ProblemsRBad

Members
  • Content count

    782
  • Joined

  • Last visited

  • Time Online

    95d 46m 21s

About ProblemsRBad

  • Rank
    Member

Profile Information

  • Gender
  • OS Windows 10

Profile Fields

  • Country
  1. Ok, this scans done. What's next please? here is the logs: RogueKiller V12.1.4.0 [Apr 25 2016] (Free) by Adlice Software mail : http://www.adlice.com/contact/ Feedback : http://forum.adlice.com Website : http://www.adlice.com/software/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : User [Administrator] Started from : C:\Users\User\Desktop\RogueKiller.exe Mode : Scan -- Date : 04/28/2016 20:41:32 ¤¤¤ Processes : 0 ¤¤¤ ¤¤¤ Registry : 0 ¤¤¤ ¤¤¤ Tasks : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: TOSHIBA DT01ACA050 ATA Device +++++ --- User --- [MBR] b9916e36da6699d8c46c162dab8a51b8 [BSP] 9df843fdf19ee6640b24103918adf451 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 249899 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 512000000 | Size: 226939 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK ----------------------------------------------------------- Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 4/28/2016 Scan Time: 9:56 AM Logfile: mbamlog.txt Administrator: Yes Version: 2.2.1.1043 Malware Database: v2016.04.29.01 Rootkit Database: v2016.04.17.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: User Scan Type: Threat Scan Result: Completed Objects Scanned: 337651 Time Elapsed: 17 min, 33 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 1 PUP.Optional.YahooVNM, HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}, Quarantined, [eca9496b19809e988d6a5607d72d28d8], Registry Values: 2 PUP.Optional.YahooVNM, HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}|URL, https://ph.search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10290__160406__yaie&p={searchTerms}, Quarantined, [eca9496b19809e988d6a5607d72d28d8] PUP.Optional.YahooVNM, HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}|TopResultURL, https://ph.search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10290__160406__yaie&p={searchTerms}, Quarantined, [f79ef9bb6d2c191d4ea91944ad57b050] Registry Data: 0 (No malicious items detected) Folders: 85 PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\adapter, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\abstractbutton, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\abstractbutton\background, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\alert, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\alert\background, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\embedhtml, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\embedhtml\background, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\embedhtml\html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\embedhtml\js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\embedscript, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\embedscript\background, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\embedscript\html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\embedscript\js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\flare, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\flare\background, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\flare\icons, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\generic, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\generic\background, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\link, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\link\background, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\menu, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\menu\background, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\menu\css, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\menu\html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\menu\images, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\menu\js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\rss, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\rss\background, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\thirdparty, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\thirdparty\background, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\uninstall, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\uninstall\background, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\weather, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\weather\background, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\common, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\radio, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\radio\css, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\radio\js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\rss, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\rss\js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\test, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\topapps, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\topapps\css, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\topapps\js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\weather, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\weather\css, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\weather\js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\api, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\api\background, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\api\window, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\defaultSearch, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\defaultSearch\background, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\defaultSearch\foreground, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\moviereviews, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\moviereviews\background, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\moviereviews\css, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\moviereviews\html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\moviereviews\js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\radio, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\radio\background, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\radio\css, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\radio\foreground, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\radio\radioWrapper, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\search, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\search\background, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\search\html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\supertab, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\supertab\css, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\supertab\html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\supertab\js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\icons, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\images, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\native, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\native\libs, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\shared, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\_metadata, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog, Quarantined, [405507addbbe25117c5b462f689d21df], Files: 234 PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\manifest.json, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\spent.css, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\bg.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\buildVars, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\buildVars.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\companionSW.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\config.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\contentScript.css, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\contentScript.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\debug.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\debug.jade, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\extension_toolbar_api.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\initWidgetWindow.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\newTabContentScript.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\options.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\spent.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\spent.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\spent2.css, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\spent2.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\spentJ.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\spentK.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\spentK.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\startup.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\stub.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\stubby.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\superFrame.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\toolbar.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\toolbar.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\toolbarUI.css, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\toolbarUI.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\toolbarUI.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\url.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\webtooltab.cs.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\adapter\adapterUtil.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\adapter\widget-adapter.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\abstractbutton\background\abstractButton.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\alert\background\alertButton.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\embedhtml\background\embedHtmlWidget.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\embedhtml\html\embedHtmlTemplate.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\embedhtml\html\innerEmbedHtmlTemplate.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\embedhtml\js\embedHtmlUI.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\embedscript\background\embedScriptWidget.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\embedscript\html\embedScriptTemplate.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\embedscript\html\innerEmbedScriptTemplate.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\embedscript\js\embedScriptUI.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\flare\background\FlareWidget.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\flare\icons\Icon_Flare_blue.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\flare\icons\Icon_Flare_pink.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\flare\icons\Thumbs.db, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\generic\background\GenericWidget.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\link\background\linkButton.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\menu\README.txt, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\menu\background\menuButton.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\menu\css\menuframe.css, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\menu\html\menuframe.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\menu\images\right_arrow.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\menu\images\right_arrow_white.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\menu\js\jquery-1.7.1.min.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\menu\js\menuframe.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\menu\js\query-string.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\menu\js\underscore-1.3.1.min.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\rss\background\RssWidget.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\thirdparty\background\thirdPartyWidget.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\uninstall\background\uninstallButton.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\components\weather\background\weatherButton.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\js\bs.30.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\js\common.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\js\dynamic.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\js\enableDetect.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\js\eventListening.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\js\global.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\js\jquery-1.7.1.min.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\js\list-interaction.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\js\messageEventListener.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\js\navRedirector.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\js\paramReplacer.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\js\PartnerId.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\js\set.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\js\underscore-1.3.1.min.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\js\underscore-1.5.2.min.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\js\unifiedLogging.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widget-context-1.0.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\common\common.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\common\eventListening.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\common\jquery-1.7.1.min.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\common\list-interaction.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\common\set.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\common\underscore-1.3.1.min.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\radio\radio-widget.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\radio\css\radio-widget.css, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\radio\js\radio-custom.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\radio\js\radio-parser.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\radio\js\radio-widget-ui.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\radio\js\radio-widget.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\rss\rssWidget.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\rss\js\rss-widget-custom.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\rss\js\rss-widget-parse.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\rss\js\rss-widget.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\test\invalid.json, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\test\jquery.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\test\qunit.css, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\test\qunit.