Too much protection

Tony D · May 4, 2017

This little machine had Trend Micro Maxium Security, AVG CloudCare and SuperAntiSpyware. It was running pretty slow. I uninstalled AVG using the AVG uninstaller. It was still slow. It's running pretty well now that the Trend software is not running.

Ran Malwarebytes Antimalware. It found 1,964 threats which were all MindSpark and Ask in Chrome. They were quarantined. MBAM shows them in the quarantine, but there is no scan report available. That's strange.

Can you take a look at the scan logs to remove any AVG items that remain and see if there's anything else to be concerned about? Thank you.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-05-2017 01
Ran by William (administrator) on 14189-WILLIAM-L (04-05-2017 10:17:15)
Running from C:\Users\William\Desktop
Loaded Profiles: William (Available Profiles: William)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [246264 2015-07-16] (Trend Micro Inc.)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1258496 2015-07-16] (Trend Micro Inc.)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SOSUAUI] => C:\Program Files (x86)\AVG Online Backup\sosuploadagent.exe [59440 2016-08-30] (AVG Online Backup)
HKLM-x32\...\Run: [SMessaging] => C:\Program Files (x86)\AVG Online Backup\SMessaging.exe [63536 2016-08-30] (AVG Online Backup)
HKLM-x32\...\Run: [AccountCreatorRunner] => C:\Program Files (x86)\AVG Online Backup\AccountCreatorRunner.exe [23088 2016-08-30] (AVG Online Backup)
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKU\S-1-5-21-3526073170-1583772248-2959233235-1001\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKU\S-1-5-21-3526073170-1583772248-2959233235-1001\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PictureMover.lnk [2009-12-04]
ShortcutTarget: PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c24cada4-9c69-41a7-9fd0-ab93644a81f7}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK/1
HKU\S-1-5-21-3526073170-1583772248-2959233235-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?gws_rd=ssl#spf=1
SearchScopes: HKLM -> DefaultScope {49218725-54B1-4FE5-ACA3-5ADE4D65021D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {49218725-54B1-4FE5-ACA3-5ADE4D65021D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {49218725-54B1-4FE5-ACA3-5ADE4D65021D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {49218725-54B1-4FE5-ACA3-5ADE4D65021D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3526073170-1583772248-2959233235-1001 -> DefaultScope {49218725-54B1-4FE5-ACA3-5ADE4D65021D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3526073170-1583772248-2959233235-1001 -> {49218725-54B1-4FE5-ACA3-5ADE4D65021D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
BHO: Trend Micro Network Filter Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll [2015-07-16] (Trend Micro Inc.)
BHO: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1089\9.1.1089\TmBpIe64.dll [2016-06-15] (Trend Micro Inc.)
BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-04] (Oracle Corporation)
BHO-x32: Trend Micro Network Filter Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll [2015-07-16] (Trend Micro Inc.)
BHO-x32: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1089\9.1.1089\TmBpIe32.dll [2016-06-15] (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-04] (Oracle Corporation)
Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
Toolbar: HKLM-x32 - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
Toolbar: HKU\S-1-5-21-3526073170-1583772248-2959233235-1001 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1089\9.1.1089\TmBpIe64.dll [2016-06-15] (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1089\9.1.1089\TmBpIe32.dll [2016-06-15] (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll [2015-07-16] (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll [2015-07-16] (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll [2015-07-16] (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2015-07-16] (Trend Micro Inc.)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1089\9.1.1089\firefoxextension
FF Extension: (Trend Micro BEP Firefox Extension) - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1089\9.1.1089\firefoxextension [2016-09-21]
FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1089\9.1.1089\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: (Trend Micro Toolbar) - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2016-11-07]
FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
FF Extension: (Trend Micro Osprey Firefox Extension) - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2016-09-21]
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll [2009-06-24] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-3526073170-1583772248-2959233235-1001: @hulu.com/Hulu Desktop -> C:\Users\Default.migrated\AppData\Local\HuluDesktop\instances\0.9.9.1\nphdplg.dll [No File]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR NewTab: Default -> Not-active:"chrome-extension://jmknbgfaiegknhkpchegnheahinbnkjd/stubby.html", Not-active:"chrome-extension://gilccnkjlhdobgphmegemajcbpapdlmm/stubby.html", Not-active:"chrome-extension://cjhofhakdnfjgeobcioadclaekfbhndl/stubby.html", Not-active:"chrome-extension://kgpcmjeckonpfoaacknfdaaehpjbflhl/stubby.html"
CHR Profile: C:\Users\William\AppData\Local\Google\Chrome\User Data\Default [2017-05-04]
CHR Extension: (Google Docs) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-13]
CHR Extension: (Google Drive) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-13]
CHR Extension: (Ask Web Search) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllfmhclbkgdcbioppcjohckdmjmfmcj [2017-05-04]
CHR Extension: (YouTube) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-13]
CHR Extension: (InboxNow) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjhofhakdnfjgeobcioadclaekfbhndl [2017-05-04]
CHR Extension: (Google Docs Offline) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-13]
CHR Extension: (OnlineMapFinder) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm [2017-01-28]
CHR Extension: (PDFConverterHQ) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmknbgfaiegknhkpchegnheahinbnkjd [2017-05-04]
CHR Extension: (Ask Web Search) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkmodlfcmmnhhlofndkhdcembjaefbb [2017-05-04]
CHR Extension: (EasyMailLogin) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgpcmjeckonpfoaacknfdaaehpjbflhl [2017-05-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-01]
CHR Extension: (Gmail) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-13]
CHR Extension: (Chrome Media Router) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-02]
CHR Profile: C:\Users\William\AppData\Local\Google\Chrome\User Data\Guest Profile [2016-12-30]
CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [125440 2009-09-24] (Hewlett-Packard) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1137664 2015-07-16] (Trend Micro Inc.)
S4 sagentservice; C:\Program Files (x86)\AVG Online Backup\SAgent.Service.exe [44080 2016-08-30] (AVG Online Backup)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-03-04] (Microsoft Corporation)
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]
S4 AvgUpgrade; "C:\Program Files (x86)\AVG\CloudCare\AvgUpgrade.exe" [X]
S4 ClientManager; "C:\Program Files (x86)\AVG\CloudCare\ClientManager.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-03-22] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-05-03] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-05-04] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-04] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-04] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92096 2017-05-04] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 tmactmon; C:\WINDOWS\system32\DRIVERS\tmactmon.sys [140504 2016-08-10] (Trend Micro Inc.)
R0 tmcomm; C:\WINDOWS\System32\DRIVERS\tmcomm.sys [332512 2016-08-10] (Trend Micro Inc.)
R0 TMEBC; C:\WINDOWS\System32\DRIVERS\TMEBC64.sys [72504 2015-11-19] (Trend Micro Inc.)
R3 tmeevw; C:\WINDOWS\system32\DRIVERS\tmeevw.sys [116576 2015-06-08] (Trend Micro Inc.)
S0 tmel; C:\WINDOWS\System32\DRIVERS\tmel.sys [39056 2015-06-22] (Trend Micro Inc.)
R1 tmevtmgr; C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys [106720 2016-08-10] (Trend Micro Inc.)
R3 tmnciesc; C:\WINDOWS\system32\DRIVERS\tmnciesc.sys [561952 2016-06-24] (Trend Micro Inc.)
R1 tmumh; C:\WINDOWS\system32\DRIVERS\TMUMH.sys [101088 2016-08-09] (Trend Micro Inc.)
R2 tmusa; C:\WINDOWS\system32\DRIVERS\tmusa.sys [124752 2015-12-09] (Trend Micro Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-04 10:17 - 2017-05-04 10:18 - 00018901 _____ C:\Users\William\Desktop\FRST.txt
2017-05-04 10:16 - 2017-05-04 10:17 - 02428928 _____ (Farbar) C:\Users\William\Desktop\FRST64.exe
2017-05-04 09:27 - 2017-05-04 09:27 - 00000000 ____D C:\Users\William\AppData\Roaming\Oracle
2017-05-04 09:07 - 2017-05-04 09:07 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-05-04 09:07 - 2017-05-04 09:07 - 00000000 ____D C:\Users\William\AppData\Roaming\Sun
2017-05-04 09:07 - 2017-05-04 09:07 - 00000000 ____D C:\Users\William\AppData\LocalLow\Sun
2017-05-04 09:07 - 2017-05-04 09:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-05-04 09:06 - 2017-05-04 09:07 - 00000000 ____D C:\ProgramData\Oracle
2017-05-04 09:06 - 2017-05-04 09:06 - 00000000 ____D C:\Program Files (x86)\Java
2017-05-04 08:58 - 2017-05-04 08:59 - 00399360 _____ (Trend Micro Inc.) C:\WINDOWS\RegBootClean64.exe
2017-05-04 08:55 - 2017-05-04 08:55 - 00000000 ____D C:\FRST
2017-05-04 08:04 - 2017-05-04 08:16 - 00000000 ____D C:\AVG_Remover
2017-05-04 00:07 - 2017-05-04 00:07 - 00000000 ____D C:\WINDOWS\system32\%commonappdata%
2017-05-03 23:42 - 2017-05-03 23:42 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\0F0F31F2.sys
2017-05-03 23:30 - 2017-05-03 23:30 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\0FA12857.sys
2017-05-03 23:29 - 2017-05-03 23:29 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\346327A7.sys
2017-05-03 23:28 - 2017-05-03 23:28 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\592526F7.sys
2017-05-03 23:25 - 2017-05-03 23:25 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\7B9D24B8.sys
2017-05-03 23:21 - 2017-05-03 23:21 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\32822217.sys
2017-05-03 23:21 - 2017-05-03 23:21 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\0140216A.sys
2017-05-03 23:17 - 2017-05-03 23:17 - 00000016 _____ C:\InjectIntoProcess crash
2017-05-03 17:44 - 2017-05-04 10:10 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-03 17:44 - 2017-05-04 10:10 - 00092096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-03 17:44 - 2017-05-04 10:10 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-03 17:44 - 2017-05-03 17:44 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-03 17:44 - 2017-05-03 17:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-03 17:44 - 2017-05-03 17:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-03 17:44 - 2017-05-03 17:44 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-03 17:44 - 2017-03-22 11:02 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-03 17:37 - 2017-05-03 17:43 - 60107896 _____ (Malwarebytes ) C:\Users\William\Downloads\mb3-setup-consumer-3.0.6.1469-10103.exe
2017-05-03 17:28 - 2017-05-03 17:29 - 211072168 _____ (Trend Micro Inc.) C:\Users\William\Downloads\TTi_11.0_HE_64bit.exe
2017-05-03 17:27 - 2017-05-04 00:08 - 00000372 _____ C:\WINDOWS\Tasks\HPCeeScheduleForWilliam.job
2017-05-03 17:27 - 2017-05-03 17:27 - 00003272 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForWilliam
2017-05-03 17:03 - 2017-05-03 17:03 - 00000000 ____D C:\Users\William\AppData\Roaming\HP Support Assistant
2017-05-02 12:03 - 2017-05-02 12:03 - 00007598 _____ C:\Users\William\AppData\Local\Resmon.ResmonCfg
2017-05-02 11:24 - 2017-05-02 11:27 - 04102600 _____ C:\Users\William\Downloads\adwcleaner_6.046.exe
2017-05-02 10:36 - 2017-05-02 10:36 - 00000000 ____D C:\Users\William\AppData\Roaming\Google

