Malwarebytes scan detects 30 items per day?

fmonte

Member
I recently reformatted my hard drive to remove a virus. Now, I am scanning my computer every day with Malwarebytes. Is it common to get 30 detections per day or does that mean I have another virus? Thank you in advance.
 

beers

Moderator
Staff member
Usually 0 is the number you want.

Is it always the same one? What kind of other bundled software or indications do you get from the match?

Usually you can google like malwarebytes virusidhere replacing the virusidhere with whatever name of malware it identifies as.
 

johnb35

Administrator
Staff member
Give me the report so I can see what its removing. Probably adware from a program you are installing.
 

fmonte

Member
This is today's, I can go back 3 more days if you need to see those reports. Thank you.

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 9/9/20
Scan Time: 2:08 AM
Log File: e88abee6-f262-11ea-be05-38d547798f4d.json

-Software Information-
Version: 4.2.0.82
Components Version: 1.0.1036
Update Package Version: 1.0.29615
License: Trial

-System Information-
OS: Windows 10 (Build 19041.450)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 276688
Threats Detected: 31
Threats Quarantined: 31
Time Elapsed: 2 min, 32 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 1
PUP.Optional.Spigot.Generic, HKU\S-1-5-21-222931290-2379196941-2759799694-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|mfdhapjaifopnpiombebakafahgejcid, Quarantined, 199, 774168, , , , , ,

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 7
PUP.Optional.Spigot.Generic, C:\USERS\MONEY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\mfdhapjaifopnpiombebakafahgejcid, Quarantined, 199, 774168, , , , , ,
PUP.Optional.Spigot.Generic, C:\USERS\MONEY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Extension Settings\mfdhapjaifopnpiombebakafahgejcid, Quarantined, 199, 774168, , , , , ,
PUP.Optional.Conduit, C:\USERS\MONEY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Quarantined, 193, 454832, , , , , ,
PUP.Optional.Conduit, C:\USERS\MONEY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Quarantined, 193, 454832, , , , , ,
PUP.Optional.Conduit, C:\USERS\MONEY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Quarantined, 193, 454832, , , , , ,
PUP.Optional.Conduit, C:\USERS\MONEY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Quarantined, 193, 454832, , , , , ,
PUP.Optional.Conduit, C:\USERS\MONEY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Quarantined, 193, 454832, , , , , ,

File: 23
PUP.Optional.Spigot.Generic, C:\USERS\MONEY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, 199, 774168, , , , , 068AC1464764F61EBE0CFFC195036C4F, 268C61513DD90CC0D3B0716EFCF14EB62021BC5D9D9A01F6C8DFD6623E6223C4
PUP.Optional.Spigot.Generic, C:\USERS\MONEY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, 199, 774168, , , , , 05BE54F77BA05F061355EC1D7F3656F5, 7A499C154DDD30B68A52AB94CDA19538FADB5BEF8205AF1EFCFEACD6516041DF
PUP.Optional.Spigot.Generic, C:\Users\money\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\mfdhapjaifopnpiombebakafahgejcid\000003.log, Quarantined, 199, 774168, , , , , E6E43C126E2F1FA7861C32CC13275259, 06C1BABC26C5BF020B115EFE040410CA4817C2E5CBD0888A9F5CEA3598E17ACC
PUP.Optional.Spigot.Generic, C:\Users\money\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\mfdhapjaifopnpiombebakafahgejcid\CURRENT, Quarantined, 199, 774168, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.Spigot.Generic, C:\Users\money\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\mfdhapjaifopnpiombebakafahgejcid\LOCK, Quarantined, 199, 774168, , , , , ,
PUP.Optional.Spigot.Generic, C:\Users\money\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\mfdhapjaifopnpiombebakafahgejcid\LOG, Quarantined, 199, 774168, , , , , F404F870C0DA2A05777F38EB61E2863C, D6843D4D739C855E905360F293FC9FD42B84EC72437EBD901A8E4A1A106BEA60
PUP.Optional.Spigot.Generic, C:\Users\money\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\mfdhapjaifopnpiombebakafahgejcid\LOG.old, Quarantined, 199, 774168, , , , , 1DE777E7E7AA376C061DCAC86DA184DD, AFBAD61D81E9C5A2EF829233614BA0A95B78FBB5CD90CEC590BE3E96C77A932F
PUP.Optional.Spigot.Generic, C:\Users\money\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\mfdhapjaifopnpiombebakafahgejcid\MANIFEST-000001, Quarantined, 199, 774168, , , , , 5AF87DFD673BA2115E2FCF5CFDB727AB, F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
PUP.Optional.Spigot.Generic, C:\USERS\MONEY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\MFDHAPJAIFOPNPIOMBEBAKAFAHGEJCID\2.5_0\APP\BACKGROUND.JS, Quarantined, 199, 774168, 1.0.29615, , ame, , EC7EDFFD576439319C47DB20A5D3DE17, E09E843180D938446C32ABF2959D201771008E27EC2F40C3CBC466FEC14D0891
PUP.Optional.Conduit, C:\Users\money\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, Quarantined, 193, 454832, , , , , C4038B2E59569E8A68FA577CA7BB674C, 30A224B135754B2533FB690DB718F04740415748BB41BC172B33FE77663209CE
PUP.Optional.Conduit, C:\Users\money\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000008.ldb, Quarantined, 193, 454832, , , , , 7A9626657AE492EFA13CA4AFE18FD36C, 6B0C7B14D619C5A04BEC009F9305EE3342A124E433A8615A588E872BAF5E7743
PUP.Optional.Conduit, C:\Users\money\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000010.log, Quarantined, 193, 454832, , , , , CDEFC137B46BEC2882124BAD2560CE4E, 5F3FC745C8D8FBAF379485D8751C6F1D7AF4F2C1817D9AC65269F04082DD996B
PUP.Optional.Conduit, C:\Users\money\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000011.ldb, Quarantined, 193, 454832, , , , , 8B40765A959DCF623231AC91EB598C32, C5C54EFADEFE6CA8EABFFF94A49FFF49E5B42948E17EBBC62C638E81EEA6EC09
PUP.Optional.Conduit, C:\Users\money\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, Quarantined, 193, 454832, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.Conduit, C:\Users\money\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, Quarantined, 193, 454832, , , , , ,
PUP.Optional.Conduit, C:\Users\money\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, Quarantined, 193, 454832, , , , , 701F715FA9DE22BB61BFD36E099301E2, 5025453876BFBE42B03235448D432CEF541BDD6055E61FE9F798F7A2285D0F85
PUP.Optional.Conduit, C:\Users\money\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, Quarantined, 193, 454832, , , , , 9812A1B54E874798D327495C76C4DE7E, B930A5B45A90A0A8B87D51988853671B3A4BC398D53A9C6BD631FDBB72439C4E
PUP.Optional.Conduit, C:\Users\money\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, Quarantined, 193, 454832, , , , , 67D44B4B0DD175B77246B7AC3DE08EDD, 3E361E5B16232D6065DC390A8E3F70229837E62E7DD8C976B304AADB4D6C756B
PUP.Optional.Conduit, C:\USERS\MONEY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, 193, 454832, 1.0.29615, , ame, , 432F052FCD055DE81750A4997B68E379, 61D8EC3886CB8F11EF8D7FB9613EA4253A301B367E07BFB7593B088A4B4666DF
PUP.Optional.Conduit, C:\USERS\MONEY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, 193, 454832, 1.0.29615, , ame, , 432F052FCD055DE81750A4997B68E379, 61D8EC3886CB8F11EF8D7FB9613EA4253A301B367E07BFB7593B088A4B4666DF
PUP.Optional.Conduit, C:\USERS\MONEY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, 193, 454832, 1.0.29615, , ame, , 432F052FCD055DE81750A4997B68E379, 61D8EC3886CB8F11EF8D7FB9613EA4253A301B367E07BFB7593B088A4B4666DF
PUP.Optional.Conduit, C:\USERS\MONEY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, 193, 454832, 1.0.29615, , ame, , 432F052FCD055DE81750A4997B68E379, 61D8EC3886CB8F11EF8D7FB9613EA4253A301B367E07BFB7593B088A4B4666DF
PUP.Optional.Conduit, C:\USERS\MONEY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, 193, 454832, 1.0.29615, , ame, , 432F052FCD055DE81750A4997B68E379, 61D8EC3886CB8F11EF8D7FB9613EA4253A301B367E07BFB7593B088A4B4666DF

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)
 

fmonte

Member
Sorry, I don't know what you mean by Chrome extensions. I do use a couple of Chrome apps like Remote Desktop and Gmail. Yes, my username is money but I don't remember where or when I assigned that name. It is the first name in my company name however. Is this something I should change?
 

johnb35

Administrator
Staff member
As beers has said, its related to browser extensions in chrome. Please follow the guide here, its the yellow circled bullet points.

