Samson Report post Posted December 8, 2016 Hi, I've downloaded some software, but later i found out it is some type of malware.. For the last two days, cmd is flashing less than a second for every minute or two.. I tried scanning my system and it didn't help me.. My friend suggested to try with smadav, it scanned and it says, that some keys (in registry) are missing.. But i didn't do anything with registry.. And something called "The proxomitron" error is popping sometimes.. Help me with this please.. Share this post Link to post Share on other sites
Juliet Report post Posted December 8, 2016 I'm new to smadav, this an antivirus or a malware scanner? Please download the Malwarebytes Anti-Malware setup file to your Desktop. OR from this location https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ Open mbam-setup.x.x.xxxx.exe (x represents the version #) and follow the prompts to install the programme. On the Dashboard click on Update Now Go to the Setting Tab Under Setting go to Detection and Protection Under PUP and PUM make sure both are set to show Treat Detections as Malware Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked Then on the Dashboard click on Scan Make sure to select THREAT SCAN Then click on Scan Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. If threats are detected, click Remove Selected. If you are prompted to reboot, click Yes. Upon completion of the scan (or after the reboot), click the History tab. Click Application Logs, followed by the first Scan Log. Click Export, followed by Copy to Clipboard. Paste the log in your next reply. ~~~ -AdwCleaner-by Xplode Click on this link to download : ADWCleaner Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop. Do not click on any links in the top Advertisment. Close all open programs and internet browsers. Double click on AdwCleaner.exe to run the tool. Click on Scan. After the scan is complete click on "Clean" Confirm each time with Ok. Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile with your next answer. You can find the logfile at C:\AdwCleaner[s1].txt as well. ~~~~~~~~~~~~~~~~~~~~ Share this post Link to post Share on other sites
Samson Report post Posted December 9, 2016 Hi Juliet, Thank you for the response. I've done every steps you said. I tried to attach them, but it says, its too long for the post. What should i do? Share this post Link to post Share on other sites
Juliet Report post Posted December 9, 2016 You can copy and paste the logs in and if necessary make multiple post. Share this post Link to post Share on other sites
Samson Report post Posted December 9, 2016 (edited) Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 09-12-2016Scan Time: 09:23Logfile:Administrator: Yes Version: 2.2.1.1043Malware Database: v2016.12.09.06Rootkit Database: v2016.11.20.01License: TrialMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: Disabled OS: Windows 10CPU: x64File System: NTFSUser: Sam Scan Type: Threat ScanResult: CompletedObjects Scanned: 437405Time Elapsed: 1 hr, 8 min, 0 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 5Trojan.Dropper, C:\Windows\fhelper.exe, 220, Delete-on-Reboot, [77d3e7fe4159d264eb24646b6e958977]PUP.Optional.MalwareProtection, C:\Users\Samson\AppData\Local\MalwareProtectionLive\MalwareProtectionClient.exe, 1868, Delete-on-Reboot, [ee5cd213bae0f5412bbe654ead53837d]PUP.Optional.WinNetSvc, C:\Users\Samson\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe, 3708, Delete-on-Reboot, [4307b1348a103600e475c6e7956be11f]PUP.Optional.WindowsSecurity.PrxySvrRST, C:\ProgramData\Windows Security\winsecurity.exe, 3752, Delete-on-Reboot, [1535e5000892fc3a23adf5975da57c84]Trojan.Agent.PrxySvrRST, C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe, 4200, Delete-on-Reboot, [dc6e28bd663447efa466f2bbdd23956b] Modules: 2PUP.Optional.WinNetSvc, C:\Users\Samson\AppData\Roaming\WMPNetworkAcSvc\Interface.dll, Delete-on-Reboot, [4307b1348a103600e475c6e7956be11f],PUP.Optional.MalwareProtection, C:\Users\Samson\AppData\Local\MalwareProtectionLive\MPLSettings.dll, Delete-on-Reboot, [07438461fc9e3204061964eb9e6518e8], Registry Keys: 131Trojan.Dropper, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\fhelper, Quarantined, [77d3e7fe4159d264eb24646b6e958977],Rootkit.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\cherimoya, Quarantined, [1e2cfee7d9c13600ba5eaa356c9508f8],PUP.Optional.Komodia, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\zdwfp, Quarantined, [0545885d7a20d95dced249752fd27888],PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Quarantined, [51f97372d4c603330f1571ec33cf60a0],PUP.Optional.Komodia, HKLM\SOFTWARE\CLASSES\APPID\{25B1494D-230A-42CF-BBF6-EC73868D13DC}, Quarantined, [2525fbea3466c0766ca54c1101017e82],PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Quarantined, [34161dc86337cb6b56ce2835da2820e0],PUP.Optional.Komodia, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{25B1494D-230A-42CF-BBF6-EC73868D13DC}, Quarantined, [69e1a243abefe0568190114c42c0c13f],PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Quarantined, [53f79154009a3df936eec59849b96898],PUP.Optional.Komodia, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{25B1494D-230A-42CF-BBF6-EC73868D13DC}, Quarantined, [91b9e203990137ff1af7abb25ca66e92],Adware.Kajajugt, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{7D8DAE88-BC05-4578-8C29-E541FFBA5757}, Quarantined, [ea60ab3a1d7d7cba77b6421b55ad629e],Adware.Kajajugt, HKLM\SOFTWARE\CLASSES\TYPELIB\{14EF423E-3EE8-44AE-9337-07AC3F27B744}, Quarantined, [ea60ab3a1d7d7cba77b6421b55ad629e],Adware.Kajajugt, HKLM\SOFTWARE\CLASSES\INTERFACE\{A9582D7B-F24A-441D-9D26-450D58F3CD17}, Quarantined, [ea60ab3a1d7d7cba77b6421b55ad629e],Adware.Kajajugt, HKLM\SOFTWARE\CLASSES\INTERFACE\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}, Quarantined, [ea60ab3a1d7d7cba77b6421b55ad629e],Adware.Kajajugt, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A9582D7B-F24A-441D-9D26-450D58F3CD17}, Quarantined, [ea60ab3a1d7d7cba77b6421b55ad629e],Adware.Kajajugt, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}, Quarantined, [ea60ab3a1d7d7cba77b6421b55ad629e],Adware.Kajajugt, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{A9582D7B-F24A-441D-9D26-450D58F3CD17}, Quarantined, [ea60ab3a1d7d7cba77b6421b55ad629e],Adware.Kajajugt, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}, Quarantined, [ea60ab3a1d7d7cba77b6421b55ad629e],Adware.Kajajugt, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{14EF423E-3EE8-44AE-9337-07AC3F27B744}, Quarantined, [ea60ab3a1d7d7cba77b6421b55ad629e],Adware.Kajajugt, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{14EF423E-3EE8-44AE-9337-07AC3F27B744}, Quarantined, [ea60ab3a1d7d7cba77b6421b55ad629e],Adware.Kajajugt, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{7D8DAE88-BC05-4578-8C29-E541FFBA5757}, Quarantined, [ea60ab3a1d7d7cba77b6421b55ad629e],PUP.Optional.InstallMonster, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}, Quarantined, [95b56481366424129556e438af51ee12],PUP.Optional.InstallMonster, HKLM\SOFTWARE\CLASSES\rlqf6yh38gx6.DynamicNS, Quarantined, [95b56481366424129556e438af51ee12],PUP.Optional.InstallMonster, HKLM\SOFTWARE\WOW6432NODE\CLASSES\rlqf6yh38gx6.DynamicNS, Quarantined, [95b56481366424129556e438af51ee12],PUP.Optional.InstallMonster, HKLM\SOFTWARE\CLASSES\WOW6432NODE\rlqf6yh38gx6.DynamicNS, Quarantined, [95b56481366424129556e438af51ee12],PUP.Optional.InstallMonster, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}, Quarantined, [95b56481366424129556e438af51ee12],PUP.Optional.WinNetSvc, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WMPNetworkAcSvc, Quarantined, [4307b1348a103600e475c6e7956be11f],PUP.Optional.WindowsSecurity.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsSecurity, Quarantined, [1535e5000892fc3a23adf5975da57c84],PUP.Optional.MalwareProtection, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MalwareProtectionLive, Quarantined, [07438461fc9e3204061964eb9e6518e8],PUP.Optional.SmartPCPrivacyCleanerPro, HKLM\SOFTWARE\SmartPCFixer, Quarantined, [6cde16cf2d6d0432625bfc97cb35b050],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.DataContainer, Quarantined, [e2681cc9891104325e62195b0bf8d729],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.DataContainer.1, Quarantined, [9baf964f3c5e8caa823eea8af112cd33],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.DataController, Quarantined, [0e3c489deeac2214ba06c8ac877c59a7],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.DataController.1, Quarantined, [76d4568f1684d75f893790e4a75c3ec2],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.DataTable, Quarantined, [1e2c6d78f7a3cf67427e96de9d66a25e],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.DataTable.1, Quarantined, [d6746085d0ca280ef6cad4a0758e8878],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.DataTableFields, Quarantined, [cb7f43a25f3bba7c6f51b9bbaf54c937],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.DataTableFields.1, Quarantined, [d57539acfaa03afc754b5024fa09ab55],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.DataTableHolder, Quarantined, [12383fa65545a294744ca2d24eb547b9],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.DataTableHolder.1, Quarantined, [87c3ba2b5f3b33038c34086c47bcba46],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.LSPLogic, Quarantined, [c882f5f0693149ed13ad581cc73ca060],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.LSPLogic.1, Quarantined, [65e5578edcbe0135e5dbb3c145bed32d],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.ReadOnlyManager, Quarantined, [a0aa6283603a0432328e344042c134cc],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.ReadOnlyManager.1, Quarantined, [77d311d4b7e38ea8a51b4f253dc61de3],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.WFPController, Quarantined, [87c3d114f1a9c175754b076ddf24f709],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.WFPController.1, Quarantined, [e466a63fc0da2016d4ecacc87390d927],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\APPID\zdengine.EXE, Quarantined, [87c318cd712985b1724d1e56e41f52ae],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\zdengine.EXE, Quarantined, [c08a786db1e99f976758c5afbf4421df],PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9EB5AB5C-E6F2-4055-98BE-C451D82B427D}, Delete-on-Reboot, [58f209dce7b3e6505366e14a2bd59e62],PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Fakthertuverge Controls, Delete-on-Reboot, [68e2677e306a2511b9e438ef2fd1c63a],PUP.Optional.Navegaki.PrxySvrRST, HKLM\SOFTWARE\RELTEK, Quarantined, [90ba28bd6535231358f482ef020104fc],PUP.Optional.SmartPCPrivacyCleanerPro, HKLM\SOFTWARE\SMARTPCFIXER\Param, Quarantined, [c783e500d7c366d0a5bab3e25aa601ff],PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\mtQuoteex, Quarantined, [cf7b1ec7f4a60333772457959f6407f9],PUP.Optional.SmartPCPrivacyCleanerPro, HKLM\SOFTWARE\WOW6432NODE\SmartPCFixer, Quarantined, [78d21acb267423130cb1d9bacd3358a8],PUP.Optional.Trotux, HKLM\SOFTWARE\WOW6432NODE\trotuxSoftware, Quarantined, [63e78b5a396180b61e5101f822df659b],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.DataContainer, Quarantined, [8fbb786d4f4bb680d5ebe0942dd633cd],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.DataContainer.1, Quarantined, [80cadf061b7f94a20bb57ef6e02337c9],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.DataController, Quarantined, [ab9f33b2f7a3fe389927096b7f844fb1],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.DataController.1, Quarantined, [f654ffe6e3b7b5813d83ef85b05351af],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.DataTable, Quarantined, [de6c7372dac0f0462799730147bc1ee2],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.DataTable.1, Quarantined, [7fcb65805149a5912b9594e0ce3554ac],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.DataTableFields, Quarantined, [54f6ac3994063bfb2997e292f112768a],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.DataTableFields.1, Quarantined, [dc6e08dda9f15adc754b353f06fdd927],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.DataTableHolder, Quarantined, [f85295505f3b6bcbebd5561e4fb4827e],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.DataTableHolder.1, Quarantined, [23277d68f9a138fea818670d06fdc739],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.LSPLogic, Quarantined, [f852f3f223777bbbbd0393e158ab15eb],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.LSPLogic.1, Quarantined, [b9917d68ebaff046546c2153be45a65a],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.ReadOnlyManager, Quarantined, [db6f7c692f6b81b5269ac7adcc37867a],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.ReadOnlyManager.1, Quarantined, [fa50c025188263d3338dd3a1f70cf40c],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.WFPController, Quarantined, [a6a4edf83c5ebd792a96373d8f74d12f],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.WFPController.1, Quarantined, [3d0d3fa61c7ef442d4ec195be32049b7],PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\zdengine.EXE, Quarantined, [400aeafba7f30234c5fab3c180836c94],PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH, Quarantined, [34169253fd9d270fe8d63445e02355ab],PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Quoteex_RASAPI32, Quarantined, [b496dd0832688da9752dc4b95aa9df21],PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Quoteex_RASMANCS, Quarantined, [480204e1c2d83402e4be2459be4560a0],PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Quoteex.exe, Quarantined, [63e7aa3b7f1b1f17bee5a4d943c0aa56],PUP.Optional.OtherSearch, HKLM\SOFTWARE\WOW6432NODE\OTHERSEARCH, Quarantined, [80caf3f21684ec4ad85c50caa15f5ba5],PUP.Optional.SmartPCPrivacyCleanerPro, HKLM\SOFTWARE\WOW6432NODE\SMARTPCFIXER\Param, Quarantined, [27235491edad0e282639a4f1c23ecb35],PUP.Optional.PennyBee, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SAFEBOOT\NETWORK\zdengine, Quarantined, [c4865f861a801422495f166336cd07f9],Rootkit.Komodia.PUA, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SAFEBOOT\NETWORK\zdwfp, Quarantined, [84c65b8a12888bab280f3a456f945ca4],PUP.Optional.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CHNGTSvc, Quarantined, [fa5024c1980265d10ec729dd9a66a15f],PUP.Optional.Komodia.WnskRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\zdengine, Quarantined, [1436875e1288251112afadc7a45f13ed],PUP.Optional.ConvertAd.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SYFUBIXE, Quarantined, [400ad70ee2b8b185fe73bcb8ac571ee2],PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting, Quarantined, [a9a1aa3ba8f28fa7cdd7abd0f60d8e72],PUP.Optional.ProntSpooler, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\ProntSpooler, Quarantined, [94b69c49dcbeb185b846d5a7cf3413ed],PUP.Optional.SafeGuard.ChrPRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\XBOX, Quarantined, [dd6d796c1387b4824725fc95748ed32d],PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\mtQuoteex, Quarantined, [4cfe36af57433600d8c9a9d49c6736ca],PUP.Optional.Tuto4PC, HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\MICROSOFT\wewewe, Quarantined, [1c2e95503d5d11256f57b4d45da37888],PUP.Optional.YTAdBlocker, HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D42C3A49-ABAF-464B-BBCE-991C3DD395E8}, Quarantined, [1436e104cecc191d99a85d46966ac937],PUP.Optional.Linkury, HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{IELNKSRCH}, Quarantined, [c585eef73862b38319a4225762a1728e],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\TYPELIB\{63492C58-6CD7-4FF7-8495-06A6869643EE}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\INTERFACE\{0FF03983-EAA6-4628-8E7C-387B2D4F8EF2}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\INTERFACE\{3A71C84A-1CC4-4201-B037-C81CE118D66F}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\INTERFACE\{432599E9-40CF-41E3-951A-E1E81B7B1D29}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\INTERFACE\{7D215707-3E74-4E0E-A078-2C95E1CDE233}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\INTERFACE\{9295785F-8C01-4ED3-9322-8BE5C17CA141}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\INTERFACE\{B98E44C8-7BB7-4A4A-B8D2-60874CA109B2}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\INTERFACE\{C656BCEB-6B19-4992-9975-D53CEA283356}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\INTERFACE\{D5AC4B9C-8EE4-48AD-A77E-1560AD886A0B}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\INTERFACE\{D6914FD3-FD8E-45AD-8993-901E7B2759FD}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\INTERFACE\{E0106905-0EDD-4F56-BDB5-890A1F6E8F47}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\INTERFACE\{E26E880F-176C-4007-B2A7-B8F27621EC51}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\INTERFACE\{E776B534-9402-4049-87C3-089EC0F54BAF}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\INTERFACE\{FCFBBE24-2ADA-4D6E-A381-DEC6E3EAEE21}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0FF03983-EAA6-4628-8E7C-387B2D4F8EF2}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3A71C84A-1CC4-4201-B037-C81CE118D66F}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{432599E9-40CF-41E3-951A-E1E81B7B1D29}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7D215707-3E74-4E0E-A078-2C95E1CDE233}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9295785F-8C01-4ED3-9322-8BE5C17CA141}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B98E44C8-7BB7-4A4A-B8D2-60874CA109B2}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C656BCEB-6B19-4992-9975-D53CEA283356}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{D5AC4B9C-8EE4-48AD-A77E-1560AD886A0B}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{D6914FD3-FD8E-45AD-8993-901E7B2759FD}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E0106905-0EDD-4F56-BDB5-890A1F6E8F47}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E26E880F-176C-4007-B2A7-B8F27621EC51}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E776B534-9402-4049-87C3-089EC0F54BAF}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FCFBBE24-2ADA-4D6E-A381-DEC6E3EAEE21}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{0FF03983-EAA6-4628-8E7C-387B2D4F8EF2}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{3A71C84A-1CC4-4201-B037-C81CE118D66F}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{432599E9-40CF-41E3-951A-E1E81B7B1D29}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{7D215707-3E74-4E0E-A078-2C95E1CDE233}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9295785F-8C01-4ED3-9322-8BE5C17CA141}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{B98E44C8-7BB7-4A4A-B8D2-60874CA109B2}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C656BCEB-6B19-4992-9975-D53CEA283356}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{D5AC4B9C-8EE4-48AD-A77E-1560AD886A0B}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{D6914FD3-FD8E-45AD-8993-901E7B2759FD}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E0106905-0EDD-4F56-BDB5-890A1F6E8F47}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E26E880F-176C-4007-B2A7-B8F27621EC51}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E776B534-9402-4049-87C3-089EC0F54BAF}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{FCFBBE24-2ADA-4D6E-A381-DEC6E3EAEE21}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{63492C58-6CD7-4FF7-8495-06A6869643EE}, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{63492C58-6CD7-4FF7-8495-06A6869643EE}, Quarantined, [e169c61fc6d490a60e30c362b848b44c], Registry Values: 17PUP.Optional.MalwareProtection, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|MalwareProtectionLive, C:\Users\Samson\AppData\Local\MalwareProtectionLive\MalwareProtectionClient.exe, Quarantined, [ee5cd213bae0f5412bbe654ead53837d]PUP.Optional.Feeder, HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Feeder, C:\Users\Samson\AppData\Local\Feeder\Feeder.exe, Quarantined, [6fdb4f96c5d53006fd235327847c40c0]PUP.Optional.Feeder, HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Mojorojoup, C:\Users\Samson\AppData\Local\Feeder\Feederup.exe, Quarantined, [6fdb4f96c5d53006fd235327847c40c0]PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9EB5AB5C-E6F2-4055-98BE-C451D82B427D}|Path, \Fakthertuverge Controls, Delete-on-Reboot, [58f209dce7b3e6505366e14a2bd59e62]PUP.Optional.Navegaki.PrxySvrRST, HKLM\SOFTWARE\RELTEK|channel, clikmelnin20, Quarantined, [90ba28bd6535231358f482ef020104fc]PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|DisplayName, Search the web, Quarantined, [34169253fd9d270fe8d63445e02355ab]PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|URL, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHCxomeujIo3zSgXIL5jWuOgCjESMi4PwYKpX5iIkVPVMjsikznmq6_GHl8rIxFPVbc6oJF8g25IRByWT3E5Zn-mPUBV4QlqY4HytaFDiXeXrqTasf4h2S9DUAJpOS-gwXzFb79cyZy3c60rabFr9YaI4BiCC48TCRW5iHPaKg,,&q={searchTerms},'>http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHCxomeujIo3zSgXIL5jWuOgCjESMi4PwYKpX5iIkVPVMjsikznmq6_GHl8rIxFPVbc6oJF8g25IRByWT3E5Zn-mPUBV4QlqY4HytaFDiXeXrqTasf4h2S9DUAJpOS-gwXzFb79cyZy3c60rabFr9YaI4BiCC48TCRW5iHPaKg,,&q={searchTerms}, Quarantined, [460418cd554545f106c70c6fc63d9868]PUP.Optional.OtherSearch, HKLM\SOFTWARE\WOW6432NODE\OTHERSEARCH|affid, 1123, Quarantined, [80caf3f21684ec4ad85c50caa15f5ba5]PUP.Optional.ConvertAd.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\syfubixe|ImagePath, C:\Program Files (x86)\4C4C4544-1481101380-4E10-8048-B6C04F353632\knsa7534.tmpfs, Quarantined, [400ad70ee2b8b185fe73bcb8ac571ee2]PUP.Optional.WindowsSecurity.