@mozilla.org.xpi [2018-12-03] [Legacy]
FF Extension: (Telemetry coverage) - C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\09ux9407.default\features\{a50d5cdc-97ed-4db7-bd26-449a434f3ee1}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-12-03] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon => not found
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-12-29] [Legacy] [not signed]
FF HKU\S-1-5-21-98693253-3412605275-1652980643-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-98693253-3412605275-1652980643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182411760\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-18] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-18] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-07-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-07-17] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-21] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-98693253-3412605275-1652980643-1000: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Grant\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-15] (RocketLife, LLP)
FF Plugin HKU\S-1-5-21-98693253-3412605275-1652980643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182411760: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Grant\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-15] (RocketLife, LLP)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default [2019-01-30]
CHR Extension: (YouTube) - C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-30]
CHR Extension: (Google Search) - C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-07]
CHR Extension: (Google Docs Offline) - C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-19]
CHR Extension: (Google Maps) - C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfoelejpajdgdjldhnpaobkadhhhlmha [2018-08-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR Extension: (Chrome Media Router) - C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-05]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8522536 2018-12-10] (Microsoft Corporation)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2017-08-25] (Foxit Software Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\O2\Connection Manager\ImpWiFiSvc.exe [201080 2011-06-14] (Telefónica)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\NisSrv.exe [4096976 2019-01-24] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MsMpEng.exe [113992 2019-01-24] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-12-04] (Malwarebytes)
S3 huawei_wwanecm; C:\WINDOWS\System32\DRIVERS\ew_juwwanecm.sys [223744 2011-12-02] (Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-01-30] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [126624 2019-01-30] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72536 2019-01-30] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [261032 2019-01-30] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [113016 2019-01-30] (Malwarebytes)
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; c:\program files\dell support center\pcdsrvc_x64.pkms [25072 2012-02-01] (PC-Doctor, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-11] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics Co., Ltd.)
S3 STTub30; C:\WINDOWS\System32\Drivers\STTub30.sys [44184 2012-07-20] (STMicroelectronics)
R3 tilfilter; C:\WINDOWS\System32\drivers\TIxHCIlfilter.sys [34424 2016-08-19] (Texas Instruments, Inc.)
R3 tiufilter; C:\WINDOWS\System32\drivers\TIxHCIufilter.sys [39032 2016-08-19] (Texas Instruments, Inc.)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [44544 2018-04-11] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46488 2019-01-24] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [343032 2019-01-24] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [63480 2019-01-24] (Microsoft Corporation)
U3 aspnet_state; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-30 18:30 - 2019-01-30 18:35 - 000026561 _____ C:\Users\Grant\Desktop\FRST.txt
2019-01-30 18:24 - 2019-01-30 18:24 - 000072536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-01-30 18:23 - 2019-01-30 18:23 - 000126624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-01-30 18:23 - 2019-01-30 18:23 - 000113016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-01-30 14:47 - 2019-01-30 14:47 - 000000000 ____D C:\Users\Grant\AppData\Local\mbamtray
2019-01-30 14:47 - 2019-01-30 14:47 - 000000000 ____D C:\Users\Grant\AppData\Local\mbam
2019-01-30 14:46 - 2019-01-30 18:23 - 000261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-01-30 14:46 - 2019-01-30 14:46 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-01-30 14:45 - 2019-01-30 14:45 - 000001874 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-01-30 14:45 - 2019-01-30 14:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-01-30 14:45 - 2018-12-04 08:09 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-01-30 14:44 - 2019-01-30 14:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-01-30 14:44 - 2019-01-30 14:44 - 000000000 ____D C:\Program Files\Malwarebytes
2019-01-30 14:42 - 2019-01-30 14:42 - 073045560 _____ (Malwarebytes ) C:\Users\Grant\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.527-1.0.9018.exe
2019-01-29 02:12 - 2019-01-29 02:12 - 000005632 _____ C:\Users\Grant\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-01-28 22:34 - 2019-01-28 22:34 - 000000000 ____D C:\Users\Grant\AppData\Local\{AA03731F-FB4B-4449-A5A6-2393DE14C7DA}
2019-01-24 22:01 - 2019-01-24 22:12 - 000000000 ____D C:\AdwCleaner
2019-01-24 21:59 - 2019-01-24 22:00 - 007320272 _____ (Malwarebytes) C:\Users\Grant\Desktop\adwcleaner_7.2.6.0.exe
2019-01-24 01:14 - 2019-01-30 14:41 - 000001677 _____ C:\Users\Grant\Desktop\Fixlog.txt
2019-01-24 00:29 - 2019-01-24 00:30 - 010598624 _____ (McAfee, Inc.) C:\Users\Grant\Downloads\MCPR.exe
2019-01-23 17:43 - 2019-01-23 18:03 - 000000000 ____D C:\Users\Grant\Documents\2019_01_23
2019-01-20 22:48 - 2019-01-30 14:39 - 000000000 ____D C:\Users\Grant\Desktop\FRST-OlderVersion
2019-01-15 16:07 - 2019-01-15 16:07 - 000062823 _____ C:\Users\Grant\Downloads\Addition (1).txt
2019-01-14 00:55 - 2019-01-14 00:56 - 000000000 ____D C:\Users\Grant\Desktop\RC
2019-01-13 21:09 - 2019-01-13 21:09 - 000116237 _____ C:\Users\Grant\Desktop\New - Booting and running very slowly _ Tech Support Guy.html
2019-01-13 17:39 - 2019-01-13 17:39 - 023249476 _____ C:\Users\Grant\Downloads\IMG_0343 (1).xcf
2019-01-13 17:39 - 2019-01-13 17:39 - 000001477 _____ C:\Users\Grant\AppData\Local\recently-used.xbel
2019-01-13 16:49 - 2019-01-13 16:49 - 000000000 ____D C:\Users\Grant\AppData\Roaming\Google
2019-01-13 16:10 - 2019-01-13 16:23 - 000062823 _____ C:\Users\Grant\Downloads\Addition.txt
2019-01-13 15:59 - 2019-01-13 16:23 - 000055392 _____ C:\Users\Grant\Downloads\FRST.txt
2019-01-13 15:56 - 2019-01-30 18:30 - 000000000 ____D C:\FRST
2019-01-13 15:52 - 2019-01-30 14:39 - 002428928 _____ (Farbar) C:\Users\Grant\Desktop\FRST64.exe
2019-01-13 15:22 - 2019-01-13 15:22 - 000000000 ____D C:\Users\Grant\AppData\Local\Avg
2019-01-13 15:22 - 2019-01-13 15:21 - 004146112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgremoverx.exe
2019-01-13 15:15 - 2019-01-13 15:15 - 012068408 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Grant\Downloads\avgclear.exe