 

fmonte

Member
Okay, thanks John, I will follow your instructions. I have one more related question. In today's regular mail, I received a letter from my internet provider (Spectrum). It looks official and it is dated 8/28. I did the reformat of this drive on 9/5. In any event it was notifying me that they detected activity from my modem that one or more of my home devices is infected with advanced botnet malware. They supplied a link to scan and remove. My question, do I need to use their link if I am already using Malwarebytes or should I run them both? Thanks again.
 

fmonte

Member
I guess I should have also mentioned that we do have cell phones that we use in the home, one tablet and one laptop. I just did a MB scan on the laptop and it found 201 items. Should I be doing something with phones and tablet and if so does MB have a app for the phones and tablet? Thank you.
 

johnb35

Administrator
Staff member
Its most likely not gonna be on the phones or tablet. What items were found on the laptop? The spigot and conduit items will not cause your ISP to say that you have malware on one of your systems.
 

fmonte

Member
Here is the report from the laptop this morning. Also, I just re-scanned it and it is no showing 0 detection now.

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 9/10/20
Scan Time: 10:49 AM
Log File: dac6b8a6-f374-11ea-b462-60eb69370494.json

-Software Information-
Version: 4.2.0.82
Components Version: 1.0.1036
Update Package Version: 1.0.29651
License: Trial

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: emily-PC\emily

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 241760
Threats Detected: 201
Threats Quarantined: 0
Time Elapsed: 26 min, 25 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 4
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\ScreenShotServ.exe, No Action By User, 4228, 245713, , , , , 044B291DA924DBFA4EA51A253880F2E5, 461580C3055034F549A7197772852F5CCEAD5C389D0CC240193B441DF911126B
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\ScreenSnapshot.exe, No Action By User, 4228, 245713, , , , , 26037722DBC272BFF9D2B15E84CDA43E, 229C12B1D371528F7DE8DB5808607C10171340E16BCFAB83A18ACEED3A458F73
PUP.Optional.ScreenSnapShotTool, C:\PROGRAM FILES (X86)\SCREENSNAPSHOTTOOL\1.1.0.11130\SCREENSHOTSERV.EXE, No Action By User, 4228, 245719, , , , , 044B291DA924DBFA4EA51A253880F2E5, 461580C3055034F549A7197772852F5CCEAD5C389D0CC240193B441DF911126B
PUP.Optional.TopTools, C:\PROGRAM FILES (X86)\SCREENSNAPSHOTTOOL\1.1.0.11130\SCREENSNAPSHOT.EXE, No Action By User, 774, 525895, , , , , 26037722DBC272BFF9D2B15E84CDA43E, 229C12B1D371528F7DE8DB5808607C10171340E16BCFAB83A18ACEED3A458F73

Module: 4
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\ScreenShotServ.exe, No Action By User, 4228, 245713, , , , , 044B291DA924DBFA4EA51A253880F2E5, 461580C3055034F549A7197772852F5CCEAD5C389D0CC240193B441DF911126B
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\ScreenSnapshot.exe, No Action By User, 4228, 245713, , , , , 26037722DBC272BFF9D2B15E84CDA43E, 229C12B1D371528F7DE8DB5808607C10171340E16BCFAB83A18ACEED3A458F73
PUP.Optional.ScreenSnapShotTool, C:\PROGRAM FILES (X86)\SCREENSNAPSHOTTOOL\1.1.0.11130\SCREENSHOTSERV.EXE, No Action By User, 4228, 245719, , , , , 044B291DA924DBFA4EA51A253880F2E5, 461580C3055034F549A7197772852F5CCEAD5C389D0CC240193B441DF911126B
PUP.Optional.TopTools, C:\PROGRAM FILES (X86)\SCREENSNAPSHOTTOOL\1.1.0.11130\SCREENSNAPSHOT.EXE, No Action By User, 774, 525895, , , , , 26037722DBC272BFF9D2B15E84CDA43E, 229C12B1D371528F7DE8DB5808607C10171340E16BCFAB83A18ACEED3A458F73

Registry Key: 27
PUP.Optional.Trezaa.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TrezaaService, No Action By User, 3428, 181753, , , , , ,
PUP.Optional.Trezaa.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, No Action By User, 3428, -1, 0.0.0, , action, , ,
PUP.Optional.NetRadio, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\OnlineRadio, No Action By User, 4142, 255367, , , , , ,
PUP.Optional.NetRadio, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\NETRADIOUPDATER, No Action By User, 4142, 255369, , , , , ,
PUP.Optional.NetRadio, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{24581255-7351-4E6A-80AE-7FC1F31EA43D}, No Action By User, 4142, 255369, , , , , ,
PUP.Optional.NetRadio, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{24581255-7351-4E6A-80AE-7FC1F31EA43D}, No Action By User, 4142, 255369, , , , , ,
PUP.Optional.ScreenSnapShotTool, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{61FFE1F9-137D-4c31-A181-3415FCAA5946}, No Action By User, 4228, 245713, , , , , ,
PUP.Optional.ScreenSnapShotTool, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TheScreenSnapshotService, No Action By User, 4228, 245713, , , , , ,
PUP.Optional.InstallCore, HKU\S-1-5-21-1270684143-4124627017-2769516048-1000\SOFTWARE\ICSW1.17, No Action By User, 506, 239562, 1.0.29651, , ame, , ,
PUP.Optional.WinYahoo, HKU\S-1-5-21-1270684143-4124627017-2769516048-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{5DEE351A-BEE0-4D00-95BF-51A642A819E7}, No Action By User, 240, 182757, 1.0.29651, , ame, , ,
PUP.Optional.WinYahoo.TskLnk, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{D7663FA6-87E6-EE26-3666-9EA6E6E64D26}, No Action By User, 900, 484244, , , , , ,
Adware.NowUSeeIt, HKU\S-1-5-21-1270684143-4124627017-2769516048-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\nowuseeitplayer.com, No Action By User, 4993, 252083, 1.0.29651, , ame, , ,
Adware.NowUSeeIt, HKU\S-1-5-21-1270684143-4124627017-2769516048-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\ui.nowuseeitplayer.com, No Action By User, 4993, 252083, 1.0.29651, , ame, , ,
PUP.Optional.NetRadio, HKU\S-1-5-21-1270684143-4124627017-2769516048-1000\SOFTWARE\NETRADIO, No Action By User, 4142, 255408, 1.0.29651, , ame, , ,
PUP.Optional.InstallCore, HKU\S-1-5-21-1270684143-4124627017-2769516048-1000\SOFTWARE\PRODUCTSETUP, No Action By User, 506, 481004, 1.0.29651, , ame, , ,
PUP.Optional.Tarma, HKLM\SOFTWARE\Tarma Installer, No Action By User, 6916, 821259, 1.0.29651, , ame, , ,
PUP.Optional.NetRadio, HKLM\SOFTWARE\WOW6432NODE\NETRADIO, No Action By User, 4142, 255413, 1.0.29651, , ame, , ,
PUP.Optional.ScreenSnapShotTool, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TheScreenSnapshotService, No Action By User, 4228, 245719, 1.0.29651, , ame, , ,
PUP.Optional.NetRadio, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\NetRadio-3_RASAPI32, No Action By User, 4142, 255410, 1.0.29651, , ame, , ,
PUP.Optional.WinYahoo.TskLnk, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5C25B4E5-0CA5-6565-BD25-15E56DA5C665}, No Action By User, 900, 542290, , , , , ,
PUP.Optional.NetRadio, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\NetRadio-3_RASMANCS, No Action By User, 4142, 255410, 1.0.29651, , ame, , ,
PUP.Optional.NetRadio, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\NetRadio_RASAPI32, No Action By User, 4142, 255411, 1.0.29651, , ame, , ,
PUP.Optional.NetRadio, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\NetRadio_RASMANCS, No Action By User, 4142, 255411, 1.0.29651, , ame, , ,
PUP.Optional.ScreenSnapShotTool, HKLM\SOFTWARE\SCREENSNAPSHOTTOOL, No Action By User, 4228, 246518, 1.0.29651, , ame, , ,
PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\TRACING\ByteFence_RASAPI32, No Action By User, 1017, 823187, 1.0.29651, , ame, , ,
PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\TRACING\ByteFence_RASMANCS, No Action By User, 1017, 823187, 1.0.29651, , ame, , ,
PUP.Optional.ScreenSnapShotTool, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{61FFE1F9-137D-4c31-A181-3415FCAA5946}, No Action By User, 4228, 245718, 1.0.29651, , ame, , ,