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-04 10:10 - 2016-09-23 14:05 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-04 09:37 - 2016-07-16 07:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-04 09:23 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-04 08:59 - 2016-09-21 18:42 - 00000000 ____D C:\ProgramData\Trend Micro
2017-05-04 08:48 - 2016-07-16 02:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-04 08:44 - 2016-10-22 04:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-04 08:43 - 2016-07-16 02:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-05-04 08:23 - 2016-09-13 21:14 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-04 08:23 - 2016-09-13 21:14 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-04 08:16 - 2016-12-05 13:32 - 00000000 ____D C:\ProgramData\Avg
2017-05-04 08:16 - 2016-12-05 13:16 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2017-05-04 08:15 - 2016-12-05 13:30 - 00000000 ____D C:\Program Files (x86)\AVG
2017-05-04 08:10 - 2016-07-16 07:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-05-04 08:09 - 2016-12-05 13:32 - 00000000 ____D C:\Users\William\AppData\Local\Avg
2017-05-04 07:37 - 2016-07-16 07:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-04 00:20 - 2016-11-25 17:58 - 00000332 _____ C:\Users\William\AppData\Roaming\wklnhst.dat
2017-05-04 00:19 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2017-05-04 00:08 - 2016-12-16 07:28 - 00000000 ____D C:\Users\William\AppData\Local\PuzzleGamesDailyTooltab
2017-05-03 23:16 - 2016-09-13 20:53 - 00000000 ____D C:\Users\William\AppData\Local\Packages
2017-05-03 22:58 - 2016-09-13 19:06 - 00000000 ____D C:\ProgramData\iolo
2017-05-03 22:21 - 2016-10-22 04:05 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-03 17:31 - 2016-09-21 19:47 - 00000010 _____ C:\Users\William\AppData\Local\sponge.last.runtime.cache
2017-05-03 17:27 - 2016-09-13 14:52 - 00000000 ____D C:\Users\William\AppData\Local\Hewlett-Packard
2017-05-03 17:03 - 2016-09-20 15:38 - 00000000 ____D C:\Users\William\AppData\Roaming\HpUpdate
2017-05-02 12:45 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-02 11:45 - 2016-09-13 20:41 - 01061014 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-02 11:34 - 2016-09-21 18:21 - 00000000 ____D C:\AdwCleaner
2017-05-02 11:31 - 2016-09-13 19:06 - 00000000 ____D C:\Program Files (x86)\iolo
2017-05-02 11:05 - 2017-03-20 15:07 - 00002422 _____ C:\Users\William\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-02 11:05 - 2016-12-16 16:39 - 00003294 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-02 11:05 - 2016-09-13 20:57 - 00000000 ___RD C:\Users\William\OneDrive
2017-05-02 02:00 - 2016-12-05 13:30 - 00000000 ____D C:\ProgramData\AVG Online Backup
2017-04-28 22:40 - 2016-10-22 04:24 - 00003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-28 22:40 - 2016-10-22 04:24 - 00003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-14 01:00 - 2016-10-13 20:38 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-14 00:56 - 2016-10-13 20:37 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-13 20:28 - 2016-10-22 04:11 - 00000000 ____D C:\Users\William