2019-01-09 19:41 - 2018-09-20 04:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-01-08 18:47 - 2019-01-01 07:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-08 18:47 - 2019-01-01 06:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-08 18:47 - 2019-01-01 06:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-08 18:47 - 2019-01-01 06:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-08 18:46 - 2019-01-01 13:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-08 18:46 - 2019-01-01 13:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-08 18:46 - 2019-01-01 13:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-08 18:46 - 2019-01-01 07:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-08 18:46 - 2019-01-01 07:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-08 18:46 - 2019-01-01 07:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-08 18:46 - 2019-01-01 07:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-08 18:46 - 2019-01-01 07:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-08 18:46 - 2019-01-01 07:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-08 18:46 - 2019-01-01 07:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-08 18:46 - 2019-01-01 07:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-08 18:46 - 2019-01-01 07:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-08 18:46 - 2019-01-01 07:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-08 18:46 - 2019-01-01 07:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-08 18:46 - 2019-01-01 06:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-08 18:46 - 2019-01-01 06:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-08 18:46 - 2019-01-01 06:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-08 18:46 - 2019-01-01 06:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-08 18:46 - 2019-01-01 06:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-08 18:46 - 2019-01-01 06:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-08 18:46 - 2019-01-01 06:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-08 18:46 - 2019-01-01 06:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-08 18:46 - 2019-01-01 06:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-08 18:46 - 2019-01-01 06:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-08 18:46 - 2019-01-01 06:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-08 18:46 - 2019-01-01 06:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-08 18:46 - 2019-01-01 06:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-08 18:46 - 2019-01-01 06:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-08 18:46 - 2019-01-01 06:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-08 18:46 - 2019-01-01 06:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-08 18:46 - 2019-01-01 06:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-08 18:46 - 2019-01-01 06:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-08 18:46 - 2019-01-01 06:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-08 18:46 - 2019-01-01 06:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-08 18:46 - 2019-01-01 06:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-08 18:46 - 2019-01-01 06:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-08 18:46 - 2019-01-01 06:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-08 18:46 - 2019-01-01 06:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-08 18:46 - 2019-01-01 06:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-08 18:46 - 2019-01-01 06:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-08 18:46 - 2019-01-01 06:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-08 18:46 - 2019-01-01 06:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-08 18:46 - 2019-01-01 06:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-08 18:46 - 2019-01-01 06:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-08 18:46 - 2019-01-01 06:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-08 18:46 - 2018-12-19 04:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-08 18:45 - 2019-01-01 13:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-08 18:45 - 2019-01-01 13:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-08 18:45 - 2019-01-01 13:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-08 18:45 - 2019-01-01 13:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-08 18:45 - 2019-01-01 13:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-08 18:45 - 2019-01-01 13:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-08 18:45 - 2019-01-01 13:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-08 18:45 - 2019-01-01 07:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-08 18:45 - 2019-01-01 07:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-08 18:45 - 2019-01-01 07:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-08 18:45 - 2019-01-01 07:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-08 18:45 - 2019-01-01 07:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-08 18:45 - 2019-01-01 07:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-08 18:45 - 2019-01-01 07:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-08 18:45 - 2019-01-01 07:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-08 18:45 - 2019-01-01 06:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-08 18:45 - 2019-01-01 06:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-08 18:45 - 2019-01-01 06:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-08 18:45 - 2019-01-01 06:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-08 18:45 - 2019-01-01 06:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-08 18:45 - 2019-01-01 06:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-08 18:45 - 2019-01-01 06:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-08 18:45 - 2019-01-01 06:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-08 18:45 - 2019-01-01 06:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-08 18:45 - 2019-01-01 06:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-08 18:45 - 2019-01-01 06:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-08 18:45 - 2019-01-01 06:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-08 18:45 - 2019-01-01 06:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-08 18:45 - 2019-01-01 06:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-08 18:45 - 2019-01-01 06:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-08 18:45 - 2019-01-01 06:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-08 18:45 - 2019-01-01 06:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-08 18:45 - 2019-01-01 06:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-08 18:45 - 2019-01-01 06:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-08 18:45 - 2019-01-01 06:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-08 18:45 - 2019-01-01 06:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-08 18:45 - 2019-01-01 05:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-02 15:53 - 2019-01-02 15:53 - 000760763 _____ C:\Users\Grant\Downloads\Wireless Comfort Desktop 5000 (1).pdf
2019-01-02 15:52 - 2019-01-02 15:52 - 002754747 _____ C:\Users\Grant\Downloads\Microsoft Product Guide.pdf
2018-12-31 19:39 - 2018-12-31 19:41 - 000000000 ____D C:\Users\Grant\Downloads\Taranis