Registry Value: 21
PUP.Optional.Trezaa.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Trezaa, No Action By User, 3428, 181753, , , , , ,
PUP.Optional.Trezaa.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Trezaa, No Action By User, 3428, 181753, , , , , ,
PUP.Optional.Trezaa.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, No Action By User, 3428, -1, 0.0.0, , action, , ,
PUP.Optional.Trezaa.PrxySvrRST, HKU\S-1-5-21-1270684143-4124627017-2769516048-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, No Action By User, 3428, -1, 0.0.0, , action, , ,
PUP.Optional.Trezaa.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, No Action By User, 3428, -1, 0.0.0, , action, , ,
PUP.Optional.WinYahoo, HKU\S-1-5-21-1270684143-4124627017-2769516048-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{5DEE351A-BEE0-4D00-95BF-51A642A819E7}|URL, No Action By User, 240, 182757, 1.0.29651, , ame, , ,
PUP.Optional.WinYahoo, HKU\S-1-5-21-1270684143-4124627017-2769516048-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{5DEE351A-BEE0-4D00-95BF-51A642A819E7}|TOPRESULTURLFALLBACK, No Action By User, 240, 182757, 1.0.29651, , ame, , ,
PUP.Optional.NetRadio, HKU\S-1-5-21-1270684143-4124627017-2769516048-1000\SOFTWARE\NETRADIO|, No Action By User, 4142, 255408, 1.0.29651, , ame, , ,
PUP.Optional.InstallCore, HKU\S-1-5-21-1270684143-4124627017-2769516048-1000\SOFTWARE\PRODUCTSETUP|TB, No Action By User, 506, 481004, 1.0.29651, , ame, , ,
PUP.Optional.NetRadio, HKLM\SOFTWARE\WOW6432NODE\DYN\INSTALLED|NETRADIO, No Action By User, 4142, 255409, 1.0.29651, , ame, , ,
PUP.Optional.NetRadio, HKLM\SOFTWARE\WOW6432NODE\NETRADIO|PARTNERID, No Action By User, 4142, 255413, 1.0.29651, , ame, , ,
PUP.Optional.NetRadio, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ONLINERADIO|DISPLAYICON, No Action By User, 4142, 255412, 1.0.29651, , ame, , ,
PUP.Optional.NetRadio, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|NETRADIO.EXE, No Action By User, 4142, 256972, 1.0.29651, , ame, , ,
PUP.Optional.NetRadio, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|NETRADIO.VSHOST.EXE, No Action By User, 4142, 256973, 1.0.29651, , ame, , ,
PUP.Optional.ScreenSnapShotTool, HKLM\SOFTWARE\SCREENSNAPSHOTTOOL|PARTNERID, No Action By User, 4228, 246518, 1.0.29651, , ame, , ,
PUP.Optional.NetRadio, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|NETRADIO.EXE, No Action By User, 4142, 256972, 1.0.29651, , ame, , ,
PUP.Optional.NetRadio, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|NETRADIO.VSHOST.EXE, No Action By User, 4142, 256973, 1.0.29651, , ame, , ,
PUP.Optional.Spigot.Generic, HKU\S-1-5-21-1270684143-4124627017-2769516048-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|mfdhapjaifopnpiombebakafahgejcid, No Action By User, 199, 774168, , , , , ,
PUP.Optional.NetRadio, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{24581255-7351-4E6A-80AE-7FC1F31EA43D}|PATH, No Action By User, 4142, 182836, 1.0.29651, , ame, , ,
PUP.Optional.ScreenSnapShotTool, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{61FFE1F9-137D-4c31-A181-3415FCAA5946}|DISPLAYICON, No Action By User, 4228, 245718, 1.0.29651, , ame, , ,
Trojan.BHO.Generic, HKU\S-1-5-21-1270684143-4124627017-2769516048-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{604BC32A-9680-40D1-9AC6-E06B23A1BA4C}, No Action By User, 7202, 407906, 1.0.29651, , ame, , ,

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 24
PUP.Optional.ScreenSnapShotTool, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\ScreenSnapshotTool\dump, No Action By User, 4228, 245712, , , , , ,
PUP.Optional.ScreenSnapShotTool, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\SCREENSNAPSHOTTOOL, No Action By User, 4228, 245712, 1.0.29651, , ame, , ,
PUP.Optional.Trezaa.PrxySvrRST, C:\PROGRAM FILES (X86)\TREZAA, No Action By User, 3428, 181753, 1.0.29651, , ame, , ,
PUP.Optional.NetRadio, C:\PROGRAM FILES (X86)\NETRADIO, No Action By User, 4142, 255367, 1.0.29651, , ame, , ,
PUP.Optional.NetRadio, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\NETRADIO, No Action By User, 4142, 255368, 1.0.29651, , ame, , ,
PUP.Optional.ScreenSnapShotTool, C:\Users\emily\AppData\Roaming\ScreenSnapshotTool\dump, No Action By User, 4228, 245712, , , , , ,
PUP.Optional.ScreenSnapShotTool, C:\USERS\EMILY\APPDATA\ROAMING\SCREENSNAPSHOTTOOL, No Action By User, 4228, 245712, 1.0.29651, , ame, , ,
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\EVPData, No Action By User, 4228, 245713, , , , , ,
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130, No Action By User, 4228, 245713, , , , , ,
PUP.Optional.ScreenSnapShotTool, C:\PROGRAM FILES (X86)\SCREENSNAPSHOTTOOL, No Action By User, 4228, 245713, 1.0.29651, , ame, , ,
PUP.Optional.ScreenSnapshot, C:\USERS\PUBLIC\DOCUMENTS\GUID\COMMON\I18N\IPCSUPDATECACHE\SCREENSNAPSHOT, No Action By User, 2792, 182049, 1.0.29651, , ame, , ,
PUP.Optional.NetRadio, C:\PROGRAMDATA\NETRADIO, No Action By User, 4142, 255365, 1.0.29651, , ame, , ,
PUP.Optional.WinYahoo.TskLnk, C:\PROGRAMDATA\{755BB038-FF19-3AFE-79DF-A4BCE39D2F72}, No Action By User, 900, 484243, 1.0.29651, , ame, , ,
PUP.Optional.WinYahoo.TskLnk, C:\USERS\EMILY\APPDATA\LOCAL\{D680E0DC-F228-8C64-9FB0-A98CBBD85514}, No Action By User, 900, 484244, 1.0.29651, , ame, , ,
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\HowToRemove, No Action By User, 900, 542290, , , , , ,
PUP.Optional.WinYahoo.TskLnk, C:\USERS\EMILY\APPDATA\LOCAL\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}, No Action By User, 900, 542290, 1.0.29651, , ame, , ,
PUP.Optional.Spigot.Generic, C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\mfdhapjaifopnpiombebakafahgejcid, No Action By User, 199, 774168, , , , , ,
PUP.Optional.Spigot.Generic, C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Extension Settings\mfdhapjaifopnpiombebakafahgejcid, No Action By User, 199, 774168, , , , , ,
PUP.Optional.Spigot.Generic, C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\MFDHAPJAIFOPNPIOMBEBAKAFAHGEJCID\2.5_0, No Action By User, 199, 774168, 1.0.29651, , ame, , ,
PUP.Optional.Conduit, C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, No Action By User, 193, 454832, , , , , ,
PUP.Optional.Conduit, C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, No Action By User, 193, 454832, , , , , ,
PUP.Optional.Conduit, C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, No Action By User, 193, 454832, , , , , ,
PUP.Optional.Conduit, C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, No Action By User, 193, 454832, , , , , ,
PUP.Optional.Conduit, C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, No Action By User, 193, 454832, , , , , ,