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\test\resource.json, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\test\resource.xml, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\test\testWidget.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\test\testWidget.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\topapps\widget.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\topapps\css\widget.css, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\topapps\js\nanigans-topapps-feed.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\topapps\js\topapps-config.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\topapps\js\widget.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\weather\weatherButton.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\weather\css\weatherButton.css, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\common\widget-api\widgets\weather\js\weather.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\api\background\ApiBasedWidget.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\api\background\widget-api-impl.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\api\window\hiddenWidgetWindow.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\api\window\hiddenWidgetWindow.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\api\window\hiddenWidgetWindowInit.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\api\window\widgetWindow.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\api\window\widgetWindow.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\defaultSearch\background\updateSearch.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\defaultSearch\background\updateSearchPromptBg.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\defaultSearch\foreground\07_buttons2.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\defaultSearch\foreground\08_buttons2.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\defaultSearch\foreground\defaultSearchModal.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\defaultSearch\foreground\defaultSearchModalInjector.css, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\defaultSearch\foreground\defaultSearchModalInjector.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\defaultSearch\foreground\tvf_btn_ok.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\defaultSearch\foreground\tvf_btn_ok2.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\defaultSearch\foreground\tvf_restart_alert_icon.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\defaultSearch\foreground\tvf_restart_icon.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\defaultSearch\foreground\updateSearchPromptFg.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\moviereviews\background\MovieReviewsWidget.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\moviereviews\css\movieReviews.css, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\moviereviews\html\movieReviews.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\moviereviews\js\movieReviews.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\radio\background\RadioWidget.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\radio\css\toolbar-item.css, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\radio\foreground\button.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\radio\radioWrapper\radioWrapper.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\radio\radioWrapper\radioWrapper.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\search\background\searchBox.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\search\html\searchSuggestions.css, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\search\html\searchSuggestions.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\search\html\searchSuggestions.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\search\html\searchSuggestionsInit.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\supertab\css\supertab.css, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\supertab\html\supertab.html, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\supertab\js\newtabfork.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\supertab\js\reporting.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\supertab\js\srchsugg.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\supertab\js\supertab.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\supertab\js\unifiedLogging.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\components\supertab\js\__utm.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\icons\arrowSprite.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\icons\icon128.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\icons\icon16.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\icons\icon19disabled.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\icons\icon19on.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\icons\icon48.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\icons\tb_icon_search_disappearing_ask.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\images\225079934.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\images\225079946.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\images\225079968.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\images\225079969.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\images\225079970.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\images\225080001.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\images\225080018.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\images\down_arrow.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\images\IDR_PRODUCT_LOGO_16.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\images\IDR_WEBSTORE_ICON.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\images\magnifying_glass.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\images\RadioPlayerSprite.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\images\search_button.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\images\tvf_icon_guide.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\images\tvf_logo.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\images\wrench.png, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\chromeUtils.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\companionSWUtils.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\exeManager.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\exeManagerNMD.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\exePackageManager.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\focusManager.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\globalBlacklistManager.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\messaging.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\mutation_summary-min.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\mutation_summary.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\nativeMessagingDispatcher.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\newTabInfo.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\newTabInitialize.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\options.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\readLocalStorage.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\reservespacefortoolbar.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\reservespaceifenabled.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\scriptInjector.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\searchContext.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\settingsOverrides.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\toolbarCookieParser.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\toolbarPreinit.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\underscore-1.3.1.min.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\URILoaderContentScript.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\webTooltabAPI.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\Widget.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\widgetContentScriptInjectee.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\widgetFactory.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\js\widgetWindowManager.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\native\cache.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\native\ce.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\native\debug.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\native\ss.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\native\libs\jquery-1.7.1.min.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\native\libs\jquery-1.9.1.min.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\native\libs\underscore-1.5.2.min.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\shared\activePing.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\shared\buttonLogger.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\shared\competitorDnsList.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\shared\console.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\shared\FFPreferencesPersister.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\shared\httpTransport.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\shared\HttpURL.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\shared\internationalSearch.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\shared\LocalStoragePersister.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\shared\MindsparkGlobal.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\shared\MindsparkGlobal.unitTest.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\shared\MindsparkGlobalNotes.txt, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\shared\rsvp-latest.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\shared\searchSuggestLocale.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\shared\testHttpTransport.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\shared\unifiedLogger.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\shared\unifiedLogging.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\shared\universalConsole.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\shared\utils.js, Quarantined, [405507addbbe25117c5b462f689d21df], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.34667_0\_metadata\verified_contents.json, Quarantined, [405507addbbe25117c5b462f689d21df], Physical Sectors: 0 (No malicious items detected) (end) --------------------------------------------- # AdwCleaner v5.109 - Logfile created 06/04/2016 at 06:46:03 # Updated 04/04/2016 by Xplode # Database : 2016-04-05.1 [Server] # Operating system : Windows 7 Ultimate (x64) # Username : User - USER-PC # Running from : C:\Users\User\Desktop\adwcleaner_5.109.exe # Option : Clean # Support : http://toolslib.net/forum ***** [ Services ] ***** [-] Service Deleted : UCBrowserSvc ***** [ Folders ] ***** [#] Folder Deleted : C:\ProgramData\apn [#] Folder Deleted : C:\ProgramData\Application Data\apn [#] Folder Deleted : C:\Users\User\AppData\Local\Temp\apn ***** [ Files ] ***** ***** [ DLLs ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled tasks ] ***** ***** [ Registry ] ***** ***** [ Web browsers ] ***** [-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com [-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com ************************* :: "Tracing" keys deleted :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C1].txt - [1105 bytes] - [06/04/2016 06:46:03] C:\AdwCleaner\AdwCleaner[S1].txt - [1131 bytes] - [06/04/2016 06:44:26] ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1251 bytes] ########## ---------------------------------------------------------------- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.6 (04.25.2016) Operating System: Windows 7 Ultimate x64 Ran by User (Administrator) on Thu 04/28/2016 at 20:54:00.80 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 45 Successfully deleted: C:\Users\User\AppData\Local\crashrpt (Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\13LPDLE9 (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1G0UBJXI (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\27SQJOT5 (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3SXWBXEZ (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4WHE59XD (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5M20H0OD (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\628OKJPN (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8XE661F5 (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BFW7CYSU (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EJS6YOVK (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F97YG8QQ (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I8VR74WA (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MN347XM0 (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGB74RRV (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OG62M1GT (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QSGB92J0 (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SW6E7OMF (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V3WYRPI8 (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YK1K4LMD (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAPEURL1 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\13LPDLE9 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1G0UBJXI (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\27SQJOT5 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3SXWBXEZ (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4WHE59XD (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5M20H0OD (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\628OKJPN (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8XE661F5 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BFW7CYSU (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EJS6YOVK (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F97YG8QQ (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I8VR74WA (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MN347XM0 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGB74RRV (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OG62M1GT (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QSGB92J0 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SW6E7OMF (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V3WYRPI8 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YK1K4LMD (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAPEURL1 (Temporary Internet Files Folder) Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Thu 04/28/2016 at 21:00:50.90 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  2. Sorry multi thread create, pc running slow. Please delete the other too.