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-30 18:35 - 2018-04-11 23:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-30 18:34 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-30 18:26 - 2018-04-11 23:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-30 18:25 - 2011-12-09 23:07 - 000000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2019-01-30 18:24 - 2016-10-15 03:43 - 000000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2019-01-30 18:24 - 2016-10-15 03:43 - 000000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2019-01-30 18:21 - 2018-08-08 00:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-30 18:20 - 2018-04-11 21:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-01-30 18:18 - 2018-08-11 23:05 - 000000000 ____D C:\Users\Grant\AppData\Local\Nepumug
2019-01-30 18:18 - 2016-10-23 00:05 - 000000000 ____D C:\Users\Grant\AppData\Local\UpdateTask1
2019-01-30 14:30 - 2018-08-07 23:04 - 000881386 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-30 14:30 - 2018-04-11 23:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-30 05:16 - 2018-08-08 00:02 - 000004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F69BA124-9BF0-43B9-8FCE-4B12EF065F50}
2019-01-29 09:28 - 2018-07-10 15:53 - 000000000 ____D C:\ProgramData\Packages
2019-01-28 22:34 - 2015-04-20 17:18 - 000000000 ____D C:\Users\Grant\AppData\Local\Windows Live
2019-01-28 22:32 - 2016-09-20 18:41 - 000000895 _____ C:\Users\Grant\AppData\Roaming\burnaware.ini
2019-01-26 22:25 - 2018-08-08 00:02 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-98693253-3412605275-1652980643-1000
2019-01-26 22:25 - 2018-08-07 23:05 - 000002405 _____ C:\Users\Grant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-26 22:25 - 2015-08-10 19:52 - 000000000 ___RD C:\Users\Grant\OneDrive
2019-01-25 13:09 - 2018-02-19 15:07 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-01-24 22:12 - 2018-08-07 23:05 - 000000000 ____D C:\Users\Grant
2019-01-24 22:12 - 2014-12-29 14:44 - 000000000 ____D C:\Users\Grant\AppData\Roaming\Yahoo!
2019-01-24 21:48 - 2018-08-07 22:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-24 01:47 - 2014-02-04 17:32 - 000000000 ____D C:\Users\Grant\AppData\LocalLow\Temp
2019-01-24 01:17 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2019-01-24 01:17 - 2009-07-14 03:20 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-01-24 01:09 - 2018-08-08 00:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-01-24 01:05 - 2016-11-04 00:05 - 000000224 _____ C:\Users\Grant\AppData\Roaming\WB.CFG
2019-01-21 22:12 - 2018-01-13 14:09 - 000000000 ____D C:\Program Files\rempl
2019-01-20 22:40 - 2018-08-08 00:02 - 000000000 ____D C:\WINDOWS\System32\Tasks\filog
2019-01-17 22:17 - 2013-11-19 03:36 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2019-01-17 22:17 - 2011-12-09 23:01 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2019-01-16 01:18 - 2013-11-22 03:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-01-14 16:13 - 2018-02-20 03:32 - 000000000 ____D C:\Users\Grant\AppData\Local\Packages
2019-01-14 04:07 - 2016-10-24 13:46 - 000000000 ____D C:\Users\Grant\AppData\Roaming\Audacity
2019-01-13 17:39 - 2016-12-05 19:02 - 000000000 ____D C:\Users\Grant\AppData\Local\gtk-2.0
2019-01-13 17:39 - 2016-12-05 18:51 - 000000000 ____D C:\Users\Grant\.gimp-2.8
2019-01-13 15:08 - 2014-11-02 12:34 - 000000000 ____D C:\Users\Grant\AppData\Roaming\Roxio Burn
2019-01-12 23:09 - 2018-04-11 23:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-01-12 22:58 - 2018-04-11 21:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-01-12 22:58 - 2010-11-21 03:27 - 000592616 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-01-11 20:55 - 2018-04-11 23:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-10 22:05 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2019-01-10 13:32 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-10 13:32 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-08 19:22 - 2013-11-19 03:13 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-08 19:09 - 2012-02-12 20:52 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-02 19:41 - 2018-11-23 17:32 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-02 19:41 - 2018-11-23 17:32 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2017-10-23 12:57 - 2017-10-23 12:57 - 000037073 _____ () C:\Program Files (x86)\uninstal.log
2016-09-20 18:41 - 2019-01-28 22:32 - 000000895 _____ () C:\Users\Grant\AppData\Roaming\burnaware.ini
2016-12-03 04:29 - 2016-12-03 04:29 - 000419328 _____ () C:\Users\Grant\AppData\Roaming\Setup16267.exe
2016-11-04 00:05 - 2019-01-24 01:05 - 000000224 _____ () C:\Users\Grant\AppData\Roaming\WB.CFG
2017-12-18 00:05 - 2017-12-18 00:05 - 000000068 _____ () C:\Users\Grant\AppData\Local\2k5n8qbwh2
2019-01-29 02:12 - 2019-01-29 02:12 - 000005632 _____ () C:\Users\Grant\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-12-16 13:05 - 2017-12-18 16:30 - 000000068 _____ () C:\Users\Grant\AppData\Local\oPkLgHcDYt
2015-03-02 21:45 - 2015-03-02 21:45 - 000001549 _____ () C:\Users\Grant\AppData\Local\PDLSetup.20150302.214552.txt
2019-01-13 17:39 - 2019-01-13 17:39 - 000001477 _____ () C:\Users\Grant\AppData\Local\recently-used.xbel
2018-12-18 00:52 - 2018-12-18 00:52 - 000007597 _____ () C:\Users\Grant\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-08-07 22:56