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WINDOWSSECURITY|ImagePath, C:\ProgramData\Windows Security\winsecurity.exe, Quarantined, [78d2b62fb5e51b1bce04a7e5a45e7a86]PUP.Optional.WinNetSvc, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WMPNETWORKACSVC|ImagePath, "C:\Users\Samson\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe", Quarantined, [f55595503c5ed462a2cd61ba06fa7e82]PUP.Optional.SafeGuard.ChrPRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\XBOX|ImagePath, C:\Program Files\XBox\XBLive.exe, Quarantined, [dd6d796c1387b4824725fc95748ed32d]PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\ENVIRONMENT|SNF, C:\ProgramData\Quoteexs\snp.sc, Quarantined, [eb5fecf916841f17f163205a80839d63]PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\ENVIRONMENT|SNP, http://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D?publisher=APSFWakeNet&co=IN&userid=7cd87557-3089-45d6-3a2d-794cc015e7aa&searchtype=sc&installDate=29-11-2016&barcodeid=51198003&channelid=3&av=windows, Quarantined, [5cee38ad6c2e61d5e76e0278c83be11f]PUP.Optional.Linkury, HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|DisplayName, Search the web, Quarantined, [c585eef73862b38319a4225762a1728e]PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|URL, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHCxomeujIo3zSgXIL5jWuOgCjESMi4PwYKpX5iIkVPVMjsikznmq6_GHl8rIxFPVbc6oJF8g25IRByWT3E5Zn-mPUBV4QlqY4HytaFDiXeXrqTasf4h2S9DUAJpOS-gwXzFb79cyZy3c60rabFr9YaI4BiCC48TCRW5iHPaKg,,&q={searchTerms},'>http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHCxomeujIo3zSgXIL5jWuOgCjESMi4PwYKpX5iIkVPVMjsikznmq6_GHl8rIxFPVbc6oJF8g25IRByWT3E5Zn-mPUBV4QlqY4HytaFDiXeXrqTasf4h2S9DUAJpOS-gwXzFb79cyZy3c60rabFr9YaI4BiCC48TCRW5iHPaKg,,&q={searchTerms}, Quarantined, [34164e972f6b6ec86a6107741de613ed]PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHCxomeujIo3zSgXIL5jWuOgCjESMi4PwYKpX5iIkVPVMjsikznmq6_GHl8rIxFPVbc6oJF8g25IRByWT3E5Zn-mPUBV4QlqY4HytaFDiXeXrqTasf4h2S9DUAJpOS-gwXzFb79cyZy3c60rabFr9YaI4BiCC48TCRW5iHPaKg,,&q={searchTerms},'>http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHCxomeujIo3zSgXIL5jWuOgCjESMi4PwYKpX5iIkVPVMjsikznmq6_GHl8rIxFPVbc6oJF8g25IRByWT3E5Zn-mPUBV4QlqY4HytaFDiXeXrqTasf4h2S9DUAJpOS-gwXzFb79cyZy3c60rabFr9YaI4BiCC48TCRW5iHPaKg,,&q={searchTerms}, Quarantined, [93b7ce17c7d33ff7bc10bdbeb74c15eb] Registry Data: 8PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({ielnksrch}),Replaced,[ab9f9e475b3fd462eac75e7036cdc33d]PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHCxomeujIo3zSgXIL5jWuOgCjESMi4PwYKpX5iIkVPVMjsikznmq6_GHl8rIxFPVbc6oJF8g25IRByWT3E5Zn-mPUBV4QlqY4HytaFDiXeXrqTasf4h2S9DUAJpOS-gwXzFb79cyZy3c60rabFr9YaI4BiCC48TCRW5iHPaKg,,&q={searchTerms},'>http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHCxomeujIo3zSgXIL5jWuOgCjESMi4PwYKpX5iIkVPVMjsikznmq6_GHl8rIxFPVbc6oJF8g25IRByWT3E5Zn-mPUBV4QlqY4HytaFDiXeXrqTasf4h2S9DUAJpOS-gwXzFb79cyZy3c60rabFr9YaI4BiCC48TCRW5iHPaKg,,&q={searchTerms}, Good: (www.google.com), Bad: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHCxomeujIo3zSgXIL5jWuOgCjESMi4PwYKpX5iIkVPVMjsikznmq6_GHl8rIxFPVbc6oJF8g25IRByWT3E5Zn-mPUBV4QlqY4HytaFDiXeXrqTasf4h2S9DUAJpOS-gwXzFb79cyZy3c60rabFr9YaI4BiCC48TCRW5iHPaKg,,&q={searchTerms}),Replaced,[eb5f578e53476bcba811bb1327dc37c9]PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHCxomeujIo3zSgXIL5jWuOgCjESMi4PwYKpX5iIkVPVMjsikznmq6_GHl8rIxFPVbc6oJF8g25IRByWT3E5Zn-mPUBV4QlqY4HytaFDiXeXrqTasf4h2S9DUAJpOS-gwXzFb79cyZy3c60rabFr9YaI4BiCC48TCRW5iHPaKg,,&q={searchTerms},'>http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHCxomeujIo3zSgXIL5jWuOgCjESMi4PwYKpX5iIkVPVMjsikznmq6_GHl8rIxFPVbc6oJF8g25IRByWT3E5Zn-mPUBV4QlqY4HytaFDiXeXrqTasf4h2S9DUAJpOS-gwXzFb79cyZy3c60rabFr9YaI4BiCC48TCRW5iHPaKg,,&q={searchTerms}, Good: (www.google.com), Bad: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHCxomeujIo3zSgXIL5jWuOgCjESMi4PwYKpX5iIkVPVMjsikznmq6_GHl8rIxFPVbc6oJF8g25IRByWT3E5Zn-mPUBV4QlqY4HytaFDiXeXrqTasf4h2S9DUAJpOS-gwXzFb79cyZy3c60rabFr9YaI4BiCC48TCRW5iHPaKg,,&q={searchTerms}),Replaced,[43074e974a50e84eb80124aab053f709]PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SearchAssistant, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHCxomeujIo3zSgXIL5jWuOgCjESMi4PwYKpX5iIkVPVMjsikznmq6_GHl8rIxFPVbc6oJF8g25IRByWT3E5Zn-mPUBV4QlqY4HytaFDiXeXrqTasf4h2S9DUAJpOS-gwXzFb79cyZy3c60rabFr9YaI4BiCC48TCRW5iHPaKg,,&q={searchTerms},'>http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHCxomeujIo3zSgXIL5jWuOgCjESMi4PwYKpX5iIkVPVMjsikznmq6_GHl8rIxFPVbc6oJF8g25IRByWT3E5Zn-mPUBV4QlqY4HytaFDiXeXrqTasf4h2S9DUAJpOS-gwXzFb79cyZy3c60rabFr9YaI4BiCC48TCRW5iHPaKg,,&q={searchTerms}, Good: (www.google.com), Bad: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHCxomeujIo3zSgXIL5jWuOgCjESMi4PwYKpX5iIkVPVMjsikznmq6_GHl8rIxFPVbc6oJF8g25IRByWT3E5Zn-mPUBV4QlqY4HytaFDiXeXrqTasf4h2S9DUAJpOS-gwXzFb79cyZy3c60rabFr9YaI4BiCC48TCRW5iHPaKg,,&q={searchTerms}),Replaced,[60ea4a9b9307af879326f9d53cc7a45c]PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHCxomeujIo3zSgXIL5jWuOgCjESMi4PwYKpX5iIkVPVMjsikznmq6_GHl8rIxFPVbc6oJF8g25IRByWT3E5Zn-mPUBV4QlqY4HytaFDiXeXrqTasf4h2S9DUAJpOS-gwXzFb79cyZy3c60rabFr9YaI4BiCC48TCRW5iHPaKg,,&q={searchTerms},'>http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHCxomeujIo3zSgXIL5jWuOgCjESMi4PwYKpX5iIkVPVMjsikznmq6_GHl8rIxFPVbc6oJF8g25IRByWT3E5Zn-mPUBV4QlqY4HytaFDiXeXrqTasf4h2S9DUAJpOS-gwXzFb79cyZy3c60rabFr9YaI4BiCC48TCRW5iHPaKg,,&q={searchTerms}, Good: (www.google.com), Bad: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHCxomeujIo3zSgXIL5jWuOgCjESMi4PwYKpX5iIkVPVMjsikznmq6_GHl8rIxFPVbc6oJF8g25IRByWT3E5Zn-mPUBV4QlqY4HytaFDiXeXrqTasf4h2S9DUAJpOS-gwXzFb79cyZy3c60rabFr9YaI4BiCC48TCRW5iHPaKg,,&q={searchTerms}),Replaced,[a5a57c69b2e8e155a911c6083fc48a76]Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{06a0ac31-98f8-4de3-a221-c8bc977f1566}|NameServer, 104.197.191.4, Good: (), Bad: (104.197.191.4),Replaced,[2a20e2038e0c979f14c271d02fd4e719]Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{26b11a49-585f-4b43-a90c-9af3c3d7b25b}|NameServer, 104.197.191.4, Good: (), Bad: (104.197.191.4),Replaced,[d3779e471c7e92a4eaec360bb54ea858]Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{f34ac72a-7200-4cc9-bbbe-0e6ba8e92a67}|NameServer, 104.197.191.4, Good: (), Bad: (104.197.191.4),Replaced,[1931f3f2485295a153830f324bb81ce4] Folders: 604PUP.Optional.Feeder, C:\Users\Samson\AppData\Local\Feeder, Quarantined, [6fdb4f96c5d53006fd235327847c40c0],Adware.Tuto4PC, C:\Users\Samson\AppData\Local\Temp\9G42Q2QTRZ, Quarantined, [1e2ccd18bdddca6c5ccc4d464cb458a8],PUP.Optional.WinNetSvc, C:\Users\Samson\AppData\Roaming\WMPNetworkAcSvc, Delete-on-Reboot, [4307b1348a103600e475c6e7956be11f],PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler, Quarantined, [fb4f5d88a4f6e650cf2abbcfbe44a957],PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X64, Quarantined, [fb4f5d88a4f6e650cf2abbcfbe44a957],PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X86, Quarantined, [fb4f5d88a4f6e650cf2abbcfbe44a957],PUP.Optional.WindowsSecurity.PrxySvrRST, C:\ProgramData\Windows Security, Delete-on-Reboot, [1535e5000892fc3a23adf5975da57c84],PUP.Optional.MalwareProtection, C:\Users\Samson\AppData\Local\MalwareProtectionLive, Delete-on-Reboot, [07438461fc9e3204061964eb9e6518e8],PUP.Optional.MalwareProtection, C:\Users\Samson\AppData\Local\MalwareProtectionLive\quarantine, Quarantined, [07438461fc9e3204061964eb9e6518e8],PUP.Optional.VBates, C:\Users\Samson\AppData\LocalLow\Company\Product\1.0, Quarantined, [11392fb6f8a2053172b04a069d66c13f],PUP.Optional.VBates, C:\Users\Samson\AppData\LocalLow\Company\Product, Quarantined, [11392fb6f8a2053172b04a069d66c13f],PUP.Optional.Linkury, C:\Windows\Temp\Smartbar, Quarantined, [da70a73e6a300531c9f35722bf4453ad],PUP.Optional.XBLive.ChrPRST, C:\ProgramData\Microsoft\XBLive\Egg, Quarantined, [8fbb22c3fe9cdb5b71a8dca0689b14ec],PUP.Optional.XBLive.ChrPRST, C:\ProgramData\Microsoft\XBLive, Quarantined, [8fbb22c3fe9cdb5b71a8dca0689b14ec],PUP.Optional.OtherSearch, C:\Program Files (x86)\OtherSearch, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.Linkury, C:\ProgramData\NetworkPacketManitor, Quarantined, [90ba6184bbdfe35305bb2840c73938c8],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\Avatars, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\Caps, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\CertificateTransparency, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\CertificateTransparency\171, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\CertificateTransparency\171\_platform_specific, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\CertificateTransparency\171\_platform_specific\all, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\CertificateTransparency\171\_platform_specific\all\sths, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Application Cache, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\databases, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\databases\http_a.thoughtleadr.com_0, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\databases\http_ccm.net_0, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\databases\http_legendas.tv_0, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\databases\http_rapidgator.net_0, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\databases\http_www.business2community.com_0, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\databases\http_www.karaoketexty.cz_0, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\databases\http_www.remintrex.com_0, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\data_reduction_proxy_leveldb, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extension Rules, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extension State, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\akpelnjfckgfiplcikojhomllgombffc, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\akpelnjfckgfiplcikojhomllgombffc\2.6_0, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\akpelnjfckgfiplcikojhomllgombffc\2.6_0\_metadata, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ar, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\bg, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ca, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\cs, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\da, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\de, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\el, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\en_GB, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\en_US, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\es, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\es_419, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\et, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\eu, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fi, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fil, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fr, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\he, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hi, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hr, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hu, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\id, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\it, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ja, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ko, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\lt, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\lv, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ms, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\nl, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\no, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pl, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pt_BR, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pt_PT, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ro, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ru, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sk, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sl, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sr, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sv, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\th, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\tr, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\uk, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\vi, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\zh_CN, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\zh_TW, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_metadata, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ar, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\bg, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ca, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\cs, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\da, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\de, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\el, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\en, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\es, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fi, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fil, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fr, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\he, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hi, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hr, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hu, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\id, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\it, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ja, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ko, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\lt, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\lv, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\nl, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\no, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pl, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pt_BR, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pt_PT, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ro, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ru, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sk, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sl, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sr, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sv, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\th, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\tr, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\uk, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\vi, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\zh_CN, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\zh_TW, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_metadata, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\bnebomooiloblcgoffldpopcffbfjfdi, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\bnebomooiloblcgoffldpopcffbfjfdi\1.42_0, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\bnebomooiloblcgoffldpopcffbfjfdi\1.42_0\_metadata, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\boecmjlgnkaemicnkhobifonddiclkcc, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\boecmjlgnkaemicnkhobifonddiclkcc\1.1_0, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\boecmjlgnkaemicnkhobifonddiclkcc\1.1_0\_metadata, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\gl, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\nl, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\af, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\am, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ar, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\az, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\bg, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\bn, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ca, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\cs, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\da, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\de, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\el, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\en_GB, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\en_US, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\es, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\es_419, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\et, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\eu, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\fa, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\fi, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\fil, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\fr, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\fr_CA, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\gu, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\hi, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\hr, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\hu, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\hy, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\id, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\is, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\it, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\iw, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ja, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ka, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\km, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\kn, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ko, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\lo, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\lt, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\lv, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ml, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\mn, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\mr, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ms, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ne, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\no, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\pl, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\pt_BR, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\pt_PT, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ro, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ru, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45], Edited December 9, 2016 by Samson Share this post Link to post Share on other sites
Samson Report post Posted December 9, 2016 (edited) Files: 2746Trojan.Dropper, C:\Windows\fhelper.exe, Delete-on-Reboot, [77d3e7fe4159d264eb24646b6e958977],PUP.Optional.MalwareProtection, C:\Users\Samson\AppData\Local\MalwareProtectionLive\MalwareProtectionClient.exe, Delete-on-Reboot, [ee5cd213bae0f5412bbe654ead53837d],Rootkit.Agent, C:\Windows\System32\drivers\cherimoya.sys, Delete-on-Reboot, [1e2cfee7d9c13600ba5eaa356c9508f8],PUP.Optional.Komodia, C:\Windows\System32\drivers\zdwfp64.sys, Delete-on-Reboot, [0545885d7a20d95dced249752fd27888],RiskWare.GameHack, C:\Program Files (x86)\Call of Duty Advanced Warfare\steam_api64.dll, Quarantined, [67e36283e6b458de3b7ee32f837dd729],PUP.Optional.Komodia, C:\Program Files (x86)\OtherSearch\zdengine.dll, Quarantined, [103aa441c8d2132314c317a9778a8a76],PUP.Optional.Komodia, C:\Program Files (x86)\OtherSearch\zdengine64.dll, Quarantined, [d37718cd940689ad4f881da36a97da26],PUP.Optional.Komodia, C:\Program Files (x86)\OtherSearch\zdwfp.sys, Quarantined, [a1a9db0a7a2056e0851b902ec938a858],PUP.Optional.Komodia, C:\Program Files (x86)\OtherSearch\zdwfp64.sys, Quarantined, [014929bcf5a59e98d1cfd1ed04fd2ed2],CrackTool.Agent, C:\Windows\System32\steam_api.dll, Quarantined, [c7836e7731693bfbd06341d5df21817f],PUP.Optional.Komodia, C:\Windows\System32\zdengine64.dll, Quarantined, [5eec8362f5a5b97d6374b60a2bd6c937],PUP.Optional.Elex, C:\Windows\SysWOW64\SendRequest Error, Quarantined, [19315293eab053e32d0cca9a21dfb54b],PUP.Optional.Komodia, C:\Windows\SysWOW64\zdengine.VIR, Quarantined, [69e151940397b97d12c56c5403fe0ef2],Trojan.KorAd, C:\Users\Samson\AppData\Local\Temp\KZ7ZData.7z, Quarantined, [3a10ab3a2b6f66d004318f7e02fe53ad],PUP.Optional.ConvertAd, C:\Users\Samson\AppData\Local\Temp\nsm62D9.tmp, Quarantined, [dc6ef2f37327df57433614b4a85b51af],PUP.Optional.BundleInstaller, C:\Users\Samson\AppData\Local\Temp\F3F8.tmp.exe, Quarantined, [68e2fbea2278221468e452649769d52b],PUP.Optional.BundleInstaller, C:\Users\Samson\AppData\Local\Temp\37DA.tmp.exe, Quarantined, [61e9ba2bc9d160d6dd6f9521748c2cd4],PUP.Optional.BundleInstaller, C:\Users\Samson\AppData\Local\Temp\59C6.tmp.exe, Quarantined, [82c8806565350c2a19333383000031cf],PUP.Optional.PCMatic, C:\Users\Samson\Downloads\pcmatic-setup-0002.exe, Quarantined, [cf7bb72e237787af260e1c947789b14f],PUP.Optional.MorePowerfulCleaner, C:\Users\Samson\AppData\Local\MalwareProtectionLive\quarantine\ic-0.117b3315e97624-2d3f9e40-44dc-4183-ab14-b74c42843a01.exe, Quarantined, [ff4bedf89208f244fb64ca1313f0827e],PUP.Optional.MorePowerfulCleaner, C:\Users\Samson\AppData\Local\MalwareProtectionLive\quarantine\ic-0.80bda0b2e13d2-dfc31c70-363e-40d5-b5c0-074ed70f6c1e.exe, Quarantined, [2822fbea712979bd2c33776629da6799],RiskWare.CHP, C:\Windows\hrewnf.exe, Quarantined, [e06ab1348d0db581bbbebaf0d13242be],Trojan.Dropper, C:\Windows\plotpix.exe, Quarantined, [d971a5402c6e79bdce41ce0137cc15eb],RiskWare.CHP, C:\Windows\slp.exe, Quarantined, [37137471a2f8ce687009595118eb2bd5],PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\QvoNix.dll, Quarantined, [a4a6ffe663374ee86b91e55458a86b95],PUP.Optional.Elex, C:\Users\Samson\AppData\Roaming\Ghasetion\Pagasp.dll, Quarantined, [ea608065d8c22511b713085730d00ef2],PUP.Optional.Elex, C:\Windows\System32\Tasks\Fakthertuverge