File: 121
PUP.Optional.ScreenSnapShotTool, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\SCREENSNAPSHOTTOOL\DUMP\BUGREPORTCONFIG.INI, No Action By User, 4228, 245712, 1.0.29651, , ame, , D4D08967334E0279F6A2F4781002673B, 7EEA2D9C7806ED7A279A380B82665FD84A09C4771E293C1ABDA5047EA20A1A7E
PUP.Optional.Trezaa.PrxySvrRST, C:\Program Files (x86)\Trezaa\Ionic.Zip.DLL, No Action By User, 3428, 181753, , , , , 2CBE0271EAEE6BFBD51C40D3CC8A9C69, E484CE8638D96804CAE265EE2D3EF213BABC2289C4796AF02E7FBBF1FFC0B9E2
PUP.Optional.Trezaa.PrxySvrRST, C:\Program Files (x86)\Trezaa\Microsoft.Win32.TaskScheduler.DLL, No Action By User, 3428, 181753, , , , , 75775CDD104D6067AB66AF846F77BBBD, 0D915DD5B3B8C670D01A7B7EEF11F24955BD4E2443CD91114985762B96FD770A
PUP.Optional.Trezaa.PrxySvrRST, C:\Program Files (x86)\Trezaa\Trezaa.Library.DLL, No Action By User, 3428, 181753, , , , , DE03E55407E1E1416594FFF40B79FC49, B028AEC096755CC41414CBAD3F588EBE6E8E91714F2085B403127AB7038C8FE0
PUP.Optional.Trezaa.PrxySvrRST, C:\Program Files (x86)\Trezaa\Trezaa.ProxyServer.DLL, No Action By User, 3428, 181753, , , , , 5ABAD2619973C08EC2ADBEF29E00AAB8, D4B3BCC73CE377CA9B702612841246048C9309A196B5755D6C8F72A3BE73004C
PUP.Optional.Trezaa.PrxySvrRST, C:\Program Files (x86)\Trezaa\Trezaa.Scheduler.exe, No Action By User, 3428, 181753, , , , , 614C04B0A27BFBB7CED547464B905C2A, EFFA25C49389C75C8291B0A4E87C5927B9B0441B7728F432DD9A8A18392AE6B7
PUP.Optional.Trezaa.PrxySvrRST, C:\Program Files (x86)\Trezaa\Trezaa.Service.exe, No Action By User, 3428, 181753, , , , , DACFCEFADB1C8B6AA658A7A2B416D5E4, F28DC3E190C1A06C9BB0414F054FFACE24DFE83E835DB8F4829B67C88813A584
PUP.Optional.Trezaa.PrxySvrRST, C:\Program Files (x86)\Trezaa\Trezaa.Updater.exe, No Action By User, 3428, 181753, , , , , FEB3D0805E8365721DCCE7BBDF07A868, 2A92DC3A8C1B82F7EB49638966F8A7A562D07F35CAAC78B5B26D8DB82FEC441A
PUP.Optional.WinYahoo, C:\USERS\EMILY\APPDATA\LOCALLOW\MICROSOFT\INTERNET EXPLORER\SERVICES\WINCY.ICO, No Action By User, 240, 246865, 1.0.29651, , ame, , 9796ED786D95606D51BE9DAB54FB5350, 74368197CB53191E522E3A73AAB974D53EAE8E38DA694A1ED2CFA06F39176E58
PUP.Optional.WinYahoo, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\HOWTOREMOVE.HTML.LNK, No Action By User, 240, 254335, 1.0.29651, , ame, , C79B86B01864C838070CE919608BE073, A068F7E2D23670CD518414D3323B248ADFC01DD5AA58A51F6D5D01A26A1C5355
PUP.Optional.NetRadio, C:\PROGRAM FILES (X86)\NETRADIO\NetRadio.exe, No Action By User, 4142, 255367, 1.0.29651, , ame, , C595F77577024A59C44BCC2C3533ACC1, 0A65D37801D76BABAD88266C74DFC8CBA404A9C38346E655B3AB37C00605CB3B
PUP.Optional.NetRadio, C:\Program Files (x86)\NetRadio\App.Utility.exe, No Action By User, 4142, 255367, , , , , FFD9B3BAD08E4601ADD45C662D785FC3, 4EC0DBA29EF5F6754B166C6D3829DD0C06FA28457F05D1650B62CAC9249683DD
PUP.Optional.NetRadio, C:\Program Files (x86)\NetRadio\AppLib.Library.dll, No Action By User, 4142, 255367, , , , , C36356339D7198615EDAD5C2717C9E9D, 332F5F8B0F9966D1DEBD916E980508E813621FFE9C1C60D7FC75DD4F425EF4AB
PUP.Optional.NetRadio, C:\Program Files (x86)\NetRadio\lstrest.exe, No Action By User, 4142, 255367, , , , , 1D2ACF622E95DAA937F92025F6476823, 89CFF43F68D7151BAFF736E113A7DB88ED454BFBE1F5E2224977CA6607584A30
PUP.Optional.NetRadio, C:\Program Files (x86)\NetRadio\LSTREST_NEW.exe, No Action By User, 4142, 255367, , , , , 1D2ACF622E95DAA937F92025F6476823, 89CFF43F68D7151BAFF736E113A7DB88ED454BFBE1F5E2224977CA6607584A30
PUP.Optional.NetRadio, C:\Program Files (x86)\NetRadio\Microsoft.Win32.TaskScheduler.dll, No Action By User, 4142, 255367, , , , , 4175F933ABA209B1887AAF21775D9002, DED87B733FEECB2E60371A089FBD3D72E6C21560D17AA206C3268D657F62ED97
PUP.Optional.NetRadio, C:\Program Files (x86)\NetRadio\Uninstall.exe, No Action By User, 4142, 255367, , , , , FAF84E33C6B39B77868460E194EE56AA, 9AE61F931BAE75D9F3ADC7455FA8A5BB1BB9D57670C6994B9A523CAEB9F18348
PUP.Optional.NetRadio, C:\Program Files (x86)\NetRadio\UPDATER_NEW.exe, No Action By User, 4142, 255367, , , , , 1D2ACF622E95DAA937F92025F6476823, 89CFF43F68D7151BAFF736E113A7DB88ED454BFBE1F5E2224977CA6607584A30
PUP.Optional.NetRadio, C:\Program Files (x86)\NetRadio\Upgrade.AppS.exe, No Action By User, 4142, 255367, , , , , FDB8C5F87B8489E389080603E24A37D7, 0BF66F5819D338BD7A308B9423A023C3BD87A45C6A060FE9E9966FB10086C259
PUP.Optional.NetRadio, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\NETRADIO\NETRADIO MP.LNK, No Action By User, 4142, 255368, 1.0.29651, , ame, , 2911CE0A550228F9592654E5A23013E0, 5231B2AB798344CAED41518BF3A68E7D9C4E6E13AE3478B118EF4427EAE50851
PUP.Optional.NetRadio, C:\PROGRAM FILES (X86)\NETRADIO\NetRadio.Library.dll, No Action By User, 4142, 255367, 1.0.29651, , ame, , C3F9994778DC7BCA6931950CFCD23DB7, A4687E27AC120C21B414F8FC53CD97C48CB61E92CE34C0D84736CBD932E182EA
PUP.Optional.ScreenSnapShotTool, C:\USERS\EMILY\APPDATA\ROAMING\SCREENSNAPSHOTTOOL\DUMP\BUGREPORTCONFIG.INI, No Action By User, 4228, 245712, 1.0.29651, , ame, , D4D08967334E0279F6A2F4781002673B, 7EEA2D9C7806ED7A279A380B82665FD84A09C4771E293C1ABDA5047EA20A1A7E
PUP.Optional.NetRadio, C:\WINDOWS\SYSTEM32\TASKS\NETRADIOUPDATER, No Action By User, 4142, 255369, 1.0.29651, , ame, , D9FA32239870A3441549A42823729747, 75C8B67DE06C8D8AB66E41BFFE853FEFF655759CECB64008556CCBBD50795CD0
PUP.Optional.ScreenSnapShotTool, C:\PROGRAM FILES (X86)\SCREENSNAPSHOTTOOL\1.1.0.11130\CrashReportModuleConf.ini, No Action By User, 4228, 245713, 1.0.29651, , ame, , 647524BCD6086E58347819C68303D284, 7249EDFDEE61283656DC76D8B7241BACE6758518BBB066362EC7124601D280D8
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\EVPData\History.dat, No Action By User, 4228, 245713, , , , , 91A53481A283F1562C5E98AE46CEF347, 99BE429880967403E26D167E8C061F9D789851B2C7E4DD6CB4A427A207716365