==================== Files in the root of some directories =======

2016-11-25 17:58 - 2017-05-04 00:20 - 0000332 _____ () C:\Users\William\AppData\Roaming\wklnhst.dat
2016-09-21 18:42 - 2016-09-21 18:42 - 0000036 _____ () C:\Users\William\AppData\Local\housecall.guid.cache
2017-05-02 12:03 - 2017-05-02 12:03 - 0007598 _____ () C:\Users\William\AppData\Local\Resmon.ResmonCfg
2016-09-21 19:47 - 2017-05-03 17:31 - 0000010 _____ () C:\Users\William\AppData\Local\sponge.last.runtime.cache
2016-09-20 15:36 - 2016-09-20 15:36 - 0000057 _____ () C:\ProgramData\Ament.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-04-28 17:39

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-05-2017 01
Ran by William (04-05-2017 10:19:02)
Running from C:\Users\William\Desktop
Windows 10 Home Version 1607 (X64) (2016-10-22 08:33:19)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3526073170-1583772248-2959233235-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3526073170-1583772248-2959233235-503 - Limited - Disabled)
Guest (S-1-5-21-3526073170-1583772248-2959233235-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3526073170-1583772248-2959233235-1002 - Limited - Enabled)
William (S-1-5-21-3526073170-1583772248-2959233235-1001 - Administrator - Enabled) => C:\Users\William