Controls, Quarantined, [d575a24344563ff7af43e94135cbdd23],PUP.Optional.Kuaizip, C:\Windows\System32\drivers\KuaiZipDrive2.sys, Quarantined, [8dbd35b0d4c667cf2abd9cbe3fc19769],PUP.Optional.Feeder, C:\Users\Samson\AppData\Local\Feeder\Feeder.exe, Quarantined, [6fdb4f96c5d53006fd235327847c40c0],PUP.Optional.Feeder, C:\Users\Samson\AppData\Local\Feeder\Feederup.exe, Quarantined, [6fdb4f96c5d53006fd235327847c40c0],PUP.Optional.Feeder, C:\Users\Samson\AppData\Local\Feeder\Interop.SHDocVw.dll, Quarantined, [6fdb4f96c5d53006fd235327847c40c0],PUP.Optional.Feeder, C:\Users\Samson\AppData\Local\Feeder\NDde.dll, Quarantined, [6fdb4f96c5d53006fd235327847c40c0],Adware.Tuto4PC, C:\Users\Samson\AppData\Local\Temp\9G42Q2QTRZ\caster.exe.config.config, Quarantined, [1e2ccd18bdddca6c5ccc4d464cb458a8],Adware.Tuto4PC, C:\Users\Samson\AppData\Local\Temp\9G42Q2QTRZ\asasa.exe, Quarantined, [1e2ccd18bdddca6c5ccc4d464cb458a8],Adware.Tuto4PC, C:\Users\Samson\AppData\Local\Temp\9G42Q2QTRZ\asasa.exe.config.config, Quarantined, [1e2ccd18bdddca6c5ccc4d464cb458a8],Adware.Tuto4PC, C:\Users\Samson\AppData\Local\Temp\9G42Q2QTRZ\cast.config, Quarantined, [1e2ccd18bdddca6c5ccc4d464cb458a8],PUP.Optional.WinNetSvc, C:\Users\Samson\AppData\Roaming\WMPNetworkAcSvc\config.ini, Quarantined, [4307b1348a103600e475c6e7956be11f],PUP.Optional.WinNetSvc, C:\Users\Samson\AppData\Roaming\WMPNetworkAcSvc\Interface.dll, Delete-on-Reboot, [4307b1348a103600e475c6e7956be11f],PUP.Optional.WinNetSvc, C:\Users\Samson\AppData\Roaming\WMPNetworkAcSvc\st.con, Quarantined, [4307b1348a103600e475c6e7956be11f],PUP.Optional.WinNetSvc, C:\Users\Samson\AppData\Roaming\WMPNetworkAcSvc\st.log, Quarantined, [4307b1348a103600e475c6e7956be11f],PUP.Optional.WinNetSvc, C:\Users\Samson\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe, Delete-on-Reboot, [4307b1348a103600e475c6e7956be11f],PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\set.exe.config, Quarantined, [fb4f5d88a4f6e650cf2abbcfbe44a957],PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\Config.json, Quarantined, [fb4f5d88a4f6e650cf2abbcfbe44a957],PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\System.Data.SQLite.dll, Quarantined, [fb4f5d88a4f6e650cf2abbcfbe44a957],PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\System.Data.SQLite.Linq.dll, Quarantined, [fb4f5d88a4f6e650cf2abbcfbe44a957],PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\System.Data.SQLite.xml, Quarantined, [fb4f5d88a4f6e650cf2abbcfbe44a957],PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X64\SQLite.Interop.dll, Quarantined, [fb4f5d88a4f6e650cf2abbcfbe44a957],PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X86\SQLite.Interop.dll, Quarantined, [fb4f5d88a4f6e650cf2abbcfbe44a957],PUP.Optional.WindowsSecurity.PrxySvrRST, C:\ProgramData\Windows Security\winsecurity.exe, Delete-on-Reboot, [1535e5000892fc3a23adf5975da57c84],Trojan.Agent.E, C:\Users\Samson\AppData\Local\Temp\1.tmp.exe, Quarantined, [143639ac53475dd970c287c52dd6748c],Trojan.Agent.E, C:\Users\Samson\AppData\Local\Temp\2.tmp.exe, Quarantined, [83c75c89e5b5af87e74bb795ab58857b],Trojan.Agent.E, C:\Users\Samson\AppData\Local\Temp\3.tmp.exe, Quarantined, [480242a3e0ba7db981b12b215ca726da],Trojan.Agent.E, C:\Users\Samson\AppData\Local\Temp\4.tmp.exe, Quarantined, [81c928bd15854aec062ce765f60da25e],Trojan.Agent.E, C:\Users\Samson\AppData\Local\Temp\5.tmp.exe, Quarantined, [1f2beff6e5b5e84ec07271db60a3857b],Trojan.Agent.E, C:\Users\Samson\AppData\Local\Temp\6.tmp.exe, Quarantined, [c28853925a4063d37cb6410b3ec5ab55],Trojan.Agent.E, C:\Users\Samson\AppData\Local\Temp\7.tmp.exe, Quarantined, [6edc63823c5eee4800324a0213f03cc4],Trojan.Agent.E, C:\Users\Samson\AppData\Local\Temp\8.tmp.exe, Quarantined, [b3977d6827731c1aaf83e26a9d667b85],Trojan.Agent.E, C:\Users\Samson\AppData\Local\Temp\9.tmp.exe, Quarantined, [c08a469fd7c3ef4772c0c08caf5460a0],PUP.Optional.MalwareProtection, C:\Users\Samson\AppData\Local\MalwareProtectionLive\MalwareProtectionClient.exe.config, Quarantined, [07438461fc9e3204061964eb9e6518e8],PUP.Optional.MalwareProtection, C:\Users\Samson\AppData\Local\MalwareProtectionLive\certificates, Quarantined, [07438461fc9e3204061964eb9e6518e8],PUP.Optional.MalwareProtection, C:\Users\Samson\AppData\Local\MalwareProtectionLive\certificates_filter, Quarantined, [07438461fc9e3204061964eb9e6518e8],PUP.Optional.MalwareProtection, C:\Users\Samson\AppData\Local\MalwareProtectionLive\domains, Quarantined, [07438461fc9e3204061964eb9e6518e8],PUP.Optional.MalwareProtection, C:\Users\Samson\AppData\Local\MalwareProtectionLive\DotNetCheck.exe, Quarantined, [07438461fc9e3204061964eb9e6518e8],PUP.Optional.MalwareProtection, C:\Users\Samson\AppData\Local\MalwareProtectionLive\DotNetCheck.exe.config, Quarantined, [07438461fc9e3204061964eb9e6518e8],PUP.Optional.MalwareProtection, C:\Users\Samson\AppData\Local\MalwareProtectionLive\extensions, Quarantined, [07438461fc9e3204061964eb9e6518e8],PUP.Optional.MalwareProtection, C:\Users\Samson\AppData\Local\MalwareProtectionLive\extensions_filter, Quarantined, [07438461fc9e3204061964eb9e6518e8],PUP.Optional.MalwareProtection, C:\Users\Samson\AppData\Local\MalwareProtectionLive\log.txt, Quarantined, [07438461fc9e3204061964eb9e6518e8],PUP.Optional.MalwareProtection, C:\Users\Samson\AppData\Local\MalwareProtectionLive\MPLSettings.dll, Delete-on-Reboot, [07438461fc9e3204061964eb9e6518e8],PUP.Optional.MalwareProtection, C:\Users\Samson\AppData\Local\MalwareProtectionLive\uninstall.exe, Quarantined, [07438461fc9e3204061964eb9e6518e8],PUP.Optional.MalwareProtection, C:\Users\Samson\AppData\Local\MalwareProtectionLive\userinfo.dat, Quarantined, [07438461fc9e3204061964eb9e6518e8],PUP.Optional.MalwareProtection, C:\Users\Samson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Malware Protection Live.lnk, Quarantined, [e367cb1ac1d99d9971af321dc043dd23],PUP.Optional.VBates, C:\Users\Samson\AppData\LocalLow\Company\Product\1.0\localStorageIE.txt, Quarantined, [11392fb6f8a2053172b04a069d66c13f],PUP.Optional.VBates, C:\Users\Samson\AppData\LocalLow\Company\Product\1.0\localStorageIE_backup.txt, Quarantined, [11392fb6f8a2053172b04a069d66c13f],PUP.Optional.Komodia, C:\Windows\Temp\ziengine.ini.log, Quarantined, [0743578ebcdecf6709b0adc7996a916f],PUP.Optional.Komodia, C:\Windows\Temp\zdengine.log, Quarantined, [59f1f0f5eeac2d0908b2d59f1fe47a86],PUP.Optional.Komodia.WnskRST, C:\Windows\System32\zdengineOff.ini, Quarantined, [6ddd3ea7cdcdde58a31bed87b54e0bf5],PUP.Optional.Komodia.WnskRST, C:\Windows\SysWOW64\zdengineOff.ini, Quarantined, [56f4db0a465471c5a915cca8a36001ff],PUP.Optional.Linkury, C:\Users\Samson\AppData\Roaming\md.xml, Quarantined, [66e48560bbdf80b649709dd87f8434cc],PUP.Optional.Linkury, C:\Users\Samson\AppData\Roaming\noah.dat, Quarantined, [7ecc1cc9fc9e1b1b9525b1c4b44f18e8],PUP.Optional.Linkury, C:\Users\Samson\AppData\Roaming\uninstall_temp.ico, Quarantined, [d476a63f1585f24417a40f66f2118977],PUP.Optional.Linkury, C:\Windows\Temp\Smartbar\Groovetom.ico, Quarantined, [da70a73e6a300531c9f35722bf4453ad],PUP.Optional.Linkury.ACMB1, C:\Windows\SysWOW64\findit.xml, Quarantined, [66e4ba2b41592d092f22e7932bd87f81],PUP.Optional.XBLive.ChrPRST, C:\ProgramData\Microsoft\XBLive\Egg\{5xcbdodz0ecf4f6581384491245f93ce161207}.config, Quarantined, [8fbb22c3fe9cdb5b71a8dca0689b14ec],PUP.Optional.Linkury.Gen, C:\Users\Samson\AppData\Roaming\GreenDonstrong.tst, Quarantined, [1832d411603a8caa2838d80f6e951be5],PUP.Optional.OtherSearch, C:\Program Files (x86)\OtherSearch\dlog.txt, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, C:\Program Files (x86)\OtherSearch\freebl3.dll, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, C:\Program Files (x86)\OtherSearch\libnspr4.dll, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, C:\Program Files (x86)\OtherSearch\libplc4.dll, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, C:\Program Files (x86)\OtherSearch\libplds4.dll, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, C:\Program Files (x86)\OtherSearch\nss3.dll, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, C:\Program Files (x86)\OtherSearch\nssckbi.dll, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, C:\Program Files (x86)\OtherSearch\nssdbm3.dll, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, C:\Program Files (x86)\OtherSearch\nssutil3.dll, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, C:\Program Files (x86)\OtherSearch\s.xml, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, C:\Program Files (x86)\OtherSearch\slite.exe, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, C:\Program Files (x86)\OtherSearch\smime3.dll, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, C:\Program Files (x86)\OtherSearch\softokn3.dll, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, C:\Program Files (x86)\OtherSearch\sqlite3.dll, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, C:\Program Files (x86)\OtherSearch\uninstall.exe, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, C:\Program Files (x86)\OtherSearch\zdengine.tlb, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.OtherSearch, C:\Program Files (x86)\OtherSearch\ziengine.ini, Quarantined, [e169c61fc6d490a60e30c362b848b44c],PUP.Optional.Linkury, C:\ProgramData\NetworkPacketManitor\Config.xml, Quarantined, [90ba6184bbdfe35305bb2840c73938c8],PUP.Optional.Linkury, C:\ProgramData\NetworkPacketManitor\Nettrans.exe.config, Quarantined, [90ba6184bbdfe35305bb2840c73938c8],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\First Run, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\Certificate Revocation Lists, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\en-US-6-1.bdic, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\en-US-7-0.bdic, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\en-US-7-1.bdic, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\Local State, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\nacl_validation_cache.bin, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\Safe Browsing Bloom, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\Safe Browsing Bloom Prefix Set, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\Safe Browsing Channel IDs, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\Safe Browsing Channel IDs-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\Safe Browsing Cookies, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\Safe Browsing Cookies-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\Safe Browsing Csd Whitelist, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\Safe Browsing Download, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\Safe Browsing Download Whitelist, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\Safe Browsing Extension Blacklist, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\Safe Browsing IP Blacklist, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\Safe Browsing Module Whitelist, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\Safe Browsing Resource Blacklist, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\Safe Browsing UwS List, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\Safe Browsing UwS List Prefix Set, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\Avatars\avatar_generic.png, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\CertificateTransparency\171\manifest.fingerprint, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\CertificateTransparency\171\manifest.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\CertificateTransparency\171\_platform_specific\all\sths\34bb6ad6c3df9c03eea8a499ff7891486c9d5e5cac92d01f7bfd1bce19db48ef.sth, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\CertificateTransparency\171\_platform_specific\all\sths\41b2dc2e89e63ce4af1ba7bb29bf68c6dee6f9f1cc047e30dffae3b3ba259263.sth, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\CertificateTransparency\171\_platform_specific\all\sths\5614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd.sth, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\CertificateTransparency\171\_platform_specific\all\sths\68f698f81f6482be3a8ceeb9281d4cfc71515d6793d444d10a67acbb4f4ffbc4.sth, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\CertificateTransparency\171\_platform_specific\all\sths\7461b4a09cfb3d41d75159575b2e7649a445a8d27709b0cc564a6482b7eb41a3.sth, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\CertificateTransparency\171\_platform_specific\all\sths\a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc10.sth, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\CertificateTransparency\171\_platform_specific\all\sths\a577ac9ced7548dd8f025b67a241089df86e0f476ec203c2ecbedb185f282638.sth, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\CertificateTransparency\171\_platform_specific\all\sths\ac3b9aed7fa9674757159e6d7d575672f9d98100941e9bdeffeca1313b75782d.sth, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\CertificateTransparency\171\_platform_specific\all\sths\bc78e1dfc5f63c684649334da10fa15f0979692009c081b4f3f6917f3ed9b8a5.sth, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\CertificateTransparency\171\_platform_specific\all\sths\cdb5179b7fc1c046feea31136a3f8f002e6182faf8896fecc8b2f5b5ab604900.sth, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\CertificateTransparency\171\_platform_specific\all\sths\ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc.sth, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\CertificateTransparency\171\_platform_specific\all\sths\ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb.sth, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Affiliation Database, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Affiliation Database-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Bookmarks, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Cookies, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Cookies-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Current Session, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Current Tabs, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Custom Dictionary.txt.backup, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\DownloadMetadata, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extension Cookies, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extension Cookies-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Favicons, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Favicons-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Google Profile Picture.png, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Google Profile.ico, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\History, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\History Provider Cache, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\History-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Last Session, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Last Tabs, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Login Data, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Login Data-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Network Action Predictor, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Network Persistent State, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Origin Bound Certs, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Origin Bound Certs-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Preferences, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\QuotaManager, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\QuotaManager-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\README, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Secure Preferences, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Secure Preferencesgoobackup, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Shortcuts, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Shortcuts-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Top Sites, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Top Sites-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\TransportSecurity, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Visited Links, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Web Data, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Web Data-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\WebRTCIdentityStore, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\WebRTCIdentityStore-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Custom Dictionary.txt, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Network Action Predictor-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Application Cache\Index, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Application Cache\Index-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\databases\Databases.db, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\databases\Databases.db-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\databases\http_a.thoughtleadr.com_0\3, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\databases\http_ccm.net_0\7, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\databases\http_legendas.tv_0\4, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\databases\http_rapidgator.net_0\6, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\databases\http_www.business2community.com_0\2, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\databases\http_www.karaoketexty.cz_0\1, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\databases\http_www.remintrex.com_0\5, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\data_reduction_proxy_leveldb\CURRENT, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\data_reduction_proxy_leveldb\LOCK, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\data_reduction_proxy_leveldb\LOG, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\data_reduction_proxy_leveldb\MANIFEST-000001, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extension Rules\CURRENT, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extension Rules\LOCK, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extension Rules\LOG, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extension Rules\MANIFEST-000001, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extension State\CURRENT, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extension State\LOCK, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extension State\LOG, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extension State\MANIFEST-000001, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\akpelnjfckgfiplcikojhomllgombffc\2.6_0\icon_128.png, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\akpelnjfckgfiplcikojhomllgombffc\2.6_0\manifest.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\akpelnjfckgfiplcikojhomllgombffc\2.6_0\_metadata\verified_contents.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\128.png, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\manifest.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ar\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\bg\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ca\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\cs\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\da\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\de\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\el\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\en_GB\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\en_US\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\es\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\es_419\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\et\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\eu\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fi\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fil\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fr\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\he\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hi\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hr\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hu\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\id\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\it\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ja\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ko\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\lt\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\lv\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ms\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\nl\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\no\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pl\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pt_BR\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pt_PT\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ro\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ru\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sk\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sl\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sr\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sv\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\th\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\tr\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\uk\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\vi\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\zh_CN\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\zh_TW\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_metadata\verified_contents.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\128.png, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\manifest.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ar\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\bg\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ca\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\cs\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\da\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\de\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\el\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\en\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\es\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fi\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fil\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fr\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\he\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hi\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hr\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hu\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\id\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\it\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ja\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ko\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\lt\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\lv\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\nl\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\no\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pl\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pt_BR\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pt_PT\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ro\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ru\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sk\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sl\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sr\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sv\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\th\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\tr\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\uk\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\vi\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\zh_CN\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\zh_TW\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_metadata\verified_contents.