  3. The system had Avast antivirus, I Tried to download Comodo but malwares prevented it to download. I installed Malwarebytes and made a scan then uninstall Avast and installed Comodo. Please help me out with the rest here is the FRST log's: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-04-2016 Ran by User (administrator) on USER-PC (28-04-2016 11:07:08) Running from C:\Users\User\Desktop Loaded Profiles: User (Available Profiles: User) Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Camshare Inc.) C:\Program Files (x86)\Camfrog\Camfrog Video Chat\update\cf_update_service.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe () C:\ProgramData\Smart Bro\OnlineUpdate\ouc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe (Visicom Media Inc.) C:\Program Files (x86)\ManyCam\ManyCam.exe (© 2015 Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\BingSvc\BingSvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (COMODO) C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavsrv.exe (COMODO) C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavsrv.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [ccav] => C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavsrv.exe [5037392 2016-04-22] (COMODO) HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-16] (Google Inc.) HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\MountPoints2: {0de5656f-def4-11e5-b5a9-00e0700eb31a} - E:\AutoRun.exe HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\MountPoints2: {1332ef5e-9d36-11e5-8efa-020ce70b0102} - E:\AutoRun.exe HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\MountPoints2: {283f71b3-43ee-11e5-91a3-00e0700eb31a} - E:\AutoRun.exe HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\MountPoints2: {283f71c2-43ee-11e5-91a3-00e0700eb31a} - E:\AutoRun.exe HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\MountPoints2: {283f71e0-43ee-11e5-91a3-00e0700eb31a} - E:\AutoRun.exe HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\MountPoints2: {296545c9-a56e-11e5-88ca-00e0700eb31a} - E:\AutoRun.exe HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\MountPoints2: {4b9cb842-46ca-11e5-9713-020ce70b0102} - E:\AutoRun.exe HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\MountPoints2: {4fb66646-88f9-11e5-bbcf-a2160f627aeb} - E:\AutoRun.exe HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\MountPoints2: {6fb8c234-9fcc-11e5-bd3f-e853ac0ccaec} - E:\AutoRun.exe HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\MountPoints2: {aa894358-5997-11e5-897d-020ce70b0102} - E:\AutoRun.exe HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\MountPoints2: {aa89435c-5997-11e5-897d-020ce70b0102} - E:\AutoRun.exe HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\MountPoints2: {b1fda0db-02af-11e6-8a26-00e0700eb31a} - E:\AutoRun.exe HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\MountPoints2: {b1fda128-02af-11e6-8a26-00e0700eb31a} - E:\AutoRun.exe HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-04-08] (Microsoft Corporation) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.22.1 Tcpip\..\Interfaces\{0054AB16-62F5-4A65-A0EF-A31D99BF7289}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{8FE85266-9C6C-4759-92DB-5F4122ADC5B2}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{DD60B469-1CC9-4935-9F76-F32689EBD0CF}: [DhcpNameServer] 192.168.22.1 Internet Explorer: ================== HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2C&ocid=SK2CDHP&osmkt=en-us HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://ph.search.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10290__160406__ysie HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1ewenusDefaultPack/SK2M_FRPage BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO: No Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> No File BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO-x32: No Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> No File BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation) Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) FireFox: ======== FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\b1fsrkhw.default-1449466420050 FF NewTab: hxxps://ph.search.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10290__160406__ysff FF SearchEngineOrder.3: Bing FF SelectedSearchEngine: Bing FF Homepage: google.com FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2CDF&PC=SK2C&q= FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_137.dll [2016-04-28] () FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_137.dll [2016-04-28] () FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2011-08-22] (Yahoo! Inc.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-10-15] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3095993379-2960881611-2283259630-1000: @tools.google.com/Google Update;version=3 -> C:\Users\User\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF Plugin HKU\S-1-5-21-3095993379-2960881611-2283259630-1000: @tools.google.com/Google Update;version=9 -> C:\Users\User\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation) FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\b1fsrkhw.default-1449466420050\searchplugins\bing-.xml [2016-04-06] FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\b1fsrkhw.default-1449466420050\searchplugins\yahoo-lavasoft.xml [2016-04-06] Chrome: ======= CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms} CHR DefaultSearchKeyword: Default -> bing.com CHR Plugin: (Shockwave Flash) - C:\Users\User\AppData\Local\Google\Chrome\Application\49.0.2623.112\PepperFlash\pepflashplayer.dll () CHR Plugin: (Native Client) - C:\Users\User\AppData\Local\Google\Chrome\Application\49.0.2623.112\ppGoogleNaClPluginChrome.dll => No File CHR Plugin: (Chrome PDF Viewer) - C:\Users\User\AppData\Local\Google\Chrome\Application\49.0.2623.112\pdf.dll => No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Microsoft Office 2013) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation) CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_108.dll => No File CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R4 camfrog_update_service; C:\Program Files (x86)\Camfrog\Camfrog Video Chat\update\cf_update_service.exe [1063968 2016-03-14] (Camshare Inc.) R2 ccavsrv; C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavsrv.exe [5037392 2016-04-22] (COMODO) R4 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () S4 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625648 2015-06-08] (Lenovo) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes) S4 Smart Bro. RunOuc; C:\Program Files (x86)\Smart Bro\UpdateDog\ouc.exe [657504 2012-11-11] () R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2012-12-03] (Advanced Micro Devices Inc.) S3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [18959360 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed] S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [589312 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed] S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [94720 2014-06-21] (Advanced Micro Devices) [File not signed] R0 cmdccav; C:\Windows\System32\DRIVERS\CmdCCAV.sys [127624 2016-04-22] (COMODO) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [241152 2012-12-03] (Huawei Technologies Co., Ltd.) R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-28] (Visicom Media Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-28] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation) R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-28] (Visicom Media Inc.) R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Windows (R) Win 7 DDK provider) R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Nuvoton Technology Corp.) U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-04-06] () S2 APXACC; system32\DRIVERS\appexDrv.