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Trend Micro Maximum Security (Disabled - Up to date) {8242D66F-41BD-4049-C2E6-E578E73B62A0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Trend Micro Maximum Security (Disabled - Up to date) {3923378B-6787-4FC7-F856-DE0A9CBC281D}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.1 - Hewlett-Packard) Hidden
AVG Online Backup (x32 Version: 6.5.1.108 - AVG) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2115 - CyberLink Corp.)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 3.1.3224 - Hewlett-Packard) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.96 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP MediaSmart Demo (HKLM-x32\...\{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3317 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3422 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{35021DFB-F9CA-402A-89A2-47F91E506465}) (Version: 1.0.2.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Officejet 4620 series Basic Device Software (HKLM\...\{B411AD10-1BC9-4939-8848-BC5E66F662B7}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 4620 series Help (HKLM-x32\...\{606C37AB-EB04-4270-A592-201A03C2DB36}) (Version: 6.0.0 - Hewlett Packard)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.11.0 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{741CFE3A-1C0B-4A7D-8E08-5D78C911C09D}) (Version: 4.2.5.3 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Hulu Desktop (HKU\S-1-5-21-3526073170-1583772248-2959233235-1001\...\HuluDesktop) (Version: 0.9.9 - Hulu LLC)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2017 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version: - )
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3526073170-1583772248-2959233235-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40624.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.1.3310 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 3.1.3310 - Hewlett-Packard) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.6 - NVIDIA Corporation)
PictureMover (HKLM-x32\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.19 - Hewlett-Packard Company)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3304 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3304 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3405 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3405 - CyberLink Corp.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2216 - CyberLink Corp.) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)
Trend Micro Maximum Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 10.0 - Trend Micro Inc.)
Trend Micro Titanium (Version: 10.0 - Trend Micro Inc.) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
YourTemplateFinder Internet Explorer Homepage and New Tab (HKU\S-1-5-21-3526073170-1583772248-2959233235-1001\...\YourTemplateFinderTooltab Uninstall Internet Explorer) (Version: - Mindspark Interactive Network, Inc.) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02D7F76C-397B-49EB-8B7B-CD8B61FA8283} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {08AB6384-9A09-493C-BD2F-0BABE25C4AD0} - System32\Tasks\HPCeeScheduleForWilliam => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07] (Hewlett-Packard)
Task: {0B7D27A5-EEB9-4075-B0F9-FDD9439A1B83} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-10-22] (CyberLink)
Task: {14C4F043-2625-4D3A-A396-667EE3F0C315} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {1859C22B-680D-4A04-A8B9-D81BA5399772} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {21DDFA2F-3A7D-47D5-8654-475D093D246D} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {238E40ED-4D14-4F07-A95D-FA7DEC5D0C39} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {260FDA65-96D7-4923-A7B5-5238E57B5E38} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {261FCE89-8502-4429-A596-52CC845BC41B} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {2B22E2C5-EA49-4559-AFBD-F73C72654617} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {364D2656-A8FA-4C0C-9072-C49D0A1D72E2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {3AF7C009-E76B-413D-A643-CB06582CE06A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {44776A2E-3338-4A7D-A5AC-AA7A9818B812} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {4738408D-1C65-4040-9C23-73E1E6DE4F89} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe
Task: {533043F3-61A5-4EB5-9062-70A31D6129A7} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {5B147D90-4D80-41F5-BE0E-40BE7FB8BEBF} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\William\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\OneDriveStandaloneUpdater.exe
Task: {60F567A5-1DE5-43F8-8452-525B5125375E} - System32\Tasks\AVG Online Backup - AVG78224 => C:\Program Files (x86)\AVG Online Backup\sosuploadagent.exe [2016-08-30] (AVG Online Backup)
Task: {676CF028-ABE1-4747-BFE4-F62A742560EE} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-09-24] (Hewlett-Packard)
Task: {7BD1D809-2F0F-4238-BD1E-A71C519D7222} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {840EDF36-3607-40E5-90B6-E93DF12D6BF7} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {A2D368AE-5279-4D03-915D-76BF45312D5E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {A45D4F49-E07D-4CD3-957D-EE8F242D4A59} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {AC301344-A8D4-4C8E-9CF2-988ED88980DA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {C8624761-CE01-4ED2-A931-BBDAE1529B61} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {CAC9649C-A26A-43AD-9786-EC630F8AB23B} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-09-24] (Hewlett-Packard)
Task: {CAEAD46F-5CA1-4803-A721-3B5D58EAD8F0} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {CD2928B4-8046-483C-9521-F4F7CF9BE3CD} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {D0A23BE4-1996-4F79-8758-299B109C0DBA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-13] (Google Inc.)
Task: {D5CB447C-7878-41BF-8E67-1D20D6C7DBF6} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {E2081106-BE16-4EB3-B52F-AA2FE434917F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-13] (Google Inc.)
Task: {F36D7E41-4DFE-4BBE-9D59-90ED3DBAC7BE} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {F918362F-DECA-4F39-B635-29FBC3ECD68A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {FCCA2E56-E461-4CBD-A7F3-41EB9F56F907} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\HPCeeScheduleForWilliam.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-09-21 18:43 - 2015-03-31 07:08 - 00026408 _____ () C:\Program Files\Trend Micro\AMSP\boost_system-vc110-mt-1_57.dll
2016-09-21 18:43 - 2015-03-31 07:08 - 00058320 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc110-mt-1_57.dll
2016-09-21 18:43 - 2015-03-31 07:09 - 00686608 _____ () C:\Program Files\Trend Micro\AMSP\sqlite3.dll
2016-09-21 18:43 - 2015-03-31 07:08 - 00110320 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc110-mt-1_57.dll
2016-09-21 18:43 - 2015-03-31 07:08 - 00036160 _____ () C:\Program Files\Trend Micro\AMSP\boost_chrono-vc110-mt-1_57.dll
2016-09-21 18:43 - 2015-03-31 07:09 - 01314920 _____ () C:\Program Files\Trend Micro\AMSP\libprotobuf.dll
2016-09-21 18:40 - 2015-07-16 14:31 - 00168544 _____ () C:\Program Files\Trend Micro\UniClient\plugins\LUADLL.dll
2016-09-21 18:43 - 2015-07-16 14:31 - 00089088 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_thread-vc110-mt-1_52.dll
2016-09-21 18:43 - 2015-07-16 14:31 - 00018944 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_system-vc110-mt-1_52.dll
2016-09-21 18:43 - 2015-07-16 14:31 - 00049664 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_date_time-vc110-mt-1_52.dll
2016-09-21 18:43 - 2015-07-16 14:31 - 00761856 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_regex-vc110-mt-1_52.dll
2016-07-16 07:42 - 2016-07-16 07:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-03-22 15:40 - 2017-03-04 03:19 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2017-03-22 15:40 - 2017-03-04 03:19 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-22 15:40 - 2017-03-04 03:19 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-22 07:58 - 2016-10-22 07:58 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-22 15:46 - 2017-03-04 02:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-22 15:39 - 2017-03-04 02:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-22 15:39 - 2017-03-04 02:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-22 15:39 - 2017-03-04 02:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-22 15:39 - 2017-03-04 02:05 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-03-22 15:39 - 2017-03-04 02:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-22 15:39 - 2017-03-04 02:08 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-11-07 03:38 - 2016-10-11 04:52 - 00077072 _____ () C:\Program Files\Trend Micro\Titanium\plugin\fcMsgDispatcher.dll
2017-05-03 17:44 - 2017-03-22 10:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-05-03 17:44 - 2017-03-23 19:40 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-04-01 17:17 - 2017-04-01 17:17 - 14350336 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.52.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.dll
2009-10-22 22:50 - 2009-10-22 22:50 - 00931112 _____ () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AvgApiWrapper => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AvgUpgrade => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClientManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3526073170-1583772248-2959233235-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\hp\Hp_1.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: AvgApiWrapper => 2
MSCONFIG\Services: AvgUpgrade => 2
MSCONFIG\Services: ClientManager => 2
MSCONFIG\Services: sagentservice => 2
HKLM\...\StartupApproved\StartupFolder: => "PictureMover.lnk"
HKLM\...\StartupApproved\Run: => "PC-Doctor for Windows localizer"
HKLM\...\StartupApproved\Run32: => "AVG_UI"
HKLM\...\StartupApproved\Run32: => "AvgUi"
HKU\S-1-5-21-3526073170-1583772248-2959233235-1001\...\StartupApproved\Run: => "HPADVISOR"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5E0BE303-10B5-414A-AC68-242CD90DE656}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{365FF2AE-C101-4DFC-B458-2BC56542BA3A}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{C2434B2C-1748-4808-B9CC-BA26A9058EA3}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\DeviceSetup.exe
FirewallRules: [{E9E5EAD7-10C8-4328-A177-7D61EBF24558}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\SendAFax.exe
FirewallRules: [{1D9F9192-241F-4B65-AF6B-79CDA00F109A}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\DigitalWizards.exe
FirewallRules: [{321EE818-508D-465C-8E42-671720692AF7}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\FaxApplications.exe
FirewallRules: [{7BDF9A3E-F198-4F6B-B44C-F0E4C299FCD3}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{4880A744-175E-4894-824F-13A151A2A132}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{1D054CA5-E329-40AF-A202-1479C4FCD6DE}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{18B8E588-C53C-479E-A225-CED02417B9B3}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{866089F2-FBAC-4F31-B012-69AFE1A98C37}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{772D1779-862C-4621-9AB8-321BB6AD39AD}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{DB1572C1-3FA6-4D06-A23D-44948DB3CF44}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{19099448-427F-4897-984C-74B433E97D96}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{7FFE5900-3116-4649-9157-4C8AB7647095}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{6DE2D9DE-38B3-4B6D-BD8F-974956CCE4AB}] => (Allow) svchost.exe
FirewallRules: [{30A44DB5-4E2C-4B38-BC1F-A162FBC750E3}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{16D4F267-82E9-41C2-97CD-A56881C68FAC}] => (Allow) LPort=4158
FirewallRules: [{EE6D7340-D9FD-49AE-987F-DE2DF7DFA24C}] => (Allow) LPort=30861
FirewallRules: [{CDE2D2B6-A9FA-4393-955C-3FF0FED6C89C}] => (Allow) LPort=30869
FirewallRules: [{19357686-8590-4010-9EBF-F0CE3F0CF65A}] => (Allow) LPort=30870
FirewallRules: [{BE2774AE-AE5C-4C04-8F04-D9D0285DB934}] => (Allow) LPort=30871
FirewallRules: [{B053DAB0-BC1C-4972-A9B5-C0FAE72AEC9B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{38157AB0-1413-4B5B-B110-0BB0B4CC5105}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{D69F4EC7-13D5-420F-82D3-482CD6A2FC4B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{3EEAD8DE-504C-44BC-B236-5847EC394699}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{BB8AEF9E-1F04-415A-88F1-B5B560FA190E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