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\CrashReport.exe, No Action By User, 4228, 245713, , , , , FBA5421A55FF6B5156F8AEE1ABD531C8, 5867B02D8659DA3130213FD292E364499D3FA7C15F4A4F01F0FFEB5744A73419
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\CrashUL.exe, No Action By User, 4228, 245713, , , , , 9D084FDB21D6C99A8091042629E6892A, BDA22FFC5867E26CA2AA1648AEB2AD395889051896F09D3BDE504EA22C01F5C8
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\EVPConfig.ini, No Action By User, 4228, 245713, , , , , 63B159E34E7A448B2DC9ED57D64576BA, 15F85EEFF482C16E96F98FD6D8450B50D0E7377772D1FB51F44F3A68C64C06A0
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\EVPDR.dll, No Action By User, 4228, 245713, , , , , 812A2C7C4E47100A4205B7F7A481B8DF, B33AD6EB11A7609BE1661EB91E60ED482822F02E90442DAEE52BA65C615C5200
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\EVPHelp.dll, No Action By User, 4228, 245713, , , , , 573CD5BFD8B46AE452D87D571C1C9118, 78244EB7882E7BB7174F253206692329008D111C4461AF6E7F3DD67250AD2653
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\EVPKernel.dll, No Action By User, 4228, 245713, , , , , 694095F1A11431637F2955316E4B6B4B, 756704050C396C352483044BD1B3B90A4E617AECAA07640EA3BF3B19D16337B5
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\EVPNet.dll, No Action By User, 4228, 245713, , , , , 267E5C9A531F3DB65D9309AC7A2229C3, EEAC57D2C0CFD2E3A2868E22765B5389A1530E83B48A845A54C39EDAC8370863
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\EVPTask.dll, No Action By User, 4228, 245713, , , , , ED3D739BE7BB488B9D2769D7730F7506, 45A7297C225FDE2BDB1EE20ECDA7A61FC0F84E0F0ED1084F12404E3FB25BCD71
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\InstallHelper.exe, No Action By User, 4228, 245713, , , , , E182926CF64E0C9273112053B7DE53A9, 57F48E48FEFFB947F4F19D795E2556DA066AFDB43C3AF785A35A634D1BAA1066
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\Language.json, No Action By User, 4228, 245713, , , , , 4ABCC72276F54B48EB89CA2D2636B840, E769970E2B3DE71783F87F341AACF35C06FC892260EEEC67322508E459620E9E
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\Report.exe, No Action By User, 4228, 245713, , , , , 3B1DDEC336C0CFE84F83794F7166A524, 977BBD2E05BF1D607146FC17A387540D62EDAEC1CEE4F7C3D81EC3BB1E2C8376
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\ScreenShotServ.exe, No Action By User, 4228, 245713, , , , , 044B291DA924DBFA4EA51A253880F2E5, 461580C3055034F549A7197772852F5CCEAD5C389D0CC240193B441DF911126B
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\ScreenSnapshot.exe, No Action By User, 4228, 245713, , , , , 26037722DBC272BFF9D2B15E84CDA43E, 229C12B1D371528F7DE8DB5808607C10171340E16BCFAB83A18ACEED3A458F73
PUP.Optional.NetRadio, C:\PROGRAMDATA\NETRADIO\NETRADIO.ICO, No Action By User, 4142, 255365, 1.0.29651, , ame, , D50B5EF4EE8C45B56E86892118EE9CE2, 92DDDEE4DC4935C48363CAFD7FF9615A1560334059D6B6B9DE91BB03DCD5490A
PUP.Optional.WinYahoo.TskLnk, C:\PROGRAMDATA\{755BB038-FF19-3AFE-79DF-A4BCE39D2F72}\cisa, No Action By User, 900, 484243, 1.0.29651, , ame, , C5974152111214FF33C9B6D84B2A9194, C04A735F921992C0FFB8F53F14E0F2267536E1D9EFDFFF9CB1ED0E37A406C938
PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{755BB038-FF19-3AFE-79DF-A4BCE39D2F72}\aowLC, No Action By User, 900, 484243, , , , , ,
PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{755BB038-FF19-3AFE-79DF-A4BCE39D2F72}\dtJTd, No Action By User, 900, 484243, , , , , 7E66A933A99428F7DB08EBEA1E9E379F, 88592425CEA6696D63CF6672F82B572997F33896186271174B5492B8ABFA84F3
PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{755BB038-FF19-3AFE-79DF-A4BCE39D2F72}\hdat1, No Action By User, 900, 484243, , , , , 0103D4E29C5779B65C4F31650667C546, A7F3EE7983BF140D0D121A27EB97674CE7912E9648E79F3AB119C796B1BAFE6E
PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{755BB038-FF19-3AFE-79DF-A4BCE39D2F72}\hdat2, No Action By User, 900, 484243, , , , , 9D39830BC044C4FE8CC4266CE608FDC3, 7B41BCD507AA208979A752BEB5B6C22E6BEEED8E261B7FD6E5F9C6CAC848EAE8
PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{755BB038-FF19-3AFE-79DF-A4BCE39D2F72}\ridoda, No Action By User, 900, 484243, , , , , F4ACC4BF77D398FD9A28E5D7C8E73959, 81370A21D3694DCEDD4FE565E5DC54AF1C6ED55C73264C0D7579042105CAC0E5
PUP.Optional.WinYahoo.TskLnk, C:\USERS\EMILY\APPDATA\LOCAL\{D680E0DC-F228-8C64-9FB0-A98CBBD85514}\mete, No Action By User, 900, 484244, 1.0.29651, , ame, , DB631DAAC045D12086C9AD3FDFBC3808, E8C690D4625C9F03C59E2E02200658002D158611B8DA2CB952C7C64506E56420
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{D680E0DC-F228-8C64-9FB0-A98CBBD85514}\bapi_ff.dat, No Action By User, 900, 484244, , , , , 5AF35BA8FDA7D5ED5ABE1738501CD682, CB21C0CDE4AAB6587F52B3D2A356ADDD53B91446A0F55626E600F3EB36EA800B
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{D680E0DC-F228-8C64-9FB0-A98CBBD85514}\bapi_ie.dat, No Action By User, 900, 484244, , , , , 5AF35BA8FDA7D5ED5ABE1738501CD682, CB21C0CDE4AAB6587F52B3D2A356ADDD53B91446A0F55626E600F3EB36EA800B
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{D680E0DC-F228-8C64-9FB0-A98CBBD85514}\cana.cfg, No Action By User, 900, 484244, , , , , A2D3072ACD79EE3401EC490829666A06, CE8A1C8CBF4FC7BE438FA44E5A3787F56EB8BF8685F115D88DD42EDF84CD4543
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{D680E0DC-F228-8C64-9FB0-A98CBBD85514}\dare.dat, No Action By User, 900, 484244, , , , , BCBA90C146E3484F294A89389814C200, B344513AABB8993066099BF761FEEB1E509C8B309D919CFB9A94D13C0BE4297D