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-04-28 11:07 - 2016-04-28 11:08 - 00014933 _____ C:\Users\User\Desktop\FRST.txt 2016-04-28 11:05 - 2016-04-28 11:05 - 02376704 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe 2016-04-28 10:39 - 2016-04-28 10:39 - 00002075 _____ C:\Users\Public\Desktop\COMODO Cloud Antivirus.lnk 2016-04-28 10:39 - 2016-04-28 10:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO 2016-04-28 10:38 - 2016-04-28 10:38 - 00000000 ____D C:\Program Files (x86)\COMODO 2016-04-28 10:32 - 2016-04-28 10:39 - 00000000 ____D C:\ProgramData\COMODO 2016-04-28 10:28 - 2016-04-28 10:28 - 00002183 _____ C:\Users\User\Desktop\Camfrog Video Chat.lnk 2016-04-28 10:16 - 2016-04-28 10:16 - 00074403 _____ C:\Users\User\Desktop\mbamlog.txt 2016-04-28 09:50 - 2016-04-28 10:27 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-04-28 09:50 - 2016-04-28 10:19 - 05823752 _____ (COMODO) C:\Users\User\Downloads\ccav_installer.exe 2016-04-28 09:46 - 2016-04-28 09:46 - 00001066 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-04-28 09:46 - 2016-04-28 09:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-04-28 09:46 - 2016-04-28 09:46 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-04-28 09:46 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-04-28 09:46 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-04-28 09:46 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-04-28 09:40 - 2016-04-28 09:42 - 22851472 _____ (Malwarebytes ) C:\Users\User\Downloads\mbam-setup-2.2.1.1043.exe 2016-04-27 15:16 - 2016-04-27 15:16 - 00000000 _____ C:\Users\User\Downloads\assets 2016-04-26 01:29 - 2016-04-26 01:29 - 00000796 _____ C:\Users\Public\Desktop\Speccy.lnk 2016-04-26 01:29 - 2016-04-26 01:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy 2016-04-26 01:29 - 2016-04-26 01:29 - 00000000 ____D C:\Program Files\Speccy 2016-04-26 01:27 - 2016-04-26 01:28 - 05111240 _____ (Piriform Ltd) C:\Users\User\Downloads\spsetup129.exe 2016-04-25 02:47 - 2016-04-25 02:47 - 00001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-04-25 02:47 - 2016-04-25 02:47 - 00000995 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk 2016-04-24 20:16 - 2016-04-24 20:16 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps 2016-04-22 13:21 - 2016-04-22 13:21 - 00555688 _____ (COMODO) C:\Windows\system32\CcavGuard64.dll 2016-04-22 13:21 - 2016-04-22 13:21 - 00431792 _____ (COMODO) C:\Windows\SysWOW64\CcavGuard32.dll 2016-04-22 13:20 - 2016-04-22 13:20 - 00127624 _____ (COMODO) C:\Windows\system32\Drivers\CmdCCAV.sys 2016-04-20 15:42 - 2016-04-20 15:42 - 00048782 _____ C:\Users\User\Downloads\robin-b-hood-english-748484.zip 2016-04-15 01:32 - 2016-04-16 21:58 - 00005120 ____H C:\Users\User\Documents\photothumb.db 2016-04-15 00:39 - 2016-04-24 20:58 - 00000000 ____D C:\Users\User\Downloads\Originals 2016-04-15 00:11 - 2016-04-16 21:58 - 00145408 ____H C:\Users\User\Downloads\photothumb.db 2016-04-15 00:10 - 2016-04-15 03:30 - 00000000 ____D C:\Users\User\AppData\Roaming\PhotoScape 2016-04-15 00:09 - 2016-04-15 00:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape 2016-04-15 00:09 - 2016-04-15 00:09 - 00000000 ____D C:\Program Files (x86)\PhotoScape 2016-04-14 21:57 - 2016-04-14 21:57 - 00000983 _____ C:\Users\Public\Desktop\Smart Bro.lnk 2016-04-14 21:57 - 2016-04-14 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Bro 2016-04-14 21:56 - 2012-12-03 04:22 - 00241152 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys 2016-04-14 21:56 - 2012-12-03 03:40 - 00452608 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys 2016-04-14 21:56 - 2012-10-29 21:42 - 00014336 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys 2016-04-14 21:56 - 2012-10-29 04:44 - 00076800 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys 2016-04-14 21:56 - 2012-08-19 17:55 - 00104960 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys 2016-04-14 21:56 - 2012-08-19 17:55 - 00090112 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys 2016-04-14 21:56 - 2012-08-19 17:55 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys 2016-04-14 21:56 - 2011-12-30 18:20 - 00225920 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys 2016-04-14 21:56 - 2010-10-08 01:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys 2016-04-14 21:56 - 2010-09-26 03:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys 2016-04-14 21:56 - 2010-08-05 16:43 - 01001472 _____ (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys 2016-04-14 21:56 - 2010-07-26 18:52 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys 2016-04-14 20:01 - 2016-04-15 19:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-04-14 19:21 - 2010-01-01 12:21 - 73857152 _____ C:\Users\User\Documents\SAM_5099.AVI 2016-04-13 08:38 - 2016-03-15 17:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2016-04-13 08:38 - 2016-03-15 17:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll 2016-04-13 08:38 - 2016-03-15 16:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll 2016-04-13 08:37 - 2016-03-17 16:04 - 05551336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-04-13 08:37 - 2016-03-17 16:04 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2016-04-13 08:37 - 2016-03-17 16:04 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-04-13 08:37 - 2016-03-17 16:04 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-04-13 08:37 - 2016-03-17 16:01 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-04-13 08:37 - 2016-03-17 16:01 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2016-04-13 08:37 - 2016-03-17 15:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-04-13 08:37 - 2016-03-17 15:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2016-04-13 08:37 - 2016-03-17 15:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2016-04-13 08:37 - 2016-03-17 15:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-04-13 08:37 - 2016-03-17 15:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-04-13 08:37 - 2016-03-17 15:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-04-13 08:37 - 2016-03-17 15:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-04-13 08:37 - 2016-03-17 15:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-04-13 08:37 - 2016-03-17 15:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-04-13 08:37 - 2016-03-17 15:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2016-04-13 08:37 - 2016-03-17 15:57 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-04-13 08:37 - 2016-03-17 15:57 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-04-13 08:37 - 2016-03-17 15:57 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2016-04-13 08:37 - 2016-03-17 15:57 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2016-04-13 08:37 - 2016-03-17 15:57 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-04-13 08:37 - 2016-03-17 15:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2016-04-13 08:37 - 2016-03-17 15:56 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2016-04-13 08:37 - 2016-03-17 15:54 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-04-13 08:37 - 2016-03-17 15:54 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-04-13 08:37 - 2016-03-17 15:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-04-13 08:37 - 2016-03-17 15:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-04-13 08:37 - 2016-03-17 15:53 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-04-13 08:37 - 2016-03-17 15:53 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-04-13 08:37 - 2016-03-17 15:53 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-04-13 08:37 - 2016-03-17 15:53 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2016-04-13 08:37 - 2016-03-17 15:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2016-04-13 08:37 - 2016-03-17 15:33 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-04-13 08:37 - 2016-03-17 15:31 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-04-13 08:37 - 2016-03-17 15:31 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-04-13 08:37 - 2016-03-17 15:31 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-04-13 08:37 - 2016-03-17 15:31 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2016-04-13 08:37 - 2016-03-17 15:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2016-04-13 08:37 - 2016-03-17 15:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2016-04-13 08:37 - 2016-03-17 15:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2016-04-13 08:37 - 2016-03-17 15:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2016-04-13 08:37 - 2016-03-17 15:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-04-13 08:37 - 2016-03-17 15:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2016-04-13 08:37 - 2016-03-17 15:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2016-04-13 08:37 - 2016-03-17 15:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2016-04-13 08:37 - 2016-03-17 15:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-04-13 08:37 - 2016-03-17 15:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-04-13 08:37 - 2016-03-17 15:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2016-04-13 08:37 - 2016-03-17 15:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2016-04-13 08:37 - 2016-03-17 15:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-04-13 08:37 - 2016-03-17 15:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 14:53 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2016-04-13 08:37 - 2016-03-17 14:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2016-04-13 08:37 - 2016-03-17 14:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2016-04-13 08:37 - 2016-03-17 14:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-04-13 08:37 - 2016-03-17 14:44 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-04-13 08:37 - 2016-03-17 14:43 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-04-13 08:37 - 2016-03-17 14:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2016-04-13 08:37 - 2016-03-17 14:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-04-13 08:37 - 2016-03-17 14:37 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-04-13 08:37 - 2016-03-17 14:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-04-13 08:37 - 2016-03-17 14:35 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-04-13 08:37 - 2016-03-17 14:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-04-13 08:37 - 2016-03-17 14:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2016-04-13 08:37 - 2016-03-17 14:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2016-04-13 08:37 - 2016-03-17 14:30 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2016-04-13 08:37 - 2016-03-17 14:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2016-04-13 08:37 - 2016-03-17 14:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2016-04-13 08:37 - 2016-03-17 14:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 14:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 14:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2016-04-13 08:37 - 2016-03-17 14:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2016-04-13 08:37 - 2016-03-11 11:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2016-04-13 08:37 - 2016-03-11 11:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2016-04-13 08:37 - 2016-03-06 11:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2016-04-13 08:37 - 2016-03-06 11:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2016-04-13 08:37 - 2016-03-06 11:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2016-04-13 08:37 - 2016-03-06 11:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2016-04-13 08:35 - 2016-03-31 12:25 - 00394952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-04-13 08:35 - 2016-03-31 11:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-04-13 08:35 - 2016-03-30 17:54 - 25817600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-04-13 08:35 - 2016-03-30 17:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-04-13 08:35 - 2016-03-30 17:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-04-13 08:35 - 2016-03-30 17:31 - 02892800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-04-13 08:35 - 2016-03-30 17:28 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-04-13 08:35 - 2016-03-30 17:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-04-13 08:35 - 2016-03-30 17:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-04-13 08:35 - 2016-03-30 17:27 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-04-13 08:35 - 2016-03-30 17:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-04-13 08:35 - 2016-03-30 17:25 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-04-13 08:35 - 2016-03-30 17:22 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-04-13 08:35 - 2016-03-30 17:21 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-04-13 08:35 - 2016-03-30 17:19 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-04-13 08:35 - 2016-03-30 17:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-04-13 08:35 - 2016-03-30 17:17 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-04-13 08:35 - 2016-03-30 17:17 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-04-13 08:35 - 2016-03-30 17:17 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-04-13 08:35 - 2016-03-30 17:11 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-04-13 08:35 - 2016-03-30 17:08 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-04-13 08:35 - 2016-03-30 17:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-04-13 08:35 - 2016-03-30 17:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-04-13 08:35 - 2016-03-30 17:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-04-13 08:35 - 2016-03-30 16:59 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-04-13 08:35 - 2016-03-30 16:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-04-13 08:35 - 2016-03-30 16:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-04-13 08:35 - 2016-03-30 16:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-04-13 08:35 - 2016-03-30 16:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-04-13 08:35 - 2016-03-30 16:53 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-04-13 08:35 - 2016-03-30 16:52 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-04-13 08:35 - 2016-03-30 16:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-04-13 08:35 - 2016-03-30 16:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-04-13 08:35 - 2016-03-30 16:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-04-13 08:35 - 2016-03-30 16:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-04-13 08:35 - 2016-03-30 16:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-04-13 08:35 - 2016-03-30 16:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-04-13 08:35 - 2016-03-30 16:46 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-04-13 08:35 - 2016-03-30 16:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-04-13 08:35 - 2016-03-30 16:45 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-04-13 08:35 - 2016-03-30 16:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-04-13 08:35 - 2016-03-30 16:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-04-13 08:35 - 2016-03-30 16:43 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-04-13 08:35 - 2016-03-30 16:43 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-04-13 08:35 - 2016-03-30 16:42 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-04-13 08:35 - 2016-03-30 16:42 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-04-13 08:35 - 2016-03-30 16:39 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-04-13 08:35 - 2016-03-30 16:38 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-04-13 08:35 - 2016-03-30 16:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-04-13 08:35 - 2016-03-30 16:33 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2016-04-13 08:35 - 2016-03-30 16:31 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-04-13 08:35 - 2016-03-30 16:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-04-13 08:35 - 2016-03-30 16:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-04-13 08:35 - 2016-03-30 16:30 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-04-13 08:35 - 2016-03-30 16:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-04-13 08:35 - 2016-03-30 16:29 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-04-13 08:35 - 2016-03-30 16:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-04-13 08:35 - 2016-03-30 16:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-04-13 08:35 - 2016-03-30 16:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-04-13 