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\bnebomooiloblcgoffldpopcffbfjfdi\1.42_0\icon_128.png, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\bnebomooiloblcgoffldpopcffbfjfdi\1.42_0\manifest.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\bnebomooiloblcgoffldpopcffbfjfdi\1.42_0\_metadata\verified_contents.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\boecmjlgnkaemicnkhobifonddiclkcc\1.1_0\manifest.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\boecmjlgnkaemicnkhobifonddiclkcc\1.1_0\mt.png, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\boecmjlgnkaemicnkhobifonddiclkcc\1.1_0\_metadata\verified_contents.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\128.png, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\contentscript_bin_prod.js, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\dasherSettingSchema.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\eventpage_bin_prod.js, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\manifest.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\page_embed_script.js, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\gl\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\nl\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\af\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\am\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ar\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\az\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\bg\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\bn\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ca\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\cs\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\da\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\de\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\el\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\en_GB\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\en_US\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\es\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\es_419\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\et\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\eu\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\fa\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\fi\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\fil\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\fr\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\fr_CA\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\gu\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\hi\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\hr\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\hu\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\hy\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\id\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\is\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\it\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\iw\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ja\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ka\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\km\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\kn\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ko\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\lo\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\lt\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\lv\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ml\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\mn\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\mr\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ms\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ne\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\no\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\pl\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\pt_BR\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\pt_PT\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ro\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ru\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\si\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\sk\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\sl\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\sr\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\sv\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\sw\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ta\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\te\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\th\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\tr\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\uk\messages.json, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\S Edited December 9, 2016 by Samson Share this post Link to post Share on other sites
Samson Report post Posted December 9, 2016 (edited) PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.4shared.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.4shared.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.91mobiles.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.abbreviations.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.abbreviations.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.abcdwap.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.abcdwap.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.abof.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.abof.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.adcomp.in_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.adcomp.in_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.aiomp3.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.aiomp3.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.allocine.fr_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.amazon.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.amazon.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.americanswan.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.americanswan.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.amulbaby.in_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.amulbaby.in_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.android.gs_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.android.gs_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.animeram.io_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.animeram.io_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.apkmirror.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.apkmirror.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.apkxmod.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.armani.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.armani.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.audubon.org_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.audubon.org_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.azlyrics.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.azlyrics.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.babyoye.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.babyoye.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.boredpanda.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.boredpanda.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.britishairways.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.budgetyourtrip.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.budgetyourtrip.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.business2community.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.business2community.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.ca2016.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.ca2016.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.cagukan.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.cagukan.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.canadajobs.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.canadajobs.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.carmeliahaven.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.casio.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.casio.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.casioindiashop.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.casioindiashop.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.celebjihad.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.celebjihad.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.cic.gc.ca_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.cic.gc.ca_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.cisco.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.cisco.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.clashofclans-tools.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_tamilyogi.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_thetruthspy.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_trace.bharatiyamobile.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_tuscantraveler.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_vidmad.tv_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_webcache.googleusercontent.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.91mobiles.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.allocine.fr_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.apkxmod.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.britishairways.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.coinaphoto.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.coinaphoto.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.computerhope.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.computerhope.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.consmumbai.esteri.it_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.consmumbai.esteri.it_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.cookingandme.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.cookingandme.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.couponraja.in_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.couponraja.in_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.cricketcountry.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.cyberfreewishes.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.cyberfreewishes.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.dailymotion.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.dailymotion.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.damnnet.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.damnnet.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.dandeli.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.dandeli.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.datsbrand.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.datsbrand.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.deakin.edu.au_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\https_11b563cb1.webengage.co_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\https_11b563cb1.webengage.co_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\https_11b564323.webengage.co_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\https_11b564323.webengage.co_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\https_58adcbc9.webengage.co_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.dell.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.dell.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.delldriver.net_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.delldriver.net_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.desiretrees.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.desiretrees.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.dll-found.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.dll-found.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.dlldump.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.dlldump.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.dllfiles.org_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.dllfiles.org_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.dominos.co.in_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.driveridentifier.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.driveridentifier.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.driverscape.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.driverscape.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.driversepson.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.driversepson.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.ebay.in_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.ebay.in_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.elrocknomuere.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.elrocknomuere.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.emirates.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.emp4.link_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.emp4.link_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.epicurious.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.epicurious.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.epson.co.in_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.epson.co.in_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.escapistmagazine.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.escapistmagazine.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.europeanbestdestinations.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.europeanbestdestinations.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.fandango.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.fbdown.net_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.fbdown.net_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.festina.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.festina.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.financialexpress.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.financialexpress.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.firstcry.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.firstcry.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.firstpost.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.firstpost.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.flipkart.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.fodors.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.fodors.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.foodnetwork.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.foodnetwork.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.foreignpolicyjournal.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.foreignpolicyjournal.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.fragrancenet.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.fragrancenet.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.freejobalert.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.freejobalert.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.freeworld4u.net_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.gamespot.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.gamespot.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.geforce.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.geforce.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.gefs-online.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.gefs-online.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.gloverzz.net_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.gloverzz.net_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.godtube.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.godtube.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.goodhousekeeping.co.uk_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.goplay.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.goplay.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.grtjewels.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.grtjewels.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.gsmarena.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.gsmarena.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.gullei.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.gullei.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.hacktoolsonline.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.hacktoolsonline.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.healthcaremagic.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.herocoupon.co.in_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.herocoupon.co.in_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.holidayiq.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.holidayiq.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.hongkiat.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.hongkiat.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.howtogeek.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.howtogeek.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.ibtimes.co.in_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.ibtimes.co.in_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.ibtimes.co.uk_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.idmserialkeycrack.net_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.idmserialkeycrack.net_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.imagebon.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.imagebon.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.imdb.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.imdb.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.independent.co.uk_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.independent.co.uk_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.indgovtjobs.in_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.indgovtjobs.in_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.indiaglitz.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.indiatimes.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.indiatimes.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.inspiremore.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.inspiremore.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.iroot.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.iroot.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.israbox.co_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.israbox.co_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.itvarnews.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.itvarnews.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.ixigo.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.clashofclans-tools.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.cricketcountry.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.deakin.edu.au_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.dominos.co.in_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.emirates.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.fandango.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.flipkart.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.freeworld4u.net_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.goodhousekeeping.co.uk_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.healthcaremagic.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.ibtimes.co.uk_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.jabong.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.jabong.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.jeuxvideo.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.jeuxvideo.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.joinindianarmy.nic.in_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.joinindianarmy.nic.in_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.kapkids.in_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.kapkids.in_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.karaoketexty.cz_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.karaoketexty.cz_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.kgun9.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.koovs.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.koovs.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.kraftcanada.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.kraftcanada.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.laptopdriverdownload.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.laptopdriverdownload.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.latestinphotos.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.latestinphotos.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.lenskart.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.lenskart.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.letssingit.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.lg.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.lg.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.lifebuzz.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.lifebuzz.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.lifehack.org_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.lifehack.org_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.lifestylefood.com.au_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.lifestylefood.com.au_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.limeroad.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.limeroad.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.littlethings.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.livemint.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.livemint.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.love-melody.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.love-melody.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.lufthansa.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.lufthansa.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.lyricsinbox.