==================== End of FRST.txt ===========================
 
#29 ·
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30.01.2019
Ran by Grant (30-01-2019 18:40:03)
Running from C:\Users\Grant\Desktop
Windows 10 Home Version 1803 17134.523 (X64) (2018-08-08 00:03:55)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-98693253-3412605275-1652980643-500 - Administrator - Disabled)
dads iphone (S-1-5-21-98693253-3412605275-1652980643-1005 - Administrator - Enabled) => C:\Users\dads iphone
DefaultAccount (S-1-5-21-98693253-3412605275-1652980643-503 - Limited - Disabled)
DOM (S-1-5-21-98693253-3412605275-1652980643-1003 - Administrator - Enabled) => C:\Users\DOM
Grant (S-1-5-21-98693253-3412605275-1652980643-1000 - Administrator - Enabled) => C:\Users\Grant
Guest (S-1-5-21-98693253-3412605275-1652980643-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-98693253-3412605275-1652980643-1002 - Limited - Enabled)
olls (S-1-5-21-98693253-3412605275-1652980643-1004 - Administrator - Enabled) => C:\Users\olls
WDAGUtilityAccount (S-1-5-21-98693253-3412605275-1652980643-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{BE930E38-7BB3-45B6-85B2-5251F374F844}) (Version: 6.2.2 - Hewlett-Packard) Hidden
7-Zip 18.00 beta (x64) (HKLM\...\7-Zip) (Version: 18.00 beta - Igor Pavlov)
adbLink version 2.05 (HKLM-x32\...\{05CF1DD3-4A94-4219-B176-BB1796680A6C}_is1) (Version: 2.05 - jocala.com)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
ANT Drivers Installer x64 (HKLM\...\{D559687A-60C5-4786-9429-C21EC195789D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{49F7DD82-FC83-48BF-86C6-CFE6E1E233E1}) (Version: 7.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{1FA68E27-2951-42E8-9F57-1A7F6581B4FD}) (Version: 7.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
BurnAware Free 9.5 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware)
C309g-m (HKLM-x32\...\{E6319C60-D4DF-4D4D-A077-9F46D656E4FB}) (Version: 140.0.690.000 - Hewlett-Packard) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon MG5700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5700_series) (Version: 1.00 - Canon Inc.)
Canon MG5700 series On-screen Manual (HKLM-x32\...\Canon MG5700 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon MG5700 series User Registration (HKLM-x32\...\Canon MG5700 series User Registration) (Version: - ‭Canon Inc.)
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version: - )
Canon MP610 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP610_series) (Version: - )
Canon MP610 series User Registration (HKLM-x32\...\Canon MP610 series User Registration) (Version: - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.1 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version: - )
Chromium (HKU\S-1-5-21-98693253-3412605275-1652980643-1000\...\Chromium) (Version: 58.0.2993.0 - Chromium)
Chromium (HKU\S-1-5-21-98693253-3412605275-1652980643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182411760\...\Chromium) (Version: 58.0.2993.0 - Chromium)
Connection Manager (HKLM-x32\...\O2UK) (Version: 8.7.6.792 - Connection Manager)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.0) (Version: 5.0.0.0 - Coupons.com Incorporated)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Custom Help (HKLM\...\{E01EEE45-7768-4984-BDB2-76F5C5A823BE}) (Version: 15.06.1000.0142 - Intel Corporation) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)
Dell Support Center (HKLM\...\{0090A87C-3E0E-43D4-AA71-A71B06563A4A}) (Version: 3.1.5907.23 - PC-Doctor, Inc.) Hidden
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.23 - Dell Inc.)
Dell System Detect (HKU\S-1-5-21-98693253-3412605275-1652980643-1000\...\73f463568823ebbe) (Version: 6.5.0.6 - Dell)
Dell System Detect (HKU\S-1-5-21-98693253-3412605275-1652980643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182411760\...\73f463568823ebbe) (Version: 6.5.0.6 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.218 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage (HKLM-x32\...\{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
DirectX 9 Runtime (HKLM-x32\...\{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}) (Version: 1.00.0000 - Sonic Solutions) Hidden
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
Elevated Installer (HKLM-x32\...\{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.10.2.18201 - Steinberg Media Technologies GmbH)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.3.2.25013 - Foxit Software Inc.)
Free Opener (HKLM\...\{A1F2C608-32D6-467D-B035-BBEF509042BA}_is1) (Version: 1.4 - EZ Freeware)
Garmin Express (HKLM-x32\...\{95D0EADA-5123-41C0-931A-F37946BC0E8E}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{eab4691c-4022-41cd-8d39-c3097ba62d4b}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKU\S-1-5-21-98693253-3412605275-1652980643-1000\...\HP Photo Creations) (Version: 1.0.0.22192 - HP)
HP Photo Creations (HKU\S-1-5-21-98693253-3412605275-1652980643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182411760\...\HP Photo Creations) (Version: 1.0.0.22192 - HP)
HP Photosmart Premium C309g-m All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{CCD42CCF-9AFF-4BC5-862A-38CCD3C8E8F8}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden
HUAWEI DataCard Driver 4.23.11.00 (HKLM-x32\...\HUAWEI DataCard Driver) (Version: 4.23.11.00 - Huawei technologies Co., Ltd.)
Icecream PDF Converter version 2.74 (HKLM-x32\...\{6811A286-E9F4-4035-9738-7721C087E500}_is1) (Version: 2.74 - Icecream Apps)
iCloud (HKLM\...\{D9044A6D-7B3C-495B-A764-2A4F604ED5E2}) (Version: 7.8.1.12 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6324.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2361 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{781A93CD-1608-427D-B7F0-D05C07795B25}) (Version: 2.1.41.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless Software (HKLM-x32\...\{fae8de85-97ab-4053-a8bb-03bfc86ac533}) (Version: 15.6.1 - Intel Corporation)
iTunes (HKLM\...\{3F702C1B-628F-46FB-A094-56D5404CEE63}) (Version: 12.9.1.4 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
Kodi (HKU\S-1-5-21-98693253-3412605275-1652980643-1000\...\Kodi) (Version: - XBMC-Foundation)
Kodi (HKU\S-1-5-21-98693253-3412605275-1652980643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182411760\...\Kodi) (Version: - XBMC-Foundation)
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Mass Image Compressor V.2 (HKLM-x32\...\{B2A39340-EE1F-4BC4-8538-3F73090CC85C}) (Version: 2.0.0 - Rajput Y H)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.9126.2336 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-98693253-3412605275-1652980643-1000\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-98693253-3412605275-1652980643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182411760\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-98693253-3412605275-1652980643-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182413654\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.36 - mIRC Co. Ltd.)
Mozilla Firefox 51.0.1 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 en-GB)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (HKLM\...\{48C0866E-57EB-444C-8371-8E4321066BC3}) (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9126.2336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.9126.2336 - Microsoft Corporation) Hidden
OpenTX Companion 2.2 (HKLM-x32\...\OpenTX Companion 2.2) (Version: - OpenTX)
paint.net (HKLM\...\{A1D05314-DC32-4668-A97E-51060EC8BCCE}) (Version: 4.0.12 - dotPDN LLC)