08:35 - 2016-03-30 16:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-04-13 08:35 - 2016-03-30 16:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-04-13 08:35 - 2016-03-30 16:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-04-13 08:35 - 2016-03-30 16:06 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-04-13 08:35 - 2016-03-30 16:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-04-13 08:35 - 2016-03-30 16:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-04-13 08:35 - 2016-03-30 16:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-04-13 08:35 - 2016-03-29 10:53 - 03216896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-04-13 08:35 - 2013-11-26 01:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2016-04-13 08:35 - 2013-11-22 15:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2016-04-12 18:46 - 2015-11-10 11:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2016-04-12 18:46 - 2015-11-10 11:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2016-04-12 18:46 - 2015-11-10 11:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2016-04-12 18:46 - 2015-07-30 11:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2016-04-12 18:46 - 2015-07-30 10:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2016-04-12 18:45 - 2015-12-08 14:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2016-04-12 18:45 - 2015-12-08 12:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2016-04-12 18:44 - 2015-02-02 20:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2016-04-12 18:44 - 2015-02-02 20:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2016-04-12 18:43 - 2015-02-03 20:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2016-04-12 18:43 - 2015-02-03 19:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2016-04-12 13:25 - 2015-07-30 06:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2016-04-12 13:25 - 2015-07-30 06:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2016-04-12 13:08 - 2015-01-16 19:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2016-04-12 13:08 - 2015-01-16 19:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2016-04-12 13:07 - 2016-04-12 13:07 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2016-04-12 13:06 - 2016-04-12 13:06 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2016-04-12 13:06 - 2016-04-12 13:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2016-04-12 13:06 - 2016-04-12 13:06 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2016-04-12 13:06 - 2016-04-12 13:06 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2016-04-12 13:06 - 2016-04-12 13:06 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2016-04-12 13:06 - 2016-04-12 13:06 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2016-04-12 13:06 - 2016-04-12 13:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2016-04-12 13:06 - 2016-04-12 13:06 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2016-04-12 13:06 - 2016-04-12 13:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2016-04-12 13:06 - 2016-04-12 13:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2016-04-12 13:06 - 2016-04-12 13:06 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2016-04-12 13:06 - 2016-04-12 13:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2016-04-12 13:06 - 2016-04-12 13:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2016-04-12 13:06 - 2016-04-12 13:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2016-04-12 13:06 - 2016-04-12 13:06 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2016-04-12 13:06 - 2016-04-12 13:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2016-04-12 13:06 - 2016-04-12 13:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2016-04-12 13:06 - 2016-04-12 13:06 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2016-04-12 13:06 - 2016-04-12 13:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2016-04-12 13:06 - 2016-04-12 13:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2016-04-12 13:06 - 2016-04-12 13:06 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2016-04-12 13:05 - 2016-04-12 13:05 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2016-04-12 13:05 - 2016-04-12 13:05 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2016-04-12 13:05 - 2016-04-12 13:05 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2016-04-12 13:05 - 2016-04-12 13:05 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2016-04-12 13:05 - 2016-04-12 13:05 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2016-04-12 13:05 - 2016-04-12 13:05 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2016-04-12 13:05 - 2016-04-12 13:05 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2016-04-12 13:05 - 2016-04-12 13:05 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2016-04-12 13:05 - 2016-04-12 13:05 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2016-04-12 13:05 - 2016-04-12 13:05 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2016-04-12 13:05 - 2016-04-12 13:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2016-04-12 13:05 - 2016-04-12 13:05 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2016-04-12 13:05 - 2016-04-12 13:05 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2016-04-12 13:05 - 2016-04-12 13:05 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2016-04-12 13:05 - 2016-04-12 13:05 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2016-04-12 13:05 - 2016-04-12 13:05 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2016-04-12 13:05 - 2016-04-12 13:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2016-04-12 13:05 - 2016-04-12 13:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2016-04-12 13:05 - 2016-04-12 13:05 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2016-04-12 13:05 - 2016-04-12 13:05 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2016-04-12 12:54 - 2016-04-12 12:54 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2016-04-12 12:54 - 2016-04-12 12:54 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2016-04-12 12:51 - 2016-04-12 12:51 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2016-04-12 12:51 - 2016-04-12 12:51 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2016-04-12 12:40 - 2016-04-12 12:40 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2016-04-12 12:33 - 2016-04-12 12:33 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2016-04-12 12:33 - 2016-04-12 12:33 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2016-04-12 00:14 - 2012-02-29 23:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys 2016-04-12 00:14 - 2012-02-29 23:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll 2016-04-12 00:14 - 2012-02-29 22:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll 2016-04-10 03:16 - 2014-06-30 15:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2016-04-10 03:16 - 2014-06-30 15:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll 2016-04-10 03:16 - 2014-03-09 14:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2016-04-10 03:16 - 2014-03-09 14:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2016-04-10 03:16 - 2014-03-09 14:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe 2016-04-10 03:16 - 2014-03-09 14:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll 2016-04-10 03:15 - 2014-06-05 23:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2016-04-10 03:15 - 2014-06-05 23:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2016-04-09 13:57 - 2015-07-15 11:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2016-04-09 13:57 - 2015-07-15 11:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2016-04-09 13:57 - 2015-07-15 11:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2016-04-09 13:57 - 2014-01-28 19:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2016-04-09 13:57 - 2014-01-28 19:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2016-04-09 13:55 - 2014-12-18 20:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2016-04-09 13:52 - 2015-07-14 20:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll 2016-04-09 13:51 - 2016-02-03 11:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2016-04-09 13:51 - 