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.lyricsinbox.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.lyricsol.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.lyricsol.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.mapsgalaxy.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.mapsofworld.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.mapsofworld.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.marksandspencer.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.marksandspencer.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.maroon5.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.maroon5.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.meals.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.meals.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.mediafire.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.mediafire.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.medicaldaily.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.mens-den.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.mens-den.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.mensxp.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.mensxp.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.metrolyrics.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.metrolyrics.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.mindset-habits.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.mindset-habits.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.miniclip.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.miniclip.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.misstral.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.mltr-universe.dk_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.mltr-universe.dk_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.mobilenumbertracker.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.mobilenumbertracker.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.montecarlo.in_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.montecarlo.in_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.motorola.in_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.motorola.in_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.movie4k.to_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.movie4k.to_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.moviecrow.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.movieinsider.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.movieinsider.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.mygola.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.mygola.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.myntra.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.myntra.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.myrecipes.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.myrecipes.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.nationsonline.org_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.nationsonline.org_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.naukri.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.ndtv.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.ndtv.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.nextgenupdate.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.nextgenupdate.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.notebookcheck.net_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.notebookcheck.net_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.nuclit.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.nuclit.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.online-convert.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.online-convert.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.opendll.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.opensubtitles.org_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.opensubtitles.org_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.paadalvarigal.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.paadalvarigal.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.paatuvarigal.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.paatuvarigal.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.parents.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.parents.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.paydayloansg.info_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.paydayloansg.info_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.pcadvisor.co.uk_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.pcgamer.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.pcgamer.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.pcworld.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.pcworld.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.picturecorrect.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.picturecorrect.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.pradhanmantriyojana.in_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.pradhanmantriyojana.in_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.pref.com_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.pref.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.programinndir.net_0.localstorage, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.ixigo.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.kgun9.com_0.localstorage-journal, Quarantined, [85c53ea7c3d757df9ffda2d9d32dbb45],PUP.Optional.Elex, C:\Users\Samson\AppData\Local\Aticolyvqage\ChromeDefaultData\Local Storage\http_www.letssingit.com_0.localstorage-journal, Quarantined, Edited December 9, 2016 by Samson Share this post Link to post Share on other sites
Samson Report post Posted December 9, 2016 (edited) These are the things i got from Malwarebyte.. I've found almost 3k+ affected files..The following are from the advcleaner.. AdwCleaner [C0]: # AdwCleaner v6.040 - Logfile created 09/12/2016 at 11:23:53# Updated on 02/12/2016 by Malwarebytes# Database : 2016-12-09.1 [Local]# Operating System : Windows 10 Home (X64)# Username : Sam - LAPTOP-DL6LJGA8# Running from : C:\Users\Samson\Downloads\AdwCleaner.exe# Mode: Clean# Support : https://www.malwarebytes.com/support ***** [ Services ] ***** ***** [ Folders ] ***** [#] Folder deleted on reboot: C:\Users\Samson\AppData\Local\Microsoft\Performance\Monitor[-] Folder deleted: C:\Users\Samson\AppData\Roaming\GameLauncher[-] Folder deleted: C:\Users\Samson\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\chklaanhfefbnpoihckbnefhakgolnmc ***** [ Files ] ***** [-] File deleted: C:\END[-] File deleted: C:\Users\Samson\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_fdckocnfhibclnnkifmjbbogcfkbijki_0.localstorage[-] File deleted: C:\Users\Samson\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Local Storage\chrome-extension_fdckocnfhibclnnkifmjbbogcfkbijki_0.localstorage ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** [-] Key deleted: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK[-] Key deleted: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{425F4ABF-B8E4-402D-9E49-06E494EB8DBF}[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{176F706B-5175-479C-A3DF-32420F6FB01A}[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{38BE2BE8-EB8E-41D1-9D94-3B1697094D47}[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{53C267B2-B01D-410F-A4DD-A32962EE55F4}[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{8804A543-42D3-4D71-9685-B0243D5526F3}[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{A0F322D5-6A13-4CAB-84CF-FABB5690618E}[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{AC3E336C-B524-47F0-9AA2-5F67AA056086}[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{C68E9BB6-3DBD-4C4B-910B-C5D84A7EBB03}[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{F577A1BA-D82D-4BB2-8430-B767285D081D}[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{D42C3A49-ABAF-464B-BBCE-991C3DD395E8}[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{BF8946CD-EEBE-436B-8282-B19A021C9EFE}[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{D8CB24E3-DDA3-4B7F-8BA3-871DB7D3D986}[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{F6DF4318-A699-4E88-BE1D-84F4A009B08A}[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{38DD0B4A-E4E0-4A57-99EE-DCCB185B4728}[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{45965C76-4C88-4512-9358-368483E1C3B1}[-] Key deleted: HKU\.DEFAULT\Software\jhtrsq[-] Key deleted: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\Software\b1.org[-] Key deleted: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\Software\DriverTuner[-] Key deleted: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\Software\DriverTuner_Init[-] Key deleted: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\Software\Installer[-] Key deleted: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\Software\MICROSOFT\OTUT[-] Key deleted: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\Software\SNDA[-] Key deleted: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\Software\GreenTree Applications[#] Key deleted on reboot: HKU\S-1-5-18\Software\jhtrsq[#] Key deleted on reboot: HKCU\Software\b1.org[#] Key deleted on reboot: HKCU\Software\DriverTuner[#] Key deleted on reboot: HKCU\Software\DriverTuner_Init[#] Key deleted on reboot: HKCU\Software\Installer[#] Key deleted on reboot: HKCU\Software\MICROSOFT\OTUT[#] Key deleted on reboot: HKCU\Software\SNDA[#] Key deleted on reboot: HKCU\Software\GreenTree Applications[-] Key deleted: HKLM\SOFTWARE\b1.org[-] Key deleted: HKLM\SOFTWARE\SkypeUpdateEx[-] Key deleted: HKLM\SOFTWARE\jhtrsq[-] Key deleted: HKLM\SOFTWARE\WMPNetworkAcSvc[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}[#] Key deleted on reboot: [x64] HKCU\Software\b1.org[#] Key deleted on reboot: [x64] HKCU\Software\DriverTuner[#] Key deleted on reboot: [x64] HKCU\Software\DriverTuner_Init[#] Key deleted on reboot: [x64] HKCU\Software\Installer[#] Key deleted on reboot: [x64] HKCU\Software\MICROSOFT\OTUT[#] Key deleted on reboot: [x64] HKCU\Software\SNDA[#] Key deleted on reboot: [x64] HKCU\Software\GreenTree Applications[-] Key deleted: [x64] HKLM\SOFTWARE\b1.org[-] Key deleted: [x64] HKLM\SOFTWARE\jhtrsq[-] Data restored: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default][-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bestpriceninja.com[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\nps.pastaleads.com[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pastaleads.com[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pstatic.bestpriceninja.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\azlyrics.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\computer-repair-free.en.softonic.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\jobs.trovit.co.in[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\lyricsinbox.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\metrolyrics.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pc-fix.en.softonic.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\revo-uninstaller.en.softonic.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\search.azlyrics.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\solvusoft.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\trovilavoro.it[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\trovit.co.in[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\utop.it[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\vlc-media-player.en.softonic.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.azlyrics.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\azlyrics.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\computer-repair-free.en.softonic.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\jobs.trovit.co.in[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\lyricsinbox.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\metrolyrics.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pc-fix.en.softonic.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\revo-uninstaller.en.softonic.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\search.azlyrics.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\solvusoft.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\trovilavoro.it[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\trovit.co.in[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\utop.it[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\vlc-media-player.en.softonic.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.azlyrics.com[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bestpriceninja.com[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\nps.pastaleads.com[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pastaleads.com[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pstatic.bestpriceninja.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\azlyrics.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\computer-repair-free.en.softonic.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\jobs.trovit.co.in[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\lyricsinbox.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\metrolyrics.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pc-fix.en.softonic.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\revo-uninstaller.en.softonic.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\search.azlyrics.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\solvusoft.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\trovilavoro.it[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\trovit.co.in[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\utop.it[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\vlc-media-player.en.softonic.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.azlyrics.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\azlyrics.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\computer-repair-free.en.softonic.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\jobs.trovit.co.in[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\lyricsinbox.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\metrolyrics.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pc-fix.en.softonic.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\revo-uninstaller.en.softonic.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\search.azlyrics.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\solvusoft.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\trovilavoro.it[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\trovit.co.in[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\utop.it[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\vlc-media-player.en.softonic.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.azlyrics.com[-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [MalwareProtectionLive][-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [gplyra][-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [DiskPower][-] Value deleted: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [svchost0][-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [app][-] Key deleted: HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers\KuaiZip2ShlExt[-] Key deleted: HKEY_CLASSES_ROOT\Drive\shellex\ContextMenuHandlers\KuaiZip2ShlExt ***** [ Web browsers ] ***** [-] [C:\Users\Samson\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] [search Provider] Deleted: winrar-64bit.en.softonic.com[-] [C:\Users\Samson\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] [search Provider] Deleted: daemon-search.com[-] [C:\Users\Samson\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] [search Provider] Deleted: mystartsearch.com[-] [C:\Users\Samson\AppData\Local\Google\Chrome\User Data\Profile 1] [homepage] Deleted: hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHCxomeujIo3zSgXIL5jWuOgCjESMi4PwYKpX5iIkVPVMjsikznmq6_GHl8rIxFPVbc6oJF8g25IRByWVHutay-2l5feaLC6DEVQcJzOVmkzWZAobEHBHTp85V174SxshVZ41MIxl7q0jloO1ot4QK17__iWLUpx1wtt9js68Q,,[-] [C:\Users\Samson\AppData\Local\Google\Chrome\User Data\ChromeDefaultData] [startup_urls] Deleted: hxxp://www.trotux.com/?z=6676c3bde8f0b0aa5258172g5z8mcw7qat2c4w1g2m&from=isr&uid=TOSHIBAXMQ01ABD100_X5M8SQZ3SXXX5M8SQZ3S&type=hp[-] [C:\Users\Samson\AppData\Local\Google\Chrome\User Data\ChromeDefaultData] [extension] Deleted: chklaanhfefbnpoihckbnefhakgolnmc ************************* :: "Tracing" keys deleted:: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [24588 Bytes] - [09/12/2016 11:23:53]C:\AdwCleaner\AdwCleaner[s0].txt - [24678 Bytes] - [09/12/2016 10:40:31]C:\AdwCleaner\AdwCleaner[s1].txt - [24492 Bytes] - [09/12/2016 11:20:14]C:\AdwCleaner\AdwCleaner[s2].txt - [23641 Bytes] - [09/12/2016 11:22:23] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [24884 Bytes] ########## It got stuck twice or thrice.. This is the last thing that work perfectly and restarts, and the file popup itself..The following are the other files i found in that C:\AdwCleaner\ folder AdwCleaner [s0] : # AdwCleaner v6.040 - Logfile created 09/12/2016 at 10:40:31# Updated on 02/12/2016 by Malwarebytes# Database : 2016-12-09.1 [server]# Operating System : Windows 10 Home (X64)# Username : Sam - LAPTOP-DL6LJGA8# Running from : C:\Users\Samson\Downloads\AdwCleaner.exe# Mode: Scan# Support : https://www.malwarebytes.com/support ***** [ Services ] ***** Service Found: cherimoyaService Found: zdengineService Found: zdwfpService Found: WindowsSecurityService Found: CHNGTSvcService Found: WMPNetworkAcSvcService Found: XBox ***** [ Folders ] ***** Folder Found: C:\Users\Samson\AppData\Local\4C4C4544-1481123135-4E10-8048-B6C04F353632Folder Found: C:\Users\Samson\AppData\Local\MalwareProtectionLiveFolder Found: C:\Users\Samson\AppData\Local\Microsoft\Performance\MonitorFolder Found: C:\Users\Samson\AppData\Roaming\KuaizipFolder Found: C:\Users\Samson\AppData\Roaming\SoftlinkFolder Found: C:\Users\Samson\AppData\Roaming\WMPNetworkAcSvcFolder Found: C:\ProgramData\Windows SecurityFolder Found: C:\ProgramData\QuoteexFolder Found: C:\ProgramData\quoteexFolder Found: C:\ProgramData\ytd video downloaderFolder Found: C:\ProgramData\Application Data\Windows SecurityFolder Found: C:\ProgramData\Application Data\QuoteexFolder Found: C:\ProgramData\Application Data\quoteexFolder Found: C:\ProgramData\Application Data\ytd video downloaderFolder Found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\B1 Free ArchiverFolder Found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloaderFolder Found: C:\Program Files (x86)\B1 Free ArchiverFolder Found: C:\Program Files (x86)\GreenTree ApplicationsFolder Found: C:\Program Files (x86)\DPowerFolder Found: C:\uninstFolder Found: C:\Program Files (x86)\DPowerFolder Found: C:\Users\Samson\AppData\Roaming\GameLauncherFolder Found: C:\ProgramData\Windows SecurityFolder Found: C:\ProgramData\Microsoft\Network\DsqFolder Found: C:\Users\Samson\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\chklaanhfefbnpoihckbnefhakgolnmc ***** [ Files ] ***** File Found: C:\WINDOWS\SysNative\drivers\cherimoya.sysFile Found: C:\WINDOWS\SysNative\drivers\zdwfp64.sysFile Found: C:\ENDFile Found: C:\Users\Samson\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_fdckocnfhibclnnkifmjbbogcfkbijki_0.localstorageFile Found: C:\Users\Samson\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Local Storage\chrome-extension_fdckocnfhibclnnkifmjbbogcfkbijki_0.localstorage ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious keys found. ***** [ Shortcuts ] ***** No infected shortcut found. ***** [ Scheduled Tasks ] ***** No malicious task found. ***** [ Registry ] ***** Key Found: HKLM\SOFTWARE\Classes\OCComSDK.ComSDKKey Found: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1Key Found: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDKKey Found: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1Key Found: HKLM\SOFTWARE\Classes\AppID\{425F4ABF-B8E4-402D-9E49-06E494EB8DBF}Key Found: HKLM\SOFTWARE\Classes\CLSID\{176F706B-5175-479C-A3DF-32420F6FB01A}Key Found: HKLM\SOFTWARE\Classes\CLSID\{38BE2BE8-EB8E-41D1-9D94-3B1697094D47}Key Found: HKLM\SOFTWARE\Classes\CLSID\{53C267B2-B01D-410F-A4DD-A32962EE55F4}Key Found: HKLM\SOFTWARE\Classes\CLSID\{8804A543-42D3-4D71-9685-B0243D5526F3}Key Found: HKLM\SOFTWARE\Classes\CLSID\{A0F322D5-6A13-4CAB-84CF-FABB5690618E}Key Found: HKLM\SOFTWARE\Classes\CLSID\{AC3E336C-B524-47F0-9AA2-5F67AA056086}Key Found: HKLM\SOFTWARE\Classes\CLSID\{C68E9BB6-3DBD-4C4B-910B-C5D84A7EBB03}Key Found: HKLM\SOFTWARE\Classes\CLSID\{F577A1BA-D82D-4BB2-8430-B767285D081D}Key Found: HKLM\SOFTWARE\Classes\CLSID\{D42C3A49-ABAF-464B-BBCE-991C3DD395E8}Key Found: HKLM\SOFTWARE\Classes\Interface\{BF8946CD-EEBE-436B-8282-B19A021C9EFE}Key Found: HKLM\SOFTWARE\Classes\Interface\{D8CB24E3-DDA3-4B7F-8BA3-871DB7D3D986}Key Found: HKLM\SOFTWARE\Classes\Interface\{F6DF4318-A699-4E88-BE1D-84F4A009B08A}Key Found: HKLM\SOFTWARE\Classes\TypeLib\{38DD0B4A-E4E0-4A57-99EE-DCCB185B4728}Key Found: HKLM\SOFTWARE\Classes\TypeLib\{45965C76-4C88-4512-9358-368483E1C3B1}Key Found: HKU\.DEFAULT\Software\jhtrsqKey Found: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\Software\b1.orgKey Found: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\Software\DriverTunerKey Found: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\Software\DriverTuner_InitKey Found: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\Software\InstallerKey Found: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\Software\MICROSOFT\OTUTKey Found: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\Software\SNDAKey Found: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\Software\GreenTree ApplicationsKey Found: HKU\S-1-5-18\Software\jhtrsqKey Found: HKCU\Software\b1.orgKey Found: HKCU\Software\DriverTunerKey Found: HKCU\Software\DriverTuner_InitKey Found: HKCU\Software\InstallerKey Found: HKCU\Software\MICROSOFT\OTUTKey Found: HKCU\Software\SNDAKey Found: HKCU\Software\GreenTree ApplicationsKey Found: HKLM\SOFTWARE\b1.orgKey Found: HKLM\SOFTWARE\SkypeUpdateExKey Found: HKLM\SOFTWARE\jhtrsqKey Found: HKLM\SOFTWARE\WMPNetworkAcSvcKey Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}Key Found: [x64] HKCU\Software\b1.orgKey Found: [x64] HKCU\Software\DriverTunerKey Found: [x64] HKCU\Software\DriverTuner_InitKey Found: [x64] HKCU\Software\InstallerKey Found: [x64] HKCU\Software\MICROSOFT\OTUTKey Found: [x64] HKCU\Software\SNDAKey Found: [x64] HKCU\Software\GreenTree ApplicationsKey Found: [x64] HKLM\SOFTWARE\b1.orgKey Found: [x64] HKLM\SOFTWARE\jhtrsqData Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHCxomeujIo3zSgXIL5jWuOgCjESMi4PwYKpKey Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bestpriceninja.comKey Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\nps.pastaleads.comKey Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pastaleads.comKey Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pstatic.bestpriceninja.