PhotoShowExpress (HKLM-x32\...\{3250260C-7A95-4632-893B-89657EB5545B}) (Version: 2.0.063 - Sonic Solutions) Hidden
PS_AIO_06_C309g-m_SW_Min (HKLM-x32\...\{EE177519-70E3-4A94-B8DB-FD0B78D1A47E}) (Version: 140.0.690.000 - Hewlett-Packard) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)
QuickTransfer (HKLM-x32\...\{E517094C-06B6-419F-8FFD-EF4F57972130}) (Version: 140.0.98.000 - Hewlett-Packard) Hidden
RBVirtualFolder64Inst (HKLM\...\{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}) (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
RehearScore (HKLM-x32\...\RehearScore) (Version: - )
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (HKLM\...\{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}) (Version: 1.3.2 - Roxio) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.80.000 - Hewlett-Packard) Hidden
Screenpresso (HKU\S-1-5-21-98693253-3412605275-1652980643-1000\...\Screenpresso) (Version: 1.7.2.0 - Learnpulse)
Screenpresso (HKU\S-1-5-21-98693253-3412605275-1652980643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182411760\...\Screenpresso) (Version: 1.7.2.0 - Learnpulse)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17042.12 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17042.12 - Samsung Electronics Co., Ltd.)
SmartWebPrinting (HKLM-x32\...\{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}) (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM-x32\...\{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}) (Version: 140.0.213.000 - Hewlett-Packard) Hidden
Sonic CinePlayer Decoder Pack (HKLM-x32\...\{9A00EC4E-27E1-42C4-98DD-662F32AC8870}) (Version: 4.3.0 - Sonic Solutions) Hidden
Status (HKLM-x32\...\{2FB9EA69-51D4-4913-9AD5-762C034DE811}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 6.45 - NCH Software)
TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F}) (Version: 1.12.14.0 - Texas Instruments Inc.)
TI USB3 Host Driver (HKLM-x32\...\{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F}) (Version: 1.12.14.0 - Texas Instruments Inc.) Hidden
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
WaveLab LE 7 (64 bit) (HKLM\...\WaveLabLE7_64) (Version: 7.2.1.600 - Steinberg)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-10] (Igor Pavlov)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-08-19] (Foxit Software Inc.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-10-22] (Apple Inc.)
ContextMenuHandlers1: [Roxio Burn] -> {E8CB9D53-A47A-42B5-9F5B-96B037C9DD4C} => c:\Program Files\Roxio\Roxio Burn\RB_ContextMenu64.dll [2010-11-11] (TODO: <Company name>)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-10] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-10] (Igor Pavlov)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-08-19] (Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0DF8F44C-B0E4-48A8-95A1-6BB1029338DE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {112A48A7-D749-4CF9-8357-5E400D867A28} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-12-19] (Microsoft Corporation)
Task: {1BCE380D-8E05-4591-9E48-274561B97292} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1C6FFB3A-A0B9-4006-AE33-D18D628AC4E7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-24] (Microsoft Corporation)
Task: {1D2E3568-C6FD-485D-A84D-AF857D735205} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-24] (Microsoft Corporation)
Task: {23EEE392-9C39-417F-A3E0-E071F5E9A1E0} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2018-10-24] ()
Task: {2CB09D5C-33DB-4172-9C58-5FDDFA3FF1D9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {30CB9B14-929E-4B8B-98C0-6235ADB0C7E9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3B58CFFD-28E3-4556-834C-0682A898590E} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3BCC5623-C5A8-4FC3-86AD-1959498162EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {410290B6-A686-4F76-BBC9-5FFDA26FE89B} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4728F930-A2B5-4980-A420-BAE36E05A501} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {49680FC0-76A8-40DA-8C99-4F5F3B2F34AF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-12-19] (Microsoft Corporation)
Task: {4C8297FF-3C7D-4528-B16A-CF8DB898969B} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {59D7E2A8-D09A-4CC2-B114-1F65E11D4A4C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {67E35EDC-FE41-4A55-A5EC-53480D69ECEA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6C7E0CF0-BBCB-496C-8A49-5AECF10DCBF1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {6D1130BF-7209-4722-A533-ED9C6860DBCD} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-12-19] (Microsoft Corporation)
Task: {737055D8-4BC7-423C-839F-3EE4D67E489C} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7D40C80C-4298-42B1-A1BF-BDF89C346C40} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {809EB142-0FE9-465B-B5A7-0AE08C56F408} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {8D6EFAEE-EEBB-461C-A065-0AD20B51FC31} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {98BFD3B2-D64C-4B45-B46D-F9CA47869038} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9E03A48C-B8CE-4AE2-87AD-99B3ABE59ABB} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A57DDB55-0B6E-40A0-B0A2-17604921BF54} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A60F0A1C-11CA-4A39-8709-0E8D0394704D} - System32\Tasks\GoogleUpdateTaskMachineUA1cf05d349942193 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {A6F3A054-A655-4C4A-9AEE-A243A6CF3B3B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-12-10] (Microsoft Corporation)
Task: {B0145322-1919-48F1-8332-0ED3B053938B} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {B9C09DFB-D73D-48C3-8DC3-AE24E8E59D57} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BD847144-20BB-481E-8ABC-757C2D24C4F6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe [2017-06-20] (Adobe Systems Incorporated)
Task: {BFB55F19-D5B0-44D6-8896-AE107C47700E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {C67ACC88-BFDE-42C6-8109-97E5FB8443FA} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {C8599017-4E8A-4365-A9C2-E6829E790CC7} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {CA1ABBDD-1BD4-487E-92F7-2BBF8DEE3188} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D7CFFFC5-D074-4CD8-AE40-F127A4BFB389} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-12-19] (Microsoft Corporation)
Task: {E5ED132A-78D2-4DE7-88C7-6B07A9FC3CAD} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {E63A9314-EE1B-42FC-9FC2-9C2D92C93A7B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-24] (Microsoft Corporation)
Task: {E7317014-9750-4DE8-8EE6-4A9AD3DDC478} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-24] (Microsoft Corporation)
Task: {EC514D32-DED5-42C7-B245-6542E3C28D5F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {ED506081-FA13-468E-AAD6-8E279C1E1C21} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-12-10] (Microsoft Corporation)
Task: {F852A091-0A7E-4E14-9977-2835A74609AA} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FFEB90EB-8478-4F11-9D7E-7B1174159058} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-12-19] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\Grant\Desktop\Google Maps.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=nfoelejpajdgdjldhnpaobkadhhhlmha
ShortcutWithArgument: C:\Users\Grant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Maps.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=nfoelejpajdgdjldhnpaobkadhhhlmha