2016-02-03 11:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2016-04-09 13:51 - 2016-02-03 11:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2016-04-09 13:51 - 2016-02-03 11:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll 2016-04-09 13:51 - 2014-12-05 21:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2016-04-09 13:51 - 2014-12-05 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll 2016-04-09 13:51 - 2014-12-05 20:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll 2016-04-09 13:51 - 2013-07-25 19:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2016-04-09 13:51 - 2013-07-25 18:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2016-04-09 13:51 - 2012-10-03 10:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2016-04-09 13:51 - 2012-10-03 10:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2016-04-09 13:50 - 2015-11-13 16:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll 2016-04-09 13:50 - 2015-11-13 16:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll 2016-04-09 13:50 - 2015-11-13 16:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe 2016-04-09 13:50 - 2015-11-13 15:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll 2016-04-09 13:50 - 2015-11-13 15:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll 2016-04-09 13:50 - 2015-11-13 15:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe 2016-04-09 13:49 - 2015-08-05 10:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2016-04-09 13:49 - 2015-06-01 17:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll 2016-04-09 13:49 - 2015-06-01 16:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll 2016-04-09 13:49 - 2015-04-12 20:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2016-04-09 13:49 - 2014-12-11 10:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2016-04-09 13:49 - 2011-06-15 03:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll 2016-04-09 13:49 - 2011-06-15 03:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll 2016-04-09 13:49 - 2011-06-15 03:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll 2016-04-09 13:49 - 2011-06-15 03:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll 2016-04-09 13:49 - 2011-06-15 01:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll 2016-04-09 13:49 - 2011-06-15 01:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll 2016-04-09 13:49 - 2011-06-15 01:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll 2016-04-09 13:49 - 2011-06-15 01:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll 2016-04-09 13:49 - 2011-06-15 01:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll 2016-04-09 13:47 - 2016-01-06 12:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2016-04-09 13:47 - 2016-01-06 12:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2016-04-09 13:47 - 2016-01-06 11:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2016-04-09 13:47 - 2010-12-23 03:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll 2016-04-09 13:47 - 2010-12-23 03:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax 2016-04-09 13:47 - 2010-12-22 22:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll 2016-04-09 13:47 - 2010-12-22 22:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax 2016-04-09 13:44 - 2015-07-10 10:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2016-04-09 13:44 - 2015-07-10 10:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2016-04-09 13:44 - 2015-07-10 10:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2016-04-09 13:44 - 2015-07-10 10:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2016-04-09 13:44 - 2015-07-10 10:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2016-04-09 13:44 - 2015-07-10 10:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2016-04-09 13:43 - 2015-11-03 12:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2016-04-09 13:43 - 2015-11-03 11:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2016-04-09 13:43 - 2015-08-06 11:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2016-04-09 13:43 - 2015-08-06 11:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2016-04-09 13:43 - 2015-08-06 10:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2016-04-09 13:43 - 2015-08-06 10:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2016-04-09 13:43 - 2011-11-16 23:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll 2016-04-09 13:43 - 2011-11-16 22:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll 2016-04-09 13:41 - 2015-02-02 20:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2016-04-09 13:41 - 2015-02-02 20:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2016-04-09 13:41 - 2015-02-02 20:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2016-04-09 13:40 - 2015-02-02 20:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2016-04-09 13:40 - 2015-02-02 20:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2016-04-09 13:40 - 2015-02-02 20:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2016-04-09 13:40 - 2015-02-02 20:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2016-04-09 13:40 - 2015-02-02 20:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2016-04-09 13:40 - 2015-02-02 20:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2016-04-09 13:40 - 2015-02-02 20:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2016-04-09 13:40 - 2015-02-02 20:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2016-04-09 13:40 - 2015-02-02 20:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2016-04-09 13:40 - 2015-02-02 20:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2016-04-09 13:40 - 2015-02-02 20:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2016-04-09 13:40 - 2015-02-02 20:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2016-04-09 13:40 - 2015-02-02 20:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2016-04-09 13:40 - 2015-02-02 20:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2016-04-09 13:40 - 2015-02-02 20:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2016-04-09 13:40 - 2015-02-02 20:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2016-04-09 13:40 - 2015-02-02 20:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2016-04-09 13:40 - 2015-02-02 20:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2016-04-09 13:40 - 2015-02-02 20:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2016-04-09 13:40 - 2015-02-02 20:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2016-04-09 13:40 - 2015-02-02 20:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2016-04-09 13:40 - 2015-02-02 20:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2016-04-09 13:40 - 2015-02-02 20:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2016-04-09 13:40 - 2015-02-02 20:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2016-04-09 13:40 - 2015-02-02 20:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2016-04-09 13:40 - 2015-02-02 20:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2016-04-09 13:40 - 2015-02-02 20:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2016-04-09 13:40 - 2015-02-02 20:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2016-04-09 13:40 - 2015-02-02 20:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2016-04-09 13:40 - 2015-02-02 20:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2016-04-09 13:40 - 2015-02-02 20:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2016-04-09 13:40 - 2015-02-02 20:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2016-04-09 13:40 - 2015-02-02 20:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2016-04-09 13:40 - 2015-02-02 20:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2016-04-09 13:40 - 2015-02-02 20:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2016-04-09 13:40 - 2015-02-02 20:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2016-04-09 13:33 - 2014-06-18 15:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2016-04-09 13:33 - 2014-06-18 15:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll 2016-04-09 13:33 - 2014-06-18 15:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll 2016-04-09 13:33 - 2014-06-18 15:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2016-04-09 