04-04-2017 13:10:13 Scheduled Checkpoint
13-04-2017 23:34:59 Scheduled Checkpoint
16-04-2017 19:00:04 Windows Backup
30-04-2017 13:39:01 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (05/04/2017 08:51:25 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.

Error: (05/04/2017 08:51:23 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (05/04/2017 12:02:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: 14189-WILLIAM-L)
Description: Activation of app windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (05/04/2017 12:02:14 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: 14189-WILLIAM-L)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (05/04/2017 12:00:14 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: 14189-WILLIAM-L)
Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (05/03/2017 11:59:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: 14189-WILLIAM-L)
Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (05/03/2017 11:59:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: 14189-WILLIAM-L)
Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (05/03/2017 11:59:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: 14189-WILLIAM-L)
Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (05/03/2017 11:59:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: 14189-WILLIAM-L)
Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (05/03/2017 11:58:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: 14189-WILLIAM-L)
Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

System errors:
=============
Error: (05/04/2017 09:23:02 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/04/2017 08:44:05 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/04/2017 08:43:17 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {B91D5831-B1BD-4608-8198-D72E155020F7} did not register with DCOM within the required timeout.

Error: (05/04/2017 08:43:07 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Update Orchestrator Service for Windows Update service terminated with the following error:
The class is configured to run as a security id different from the caller

Error: (05/04/2017 08:43:04 AM) (Source: DCOM) (EventID: 10010) (User: 14189-WILLIAM-L)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.

Error: (05/04/2017 08:34:56 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/04/2017 08:15:51 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/04/2017 08:09:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AVG WatchDog service terminated unexpectedly. It has done this 1 time(s).

Error: (05/04/2017 07:33:26 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/04/2017 12:08:50 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

CodeIntegrity:
===================================
Date: 2017-05-04 07:38:33.495
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-04 07:38:26.045
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-04 07:37:35.079
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-04 07:37:05.954
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-04 07:37:05.508
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-04 07:36:50.855
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-04 07:36:09.216
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-04 00:12:08.234
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-04 00:12:08.004
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-04 00:12:07.275
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

[0x7FF9E90970E3] ANOMALY: use of REX.w is meaningless (default operand size is 64)

==================== Memory info ===========================

Processor: AMD Athlon(tm) II X2 250 Processor
Percentage of memory in use: 51%
Total physical RAM: 3839.3 MB
Available physical RAM: 1859.16 MB
Total Virtual: 7679.3 MB
Available Virtual: 5565.22 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:584.87 GB) (Free:520.41 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:10.77 GB) (Free:1.56 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=584.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=10.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

starbuck · May 4, 2017

Hi Tony,

It's running pretty well now that the Trend software is not running.

So are you keeping Trend Micro or are you removing it?

They were quarantined. MBAM shows them in the quarantine, but there is no scan report available. That's strange.

So from the main screen there's nothing under 'Reports' on the left hand side?

Tony D · May 4, 2017

Since Trend is giving producing a good deal of drag on this machine, I plan to remove it totally.

Here's a shot of the MBAM window.

Tony D · May 4, 2017

Ran another MBAM scan. This time there was a report.

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 5/4/17
Scan Time: 3:21 PM
Logfile: MBAM scan 2.txt
Administrator: Yes

-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.103
Update Package Version: 1.0.1869
License: Trial

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: 14189-WILLIAM-L\William

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 362561
Time Elapsed: 4 min, 35 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 2
PUP.Optional.MindSpark, HKU\S-1-5-21-3526073170-1583772248-2959233235-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\YourTemplateFinderTooltab Uninstall Internet Explorer, No Action By User, [267], [352442],1.0.1869
PUP.Optional.IoloSC, HKLM\SOFTWARE\WOW6432NODE\IOLO\System Checkup, No Action By User, [2166], [349242],1.0.1869

Registry Value: 1
PUP.Optional.MindSpark, HKU\S-1-5-21-3526073170-1583772248-2959233235-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\YourTemplateFinderTooltab Uninstall Internet Explorer|PUBLISHER, No Action By User, [267], [352442],1.0.1869