==================== Loaded Modules (Whitelisted) ==============

2018-10-21 02:17 - 2018-10-21 02:17 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-10-21 02:17 - 2018-10-21 02:17 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2019-01-30 14:45 - 2018-11-21 11:07 - 002842608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2019-01-30 14:45 - 2018-11-15 11:01 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2011-12-09 23:07 - 2011-08-18 16:05 - 002751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2018-04-11 23:34 - 2018-04-11 23:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-11 23:34 - 2018-04-11 23:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-13 10:55 - 2018-11-09 02:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-01-08 18:46 - 2019-01-01 06:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 000112264 _____ () C:\Windows\System32\IccLibDll_x64.dll
2018-10-22 13:59 - 2018-10-22 13:59 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-10-22 13:59 - 2018-10-22 13:59 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2010-11-17 16:35 - 2010-11-17 16:35 - 000514544 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
2018-10-21 02:17 - 2018-10-21 02:17 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2018-10-21 02:17 - 2018-10-21 02:17 - 001042744 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2018-10-21 02:17 - 2018-10-21 02:17 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2010-11-25 04:44 - 2010-11-25 04:44 - 000375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-98693253-3412605275-1652980643-1000\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-98693253-3412605275-1652980643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182411760\...\dell.com -> dell.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:34 - 2009-06-10 21:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;c:\Program Files (x86)\Common Files\Roxio Shared\OEM\DLLShared\;c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared\;c:\Program Files (x86)\Roxio\OEM\AudioCore\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182411155\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182411374\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-98693253-3412605275-1652980643-1000\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\Dell\Win7 LtBlue 1920x1200.jpg
HKU\S-1-5-21-98693253-3412605275-1652980643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182411760\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\Dell\Win7 LtBlue 1920x1200.jpg
HKU\S-1-5-21-98693253-3412605275-1652980643-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182413229\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\Dell\Win7 LtBlue 1920x1200.jpg
HKU\S-1-5-21-98693253-3412605275-1652980643-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182413654\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\Dell\Win7 LtBlue 1920x1200.jpg
HKU\S-1-5-21-98693253-3412605275-1652980643-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182414311\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\Dell\Win7 LtBlue 1920x1200.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "QuickSet"
HKLM\...\StartupApproved\Run: => "WinZip PreLoader"
HKLM\...\StartupApproved\Run: => "WinZip UN"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "RoxWatchTray"
HKLM\...\StartupApproved\Run32: => "Dell Webcam Central"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKU\S-1-5-21-98693253-3412605275-1652980643-1000\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-98693253-3412605275-1652980643-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-98693253-3412605275-1652980643-1000\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-98693253-3412605275-1652980643-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_8F6DD9B4870666331B33C8C79D3CA7EE"
HKU\S-1-5-21-98693253-3412605275-1652980643-1000\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-98693253-3412605275-1652980643-1000\...\StartupApproved\Run: => "Screenpresso"
HKU\S-1-5-21-98693253-3412605275-1652980643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182411760\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-98693253-3412605275-1652980643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182411760\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-98693253-3412605275-1652980643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182411760\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-98693253-3412605275-1652980643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182411760\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_8F6DD9B4870666331B33C8C79D3CA7EE"
HKU\S-1-5-21-98693253-3412605275-1652980643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182411760\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-98693253-3412605275-1652980643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01302019182411760\...\StartupApproved\Run: => "Screenpresso"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F5095F3C-C103-46DB-A64C-F9CE7954D32D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation)
FirewallRules: [{01F86BC2-4C26-4FE5-B9C3-CE5FF1338231}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{69BF9D5B-9521-4931-A031-B59B87677EBB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{9864B267-F70D-45D6-BBD1-5B6B390BBFB7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation)
FirewallRules: [{A4A66C7F-0EAE-48F4-8FEA-93AF4AA8C8F0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation)
FirewallRules: [{4D5BE06D-2BE5-4B2D-9008-2B3A65703B62}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{1998B05A-5B1E-4A2E-8B84-F886D1DCADA2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{969C6369-D3B4-496E-AB06-DABB6DC0C0AA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{18F8492D-C116-428E-9B73-6C0506C652D1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{1F0628EC-B936-4DF7-9674-A234227BC811}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{94C72EDE-3972-4A79-80E7-CF04A0A4AC9D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [UDP Query User{D914B510-367A-4D49-B8FD-0A9ECBF16467}C:\users\grant\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\grant\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [TCP Query User{B4F3B205-8E85-40CA-B260-E5059E802292}C:\users\grant\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\grant\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [UDP Query User{41A4BFAC-9FCF-4A50-A275-B0B2F81B3079}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation)
FirewallRules: [TCP Query User{83DF489C-67E7-4188-A31B-CD95B7D4D98A}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation)
FirewallRules: [{503404D3-5009-4D9B-9A21-4E4C422D373D}] => (Allow) C:\Program Files (x86)\Dell\VideoStage\VideoStage.exe (CyberLink Corp.)
FirewallRules: [{AB2CB866-B358-49CE-BD32-1C68F5FCCB5E}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe No File
FirewallRules: [{B98FA90B-6A0E-43EF-9FA0-3A207253F272}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{38A553E9-212E-4312-8C4B-98C694454210}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
FirewallRules: [{8A96A9D5-5983-4FE2-946A-0D2E1841EA7F}] => (Allow) LPort=2869
FirewallRules: [{179E66BB-C246-4CDA-A5BA-8CBBB8F0325C}] => (Allow) LPort=1900
FirewallRules: [{5042BC4B-0339-4AF2-8C6E-87ABD38D1C76}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
FirewallRules: [{761F54F6-D8D2-401D-BD2E-EE48476DEF00}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation)
FirewallRules: [{53CEBA17-CCB5-403B-8494-936C1D2A1FBA}] => (Allow) C:\Program Files\dell stage\dell stage\accuweather\accuweather.exe No File
FirewallRules: [{1B53C74E-45C1-4CA7-B6CD-4731DF746A33}] => (Allow) C:\Program Files\dell stage\musicstage\musicstageengine.exe No File
FirewallRules: [{BAFFC007-DBCD-45E6-B13B-63B75863C466}] => (Allow) C:\Program Files\dell stage\dell stage\stage_primary.exe No File
FirewallRules: [{DB0A58AE-93BC-4D60-A788-9F5A06B11732}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe No File
FirewallRules: [{B866CA5D-D092-4AE4-91CC-B4F991E2814A}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe No File
FirewallRules: [{D30D0273-BB1D-47B2-9A8E-5E9F5058C75B}] => (Allow) C:\Users\Grant\AppData\Local\Temp\7zS16BF\setup\hpznui40.exe No File
FirewallRules: [{285C380B-74CA-4478-840D-0BFF0D81A736}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
FirewallRules: [{31AEEA42-2B2E-4950-A9ED-4E25F8A750BF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.)
FirewallRules: [{06E1E9AB-6AF0-4DD6-8986-78AF8D64B9E5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett-Packard Co.)
FirewallRules: [{BCD0E097-F64F-43C8-91F6-03A4B9137625}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett-Packard Co.)
FirewallRules: [{AC1E9DCA-472F-4AD5-A8FE-85668663CD08}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett-Packard Co.)
FirewallRules: [{00E43D41-90CF-4AAB-9D4D-A709D9898675}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett-Packard Co.)
FirewallRules: [{01091FEA-11AC-4142-9FA1-0C92DDFD5ACC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett-Packard Co.)
FirewallRules: [{625CE3D1-65D2-4D17-BE66-FFB95FFF3322}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett-Packard Co.)
FirewallRules: [{EBF26B21-A0AB-4B39-BDE6-E60AFA2B1AFF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett-Packard)
FirewallRules: [{9A4F830B-3790-446B-91B7-811EABD66FAB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett-Packard Co.)
FirewallRules: [{01BDD3C1-386B-46EA-9D64-4AAE9C3142DB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett-Packard Co.)
FirewallRules: [{D7B23048-45AF-4F98-98CA-5C46D1ECF95A}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard)
FirewallRules: [{B3901704-226D-4F31-9AC6-987AD7038435}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe (Hewlett-Packard Co.)
FirewallRules: [{19CECF5D-47F4-4FF0-986F-6E9BB86FA6DA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{83CC43A9-F66A-4B2C-8293-CF691BD9FE06}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{F7E2F706-0D4A-4D8A-8BBD-FE711DE4B1F0}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe No File
FirewallRules: [TCP Query User{3AF7C55B-9F97-4620-A8D2-2CBCE557D1A7}C:\users\grant\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\grant\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [UDP Query User{6F2357F7-FF13-4295-BAD6-72F76DCC95BC}C:\users\grant\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\grant\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [{235241E9-7196-4EA5-BC60-418E1B9EC0C1}] => (Allow) C:\Users\Grant\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors)
FirewallRules: [{36BD7598-CA5E-43CF-B864-B76F87144C04}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
FirewallRules: [{6C5204F2-45B3-4AFB-BA9C-73B72D977932}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
FirewallRules: [{5780FE74-C464-43D5-B9C6-FFE3165279A3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

==================== Restore Points =========================

16-01-2019 01:07:44 Windows Update
21-01-2019 22:08:48 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (01/30/2019 06:26:12 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (5700,D,0) WebCacheLocal: An attempt to read from the file "C:\Users\Grant\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" at offset 425984 (0x0000000000068000) for 32768 (0x00008000) bytes failed after 24.893 seconds with system error 23 (0x00000017): "Data error (cyclic redundancy check). ". The read operation will fail with error -1021 (0xfffffc03). If this error persists then the file may be damaged and may need to be restored from a previous backup.