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\azlyrics.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\computer-repair-fKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\jobs.trovit.co.inKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\lyricsinbox.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\metrolyrics.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pc-fix.en.softoniKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\revo-uninstaller.Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\search.azlyrics.cKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\solvusoft.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\trovilavoro.itKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\trovit.co.inKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\utop.itKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\vlc-media-player.Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.azlyrics.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\azlyrics.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\computer-repair-freeKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\jobs.trovit.co.inKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\lyricsinbox.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\metrolyrics.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pc-fix.en.softonic.cKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\revo-uninstaller.en.Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\search.azlyrics.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\solvusoft.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\trovilavoro.itKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\trovit.co.inKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\utop.itKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\vlc-media-player.en.Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.azlyrics.comKey Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bestpriceninja.comKey Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\nps.pastaleads.comKey Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pastaleads.comKey Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pstatic.bestpriceninja.comKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\azlyrics.comKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.comKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\computer-repairKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.cKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\jobs.trovit.co.Key Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\lyricsinbox.comKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\metrolyrics.comKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pc-fix.en.softoKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\revo-uninstalleKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\search.azlyricsKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.comKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\solvusoft.comKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.cKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.comKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\trovilavoro.itKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\trovit.co.inKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\utop.itKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\vlc-media-playeKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.azlyrics.coKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\azlyrics.comKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.comKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\computer-repair-frKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.comKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\jobs.trovit.co.inKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\lyricsinbox.comKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\metrolyrics.comKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pc-fix.en.softonicKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\revo-uninstaller.eKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\search.azlyrics.coKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.comKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\solvusoft.comKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.comKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.comKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\trovilavoro.itKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\trovit.co.inKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\utop.itKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\vlc-media-player.eKey Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.azlyrics.comValue Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [MalwareProtectionLive]Value Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [gplyra]Value Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [DiskPower]Value Found: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [svchost0]Value Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [app]Key Found: HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers\KuaiZip2ShlExtKey Found: HKEY_CLASSES_ROOT\Drive\shellex\ContextMenuHandlers\KuaiZip2ShlExt ***** [ Web browsers ] ***** No malicious Firefox based browser items found.Chrome pref Found: [C:\Users\Samson\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences ] - hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHCxomeujIo3zSgXIL5jChrome pref Found: [C:\Users\Samson\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Secure Preferences] - hxxp://www.trotux.com/?z=6676c3bde8f0b0aa5258172g5z8mcw7qat2c4w1g2m&from=isr&uid=TOSHIBAXMQ01ABD100_X5M8SQChrome pref Found: [C:\Users\Samson\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Secure Preferences ] - chklaanhfefbnpoihckbnefhakgolnmc ************************* C:\AdwCleaner\AdwCleaner[s0].txt - [24296 Bytes] - [09/12/2016 10:40:31] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [24370 Bytes] ########## AdwCleaner [s1] : # AdwCleaner v6.040 - Logfile created 09/12/2016 at 11:20:14# Updated on 02/12/2016 by Malwarebytes# Database : 2016-12-09.1 [Local]# Operating System : Windows 10 Home (X64)# Username : Sam - LAPTOP-DL6LJGA8# Running from : C:\Users\Samson\Downloads\AdwCleaner.exe# Mode: Scan# Support : https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** Folder Found: C:\Users\Samson\AppData\Local\4C4C4544-1481123135-4E10-8048-B6C04F353632Folder Found: C:\Users\Samson\AppData\Local\Microsoft\Performance\MonitorFolder Found: C:\Users\Samson\AppData\Roaming\KuaizipFolder Found: C:\Users\Samson\AppData\Roaming\SoftlinkFolder Found: C:\ProgramData\QuoteexFolder Found: C:\ProgramData\quoteexFolder Found: C:\ProgramData\ytd video downloaderFolder Found: C:\ProgramData\Application Data\QuoteexFolder Found: C:\ProgramData\Application Data\quoteexFolder Found: C:\ProgramData\Application Data\ytd video downloaderFolder Found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\B1 Free ArchiverFolder Found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloaderFolder Found: C:\Program Files (x86)\B1 Free ArchiverFolder Found: C:\Program Files (x86)\GreenTree ApplicationsFolder Found: C:\Program Files (x86)\DPowerFolder Found: C:\uninstFolder Found: C:\Program Files (x86)\DPowerFolder Found: C:\Users\Samson\AppData\Roaming\GameLauncherFolder Found: C:\Users\Samson\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\chklaanhfefbnpoihckbnefhakgolnmc ***** [ Files ] ***** File Found: C:\ENDFile Found: C:\Users\Samson\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_fdckocnfhibclnnkifmjbbogcfkbijki_0.localstorageFile Found: C:\Users\Samson\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Local Storage\chrome-extension_fdckocnfhibclnnkifmjbbogcfkbijki_0.localstorage ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious keys found. ***** [ Shortcuts ] ***** No infected shortcut found. ***** [ Scheduled Tasks ] ***** No malicious task found. ***** [ Registry ] ***** Key Found: HKLM\SOFTWARE\Classes\OCComSDK.ComSDKKey Found: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1Key Found: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDKKey Found: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1Key Found: HKLM\SOFTWARE\Classes\AppID\{425F4ABF-B8E4-402D-9E49-06E494EB8DBF}Key Found: HKLM\SOFTWARE\Classes\CLSID\{176F706B-5175-479C-A3DF-32420F6FB01A}Key Found: HKLM\SOFTWARE\Classes\CLSID\{38BE2BE8-EB8E-41D1-9D94-3B1697094D47}Key Found: HKLM\SOFTWARE\Classes\CLSID\{53C267B2-B01D-410F-A4DD-A32962EE55F4}Key Found: HKLM\SOFTWARE\Classes\CLSID\{8804A543-42D3-4D71-9685-B0243D5526F3}Key Found: HKLM\SOFTWARE\Classes\CLSID\{A0F322D5-6A13-4CAB-84CF-FABB5690618E}Key Found: HKLM\SOFTWARE\Classes\CLSID\{AC3E336C-B524-47F0-9AA2-5F67AA056086}Key Found: HKLM\SOFTWARE\Classes\CLSID\{C68E9BB6-3DBD-4C4B-910B-C5D84A7EBB03}Key Found: HKLM\SOFTWARE\Classes\CLSID\{F577A1BA-D82D-4BB2-8430-B767285D081D}Key Found: HKLM\SOFTWARE\Classes\CLSID\{D42C3A49-ABAF-464B-BBCE-991C3DD395E8}Key Found: HKLM\SOFTWARE\Classes\Interface\{BF8946CD-EEBE-436B-8282-B19A021C9EFE}Key Found: HKLM\SOFTWARE\Classes\Interface\{D8CB24E3-DDA3-4B7F-8BA3-871DB7D3D986}Key Found: HKLM\SOFTWARE\Classes\Interface\{F6DF4318-A699-4E88-BE1D-84F4A009B08A}Key Found: HKLM\SOFTWARE\Classes\TypeLib\{38DD0B4A-E4E0-4A57-99EE-DCCB185B4728}Key Found: HKLM\SOFTWARE\Classes\TypeLib\{45965C76-4C88-4512-9358-368483E1C3B1}Key Found: HKU\.DEFAULT\Software\jhtrsqKey Found: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\Software\b1.orgKey Found: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\Software\DriverTunerKey Found: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\Software\DriverTuner_InitKey Found: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\Software\InstallerKey Found: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\Software\MICROSOFT\OTUTKey Found: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\Software\SNDAKey Found: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\Software\GreenTree ApplicationsKey Found: HKU\S-1-5-18\Software\jhtrsqKey Found: HKCU\Software\b1.orgKey Found: HKCU\Software\DriverTunerKey Found: HKCU\Software\DriverTuner_InitKey Found: HKCU\Software\InstallerKey Found: HKCU\Software\MICROSOFT\OTUTKey Found: HKCU\Software\SNDAKey Found: HKCU\Software\GreenTree ApplicationsKey Found: HKLM\SOFTWARE\b1.orgKey Found: HKLM\SOFTWARE\SkypeUpdateExKey Found: HKLM\SOFTWARE\jhtrsqKey Found: HKLM\SOFTWARE\WMPNetworkAcSvcKey Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}Key Found: [x64] HKCU\Software\b1.orgKey Found: [x64] HKCU\Software\DriverTunerKey Found: [x64] HKCU\Software\DriverTuner_InitKey Found: [x64] HKCU\Software\InstallerKey Found: [x64] HKCU\Software\MICROSOFT\OTUTKey Found: [x64] HKCU\Software\SNDAKey Found: [x64] HKCU\Software\GreenTree ApplicationsKey Found: [x64] HKLM\SOFTWARE\b1.orgKey Found: [x64] HKLM\SOFTWARE\jhtrsqData Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHCxomeujIo3zSgXIL5jWuOgCjESMi4PwYKpKey Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bestpriceninja.comKey Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\nps.pastaleads.comKey Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pastaleads.comKey Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pstatic.bestpriceninja.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\azlyrics.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\computer-repair-fKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\jobs.trovit.co.inKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\lyricsinbox.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\metrolyrics.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pc-fix.en.softoniKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\revo-uninstaller.Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\search.azlyrics.cKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\solvusoft.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\trovilavoro.itKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\trovit.co.inKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\utop.itKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\vlc-media-player.Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.azlyrics.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\azlyrics.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\computer-repair-freeKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\jobs.trovit.co.inKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\lyricsinbox.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\metrolyrics.comKey Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Int Edited December 9, 2016 by Samson Share this post Link to post Share on other sites
Samson Report post Posted December 9, 2016 CMD is still blinking sometimes, but not like before.. And one more thing, Windows Defender is turned off by group policy.. My browsers (Chrome and Opera) is not working.. It shows that internet is not connected, but the Edge and IE is working alright.. What should I do? Share this post Link to post Share on other sites
Juliet Report post Posted December 9, 2016 going to move this to the HJT forum. What antivirus are you using on this computer?, doesn't look like you had one? Share this post Link to post Share on other sites
Juliet Report post Posted December 9, 2016 Let's see if you can download Firefox and we can use this temporarily. https://www.mozilla.org/en-US/firefox/new/ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~` All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step. Mozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. This should open a window for General Options Scroll down to downloads section, click the Browse button, click on the Desktop, now all downloads should be located on desktop. ~~~~~~ Farbar Recovery Scan Tool (FRST) Scan Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) and save the file to your Desktop. Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run. Right-Click FRST.exe / FRST64.exe and select Run as administrator to run the programme. Click Yes to the disclaimer. Ensure the Addition.txt box is checked. Click the Scan button and let the programme run. Upon completion, click OK, then OK on the Addition.txt pop up screen. Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. Share this post Link to post Share on other sites
Samson Report post Posted December 10, 2016 (edited) No, I use windows defender.. Sometimes, I use bitdefender.. I don't have money this time to get it, but sure I'll buy it this time.. Edited December 10, 2016 by Samson Share this post Link to post Share on other sites
Samson Report post Posted December 10, 2016 Addition.txt Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2016Ran by Sam (10-12-2016 12:41:17)Running from C:\Users\Samson\DesktopWindows 10 Home Version 1607 (X64) (2016-09-27 15:53:20)Boot Mode: Normal============================================================================== Accounts: =============================Administrator (S-1-5-21-1043693715-1181851726-2221882957-500 - Administrator - Disabled)DefaultAccount (S-1-5-21-1043693715-1181851726-2221882957-503 - Limited - Disabled)Guest (S-1-5-21-1043693715-1181851726-2221882957-501 - Limited - Disabled)Sam (S-1-5-21-1043693715-1181851726-2221882957-1001 - Administrator - Enabled) => C:\Users\Samson==================== Security Center ========================(If an entry is included in the fixlist, it will be removed.)AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}==================== Installed Programs ======================(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)Adobe Photoshop Lightroom 4.1 64-bit (HKLM\...\{F7ADB493-B913-4D61-9A63-DA736C20C3F2}) (Version: 4.1.2 - Adobe)B1 Free Archiver (HKLM-x32\...\B1FreeArchiver) (Version: 0.0.0.0 - Catalina Group Ltd)BitTorrent (HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\...\BitTorrent) (Version: 7.9.9.42974 - BitTorrent Inc.)CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5627.59 - CyberLink Corp.)Dell Data Vault (Version: 4.3.5.1 - Dell Inc.) HiddenDell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.61 - Dell)Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.1.14 - Dell)Dell System Detect (HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\...\58d94f3ce2c27db0) (Version: 7.6.0.17 - Dell)DriverIdentifier 5.1 (HKLM-x32\...\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1) (Version: - DriverIdentifier)F1 2014 (HKLM-x32\...\RjEyMDE0_is1) (Version: 1 - )GlassFish Server Open Source Edition 4.0 (HKLM\...\nbi-glassfish-mod-4.0.0.89.0) (Version: - )Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.75 - Google Inc.)Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) HiddenIntel® Chipset Device Software (x32 Version: 10.1.1.7 - Intel® Corporation) HiddenIntel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4300 - Intel Corporation)Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)Intel® WiDi (HKLM\...\{76FAF7E1-52D0-49F7-A627-E78303F9C7EF}) (Version: 6.0.39.0 - Intel Corporation)Intel® WiDi Software Asset Manager (x32 Version: 1.1.347 - Intel Corporation) HiddenIntel® Wireless Bluetooth® (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)Intel® PROSet/Wireless Software (HKLM-x32\...\{4544164b-edf0-455c-b150-bed7109d751e}) (Version: 18.11.0 - Intel Corporation)Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)Java SE Development Kit 7 Update 40 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170400}) (Version: 1.7.0.400 - Oracle)Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)Maxx Audio Installer (x64) (Version: 2.6.6168.9 - Waves Audio Ltd.) HiddenMicrosoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)Mozilla Firefox 50.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 en-US)) (Version: 50.0.2 - Mozilla)Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2 - Mozilla)MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)NetBeans IDE 7.4 (HKLM\...\nbi-nb-base-7.4.0.0.201310111528) (Version: 7.4 - NetBeans.org)NVIDIA PhysX (HKLM-x32\...\{9530AE42-DAE1-4619-9594-B23487285D17}) (Version: 9.11.1107 - NVIDIA Corporation)NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.6514 - NVIDIA Corporation)Opera beta 42.0.2393.78 (HKLM-x32\...\Opera 42.0.2393.78) (Version: 42.0.2393.78 - Opera Software)PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) HiddenPhotoInstrument 4.5 (HKLM-x32\...\{5A7A2AED-781B-45DC-AAF6-EAA3A9370C83}}_is1) (Version: - Fatykhov Timur)Python 2.7.12 (64-bit) (HKLM\...\{9DA28CE5-0AA5-429E-86D8-686ED898C666}) (Version: 2.7.12150 - Python Software Foundation)Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)SMADAV version 11.0 (HKLM-x32\...\{8B9FA5FF-3E61-4658-B0DA-E6DDB46D6BAD}_is1) (Version: 11.0 - Smadsoft)TorrentsTime Media Player (HKLM\...