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{D680E0DC-F228-8C64-9FB0-A98CBBD85514}\install.log, No Action By User, 900, 484244, , , , , 8477E1517E092B1BB8E57F81188B795C, 3D7F5148201274CCF0BCA41C1C62D549AE49E68C5DF9CD815DDEBAE4ACEA8B38
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{D680E0DC-F228-8C64-9FB0-A98CBBD85514}\Sqlite3.dll, No Action By User, 900, 484244, , , , , 5F09D271B8F4A62FC087E0D5452D2EC8, 0E8850DA3B89EA0342CA57A9058BA1C9F515305A44E3BF7161448F63835AE577
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{D680E0DC-F228-8C64-9FB0-A98CBBD85514}\uninst.dat, No Action By User, 900, 484244, , , , , 9E88606CF8A0E32F7AE2AD3A5C38ABA7, 0832641F0DB7FD5E90227239D832C4E9746EE30C5A0AF082B49030DC4A6E98E2
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{D680E0DC-F228-8C64-9FB0-A98CBBD85514}\uninst.exe, No Action By User, 900, 484244, , , , , 6DB617A9BBA561395A76F927D684FCB9, 0FA4B09E2E610F446F1C90A968BA24EFC3A8797583F7EEF7A67DBF93F77BB5F7
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{D680E0DC-F228-8C64-9FB0-A98CBBD85514}\uninstp.dat, No Action By User, 900, 484244, , , , , 303C0730540E3028F5BE3F9FF0100AB2, 199C3AFE04BDBE0318BA2FCE63768119FF438B81A7575EAF739E4FEB769534AA
PUP.Optional.WinYahoo.TskLnk, C:\USERS\EMILY\APPDATA\LOCAL\{D680E0DC-F228-8C64-9FB0-A98CBBD85514}\nife, No Action By User, 900, 484244, 1.0.29651, , ame, , A871F5A8C13552C4E380E9B811BC1C31, 8556033BE478D37CAE9DBCF12D5A4D4A9A6C25398826FF8A7ECFEBC3553F0535
PUP.Optional.WinYahoo.TskLnk, C:\USERS\EMILY\APPDATA\LOCAL\{D680E0DC-F228-8C64-9FB0-A98CBBD85514}\teta, No Action By User, 900, 484244, 1.0.29651, , ame, , 50FA641785A05E1A03BA9E779E29DE77, 0381261C80A4523BC275A7A4ED6F15FE82683CB990AA17BA73DC56588F382891
PUP.Optional.InstallCore.Generic, C:\USERS\EMILY\APPDATA\LOCAL\TEMP\ICReinstall_VideoPlayerSetup.exe, No Action By User, 5939, 466466, 1.0.29651, , ame, , 91D2EE2261DC33E7C8140B5447BDA6AF, B029FC0F2E2C35D8FA6CF8BB851F71880E50890B19228C2B9DA5FDA47202622D
PUP.Optional.ScreenSnapShotTool, C:\PROGRAM FILES (X86)\SCREENSNAPSHOTTOOL\1.1.0.11130\SCREENSHOTSERV.EXE, No Action By User, 4228, 245719, , , , , 044B291DA924DBFA4EA51A253880F2E5, 461580C3055034F549A7197772852F5CCEAD5C389D0CC240193B441DF911126B
PUP.Optional.WinYahoo.TskLnk, C:\USERS\EMILY\APPDATA\ROAMING\Microsoft\Windows\Recent\HowToRemove.html.lnk, No Action By User, 900, 542290, , , , , 53E083C4EE70ED909EC48260CFBA7FD3, 1FBF98C2F4C286E3B4F5E7282B44BAB4599CB8BB846F5568E18CC6A9920F422D
PUP.Optional.WinYahoo.TskLnk, C:\USERS\EMILY\APPDATA\ROAMING\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk, No Action By User, 900, 542290, , , , , AB0DB16AA37FC6765303D3EE357A06C8, 0934529997B34B2E75E82279FF44260BF07D021A37B9A1CA9565981876D0A540
PUP.Optional.WinYahoo.TskLnk, C:\USERS\EMILY\APPDATA\LOCAL\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\HOWTOREMOVE\HOWTOREMOVE.HTML, No Action By User, 900, 542290, 1.0.29651, , ame, , 92A56BD431B8EC678C73844C916017CA, 47BFA64B49B9ABF0C2DCA4F400E0137E1C29211CE6ED4196EDE1560149D13FF2
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\HowToRemove\chromium-min.jpg, No Action By User, 900, 542290, , , , , 63BC75E5CF5CBA301C0A333A493C1E6C, AECF7E9F8EA60035CF8E255B99ADDBC4739C357BC9773273B682B06073AE2BBC
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\HowToRemove\control panel-min-min.JPG, No Action By User, 900, 542290, , , , , D3317C08A7FD5C68AF7607B56365D7EF, E0DF11EDFC606871F3FA3E825D0A346D895CF2246372E1919F3F6B6F823855EA
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\HowToRemove\down.png, No Action By User, 900, 542290, , , , , BD28C167E200A3B28D65FAD11067F767, 782AEE35F1473A0818E85C7888276AB1A92A2C6650420A6914C11D4A87017959
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\HowToRemove\ff menu.JPG, No Action By User, 900, 542290, , , , , 0ACF64A62398FD3E28C0F776E080E02E, A7E228427AFE421EE317EECF714464E5ED346B2032C98F4076B01EB61D92F11F
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\HowToRemove\ff search engine-min.png, No Action By User, 900, 542290, , , , , 98167327578F423AD62775F9C0DA1C08, 95E4B167F0173DB00F6BCDDE9864CC2E5DDED171506F8AB8E7B9F7863D913680
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\HowToRemove\hp-min ff.png, No Action By User, 900, 542290, , , , , AFE6FD269F10B4FB4055028CE2E0F70C, F0403DEBED00E906EE26EFE1463A63347D5B7CD6EB60BB38AE0E3C3460F71693
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\HowToRemove\hp-min ie.png, No Action By User, 900, 542290, , , , , C76F780F7CDEDA6D63A72E00719EAE53, 0A53A6F7C61B73B40061A401ED4C5D1E520C1D1DEC270617C5C25C8EE64A95C6
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\HowToRemove\search engine.gif, No Action By User, 900, 542290, , , , , D2665D24334093AFB3D3E64E22346AC4, E5CA26785BDB836C3C234A67E991BF1C70D4E87CAA75EC43747619E64DECAA57
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\HowToRemove\setup pages.gif, No Action By User, 900, 542290, , , , , D8957AB88B51AC3D91DB06AC96369BE4, 6BB5388E49AAB90AB7C85A736EAABDEB9A78CDCCA4D7A4138B00DBC1C657C8D5
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\HowToRemove\sp-min.png, No Action By User, 900, 542290, , , , , C4A8846B0AAC9BEF78F6A001514ECFF5, 4E9A05BDB43137235913F0BBB1F21C35DF34E62D33F2A4F4FC9C0F15FA1346E3
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\HowToRemove\start-min.jpg, No Action By User, 900, 542290, , , , , 7A52610FBA6935C9ACF2A2F38CA86F6A, 677001B0CFD9F6C824E422C5EBBC5C042ABB0CF156990064DD3170CF6F3379C8
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\HowToRemove\up.png, No Action By User, 900, 542290, , , , , 45B1D3F523A38E29419DC26AE6BDD253, 892E25F7363B1C4EFA5FFACD5F4CDADD01833F49EF5CEF335676D84DA871EBA0