Error: (01/30/2019 03:09:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SkypeApp.exe version 8.37.0.98 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 37b0

Start Time: 01d4b8a85c717dd5

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeApp.exe

Report Id: 6ff89eb0-d637-4cdb-96c7-dc4fc069801f

Faulting package full name: Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c

Faulting package-relative application ID: App

Error: (01/30/2019 02:36:41 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/30/2019 02:30:11 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (8956,D,0) WebCacheLocal: An attempt to read from the file "C:\Users\Grant\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" at offset 425984 (0x0000000000068000) for 32768 (0x00008000) bytes failed after 14.655 seconds with system error 23 (0x00000017): "Data error (cyclic redundancy check). ". The read operation will fail with error -1021 (0xfffffc03). If this error persists then the file may be damaged and may need to be restored from a previous backup.

Error: (01/30/2019 02:28:49 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (8956,T,0) WebCacheLocal: An attempt to read from the file "C:\Users\Grant\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" at offset 425984 (0x0000000000068000) for 32768 (0x00008000) bytes failed after 22.722 seconds with system error 23 (0x00000017): "Data error (cyclic redundancy check). ". The read operation will fail with error -1021 (0xfffffc03). If this error persists then the file may be damaged and may need to be restored from a previous backup.

Error: (01/30/2019 02:27:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15313

Error: (01/30/2019 02:27:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15313

Error: (01/30/2019 02:27:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

System errors:
=============
Error: (01/30/2019 06:31:29 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/30/2019 06:31:20 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/30/2019 06:27:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscDataProtection
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/30/2019 06:26:11 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/30/2019 06:26:09 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/30/2019 06:26:06 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/30/2019 06:26:03 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/30/2019 06:26:01 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Windows Defender:
===================================
Date: 2019-01-21 00:31:43.368
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?li...hell/Ploty.H&threatid=2147727594&enterprise=0
Name: TrojanDropper:powerShell/Ploty.H
ID: 2147727594
Severity: Severe
Category: Trojan Dropper
Path: amsi:_C:\Windows\SysWOW64\WINDOW~1\v1.0\powershell.exe; amsi:_PowerShell_C:\WINDOWS\SysWOW64\WINDOW~1\v1.0\powershell.exe_10.0.17134.10000000000000001
Detection Origin: Unknown
Detection Type: Concrete
Detection Source: AMSI
Process Name: C:\Windows\SysWOW64\WINDOW~1\v1.0\powershell.exe
Signature Version: AV: 1.283.3380.0, AS: 1.283.3380.0, NIS: 1.283.3380.0
Engine Version: AM: 1.1.15500.2, NIS: 1.1.15500.2

Date: 2019-01-21 00:31:38.295
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?li...hell/Ploty.H&threatid=2147727594&enterprise=0
Name: TrojanDropper:powerShell/Ploty.H
ID: 2147727594
Severity: Severe
Category: Trojan Dropper
Path: amsi:_C:\Windows\SysWOW64\WINDOW~1\v1.0\powershell.exe
Detection Origin: Unknown
Detection Type: Concrete
Detection Source: AMSI
Process Name: C:\Windows\SysWOW64\WINDOW~1\v1.0\powershell.exe
Signature Version: AV: 1.283.3380.0, AS: 1.283.3380.0, NIS: 1.283.3380.0
Engine Version: AM: 1.1.15500.2, NIS: 1.1.15500.2

Date: 2019-01-20 22:34:29.881
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?li...BS/Mutuodo.A&threatid=2147724374&enterprise=0
Name: Trojan:VBS/Mutuodo.A
ID: 2147724374
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Grant\AppData\Local\hodor\Micas.dat
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Grant\AppData\Local\hodor\filog.exe
Signature Version: AV: 1.283.3380.0, AS: 1.283.3380.0, NIS: 1.283.3380.0
Engine Version: AM: 1.1.15500.2, NIS: 1.1.15500.2

Date: 2019-01-20 22:30:06.087
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?li...BS/Mutuodo.A&threatid=2147724374&enterprise=0
Name: Trojan:VBS/Mutuodo.A
ID: 2147724374
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Grant\AppData\Local\hodor\Micas.dat
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Grant\AppData\Local\hodor\filog.exe
Signature Version: AV: 1.283.3221.0, AS: 1.283.3221.0, NIS: 1.283.3221.0
Engine Version: AM: 1.1.15500.2, NIS: 1.1.15500.2

Date: 2019-01-20 22:28:09.205
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?li...BS/Mutuodo.A&threatid=2147724374&enterprise=0
Name: Trojan:VBS/Mutuodo.A
ID: 2147724374
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Grant\AppData\Local\hodor\Micas.dat
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Grant\AppData\Local\hodor\filog.exe
Signature Version: AV: 1.283.3221.0, AS: 1.283.3221.0, NIS: 1.283.3221.0
Engine Version: AM: 1.1.15500.2, NIS: 1.1.15500.2

Date: 2019-01-25 13:10:03.930
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2019-01-13 15:19:58.352
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

CodeIntegrity:
===================================

Date: 2019-01-17 22:31:05.018
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-17 22:31:04.621
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-17 22:31:04.302
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-17 22:31:04.047
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-17 22:27:27.356
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-17 22:27:26.939
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-17 22:27:26.489
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-17 22:27:26.144
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz
Percentage of memory in use: 50%
Total physical RAM: 4002.05 MB
Available physical RAM: 1995.27 MB
Total Virtual: 8098.05 MB
Available Virtual: 6182.32 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:297.96 GB) NTFS

\\?\Volume{c6a3b9c6-22b1-11e1-9cf6-806e6f6e6963}\ (Recovery) (Fixed) (Total:14.65 GB) (Free:6.78 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 47EE8583)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 
#30 ·
Hi Grant58,

My machine is working much faster and now only takes around 5 minutes to boot up.
That's great to hear your computer is working better!

AVG removal tool at the start of my thread on startup my machine now offers dual boot options as per the screenshot below.
Try running the instructions in the second post here. Let me know if that fixes the problem.

Step 1 of 1: ESET Online Scanner
You will need to disable your current installed Anti-Virus for the duration of the online scan, how to do so can be read here.