\TorrentsTime Media Player_is1) (Version: 1.1.6.8 - TorrentsTime)VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)==================== Custom CLSID (Whitelisted): ==========================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)==================== Scheduled Tasks (Whitelisted) =============(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)Task: {02D415B0-03A3-4995-8921-BE8D4E9E0747} - System32\Tasks\Opera scheduled Autoupdate 1476690476 => C:\Program Files (x86)\Opera beta\launcher.exe [2016-12-07] (Opera Software)Task: {1594B5FB-DCD8-4EEF-84B9-5224D97BD3AF} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-09-30] (Dell Inc.)Task: {161DF4D4-B6DF-41F1-BD35-5D924A5C6473} - System32\Tasks\PCDoctorBackgroundMonitorTask-Retry => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2016-09-13] (PC-Doctor, Inc.)Task: {476B9EEB-74D5-42EC-A9C7-8A6CA10E0A2A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-10] (Google Inc.)Task: {48CDD171-440C-44A3-A67B-34E82E664A2B} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2015-06-06] (Intel Corporation)Task: {4A17DC09-EF3D-49C1-AA10-F0847E6B3B08} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-12-08] (Microsoft Corporation)Task: {4B6E9525-C7D9-4B7E-BF16-CA621D1AEFC8} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-17] (Intel Corporation)Task: {4CBC8B73-883F-4A4A-9C42-C55DB1987839} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2016-09-13] (PC-Doctor, Inc.)Task: {729C3E22-25F7-4FAC-A47F-2C3EB4701743} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-17] (Intel Corporation)Task: {8F1D8DBA-EACD-414E-92AE-5646522FCA85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-10] (Google Inc.)Task: {91E22760-AF17-4BC6-8F1D-ECCEE9FA3F82} - System32\Tasks\{FFAD7D26-5D86-4698-8D97-3C1EDE66C8D8} => pcalua.exe -a "C:\Extras\sai games\Need for Speed The Run\Need For Speed The Run.exe" -d "C:\Extras\sai games\Need for Speed The Run"Task: {9E016BCB-A807-4E8E-A82A-434DB9F0768B} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exeTask: {A7D75D42-80B4-4E81-9A59-EEB146885E11} - System32\Tasks\WinDriver => slp.exeTask: {AE76811A-53AD-45C9-B496-5FC3FA68A971} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exeTask: {C581B295-9A6E-4771-8489-C4B90A2E6085} - System32\Tasks\WinVDA => slp.exeTask: {C6F36D12-4E11-4C45-9CF9-AE82CF38162C} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2016-09-13] (PC-Doctor, Inc.)Task: {DCE31DB1-4836-4CD8-B131-A8E5DAB76448} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTIONTask: {DF1D4514-3441-492B-A9F2-8759CCEEA20C} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-04-29] (Realtek Semiconductor)Task: {E85BFF72-38CD-4959-BF21-5280C362250F} - System32\Tasks\smadav => C:\Program Files (x86)\Smadav\SMΔRTP.exe [2016-10-13] (Smadsoft)Task: {EDACCBDD-5C43-4A21-BB87-48392CF52139} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe==================== Shortcuts =============================(The entries could be listed to be restored or removed.)ShortcutWithArgument: C:\Users\Samson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --disable-quic==================== Loaded Modules (Whitelisted) ==============2016-07-16 17:12 - 2016-07-16 17:12 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll2016-10-03 16:09 - 2016-09-15 22:55 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll2015-11-16 08:16 - 2015-11-16 08:16 - 00395368 _____ () C:\WINDOWS\system32\igfxTray.exe2016-10-03 16:09 - 2016-09-15 22:55 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll2016-12-08 11:25 - 2016-12-08 11:25 - 01864384 _____ () C:\Users\Samson\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll2016-09-28 10:12 - 2016-09-28 10:12 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll2016-11-10 00:23 - 2016-11-02 16:00 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll2016-11-10 00:22 - 2016-11-02 15:51 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll2016-11-10 00:23 - 2016-11-02 15:45 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll2016-11-10 00:23 - 2016-11-02 15:44 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll2016-11-10 00:22 - 2016-11-02 15:45 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll2016-11-10 00:22 - 2016-11-02 15:46 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll2016-11-10 00:23 - 2016-11-02 15:47 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll2016-03-10 10:46 - 2015-03-11 06:59 - 00454656 _____ () C:\Program Files (x86)\Reliance Wi-Pod\CheckNDISPort.exe2016-02-13 18:43 - 2015-11-24 01:47 - 03843584 _____ () C:\Program Files (x86)\TorrentsTime Media Player\bin\torrent.dll2016-12-08 11:25 - 2016-12-08 11:25 - 01383616 _____ () C:\Users\Samson\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll2016-03-10 10:46 - 2015-03-11 06:58 - 00335872 _____ () C:\Program Files (x86)\Reliance Wi-Pod\Helper.dll2016-03-10 10:46 - 2015-03-11 06:58 - 00851968 _____ () C:\Program Files (x86)\Reliance Wi-Pod\Runtime.dll2016-03-10 10:46 - 2015-03-11 06:58 - 00026624 _____ () C:\Program Files (x86)\Reliance Wi-Pod\Threading.dll2016-03-10 10:46 - 2015-03-04 12:17 - 00971776 _____ () C:\Program Files (x86)\Reliance Wi-Pod\libxml2.dll2016-03-10 10:46 - 2015-03-04 12:17 - 00290904 _____ () C:\Program Files (x86)\Reliance Wi-Pod\libxslt.dll2016-03-10 10:46 - 2015-03-04 12:17 - 00073728 _____ () C:\Program Files (x86)\Reliance Wi-Pod\zlib1.dll==================== Alternate Data Streams (Whitelisted) =========(If an entry is included in the fixlist, only the ADS will be removed.)==================== Safe Mode (Whitelisted) ===================(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)==================== Association (Whitelisted) ===============(If an entry is included in the fixlist, the registry item will be restored to default or removed.)==================== Internet Explorer trusted/restricted ===============(If an entry is included in the fixlist, it will be removed from the registry.)==================== Hosts content: ==========================(If needed Hosts: directive could be included in the fixlist to reset Hosts.)2015-07-10 16:34 - 2016-12-07 14:31 - 00001006 ____A C:\WINDOWS\system32\Drivers\etc\hosts127.0.0.1 down.baidu2016.com127.0.0.1 123.sogou.com127.0.0.1 www.czzsyzgm.com127.0.0.1 www.czzsyzxl.com127.0.0.1 union.baidu2019.com==================== Other Areas ============================(Currently there is no automatic fix for this section.)HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Samson\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{4745ae1b-74d6-4179-ac98-e4ef6dd3e4a0}.jpgDNS Servers: 192.168.1.1HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)Windows Firewall is enabled.==================== MSCONFIG/TASK MANAGER disabled items ==HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"HKLM\...\StartupApproved\StartupFolder: => "Update Notifier.lnk"HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\...\StartupApproved\Run: => "OneDrive"HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\...\StartupApproved\Run: => "IKIKMOIJ9H"HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\...\StartupApproved\Run: => "98E1DZWTFF"HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\...\StartupApproved\Run: => "D1SLWN76VW"HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\...\StartupApproved\Run: => "Feeder"HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\...\StartupApproved\Run: => "Mojorojoup"==================== FirewallRules (Whitelisted) ===============(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)FirewallRules: [vm-monitoring-nb-session] => LPort=139FirewallRules: [uDP Query User{E6E3CBAC-EA2A-4294-9EA0-CC8AF46E2C1F}C:\program files (x86)\cisco packet tracer 6.2sv\bin\packettracer6.exe] => C:\program files (x86)\cisco packet tracer 6.2sv\bin\packettracer6.exeFirewallRules: [TCP Query User{D22E7A06-D361-442A-9BC0-F555A7DE5D72}C:\program files (x86)\cisco packet tracer 6.2sv\bin\packettracer6.exe] => C:\program files (x86)\cisco packet tracer 6.2sv\bin\packettracer6.exeFirewallRules: [uDP Query User{6A693FEB-047B-48D5-BAA7-E0BFB22179D7}C:\windows\system32\rundll32.exe] => C:\windows\system32\rundll32.exeFirewallRules: [TCP Query User{DB4F2383-C82F-4AA2-A95C-12BBBBB146CE}C:\windows\system32\rundll32.exe] => C:\windows\system32\rundll32.exeFirewallRules: [uDP Query User{3FB83EF7-1B61-45B6-A859-8AD25A9E9199}C:\games\murdered.soul.suspect-kaos\binaries\win64\murdered.exe] => C:\games\murdered.soul.suspect-kaos\binaries\win64\murdered.exeFirewallRules: [TCP Query User{9DD351E4-20D3-407A-A871-2695668EA999}C:\games\murdered.soul.suspect-kaos\binaries\win64\murdered.exe] => C:\games\murdered.soul.suspect-kaos\binaries\win64\murdered.exeFirewallRules: [uDP Query User{47C653FB-6FA7-44EA-A69A-518B404D77AB}C:\program files (x86)\r.g. mechanics\enemy front\bin32\enemyfront.exe] => C:\program files (x86)\r.g. mechanics\enemy front\bin32\enemyfront.exeFirewallRules: [TCP Query User{C1ACEE3C-2191-4BA3-A083-EB0F1FDDD8B5}C:\program files (x86)\r.g. mechanics\enemy front\bin32\enemyfront.exe] => C:\program files (x86)\r.g. mechanics\enemy front\bin32\enemyfront.exeFirewallRules: [uDP Query User{F7ACE36C-BA5E-4522-8481-9D66305C5855}C:\users\samson\desktop\ipmsg new ver.exe] => C:\users\samson\desktop\ipmsg new ver.exeFirewallRules: [TCP Query User{DC325447-3286-41B8-AA94-60544EDFE77E}C:\users\samson\desktop\ipmsg new ver.exe] => C:\users\samson\desktop\ipmsg new ver.exeFirewallRules: [{7DD15DF0-3DD0-49DC-89A0-56BB784EC3AC}] => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exeFirewallRules: [{65938AA9-6792-4C1C-B5ED-E9CAB235B29F}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exeFirewallRules: [{1515C8BA-CC7A-447F-BCBC-45868D057A85}] => C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exeFirewallRules: [{B41AF535-58DE-434C-A9CF-DB215C96AEF9}] => C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exeFirewallRules: [{19D0A017-5399-48C5-AB0F-453EA2787076}] => C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exeFirewallRules: [{AF40A67E-6E39-4C2E-97F6-5E624E0CEF8C}] => C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exeFirewallRules: [{47FF4F18-39B2-427D-A450-4079C77A4C92}] => C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exeFirewallRules: [TCP Query User{A1989828-8765-4D70-BEFF-237C0A7AB961}C:\users\samson\appdata\roaming\bittorrent\bittorrent.exe] => C:\users\samson\appdata\roaming\bittorrent\bittorrent.exeFirewallRules: [uDP Query User{4DC12A61-E699-40BE-A150-754D442BC324}C:\users\samson\appdata\roaming\bittorrent\bittorrent.exe] => C:\users\samson\appdata\roaming\bittorrent\bittorrent.exeFirewallRules: [{61F4A9E0-B217-4DB2-945E-1FCFCD15B35F}] => C:\Program Files (x86)\TorrentsTime Media Player\bin\chromecast\node.exeFirewallRules: [{0A2C5BB7-F0A3-4802-827C-048D5828405A}] => C:\Program Files (x86)\TorrentsTime Media Player\bin\chromecast\node.exeFirewallRules: [{9FFB5890-9F78-423A-A4FF-6EE4D55D6EC1}] => C:\Program Files (x86)\Skype\Phone\Skype.exeFirewallRules: [TCP Query User{BC49DC96-E455-448B-9F3E-308B56A0DF26}C:\program files (x86)\battlefield 4\bf4.exe] => C:\program files (x86)\battlefield 4\bf4.exeFirewallRules: [uDP Query User{D231069E-33EA-4B54-A3CD-D5C889FD31F0}C:\program files (x86)\battlefield 4\bf4.exe] => C:\program files (x86)\battlefield 4\bf4.exeFirewallRules: [{5BBFB31D-18FA-41C7-A268-5C841517FD71}] => C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exeFirewallRules: [TCP Query User{E5322061-65D6-4F5C-982D-247B733F35B5}C:\users\samson\appdata\roaming\bittorrent\bittorrent.exe] => C:\users\samson\appdata\roaming\bittorrent\bittorrent.exeFirewallRules: [uDP Query User{104B9AC1-28B7-4099-8AE6-63CA1B18D624}C:\users\samson\appdata\roaming\bittorrent\bittorrent.exe] => C:\users\samson\appdata\roaming\bittorrent\bittorrent.exeFirewallRules: [{3BEEF2E7-49A0-46CD-B551-9BB8D64DDC7E}] => C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exeFirewallRules: [{35696B18-3DAC-4F0D-AEAA-4C61D48C2A0D}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exeFirewallRules: [{D4ADB908-ACD9-4D41-88D9-A7191B7CEE2D}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exeFirewallRules: [{31AABD44-02F7-44C7-BDA6-6D255A0D4647}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe==================== Restore Points ============================================= Faulty Device Manager Devices =============Name: HID-compliant touch screenDescription: HID-compliant touch screenClass Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}Manufacturer: (Standard system devices)Service:Problem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.==================== Event log errors: =========================Application errors:==================Error: (12/10/2016 11:48:58 AM) (Source: ESENT) (EventID: 489) (User: )Description: firefox (4648) An attempt to open the file "C:\Users\Samson\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\DBStore\spartan.edb" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).Error: (12/10/2016 11:17:49 AM) (Source: Perflib) (EventID: 1008) (User: )Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.Error: (12/09/2016 02:56:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: LAPTOP-DL6LJGA8)Description: Package Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy+CortanaUI was terminated because it took too long to suspend.Error: (12/09/2016 11:46:38 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: Music.UI.exe, version: 10.16102.1034.0, time stamp: 0x582f5ce3Faulting module name: Music.UI.exe, version: 10.16102.1034.0, time stamp: 0x582f5ce3Exception code: 0x80000003Fault offset: 0x0000000000046737Faulting process id: 0x4a8Faulting application start time: 0x01d251e25cd34369Faulting application path: C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.16102.10341.0_x64__8wekyb3d8bbwe\Music.UI.exeFaulting module path: C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.16102.10341.0_x64__8wekyb3d8bbwe\Music.UI.exeReport Id: 7bb4c61f-c9fd-403b-8a45-b75fd31081eaFaulting package full name: Microsoft.ZuneMusic_10.16102.10341.0_x64__8wekyb3d8bbweFaulting package-relative application ID: Microsoft.ZuneMusicError: (12/09/2016 11:20:59 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: AdwCleaner.exe, version: 6.0.4.0, time stamp: 0x5841ceb4Faulting module name: AdwCleaner.exe, version: 6.0.4.0, time stamp: 0x5841ceb4Exception code: 0xc0000005Fault offset: 0x00020feaFaulting process id: 0x2544Faulting application start time: 0x01d251dfd56300b5Faulting application path: C:\Users\Samson\Downloads\AdwCleaner.exeFaulting module path: C:\Users\Samson\Downloads\AdwCleaner.exeReport Id: 5acc35f4-2b8e-4520-b9be-4654af17e76aFaulting package full name:Faulting package-relative application ID:Error: (12/09/2016 09:50:52 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: CompatTelRunner.exe, version: 10.0.14913.1002, time stamp: 0x57d1070dFaulting module name: devinv.dll, version: 10.0.14913.1002, time stamp: 0x57d10950Exception code: 0xc0000005Fault offset: 0x0000000000023c00Faulting process id: 0x13c4Faulting application start time: 0x01d251cce3b40a09Faulting application path: C:\WINDOWS\system32\CompatTelRunner.exeFaulting module path: C:\WINDOWS\system32\devinv.dllReport Id: 4e611d9d-f7f1-4350-a6e1-5a3348460865Faulting package full name:Faulting package-relative application ID:Error: (12/09/2016 12:51:27 AM) (Source: Perflib) (EventID: 1023) (User: )Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.Error: (12/09/2016 12:51:23 AM) (Source: Perflib) (EventID: 1008) (User: )Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.Error: (12/08/2016 07:02:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-DL6LJGA8)Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.Error: (12/08/2016 06:56:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-DL6LJGA8)Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.System errors:=============Error: (12/10/2016 12:02:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID{8D8F4F83-3594-4F07-8369-FC3C3CAE4919} and APPID{F72671A9-012C-4725-9D2F-2A4D32D65169} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.Error: (12/10/2016 11:54:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Cegoe service failed to start due to the following error:The system cannot find the file specified.Error: (12/10/2016 11:54:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The wscsvc service failed to start due to the following error:The account specified for this service is different from the account specified for other services running in the same process.Error: (12/10/2016 11:14:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID{8D8F4F83-3594-4F07-8369-FC3C3CAE4919} and APPID{F72671A9-012C-4725-9D2F-2A4D32D65169} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.Error: (12/10/2016 02:02:00 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID{8D8F4F83-3594-4F07-8369-FC3C3CAE4919} and APPID{F72671A9-012C-4725-9D2F-2A4D32D65169} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.Error: (12/10/2016 02:01:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The wscsvc service failed to start due to the following error:The account specified for this service is different from the account specified for other services running in the same process.Error: (12/10/2016 02:01:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Cegoe service failed to start due to the following error:The system cannot find the file specified.Error: (12/09/2016 10:27:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID{D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID{9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.Error: (12/09/2016 10:15:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID{8D8F4F83-3594-4F07-8369-FC3C3CAE4919} and APPID{F72671A9-012C-4725-9D2F-2A4D32D65169} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.Error: (12/09/2016 10:13:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The wscsvc service failed to start due to the following error:The account specified for this service is different from the account specified for other services running in the same process.CodeIntegrity:=================================== Date: 2016-12-09 22:11:43.681 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume3\Program Files\Windows Defender\NisSrv.exe that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-12-09 22:11:39.859 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-09 22:07:28.979 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-02 21:04:35.935 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-11-19 15:17:39.467 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-11-06 16:12:54.163 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-31 15:04:08.177 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-18 23:31:48.526 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-17 21:31:38.804 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-13 20:32:41.623 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.==================== Memory info ===========================Processor: Intel® Core i5-4210U CPU @ 1.70GHzPercentage of memory in use: 41%Total physical RAM: 8108.61 MBAvailable physical RAM: 4768.67 MBTotal Virtual: 30508.61 MBAvailable Virtual: 27012.39 MB==================== Drives ================================Drive c: () (Fixed) (Total:465.71 GB) (Free:53.81 GB) NTFSDrive d: (Local Disk) (Fixed) (Total:200 GB) (Free:73.16 GB) NTFSDrive e: (Local Disk) (Fixed) (Total:150 GB) (Free:28.08 GB) NTFSDrive f: (Local Disk) (Fixed) (Total:114.36 GB) (Free:21.47 GB) NTFS==================== MBR & Partition Table ==========================================================================Disk: 0 (Size: 931.5 GB) (Disk ID: 341B5912)Partition: GPT.==================== End of Addition.txt ============================ FRST.txt has almost 63k lines.. Can i upload the files here? Share this post Link to post Share on other sites
Juliet Report post Posted December 10, 2016 FRST.txt has almost 63k lines.. Can i upload the files here? I need to see that other log as well, make multiple post if needed, or if it will allow you to attach it as a file. Share this post Link to post Share on other sites
Samson Report post Posted December 10, 2016 Okay, here it is.. FRST.txt Share this post Link to post Share on other sites
Juliet Report post Posted December 10, 2016 Wow, alot to cover here. How many antivirus programs do you have on the computer? C:\Program Files (x86)\Avira C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMADAV Antivirus C:\ProgramData\AVAST Software Please downsize to just 1. ~~~ Uninstall Java SE Development Kit 7 Update 40 ~~ I cannot find info on these (their in unicode), you know what they might be? C:\WINDOWS\潰睴崁o嵸o3 C:\WINDOWS\峈āż C:\WINDOWS\岈o尼o㌎睶屼oü3 C:\WINDOWS\尸o寬o㌎睶尬oü3 C:\WINDOWS\ꪑ⁺崄o睳嵸o崰o峰o峬o睳 C:\WINDOWS\ì C:\WINDOWS\3崰o C:\WINDOWS\3峠o C:\WINDOWS\3 C:\WINDOWS\᳞睳岔o崰oޠ C:\WINDOWS\巬oៀ睳 C:\Program Files\TR6EEEKWWF ~~~~ P2P Warning I see you have peer-to-peer (P2P) file sharing software installed on your computer (BitTorrent). I advise you avoid P2P file sharing programmes; they are a security risk which can make your computer susceptible to malware. File sharing networks are thoroughly infected and infested with malware - worms, backdoor Trojans, IRCBots, and rootkits propagate via P2P file sharing networks, gaming, and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans, and spyware. The best way to reduce the risk of infection is to avoid these types of web sites and not use P2P applications. Please read the following articles for more information. Risks of File-Sharing Technology P2P Software User Advisories More malware is traveling on P2P networks these days Your P2P software can be removed by following the instructions below. Press the Windows Key + r on your keyboard at the same time. Type appwiz.cpl and click OK. Search for the aforementioned programme(s), right-click and click Uninstall. If you choose not to, please refrain from using the programme(s) during this process. Your machine has many torrents, this is going to kill your machine since most are posted with live infections. ~~~~~ Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below: To do this highlight the contents of the box and right click on it and select copy. Paste this into the open notepad. save it to the Desktop as fixlist.txt NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow) start CreateRestorePoint: CloseProcesses: Task: {DCE31DB1-4836-4CD8-B131-A8E5DAB76448} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION ShortcutWithArgument: C:\Users\Samson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --disable-quic ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File SearchScopes: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001 -> {40C54957-4028-43E2-8047-F02C6A57D31B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1 SearchScopes: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001 -> {9891125E-B064-47C2-9E2E-BC1C79AE9BA0} URL = CHR Profile: C:\Users\Samson\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-12-07] <==== ATTENTION CHR Extension: (No Name) - C:\Users\Samson\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\cebkcnlhbjapdpofhcokcdhfgpehhajk [2016-10-13] CHR HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [akhdblbjebmbllhinponghfmaekhlhob] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cckdoammdligdedbakcgnmegjljgipjb] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [clmghkfhfkcfhpccgbafbailibgogkbi] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [eoepodkgpakekgncgnfnijcippobokhp] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gccplojjfpdbeidicabkegekmcplafee] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hkdmihdclhhoghpojiifklmegjnjkdlh] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ikdlehiegikpggplngbmpdgnidekfmjn] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pgoackgjjkpbkjoomkklkofbhpkbeboc] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [akhdblbjebmbllhinponghfmaekhlhob] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [cckdoammdligdedbakcgnmegjljgipjb] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [clmghkfhfkcfhpccgbafbailibgogkbi] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eoepodkgpakekgncgnfnijcippobokhp] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gccplojjfpdbeidicabkegekmcplafee] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [hkdmihdclhhoghpojiifklmegjnjkdlh] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ikdlehiegikpggplngbmpdgnidekfmjn] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [pgoackgjjkpbkjoomkklkofbhpkbeboc] - hxxps://clients2.google.com/service/update2/crx S2 Cegoe; "C:\Users\Samson\AppData\Roaming\Xeeedxi\Xeeedxi.exe" -cms [X] C:\Users\Samson\AppData\Roaming\Xeeedxi R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X] S3 NAVENG; \??\C:\Program Files (x86)\Norton Security with Backup\NortonData\22.8.0.50\Definitions\SDSDefs\20161012.008\ENG64.SYS [X] S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security with Backup\NortonData\22.8.0.50\Definitions\SDSDefs\20161012.008\EX64.SYS [X] C:\Program Files (x86)\SmartPCFixer C:\WINDOWS\SysWOW64\kz.exe C:\Users\Samson\AppData\Local\Temp\HD-LibraryHandler.dll C:\Users\Samson\AppData\Local\Temp\HD-Logger-Native.dll C:\Users\Samson\AppData\Local\Temp\ieframe.dll C:\Users\Samson\AppData\Local\Temp\jre-8u111-windows-au.exe C:\Users\Samson\AppData\Local\Temp\libeay32.dll C:\Users\Samson\AppData\Local\Temp\msvcr120.dll C:\Users\Samson\AppData\Local\Temp\setup_54CB.exe C:\Users\Samson\AppData\Local\Temp\setup_72A2.exe C:\Users\Samson\AppData\Local\Temp\setup_DF35.exe C:\Users\Samson\AppData\Local\Temp\SkypeSetup.exe C:\Users\Samson\AppData\Local\Temp\sqlite3.dll C:\Users\Samson\AppData\Local\Temp\10.tmp.exe C:\Users\Samson\AppData\Local\Temp\100.tmp.exe C:\Users\Samson\AppData\Local\Temp\1000.tmp.exe CMD: ipconfig /flushdns CMD: netsh winsock reset all CMD: netsh int ipv4 reset CMD: netsh int ipv6 reset EmptyTemp: Hosts: End Open FRST/FRST64 and press the > Fix < button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply. ~~~~~~~~~~~~~~~~~~~~~~~ See if you can locate C:\Users\Samson\AppData\Local\Temp There is a ridiculous amount of temp files inside. See if you can delete those, not the folder itself just the temp files inside. ~~~~~~~~~~~~~~~~~~~~~ Please locate and delete the version of AdwCleaner you have on desktop. we'll download a fresh copy AdwCleaner Please download AdwCleaner and save the file to your Desktop. In order to use AdwCleaner, you have to agree the Eula: Right-click AdwCleaner.exe and select Run as administrator to run the programme. Follow the prompts. Click Scan. Upon completion, click Logfile. A log (AdwCleaner[s1].txt) will open. Briefly check the log for anything you know to be legitimate. Return to AdwCleaner. Ensure anything you know to be legitimate does not have a checkmark under the corresponding tab. Click Clean. Follow the prompts and allow your computer to reboot. After the reboot, a log (AdwCleaner[C1].txt) will open. Copy the contents of the log and paste in your next reply. -- File and folder backups are made for items removed using this programme. Should a legitimate file or folder be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the item. Please do not overly concern yourself with the contents of AdwCleaner[C1].txt. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Please download Junkware Removal Tool or from here http://downloads.malwarebytes.org/file/jrt to your desktop. Shut down your protection software now to avoid potential conflicts. Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator". The tool will open and start scanning your system. Please be patient as this can take a while to complete depending on your system's specifications. On completion, a log (JRT.txt) is saved to your desktop and will automatically open. Post the contents of JRT.txt into your next message. ~~~ please post Fixlog.txt AdwCleaner[C1].txt JRT.txt Share this post Link to post Share on other sites