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\cecedona, No Action By User, 900, 542290, , , , , 88E6E1369003CD078CF6770888EB5A8E, 2E6D64FF5FC7B9DD3F09C677005609FB49E2846FB0B186A2CB581D66F9C5D14F
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\install.log, No Action By User, 900, 542290, , , , , 9525F13B8054B644823AA9A224C55D32, 02AAC374012FAA082B5920B524AB3F713A6B6B13C98EA63C378BD8DAC639A615
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\mateditat.dat, No Action By User, 900, 542290, , , , , 5F39E87390DCB0FD94DF4079BC3139F6, E1792A3AA31C9A4863DA5F3CA44ADAAD402D778982C354016ABD0303EEE6883B
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\nifelor, No Action By User, 900, 542290, , , , , DC8ECC77F66B9A63F7ED423F0C9A59EF, 5050A6C379D74D93AB48B503306DEAA3E33E05A9B4069614E9E5DCDB96835734
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\racolo.dat, No Action By User, 900, 542290, , , , , ADED18FEAF79F6ED578E147EB25016B7, 052B814433172A65A9749D83746080A56D7B88EF073564C69817148F636130E0
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\rileno, No Action By User, 900, 542290, , , , , 1C1B0854A3E1D52B323F0CD43B435FD5, BE21451AAF9FD93DA060324F38FE25DE2F963420DA8471E91FC8B162D316EC44
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\salenate.dat, No Action By User, 900, 542290, , , , , 5F39E87390DCB0FD94DF4079BC3139F6, E1792A3AA31C9A4863DA5F3CA44ADAAD402D778982C354016ABD0303EEE6883B
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\saradofot, No Action By User, 900, 542290, , , , , F1A5C47B9517B60C85A1D57F7AF40B05, 28A2CDCF463EF48EBBAA15B3DE1DA047E3CF5617AC6BE456EAE56D98B57E75ED
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\Sqlite3.dll, No Action By User, 900, 542290, , , , , 5F09D271B8F4A62FC087E0D5452D2EC8, 0E8850DA3B89EA0342CA57A9058BA1C9F515305A44E3BF7161448F63835AE577
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\tetasif, No Action By User, 900, 542290, , , , , 34287E4FC7470B9F49274B00969B61CE, D90E80BB9DB58CBDC89ADCF6AE95E184FE11EDAEC6CBA1217B05B634A611EFF7
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\uninst.dat, No Action By User, 900, 542290, , , , , BE5418FF53D6616095F55570E005A0B4, 026F66DA4FCCFB149D5B8193DE25E3A3F36B79DCA570B1A008EF428315FE148F
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\uninst.exe, No Action By User, 900, 542290, , , , , 4ED777A5428F68EFA0A9D84FEB06D056, 59EE7AA430827FED2DCE7D0765AA95560094D864A811AB3611E30EA1B2CB4293
PUP.Optional.WinYahoo.TskLnk, C:\Users\emily\AppData\Local\{8572B32E-A1DA-DF96-CC42-FA7EE82A06E6}\uninstp.dat, No Action By User, 900, 542290, , , , , BE642BC966A49DDF7150D73A2AD9F69B, 1BF2442AF3D1B75CFB06F23E7687B3123C914189094716E5D5821F51CACFEB60
MachineLearning/Anomalous.100%, C:\USERS\EMILY\APPDATA\ROAMING\2C2859CE-E320-F94F-1467-19389EAC1AA8\SYNCVERSION.EXE, No Action By User, 0, 392687, 1.0.29651, , shuriken, , 7F52066A04F433063862C9A2ABD8083E, E0992C32A15A6D65935D785F462D0CA8D332C94CA59E8F9ABFFD34D52C4BC2A1
PUP.Optional.TopTools, C:\PROGRAM FILES (X86)\SCREENSNAPSHOTTOOL\1.1.0.11130\SCREENSNAPSHOT.EXE, No Action By User, 774, 525895, 1.0.29651, , ame, , 26037722DBC272BFF9D2B15E84CDA43E, 229C12B1D371528F7DE8DB5808607C10171340E16BCFAB83A18ACEED3A458F73
PUP.Optional.Spigot.Generic, C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, No Action By User, 199, 774168, , , , , 75BA7B45CE381A489D5982F60AD00147, 0EBC78CE47FCEED459FA47760924B9741188BCCB8A0DB0B962CC6B12956B859A
PUP.Optional.Spigot.Generic, C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, No Action By User, 199, 774168, , , , , 7408D2CC9AB71B47B784D7B8A140D227, 2E46D6FA2C00B65565A52226D545FDD17B56F447D0E2B917C0C4950CFCB1CD12
PUP.Optional.Spigot.Generic, C:\Users\emily\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\mfdhapjaifopnpiombebakafahgejcid\000003.log, No Action By User, 199, 774168, , , , , E6E43C126E2F1FA7861C32CC13275259, 06C1BABC26C5BF020B115EFE040410CA4817C2E5CBD0888A9F5CEA3598E17ACC
PUP.Optional.Spigot.Generic, C:\Users\emily\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\mfdhapjaifopnpiombebakafahgejcid\CURRENT, No Action By User, 199, 774168, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.Spigot.Generic, C:\Users\emily\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\mfdhapjaifopnpiombebakafahgejcid\LOCK, No Action By User, 199, 774168, , , , , ,
PUP.Optional.Spigot.Generic, C:\Users\emily\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\mfdhapjaifopnpiombebakafahgejcid\LOG, No Action By User, 199, 774168, , , , , 9C2F90561FC899571A82DFDC82687EE6, 80DB93E3EF310AF6D55288E422A4B651C94C75D2089E9806D580AB8FBEC10923
PUP.Optional.Spigot.Generic, C:\Users\emily\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\mfdhapjaifopnpiombebakafahgejcid\LOG.old, No Action By User, 199, 774168, , , , , 9A7310D4FEB57A55B50322B2756E9CC7, 38C17BA3E8324963A73018631C8554515FBFF88D80981E8D45E5C0B009A28144
PUP.Optional.Spigot.Generic, C:\Users\emily\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\mfdhapjaifopnpiombebakafahgejcid\MANIFEST-000001, No Action By User, 199, 774168, , , , , 5AF87DFD673BA2115E2FCF5CFDB727AB, F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
PUP.Optional.Spigot.Generic, C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\MFDHAPJAIFOPNPIOMBEBAKAFAHGEJCID\2.5_0\APP\BACKGROUND.JS, No Action By User, 199, 774168, 1.0.29651, , ame, , EC7EDFFD576439319C47DB20A5D3DE17, E09E843180D938446C32ABF2959D201771008E27EC2F40C3CBC466FEC14D0891
PUP.Optional.NowUSeeItPlayer, C:\USERS\EMILY\APPDATA\LOCAL\TEMP\IN513063C8\5605B93C_STP\SETUP.MSI, No Action By User, 3227, 299989, 1.0.29651, , ame, , 394650EF29AAA1B95FB30C8DAA6A454F, B6E9E742985682E795B8AEB101E8CB88FDADE174D001A4259BC34BD8C525A4E0