NOTE: Right-click on your web browse icon and select Run as Administrator from the context menu.
  • Please go here to run the scan by clicking "SCAN NOW" under ESET Online Scanner
  • Then in the lower left-hand corner of the browser window click on esetonlinescanner.exe
  • In the new window that appears select "Run", and then the option Get Started, and if it asks, accept the Terms of Use (if you get a prompt asking if you want this program to make changes to your computer, select Yes)
  • In the new window that appears select the option Get Started
  • Click on "Computer scan", if asked if you want it to make changes, select "Yes"
  • Click on "Full Scan"
  • Now select "Enable ESET to detect and quarantine potentially unwanted applications"
  • The Module updates... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • The scan will finish, now click on "View detailed results", and click on "Save scan log". Save the log to the Desktop
  • Go back to the application window and click on "Continue" until you get to the page with "CLOSE" on it, and ensure the box with "Delete application data on closing" is checked, then click on "Close".
  • Copy/paste the log you saved to your Desktop in your next reply
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

===============================================

When you reply to me, I need to see:
  • Any questions/concerns you might have, or if you were not able to complete any of the steps above
  • The copied and pasted results of the log.txt log, generated by the ESET scan.
 
#31 ·
Hi Joe, Thank you for your time and efforts they are truly appreciated. Your suggested fix for the dual boot problem worked a treat and solved that problem.. Thank you. Here is me ESET scan log:
2/3/2019 9:21:11 AM
Files scanned: 442295
Infected files: 13
Cleaned threats: 13
Total scan time 10:41:38
Scan status: Finished
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application cleaned by deleting
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application cleaned by deleting
C:\Users\Grant\AppData\Roaming\07E263ED-E4C4-5B46-6A52-6AC3845BD1E1\sync.exe a variant of Win32/DealPly.FE.gen potentially unwanted application cleaned by deleting
C:\Users\Grant\AppData\Roaming\kingsoft\office6\update\down\wpsupdate.exe a variant of Win32/KingSoft.D potentially unwanted application cleaned by deleting
C:\Users\Grant\AppData\Roaming\kingsoft\wps\addons\pool\win-i386\fpdata_1.0.0.0\wpsupdate.exe a variant of Win32/KingSoft.D potentially unwanted application cleaned by deleting
C:\Users\Grant\AppData\Roaming\Setup16267.exe a variant of Win32/DealPly.JQ potentially unwanted application cleaned by deleting
C:\Users\Grant\Downloads\dom.flash\Cruzer\Removable Disk\CCLeaner\ccsetup501.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
C:\Users\Grant\Downloads\dom.flash\setup.exe a variant of Win32/UwS.DriverTuner.A application cleaned by deleting
C:\Users\Grant\Downloads\burnaware_free_9.4.exe a variant of Win32/FusionCore.I potentially unwanted application cleaned by deleting
C:\Users\Grant\Downloads\burnaware_free_9.5.exe a variant of Win32/FusionCore.I potentially unwanted application cleaned by deleting
C:\Users\Grant\Downloads\ccsetup501(1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
C:\Users\Grant\Downloads\PS_AIO_06_C309g-m_USW_Full_Win_WW_140_175-4.exe a variant of Win32/Adware.Coupons.AA application cleaned by deleting
C:\Windows\CouponPrinter.ocx a variant of Win32/Adware.Coupons.AA application cleaned by deleting

Many Thanks
Grant
 
#32 ·
Hi Joe, Thank you for your time and efforts they are truly appreciated. Your suggested fix for the dual boot problem worked a treat and solved that problem.. Thank you
You're very welcome! I'm happy to help


Well done!
. Your computer is clean and is ready to be used again
. All of the bad guys have been removed, but please take the time to follow these last steps to clean up the tools we've used throughout the process. It was my pleasure helping you

Now that we are at the end of the disinfection process, the tools that we utilized can now be removed from your machine, since they won't be used again (we hope!). If they need to be, then the most updated versions should be downloaded at that time.

Step 1 of 4: Removing Disinfection Tools with Delfix

This step cleans up the tools we were utilizing and creates a new restore point.

1. Download Delfix by Xplode from here
2. Ensure Remove disinfection tools is ticked
Also tick:
  • Create registry backup
  • Purge system restore

3. Click Run

The program will run for a few moments and then notepad will open with a log. Please copy and paste the log in your next reply.

Step 2 of 4: Malwarebytes

As you have installed Malwarebytes, I recommend that you keep this program and use it to help you stay clean.

The free version will scan your computer and fix the problems it finds but will not provide real-time protection. You must scan regularly to find any threats. If it finds things such as PUP's (Potentially Unwanted Programs) you can delete those with no worries. However, if it finds something like a trojan, come see us.
Consider purchasing the full version for active threat monitoring.

Step 3 of 4: Filehippo Updatechecker (Optional)

Another weapon against malicious programs and viruses is to keeping other programs updated. There are several programs out there that can check for out of date programs on your computer. One is Filehippo. You can run this on a weekly or monthly basis to check your programs for updates and then it will provide a link for you to download them.

Keep Applications Updated using FileHippo
1. Navigate to this website
2. Click on the green "Download This Version" on the right
3. Click on the downloaded file entitled, "AppManagerSetup_1.47"
4. Follow the on-screen instructions
Once installed, FileHippo will prompt you if any updates are available for the applications you currently have installed.

Step 4 of 4: Installation of Unchecky (Optional)

This is a good program that will automatically uncheck any boxes during a software installation. This helps prevent the software from installing any malware that is by default checked while the program is being installed.
  • Click here to be taken to Unchecky.com
  • Click the Download button in the middle of the screen
  • Click Save
  • Once downloaded, right-click the program and select "Run as Administrator"
  • Once open, click the Install button
  • Then click on Finish
  • Unchecky is now installed and will help you keep unwanted check boxes unchecked
 
#33 ·
# DelFix v1.010 - Logfile created 07/02/2019 at 18:44:16
# Updated 26/04/2015 by Xplode
# Username : Grant - GRANT-PC
# Operating System : Windows 10 Home (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Grant\Desktop\FRST-OlderVersion
Deleted : C:\log.txt
Deleted : C:\Users\Grant\Desktop\Addition.txt
Deleted : C:\Users\Grant\Desktop\adwcleaner_7.2.6.0.exe
Deleted : C:\Users\Grant\Desktop\Fixlog.txt
Deleted : C:\Users\Grant\Desktop\FRST.txt
Deleted : C:\Users\Grant\Desktop\FRST64.exe
Deleted : C:\Users\Grant\Downloads\Addition (1).txt
Deleted : C:\Users\Grant\Downloads\Addition.txt
Deleted : C:\Users\Grant\Downloads\FRST.txt

~ Creating registry backup ... OK

~ Cleaning system restore ...


New restore point created !

########## - EOF - ##########

Malwarebytes kept for future use.
Filehippo downloaded
Unchecky installed.

Thank you once again Joe
 
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top