Samson Report post Posted December 10, 2016 Except Smadav and Malwarebyte i don't have any.. I used avast sometimes before and avira a long before.. Share this post Link to post Share on other sites
Juliet Report post Posted December 10, 2016 Let's continue. Other questions can be answered later. I can remove remnants of the other antivirus programs later. Share this post Link to post Share on other sites
Samson Report post Posted December 10, 2016 Hi, Here are the things you asked. Fixlog : Fix result of Farbar Recovery Scan Tool (x64) Version: 07-12-2016Ran by Sam (10-12-2016 22:05:56) Run:1Running from C:\Users\Samson\DesktopLoaded Profiles: Sam (Available Profiles: Sam)Boot Mode: Normal==============================================fixlist content:*****************startCreateRestorePoint:CloseProcesses:Task: {DCE31DB1-4836-4CD8-B131-A8E5DAB76448} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTIONShortcutWithArgument: C:\Users\Samson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --disable-quicShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No FileSearchScopes: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001 -> {40C54957-4028-43E2-8047-F02C6A57D31B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1SearchScopes: HKU\S-1-5-21-1043693715-1181851726-2221882957-1001 -> {9891125E-B064-47C2-9E2E-BC1C79AE9BA0} URL =CHR Profile: C:\Users\Samson\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-12-07] <==== ATTENTIONCHR Extension: (No Name) - C:\Users\Samson\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\cebkcnlhbjapdpofhcokcdhfgpehhajk [2016-10-13]CHR HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [akhdblbjebmbllhinponghfmaekhlhob] - hxxps://clients2.google.com/service/update2/crxCHR HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cckdoammdligdedbakcgnmegjljgipjb] - hxxps://clients2.google.com/service/update2/crxCHR HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [clmghkfhfkcfhpccgbafbailibgogkbi] - hxxps://clients2.google.com/service/update2/crxCHR HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [eoepodkgpakekgncgnfnijcippobokhp] - hxxps://clients2.google.com/service/update2/crxCHR HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gccplojjfpdbeidicabkegekmcplafee] - hxxps://clients2.google.com/service/update2/crxCHR HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hkdmihdclhhoghpojiifklmegjnjkdlh] - hxxps://clients2.google.com/service/update2/crxCHR HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ikdlehiegikpggplngbmpdgnidekfmjn] - hxxps://clients2.google.com/service/update2/crxCHR HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pgoackgjjkpbkjoomkklkofbhpkbeboc] - hxxps://clients2.google.com/service/update2/crxCHR HKLM-x32\...\Chrome\Extension: [akhdblbjebmbllhinponghfmaekhlhob] - hxxps://clients2.google.com/service/update2/crxCHR HKLM-x32\...\Chrome\Extension: [cckdoammdligdedbakcgnmegjljgipjb] - hxxps://clients2.google.com/service/update2/crxCHR HKLM-x32\...\Chrome\Extension: [clmghkfhfkcfhpccgbafbailibgogkbi] - hxxps://clients2.google.com/service/update2/crxCHR HKLM-x32\...\Chrome\Extension: [eoepodkgpakekgncgnfnijcippobokhp] - hxxps://clients2.google.com/service/update2/crxCHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crxCHR HKLM-x32\...\Chrome\Extension: [gccplojjfpdbeidicabkegekmcplafee] - hxxps://clients2.google.com/service/update2/crxCHR HKLM-x32\...\Chrome\Extension: [hkdmihdclhhoghpojiifklmegjnjkdlh] - hxxps://clients2.google.com/service/update2/crxCHR HKLM-x32\...\Chrome\Extension: [ikdlehiegikpggplngbmpdgnidekfmjn] - hxxps://clients2.google.com/service/update2/crxCHR HKLM-x32\...\Chrome\Extension: [pgoackgjjkpbkjoomkklkofbhpkbeboc] - hxxps://clients2.google.com/service/update2/crxS2 Cegoe; "C:\Users\Samson\AppData\Roaming\Xeeedxi\Xeeedxi.exe" -cms [X]C:\Users\Samson\AppData\Roaming\XeeedxiR2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]S3 NAVENG; \??\C:\Program Files (x86)\Norton Security with Backup\NortonData\22.8.0.50\Definitions\SDSDefs\20161012.008\ENG64.SYS [X]S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security with Backup\NortonData\22.8.0.50\Definitions\SDSDefs\20161012.008\EX64.SYS [X]C:\Program Files (x86)\SmartPCFixerC:\WINDOWS\SysWOW64\kz.exeC:\Users\Samson\AppData\Local\Temp\HD-LibraryHandler.dllC:\Users\Samson\AppData\Local\Temp\HD-Logger-Native.dllC:\Users\Samson\AppData\Local\Temp\ieframe.dllC:\Users\Samson\AppData\Local\Temp\jre-8u111-windows-au.exeC:\Users\Samson\AppData\Local\Temp\libeay32.dllC:\Users\Samson\AppData\Local\Temp\msvcr120.dllC:\Users\Samson\AppData\Local\Temp\setup_54CB.exeC:\Users\Samson\AppData\Local\Temp\setup_72A2.exeC:\Users\Samson\AppData\Local\Temp\setup_DF35.exeC:\Users\Samson\AppData\Local\Temp\SkypeSetup.exeC:\Users\Samson\AppData\Local\Temp\sqlite3.dllC:\Users\Samson\AppData\Local\Temp\10.tmp.exeC:\Users\Samson\AppData\Local\Temp\100.tmp.exeC:\Users\Samson\AppData\Local\Temp\1000.tmp.exeCMD: ipconfig /flushdnsCMD: netsh winsock reset allCMD: netsh int ipv4 resetCMD: netsh int ipv6 resetEmptyTemp:Hosts:End*****************Restore point was successfully created.Processes closed successfully."HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DCE31DB1-4836-4CD8-B131-A8E5DAB76448}" => key removed successfully"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCE31DB1-4836-4CD8-B131-A8E5DAB76448}" => key removed successfully"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => key removed successfullyC:\Users\Samson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk => Shortcut argument removed successfully."HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfullyHKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found."HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{40C54957-4028-43E2-8047-F02C6A57D31B}" => key removed successfullyHKCR\CLSID\{40C54957-4028-43E2-8047-F02C6A57D31B} => key not found."HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9891125E-B064-47C2-9E2E-BC1C79AE9BA0}" => key removed successfullyHKCR\CLSID\{9891125E-B064-47C2-9E2E-BC1C79AE9BA0} => key not found.C:\Users\Samson\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => moved successfullyC:\Users\Samson\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\cebkcnlhbjapdpofhcokcdhfgpehhajk => moved successfully"HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\Google\Chrome\Extensions\akhdblbjebmbllhinponghfmaekhlhob" => key removed successfully"HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\Google\Chrome\Extensions\cckdoammdligdedbakcgnmegjljgipjb" => key removed successfully"HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\Google\Chrome\Extensions\clmghkfhfkcfhpccgbafbailibgogkbi" => key removed successfully"HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\Google\Chrome\Extensions\eoepodkgpakekgncgnfnijcippobokhp" => key removed successfully"HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\Google\Chrome\Extensions\gccplojjfpdbeidicabkegekmcplafee" => key removed successfully"HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\Google\Chrome\Extensions\hkdmihdclhhoghpojiifklmegjnjkdlh" => key removed successfully"HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\Google\Chrome\Extensions\ikdlehiegikpggplngbmpdgnidekfmjn" => key removed successfully"HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\Google\Chrome\Extensions\pgoackgjjkpbkjoomkklkofbhpkbeboc" => key removed successfully"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\akhdblbjebmbllhinponghfmaekhlhob" => key removed successfully"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cckdoammdligdedbakcgnmegjljgipjb" => key removed successfully"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\clmghkfhfkcfhpccgbafbailibgogkbi" => key removed successfully"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eoepodkgpakekgncgnfnijcippobokhp" => key removed successfully"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk" => key removed successfully"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gccplojjfpdbeidicabkegekmcplafee" => key removed successfully"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hkdmihdclhhoghpojiifklmegjnjkdlh" => key removed successfully"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ikdlehiegikpggplngbmpdgnidekfmjn" => key removed successfully"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgoackgjjkpbkjoomkklkofbhpkbeboc" => key removed successfullyCegoe => service removed successfullyC:\Users\Samson\AppData\Roaming\Xeeedxi => moved successfullyibtsiva => service removed successfullyNAVENG => service removed successfullyNAVEX15 => service removed successfullyC:\Program Files (x86)\SmartPCFixer => moved successfullyC:\WINDOWS\SysWOW64\kz.exe => moved successfully"C:\Users\Samson\AppData\Local\Temp\HD-LibraryHandler.dll" => not found."C:\Users\Samson\AppData\Local\Temp\HD-Logger-Native.dll" => not found."C:\Users\Samson\AppData\Local\Temp\ieframe.dll" => not found."C:\Users\Samson\AppData\Local\Temp\jre-8u111-windows-au.exe" => not found."C:\Users\Samson\AppData\Local\Temp\libeay32.dll" => not found."C:\Users\Samson\AppData\Local\Temp\msvcr120.dll" => not found."C:\Users\Samson\AppData\Local\Temp\setup_54CB.exe" => not found."C:\Users\Samson\AppData\Local\Temp\setup_72A2.exe" => not found."C:\Users\Samson\AppData\Local\Temp\setup_DF35.exe" => not found."C:\Users\Samson\AppData\Local\Temp\SkypeSetup.exe" => not found."C:\Users\Samson\AppData\Local\Temp\sqlite3.dll" => not found."C:\Users\Samson\AppData\Local\Temp\10.tmp.exe" => not found."C:\Users\Samson\AppData\Local\Temp\100.tmp.exe" => not found."C:\Users\Samson\AppData\Local\Temp\1000.tmp.exe" => not found.========= ipconfig /flushdns =========Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.========= End of CMD: ================== netsh winsock reset all =========Sucessfully reset the Winsock Catalog.You must restart the computer in order to complete the reset.========= End of CMD: ================== netsh int ipv4 reset =========Resetting Global, OK!Resetting Interface, OK!Resetting Unicast Address, OK!Resetting Neighbor, OK!Resetting Path, OK!Resetting Route, OK!Resetting , failed.Access is denied.Resetting , OK!Restart the computer to complete this action.========= End of CMD: ================== netsh int ipv6 reset =========Resetting Interface, OK!Resetting Neighbor, OK!Resetting Path, OK!Resetting , failed.Access is denied.Resetting , OK!Resetting , OK!Restart the computer to complete this action.========= End of CMD: =========C:\Windows\System32\Drivers\etc\hosts => moved successfullyHosts restored successfully.=========== EmptyTemp: ==========BITS transfer queue => 0 BDOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 461555637 BJava, Flash, Steam htmlcache => 55277 BWindows/system/drivers => 0 BEdge => 192241754 BChrome => 16739532 BFirefox => 266384211 BOpera => 0 BTemp, IE cache, history, cookies, recent:Default => 0 BUsers => 0 BProgramData => 0 BPublic => 0 Bsystemprofile => 0 Bsystemprofile32 => 0 BLocalService => 19758 BNetworkService => 329540 BSamson => 11516918 BRecycleBin => 1632239846 BEmptyTemp: => 2.4 GB temporary data Removed.================================The system needed a reboot.==== End of Fixlog 22:10:20 ==== AdwCleaner : # AdwCleaner v6.040 - Logfile created 10/12/2016 at 22:29:08# Updated on 02/12/2016 by Malwarebytes# Database : 2016-12-02.1 [Local]# Operating System : Windows 10 Home (X64)# Username : Sam - LAPTOP-DL6LJGA8# Running from : C:\Users\Samson\Desktop\AdwCleaner.exe# Mode: Clean# Support : https://www.malwarebytes.com/support***** [ Services ] ********** [ Folders ] *****[#] Folder deleted on reboot: C:\Users\Samson\AppData\Local\Microsoft\Performance\Monitor***** [ Files ] ********** [ DLL ] ********** [ WMI ] ********** [ Shortcuts ] ********** [ Scheduled Tasks ] ********** [ Registry ] *****[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com***** [ Web browsers ] ******************************:: "Tracing" keys deleted:: Winsock settings cleared*************************C:\AdwCleaner\AdwCleaner[C0].txt - [2685 Bytes] - [10/12/2016 22:29:08]C:\AdwCleaner\AdwCleaner[s0].txt - [2924 Bytes] - [10/12/2016 22:26:31]########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2831 Bytes] ########## JRT : ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by MalwarebytesVersion: 8.0.9 (09.30.2016)Operating System: Windows 10 Home x64Ran by Sam (Administrator) on 10-12-2016 at 23:10:19.84~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~File System: 14Successfully deleted: C:\ProgramData\1473003670.bdinstall.bin (File)Successfully deleted: C:\ProgramData\1481112663.bdinstall.bin (File)Successfully deleted: C:\ProgramData\1481124870.bdinstall.bin (File)Successfully deleted: C:\Users\Samson\AppData\Local\{B5F70934-5E12-42d2-882D-62D42EA1FA67} (Empty Folder)Successfully deleted: C:\Users\Samson\Appdata\LocalLow\company (Folder)Successfully deleted: C:\Users\Samson\Documents\add-in express (Folder)Successfully deleted: C:\WINDOWS\fiddlercore4.dll (File)Successfully deleted: C:\WINDOWS\system32\Tasks\PCDEventLauncherTask (Task)Successfully deleted: C:\WINDOWS\system32\Tasks\PCDoctorBackgroundMonitorTask-Retry (Task)Successfully deleted: C:\WINDOWS\system32\Tasks\PCDoctorBackgroundMonitorTask (Task)Successfully deleted: C:\WINDOWS\system32\Tasks\WinDriver (Task)Successfully deleted: C:\WINDOWS\prefetch\DRIVERIDENTIFIER.EXE-3EF218FC.pf (File)Successfully deleted: C:\WINDOWS\prefetch\DRIVERTUNER.EXE-B15988C2.pf (File)Successfully deleted: C:\WINDOWS\prefetch\DRIVERTUNER_SETUP.TMP-014089E5.pf (File)Registry: 0~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on 10-12-2016 at 23:12:13.40End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Share this post Link to post Share on other sites
Juliet Report post Posted December 10, 2016 Looks like slowly but surely..... You should see some improvement by now? Let's update Malwarebytes Anti-Malware and run a new scan. Open Malwarebytes Anti-Malware On the Dashboard click on Update Now Go to the Setting Tab Under Setting go to Detection and Protection Under PUP and PUM make sure both are set to show Treat Detections as Malware Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked Then on the Dashboard click on Scan Make sure to select THREAT SCAN Then click on Scan Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. If threats are detected, click Remove Selected. If you are prompted to reboot, click Yes. Upon completion of the scan (or after the reboot), click the History tab. Click Application Logs, followed by the first Scan Log. Click Export, followed by Copy to Clipboard. Paste the log in your next reply. ~~~~~ Please download Emsisoft Emergency Kit and save it to your desktop. Double click on the EmsisoftEmergencyKit file you downloaded to extract its contents and create a shortcut on the desktop. Leave all settings as they are and click the Extract button at the bottom. A folder named EEK will be created in the root of the drive (usually c:\). After extraction please double-click on the new Start Emsisoft Emergency Kit icon on your desktop. The first time you launch it, Emsisoft Emergency Kit will recommend that you allow it to download updates. Please click Yes so that it downloads the latest database updates. When the update process is complete, a new button will appear in the lower-left corner that says Back. Click on this button to return to the Overview screen. Click on Scan to be taken to the scan options. If you are asked if you want the scanner to scan for Potentially Unwanted Programs, then click Yes. Click on the Malware Scan button to start the scan. When the scan is completed click the Quarantine selected objects button. Note, this option is only available if malicious objects were detected during the scan. When the threats have been quarantined, click the View report button in the lower-right corner, and the scan log will be opened in Notepad. Please save the log in Notepad on your desktop, and copy it to your next reply. When you close Emsisoft Emergency Kit, it will give you an option to sign up for a newsletter. This is optional, and is not necessary for the malware removal process. Share this post Link to post Share on other sites
Samson Report post Posted December 11, 2016 Malwarebytes Anti-Malwarewww.malwarebytes.orgScan Date: 11-12-2016Scan Time: 11:08Logfile:Administrator: YesVersion: 2.2.1.1043Malware Database: v2016.12.11.02Rootkit Database: v2016.11.20.01License: TrialMalware Protection: DisabledMalicious Website Protection: DisabledSelf-protection: DisabledOS: Windows 10CPU: x64File System: NTFSUser: SamScan Type: Threat ScanResult: CompletedObjects Scanned: 304155Time Elapsed: 24 min, 52 secMemory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: EnabledPUM: EnabledProcesses: 0(No malicious items detected)Modules: 0(No malicious items detected)Registry Keys: 0(No malicious items detected)Registry Values: 1PUP.Optional.VulnerableDellSystemDetect, HKU\S-1-5-21-1043693715-1181851726-2221882957-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|DellSystemDetect, C:\Users\Samson\AppData\Local\Apps\2.0\2KRD71CW.65W\82P8WH81.08D\dell..tion_6d0a76327dca4869_0007.000b_df227eeaae3cac0d\DellSystemDetect.exe 4zZn5oeQk9WMM5ZBt7fsYA==, Quarantined, [da34b82ef2a896a0e52571f118ebe719]Registry Data: 0(No malicious items detected)Folders: 0(No malicious items detected)Files: 0(No malicious items detected)Physical Sectors: 0(No malicious items detected)(end) Share this post Link to post Share on other sites
Samson Report post Posted December 11, 2016 Emsisoft Emergency Kit - Version 12.0Last update: 11-12-2016 12:17:27User account: LAPTOP-DL6LJGA8\SamComputer name: LAPTOP-DL6LJGA8OS version: Windows 10x64Scan settings:Scan type: Malware ScanObjects: Rootkits, Memory, Traces, FilesDetect PUPs: OnScan archives: OffADS Scan: OnFile extension filter: OffDirect disk access: OffScan start: 11-12-2016 12:18:36C:\Users\Samson\Downloads\TheTruthSpy_7.9.apk -> AndroidManifest.xml detected: Android.Monitor.Agent.A ( [krnl.xmd]Scanned 82637Found 1Scan end: 11-12-2016 12:26:50Scan time: 0:08:14C:\Users\Samson\Downloads\TheTruthSpy_7.9.apk Android.Monitor.Agent.A (Quarantined 1 Share this post Link to post Share on other sites
Juliet Report post Posted December 11, 2016 How is your computer now? Share this post Link to post Share on other sites
Samson Report post Posted December 11, 2016 (edited) Yea, it is working well. But, i can't access windows defender. It says, it is turned off by group policy. Edited December 11, 2016 by Samson Share this post Link to post Share on other sites
Juliet Report post Posted December 11, 2016 Yea, it is working well. But, i can't access windows defender. It says, it is turned off by group policy.Yes, by design it's not going to run because you also have Smadav AV Antivirus A simple security software solution that provides real-time antivirus protection By design to stop interference and allow tools to run, Microsoft created the tool to do this. And there were a few remnant files from other antivirus applications on your machine but those are not enough to stop Windows Defender. Share this post Link to post Share on other sites
.png.9d4b89b15b2cd5e65edd93a0e6823dce.png)