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 85
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\abstractbutton\background, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\embedscript\background, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\thirdparty\background, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\uninstall\background, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\embedhtml\background, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\weather\css, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\topapps\css, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\weather\js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\weather\background, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\topapps\js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\generic\background, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\radio\css, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\defaultSearch\foreground, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\defaultSearch\background, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\embedscript\html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\alert\background, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\flare\background, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\radio\js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\moviereviews\background, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\menu\background, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\topapps, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\link\background, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\weather, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\abstractbutton, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\embedhtml\html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\embedscript\js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\common, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\rss\js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\rss\background, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\radio, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\test, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\embedhtml\js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\embedscript, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\flare\icons, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\menu\images, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\rss, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\radio\radioWrapper, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\search\background, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\thirdparty, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\moviereviews\html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\embedhtml, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\menu\html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\radio\foreground, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\uninstall, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\radio\background, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\moviereviews\css, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\menu\css, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\moviereviews\js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\generic, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\menu\js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\weather, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\api\background, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\defaultSearch, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\supertab\html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\alert, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\flare, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\moviereviews, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\supertab\css, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\search\html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\menu, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\link, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\supertab\js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\rss, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\api\window, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\radio\css, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\supertab, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\search, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\radio, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\adapter, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\api, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\native\libs, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\_metadata, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\images, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\native, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\shared, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\icons, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\USERS\WILLIAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\GILCCNKJLHDOBGPHMEGEMAJCBPAPDLMM, No Action By User, [267], [301932],1.0.1869

File: 239
PUP.Optional.MindSpark, C:\USERS\WILLIAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\GILCCNKJLHDOBGPHMEGEMAJCBPAPDLMM\12.600.10.40484_0\MANIFEST.JSON, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\adapter\adapterUtil.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\adapter\widget-adapter.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\abstractbutton\background\abstractButton.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\alert\background\alertButton.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\embedhtml\background\embedHtmlWidget.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\embedhtml\html\embedHtmlTemplate.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\embedhtml\html\innerEmbedHtmlTemplate.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\embedhtml\js\embedHtmlUI.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\embedscript\background\embedScriptWidget.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\embedscript\html\embedScriptTemplate.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\embedscript\html\innerEmbedScriptTemplate.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\embedscript\js\embedScriptUI.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\flare\background\FlareWidget.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\flare\icons\Icon_Flare_blue.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\flare\icons\Icon_Flare_pink.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\flare\icons\Thumbs.db, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\generic\background\GenericWidget.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\link\background\linkButton.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\menu\background\menuButton.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\menu\css\menuframe.css, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\menu\html\menuframe.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\menu\images\right_arrow.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\menu\images\right_arrow_white.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\menu\js\jquery-1.7.1.min.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\menu\js\menuframe.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\menu\js\query-string.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\menu\js\underscore-1.3.1.min.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\menu\README.txt, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\rss\background\RssWidget.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\thirdparty\background\thirdPartyWidget.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\uninstall\background\uninstallButton.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\components\weather\background\weatherButton.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\js\bs.30.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\js\common.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\js\dynamic.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\js\enableDetect.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\js\eventListening.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\js\global.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\js\jquery-1.7.1.min.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\js\list-interaction.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\js\messageEventListener.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\js\navRedirector.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\js\paramReplacer.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\js\PartnerId.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\js\set.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\js\underscore-1.3.1.min.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\js\underscore-1.5.2.min.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\js\unifiedLogging.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\common\common.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\common\eventListening.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\common\jquery-1.7.1.min.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\common\list-interaction.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\common\set.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\common\underscore-1.3.1.min.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\radio\css\radio-widget.css, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\radio\js\radio-custom.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\radio\js\radio-parser.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\radio\js\radio-widget-ui.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\radio\js\radio-widget.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\radio\radio-widget.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\rss\js\rss-widget-custom.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\rss\js\rss-widget-parse.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\rss\js\rss-widget.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\rss\rssWidget.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\test\invalid.json, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\test\jquery.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\test\qunit.css, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\test\qunit.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\test\resource.json, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\test\resource.xml, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\test\testWidget.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\test\testWidget.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\topapps\css\widget.css, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\topapps\js\nanigans-topapps-feed.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\topapps\js\topapps-config.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\topapps\js\widget.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\topapps\widget.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\weather\css\weatherButton.css, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\weather\js\weather.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widgets\weather\weatherButton.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\common\widget-api\widget-context-1.0.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\api\background\ApiBasedWidget.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\api\background\widget-api-impl.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\api\window\hiddenWidgetWindow.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\api\window\hiddenWidgetWindow.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\api\window\hiddenWidgetWindowInit.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\api\window\widgetWindow.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\api\window\widgetWindow.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\defaultSearch\background\updateSearch.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\defaultSearch\background\updateSearchPromptBg.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\defaultSearch\foreground\07_buttons2.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\defaultSearch\foreground\08_buttons2.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\defaultSearch\foreground\defaultSearchModal.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\defaultSearch\foreground\defaultSearchModalInjector.css, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\defaultSearch\foreground\defaultSearchModalInjector.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\defaultSearch\foreground\tvf_btn_ok.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\defaultSearch\foreground\tvf_btn_ok2.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\defaultSearch\foreground\tvf_restart_alert_icon.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\defaultSearch\foreground\tvf_restart_icon.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\defaultSearch\foreground\updateSearchPromptFg.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\moviereviews\background\MovieReviewsWidget.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\moviereviews\css\movieReviews.css, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\moviereviews\html\movieReviews.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\moviereviews\js\movieReviews.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\radio\background\RadioWidget.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\radio\css\toolbar-item.css, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\radio\foreground\button.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\radio\radioWrapper\radioWrapper.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\radio\radioWrapper\radioWrapper.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\search\background\searchBox.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\search\html\searchSuggestions.css, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\search\html\searchSuggestions.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\search\html\searchSuggestions.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\search\html\searchSuggestionsInit.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\supertab\css\supertab.css, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\supertab\html\supertab.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\supertab\js\newtabfork.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\supertab\js\reporting.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\supertab\js\srchsugg.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\supertab\js\supertab.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\supertab\js\unifiedLogging.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\components\supertab\js\__utm.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\_metadata\computed_hashes.json, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\_metadata\verified_contents.json, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\icons\arrowSprite.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\icons\icon128.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\icons\icon16.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\icons\icon19disabled.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\icons\icon19on.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\icons\icon48.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\icons\tb_icon_search_disappearing_ask.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\images\233269469.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\images\233269472.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\images\233269487.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\images\233269490.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\images\233269492.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\images\233269498.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\images\233269514.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\images\down_arrow.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\images\IDR_PRODUCT_LOGO_16.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\images\IDR_WEBSTORE_ICON.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\images\magnifying_glass.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\images\RadioPlayerSprite.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\images\search_button.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\images\tvf_icon_guide.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\images\tvf_logo.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\images\wrench.png, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\newTabInitialize.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\chromeStorage.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\chromeUtils.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\companionSWUtils.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\exeManager.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\exeManagerNMD.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\exePackageManager.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\focusManager.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\globalBlacklistManager.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\messaging.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\mutation_summary-min.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\mutation_summary.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\nativeMessagingDispatcher.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\newTabInfo.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\options.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\readLocalStorage.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\reservespacefortoolbar.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\reservespaceifenabled.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\scriptInjector.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\searchContext.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\settingsOverrides.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\toolbarCookieParser.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\toolbarPreinit.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\underscore-1.3.1.min.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\URILoaderContentScript.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\webTooltabAPI.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\Widget.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\widgetContentScriptInjectee.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\widgetFactory.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\js\widgetWindowManager.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\native\libs\jquery-1.7.1.min.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\native\libs\jquery-1.9.1.min.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\native\libs\underscore-1.5.2.min.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\native\cache.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\native\ce.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\native\debug.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\native\ss.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\shared\activePing.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\shared\buttonLogger.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\shared\competitorDnsList.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\shared\console.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\shared\FFPreferencesPersister.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\shared\httpTransport.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\shared\HttpURL.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\shared\internationalSearch.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\shared\LocalStoragePersister.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\shared\MindsparkGlobal.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\shared\MindsparkGlobal.unitTest.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\shared\MindsparkGlobalNotes.txt, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\shared\rsvp-latest.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\shared\searchSuggestLocale.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\shared\testHttpTransport.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\shared\unifiedLogger.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\shared\unifiedLogging.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\shared\universalConsole.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\shared\utils.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\spent2.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\bg.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\buildVars, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\buildVars.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\companionSW.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\config.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\contentScript.css, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\contentScript.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\debug.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\debug.jade, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\spentJ.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\spentK.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\spentK.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\startup.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\stub.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\stubby.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\superFrame.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\toolbar.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\toolbar.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\toolbarUI.css, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\toolbarUI.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\toolbarUI.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\url.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\urlFragmentActions.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\webtooltab.cs.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\extension_toolbar_api.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\initWidgetWindow.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\newTabContentScript.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\options.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\spent.css, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\spent.html, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\spent.js, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilccnkjlhdobgphmegemajcbpapdlmm\12.600.10.40484_0\spent2.css, No Action By User, [267], [301932],1.0.1869
PUP.Optional.MindSpark, C:\USERS\WILLIAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_easymaillogin.dl.tb.ask.com_0.localstorage-journal, No Action By User, [267], [240306],1.0.1869
PUP.Optional.MindSpark, C:\USERS\WILLIAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_pdfconverterhq.dl.tb.ask.com_0.localstorage-journal, No Action By User, [267], [240306],1.0.1869