PUP.Optional.SystemHealer, C:\USERS\EMILY\APPDATA\LOCAL\TEMP\IN513063C8\74E3531B_STP\SYSTEMHEALER_DEF.EXE, No Action By User, 1646, 90643, 1.0.29651, , ame, , BA1C2C960024BE37CBE415381152EFD7, 5679F6B6774576BBFE579844A7FDB1DAE5752752651C687D0F1666A55209BCC6
PUP.Optional.TopTools, C:\USERS\EMILY\APPDATA\LOCAL\TEMP\INSTALLHELPER.EXE, No Action By User, 774, 525895, 1.0.29651, , ame, , E182926CF64E0C9273112053B7DE53A9, 57F48E48FEFFB947F4F19D795E2556DA066AFDB43C3AF785A35A634D1BAA1066
PUP.Optional.SystemHealer, C:\USERS\EMILY\APPDATA\LOCAL\TEMP\~NSU.TMP\AU_.EXE, No Action By User, 1646, 90643, 1.0.29651, , ame, , C7A6F0A6C7B115A460C2D02D1168190E, 856F7B9B0DDA7F315C916B1F2A6B8A496401FAD572A5F9BB870ADAFBD9166EA5
PUP.Optional.TopTools, C:\USERS\EMILY\APPDATA\LOCAL\TEMP\IN513063C8\0474623B_STP\SCREENSNAPSHOTTOOL_SETUP_EN_PURE_INSTALLCHANNEL2_US.EXE, No Action By User, 774, 525895, 1.0.29651, , ame, , AE046F577F8C902118B0F88D39D8AAC0, D9E1581DE155ACDE9D18E14F7505DEFB80BA7FC33E91C1D86D1214623EB3DD9C
PUP.Optional.InstallCore, C:\USERS\EMILY\DOWNLOADS\VIDEOPLAYERSETUP.EXE, No Action By User, 506, 79846, 1.0.29651, , ame, , 2E0C3FBC48249A5D99B22F2F1EB775EA, 5A7224DF0061D45DC937C6DAD2B9386CA91FEB1BC5F62E534344FC446F355F3E
PUP.Optional.NetRadio, C:\USERS\EMILY\APPDATA\LOCAL\TEMP\IN513063C8\1C1AF3C7_STP\NETRADIO-3.0.0.EXE, No Action By User, 4142, 104228, 1.0.29651, , ame, , 8274A570832FC3AED072B9964FCF5759, 8AB5F429B990B7C5FE1F605B0CB9372FC0721B8D9509BD56836733303A988F03
PUP.Optional.InstallCore, C:\USERS\EMILY\DOWNLOADS\VIDEOPLAYERSETUP (1).EXE, No Action By User, 506, 79846, 1.0.29651, , ame, , 7BAA46F1A258EC0D9337FEC87953B0D9, D1E4054E1242EE0B6A5F6746ABA2614BF825B8E2769253AE4C3F05D789E0159F
PUP.Optional.Conduit, C:\Users\emily\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, No Action By User, 193, 454832, , , , , 9624FB73A88ED1C7FC31AD941CBA9716, 36C490616CEFE1AB84154787A57363388CF7AF3921588B380EF6F80E318FED6C
PUP.Optional.Conduit, C:\Users\emily\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000068.ldb, No Action By User, 193, 454832, , , , , CC6FE02EE0D4DC6D13872185C8EC135B, DC6A141A453D4A153DC3ABC81801158D57F33FEF870F19DC0EA704B78F82E8C7
PUP.Optional.Conduit, C:\Users\emily\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000070.log, No Action By User, 193, 454832, , , , , 25D0B16428515FA15AF9407ED120331D, E0473F8B26D45AF1F07E5ACA76F5D8BF8D5C6112CD479C57501A0BBEF3816793
PUP.Optional.Conduit, C:\Users\emily\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000071.ldb, No Action By User, 193, 454832, , , , , 4143C3D1459CB17CEBB5D9AB856679A7, 22ADBC6D7E1F7C5B18471F9B90611633238BBFB47F3B643DAFB6128ECEEA86A2
PUP.Optional.Conduit, C:\Users\emily\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, No Action By User, 193, 454832, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.Conduit, C:\Users\emily\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, No Action By User, 193, 454832, , , , , ,
PUP.Optional.Conduit, C:\Users\emily\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, No Action By User, 193, 454832, , , , , E4BE105AAADFC568890544A40DD76AB6, 78C197C565C517F3171529AF18DC73D692075776B5A2153DF1D62F7CB5E838B8
PUP.Optional.Conduit, C:\Users\emily\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, No Action By User, 193, 454832, , , , , D5E8085D254B670895B3D4290A020F15, E39533434709DDA8540C5185CFD9244E19AEEA2DCC477CADB2F7F902F5DF500E
PUP.Optional.Conduit, C:\Users\emily\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, No Action By User, 193, 454832, , , , , 1B3CD97A5522190D78912F240C8104AF, 44F1BE9AA47FA9BD5B0E0B52E6834504FB42F2556A30B766AE33BC5E27F080F0
PUP.Optional.Conduit, C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, 193, 454832, 1.0.29651, , ame, , 60795600CA7C3ACAC8773886C4CA998F, D5EFB05D5951F1D3C90AF2C842301A64A0AC107EBB6411D5E748632DF1AFF5DA
PUP.Optional.Conduit, C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, 193, 454832, 1.0.29651, , ame, , 60795600CA7C3ACAC8773886C4CA998F, D5EFB05D5951F1D3C90AF2C842301A64A0AC107EBB6411D5E748632DF1AFF5DA
PUP.Optional.Conduit, C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, 193, 454832, 1.0.29651, , ame, , 60795600CA7C3ACAC8773886C4CA998F, D5EFB05D5951F1D3C90AF2C842301A64A0AC107EBB6411D5E748632DF1AFF5DA
PUP.Optional.CrossRider, C:\USERS\EMILY\DOWNLOADS\JAVA_UPDATER_SETUP.EXE, No Action By User, 509, 8460, 1.0.29651, , ame, , 6AF319E829B62C209C3D816AE08468DA, 27F290B90A005FDCAD7AC3E14B4F3C8E6460CA5343A88F75A70072CBD8FA8D3A
PUP.Optional.Conduit, C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, 193, 454832, 1.0.29651, , ame, , 60795600CA7C3ACAC8773886C4CA998F, D5EFB05D5951F1D3C90AF2C842301A64A0AC107EBB6411D5E748632DF1AFF5DA
PUP.Optional.Conduit, C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, 193, 454832, 1.0.29651, , ame, , 60795600CA7C3ACAC8773886C4CA998F, D5EFB05D5951F1D3C90AF2C842301A64A0AC107EBB6411D5E748632DF1AFF5DA

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)
 

johnb35

Administrator
Staff member
It may have been the laptop as I seen most were pups but there was one entry that was listed as a trojan. You'll continue to get email warnings unless the threat has been removed.
 

fmonte

Member
So after the scan of the laptop, the only choice I had was to "quarantine". I don't know how to remove it. Also, do you think I have to run the Spectrum scan is Malwarebytes all that I need?
 

johnb35

Administrator
Staff member
The only option in Malwarebytes is quarantine. What program is spectrum wanting you to use? I mean its not gonna hurt to do it.
 
Top