Physical Sector: 0
(No malicious items detected)

(end)

starbuck · May 4, 2017

Hi Tony,

No Action By User

Have you now removed the items?

Since Trend is giving producing a good deal of drag on this machine, I plan to remove it totally.

Ok.
Might be worth running another scan after removing Trend Micro just to make sure there's no leftovers.

There are a few AVG leftovers, plus some other items.

Please download the attached fixlist.txt file (bottom of this post) and save it to the Desktop.
NOTE.
It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system

Re-run FRST/FRST64 (which ever is installed ) and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt). Please post this in your next reply.

Tony D · May 4, 2017

Sorry about the MBAM report. What you saw was an Exported text file created before I Finished. I hit report to ensure that I got something in a logfile. Why? Because there was no report from the initial MBAM scan. Just making sure I had something before finishing. Yes, everything was quarantined.

Have you heard any reports of issues with Trend Max Security and W10?

Fix result of Farbar Recovery Scan Tool (x64) Version: 03-05-2017 01
Ran by William (04-05-2017 17:28:33) Run:1
Running from C:\Users\William\Desktop
Loaded Profiles: William (Available Profiles: William)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SOSUAUI] => C:\Program Files (x86)\AVG Online Backup\sosuploadagent.exe [59440 2016-08-30] (AVG Online Backup)
HKLM-x32\...\Run: [SMessaging] => C:\Program Files (x86)\AVG Online Backup\SMessaging.exe [63536 2016-08-30] (AVG Online Backup)
HKLM-x32\...\Run: [AccountCreatorRunner] => C:\Program Files (x86)\AVG Online Backup\AccountCreatorRunner.exe [23088 2016-08-30] (AVG Online Backup)
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
Toolbar: HKU\S-1-5-21-3526073170-1583772248-2959233235-1001 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
FF Plugin HKU\S-1-5-21-3526073170-1583772248-2959233235-1001: @hulu.com/Hulu Desktop -> C:\Users\Default.migrated\AppData\Local\HuluDesktop\instances\0.9.9.1\nphdplg.dll [No File]
CHR Extension: (Ask Web Search) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllfmhclbkgdcbioppcjohckdmjmfmcj [2017-05-04]
CHR Extension: (Ask Web Search) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkmodlfcmmnhhlofndkhdcembjaefbb [2017-05-04]
CHR Extension: (InboxNow) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjhofhakdnfjgeobcioadclaekfbhndl [2017-05-04]
CHR Extension: (EasyMailLogin) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgpcmjeckonpfoaacknfdaaehpjbflhl [2017-05-04]
S4 sagentservice; C:\Program Files (x86)\AVG Online Backup\SAgent.Service.exe [44080 2016-08-30] (AVG Online Backup)
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]
S4 AvgUpgrade; "C:\Program Files (x86)\AVG\CloudCare\AvgUpgrade.exe" [X]
S4 ClientManager; "C:\Program Files (x86)\AVG\CloudCare\ClientManager.exe" [X]
U3 idsvc; no ImagePath
2017-05-04 08:16 - 2016-12-05 13:32 - 00000000 ____D C:\ProgramData\Avg
2017-05-04 08:15 - 2016-12-05 13:30 - 00000000 ____D C:\Program Files (x86)\AVG
2017-05-04 08:09 - 2016-12-05 13:32 - 00000000 ____D C:\Users\William\AppData\Local\Avg
2017-05-03 22:58 - 2016-09-13 19:06 - 00000000 ____D C:\ProgramData\iolo
2017-05-02 11:31 - 2016-09-13 19:06 - 00000000 ____D C:\Program Files (x86)\iolo
2017-05-02 02:00 - 2016-12-05 13:30 - 00000000 ____D C:\ProgramData\AVG Online Backup
Task: {60F567A5-1DE5-43F8-8452-525B5125375E} - System32\Tasks\AVG Online Backup - AVG78224 => C:\Program Files (x86)\AVG Online Backup\sosuploadagent.exe [2016-08-30] (AVG Online Backup)
Task: {D5CB447C-7878-41BF-8E67-1D20D6C7DBF6} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AvgApiWrapper => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AvgUpgrade => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClientManager => ""="Service"
MSCONFIG\Services: AvgApiWrapper => 2
MSCONFIG\Services: AvgUpgrade => 2
MSCONFIG\Services: ClientManager => 2
HKLM\...\StartupApproved\Run32: => "AVG_UI"
HKLM\...\StartupApproved\Run32: => "AvgUi"
FirewallRules: [{B053DAB0-BC1C-4972-A9B5-C0FAE72AEC9B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{38157AB0-1413-4B5B-B110-0BB0B4CC5105}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{D69F4EC7-13D5-420F-82D3-482CD6A2FC4B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{3EEAD8DE-504C-44BC-B236-5847EC394699}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
C:\Program Files (x86)\AVG Online Backup
CMD: ipconfig /flushdns
Hosts:
EmptyTemp:

*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SOSUAUI => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SMessaging => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AccountCreatorRunner => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AvgUi => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => key removed successfully
HKCR\Wow6432Node\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => key not found.
HKU\S-1-5-21-3526073170-1583772248-2959233235-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => value removed successfully
HKCR\CLSID\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => key not found.
HKU\S-1-5-21-3526073170-1583772248-2959233235-1001\Software\MozillaPlugins\@hulu.com/Hulu Desktop => key removed successfully
C:\Users\Default.migrated\AppData\Local\HuluDesktop\instances\0.9.9.1\nphdplg.dll => not found.
C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllfmhclbkgdcbioppcjohckdmjmfmcj => moved successfully
C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkmodlfcmmnhhlofndkhdcembjaefbb => moved successfully
C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjhofhakdnfjgeobcioadclaekfbhndl => moved successfully
C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgpcmjeckonpfoaacknfdaaehpjbflhl => moved successfully
HKLM\System\CurrentControlSet\Services\sagentservice => key removed successfully
sagentservice => service removed successfully
HKLM\System\CurrentControlSet\Services\Amsp => key removed successfully
Amsp => service removed successfully
HKLM\System\CurrentControlSet\Services\AvgUpgrade => key removed successfully
AvgUpgrade => service removed successfully
HKLM\System\CurrentControlSet\Services\ClientManager => key removed successfully
ClientManager => service removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => key removed successfully
idsvc => service removed successfully
C:\ProgramData\Avg => moved successfully
C:\Program Files (x86)\AVG => moved successfully
C:\Users\William\AppData\Local\Avg => moved successfully
C:\ProgramData\iolo => moved successfully
C:\Program Files (x86)\iolo => moved successfully
C:\ProgramData\AVG Online Backup => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{60F567A5-1DE5-43F8-8452-525B5125375E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{60F567A5-1DE5-43F8-8452-525B5125375E} => key removed successfully
C:\WINDOWS\System32\Tasks\AVG Online Backup - AVG78224 => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG Online Backup - AVG78224 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D5CB447C-7878-41BF-8E67-1D20D6C7DBF6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5CB447C-7878-41BF-8E67-1D20D6C7DBF6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify => key removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\AvgApiWrapper => key removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\AvgUpgrade => key removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\ClientManager => key removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AvgApiWrapper => key removed successfully
HKLM\System\CurrentControlSet\Services\AvgApiWrapper => key not found.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AvgUpgrade => key removed successfully
HKLM\System\CurrentControlSet\Services\AvgUpgrade => key not found.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ClientManager => key removed successfully
HKLM\System\CurrentControlSet\Services\ClientManager => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\AVG_UI => value removed successfully
HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AVG_UI => value not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\AvgUi => value removed successfully
HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AvgUi => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B053DAB0-BC1C-4972-A9B5-C0FAE72AEC9B} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{38157AB0-1413-4B5B-B110-0BB0B4CC5105} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D69F4EC7-13D5-420F-82D3-482CD6A2FC4B} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3EEAD8DE-504C-44BC-B236-5847EC394699} => value removed successfully
C:\Program Files (x86)\AVG Online Backup => moved successfully

========= ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 3083088 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 37457061 B
Java, Flash, Steam htmlcache => 1703 B
Windows/system/drivers => 808296306 B
Edge => 0 B
Chrome => 181279262 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 152296 B
NetworkService => 27956 B
William => 22914526 B

RecycleBin => 42031 B
EmptyTemp: => 1004.5 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 17:29:12 ====

starbuck · May 4, 2017

Have you heard any reports of issues with Trend Max Security and W10?

If you do a Google search for.... Trend Micro and windows 10 problems
You'll see quite a few problems, but these seem to be related to last year.
I don't see anything relating to this year.

How's the system running now?

Tony D · May 4, 2017

System seems to be running as I would expect.

What I don't understand is why the Trend Max Security isn't starting/showing in the Notification Area any more. Previous to the FRSTFix, it would show up in the Notification Area and I'd have to disable it. There was no option to disable it permanently. The only option showing was to disable until restart.

Defender is now showing up in the Notification Area. It's enabled.]

starbuck · May 5, 2017

What I don't understand is why the Trend Max Security isn't starting/showing in the Notification Area any more.
Previous to the FRSTFix, it would show up in the Notification Area and I'd have to disable it.

The service relating to Trend Micro that was removed in the fix was:

R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]

so although the service was listed as R2 (R=Running ..... 2=Auto start )
The [X] at the end signifies that FRST could not find the files associated with the particular Service or Driver and has listed the ImagePath as it is in the registry instead.
We normally remove these entries because the files associated couldn't be found and if you wanted to keep the program would recommend it be reinstalled.

Tony D · May 6, 2017

Thanks a great deal for the excellent explanation.

starbuck · May 7, 2017

You're welcome.

Too much protection

Tony D

Super-Moderator

Attachments

starbuck

Malware Removal Specialist - Administrator

Tony D

Super-Moderator

Tony D

Super-Moderator

starbuck

Malware Removal Specialist - Administrator

Attachments

Tony D

Super-Moderator

starbuck

Malware Removal Specialist - Administrator

Tony D

Super-Moderator

starbuck

Malware Removal Specialist - Administrator

Tony D

Super-Moderator

starbuck

Malware Removal Specialist - Administrator

Similar threads