13:33 - 2014-06-18 15:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll 2016-04-09 13:33 - 2014-06-18 15:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2016-04-09 13:33 - 2013-04-12 07:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2016-04-09 13:32 - 2014-04-04 19:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2016-04-09 13:32 - 2014-04-04 19:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2016-04-09 13:32 - 2013-11-26 04:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2016-04-09 13:32 - 2013-10-18 19:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2016-04-09 13:32 - 2013-10-18 18:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll 2016-04-09 13:31 - 2014-10-13 19:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2016-04-09 13:28 - 2016-02-12 11:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2016-04-09 13:28 - 2016-02-12 11:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2016-04-09 13:28 - 2016-02-12 11:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2016-04-09 13:28 - 2016-02-12 11:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2016-04-09 13:28 - 2016-02-12 11:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2016-04-09 13:28 - 2016-02-12 11:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-04-09 13:28 - 2016-02-12 11:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2016-04-09 13:28 - 2016-02-12 11:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-04-09 13:28 - 2016-02-12 11:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2016-04-09 13:28 - 2016-02-12 11:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2016-04-09 13:28 - 2016-02-12 11:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2016-04-09 13:28 - 2016-02-12 11:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2016-04-09 13:28 - 2016-02-12 11:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2016-04-09 13:28 - 2016-02-12 11:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2016-04-09 13:28 - 2016-02-12 11:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2016-04-09 13:28 - 2016-02-12 11:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2016-04-09 13:26 - 2015-02-02 20:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2016-04-09 13:26 - 2015-02-02 20:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll 2016-04-09 13:26 - 2014-06-17 19:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2016-04-09 13:26 - 2014-06-17 18:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2016-04-09 13:25 - 2016-02-03 11:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2016-04-09 13:25 - 2016-01-07 10:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2016-04-09 13:25 - 2015-11-10 11:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2016-04-09 13:25 - 2015-11-10 11:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2016-04-09 13:25 - 2015-07-14 20:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2016-04-09 13:25 - 2015-07-14 20:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2016-04-09 13:25 - 2015-07-14 19:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2016-04-09 13:25 - 2015-07-14 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2016-04-09 13:25 - 2015-07-01 13:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2016-04-09 13:25 - 2015-07-01 13:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2016-04-09 13:25 - 2015-07-01 13:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2016-04-09 13:25 - 2015-07-01 13:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2016-04-09 13:25 - 2015-04-24 11:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2016-04-09 13:25 - 2015-04-24 10:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2016-04-09 13:25 - 2013-11-26 18:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2016-04-09 13:25 - 2013-11-26 18:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2016-04-09 13:25 - 2013-11-26 18:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2016-04-09 13:25 - 2013-11-26 18:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2016-04-09 13:25 - 2013-11-26 18:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2016-04-09 13:25 - 2013-11-26 18:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2016-04-09 13:25 - 2013-11-26 18:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2016-04-09 13:25 - 2013-02-11 21:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023x.sys 2016-04-09 13:25 - 2013-02-11 21:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys 2016-04-09 13:25 - 2012-07-04 13:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rndismpx.sys 2016-04-09 13:25 - 2011-03-10 23:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll 2016-04-09 13:25 - 2011-03-10 23:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll 2016-04-09 13:25 - 2011-03-10 22:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll 2016-04-09 13:25 - 2011-03-10 22:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll 2016-04-09 13:23 - 2015-11-05 12:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll 2016-04-09 13:23 - 2015-11-05 12:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll 2016-04-09 13:23 - 2015-11-05 02:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys 2016-04-09 13:23 - 2013-06-25 15:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2016-04-09 13:23 - 2012-11-28 15:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys 2016-04-09 13:23 - 2012-11-28 15:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll 2016-04-09 13:23 - 2012-11-28 15:56 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf 2016-04-09 13:21 - 2014-03-04 02:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2016-04-09 13:21 - 2014-03-04 02:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2016-04-09 13:21 - 2014-03-04 02:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2016-04-09 13:21 - 2014-03-04 02:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2016-04-09 13:21 - 2014-03-04 02:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2016-04-09 13:21 - 2014-03-04 02:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2016-04-09 13:21 - 2014-03-04 02:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2016-04-09 13:21 - 2014-03-04 02:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2016-04-09 13:21 - 2014-03-04 02:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll 2016-04-09 13:21 - 2014-03-04 02:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll 2016-04-09 13:21 - 2014-03-04 02:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll 2016-04-09 13:21 - 2014-03-04 02:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll 2016-04-09 13:21 - 2014-03-04 02:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll 2016-04-09 13:21 - 2014-03-04 02:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll 2016-04-09 13:21 - 2012-11-01 22:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll 2016-04-09 13:21 - 2012-11-01 22:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll 2016-04-09 13:20 - 2016-02-05 11:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2016-04-09 13:20 - 2016-02-05 11:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2016-04-09 13:20 - 2016-02-05 11:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2016-04-09 13:20 - 2016-02-05 11:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2016-04-09 13:20 - 2016-02-05 11:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2016-04-09 13:20 - 2016-02-05 11:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2016-04-09 13:20 - 2016-02-05 11:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2016-04-09 13:20 - 2016-02-05 10:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2016-04-09 13:20 - 2016-02-05 10:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2016-04-09 13:20 - 2016-02-05 10:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2016-04-09 13:17 - 2015-06-11 10:56 - 01112576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2016-04-09 13:17 - 2015-06-11 10:16 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2016-04-09 13:17 - 2015-06-11 10:15 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys 2016-04-09 13:17 - 2014-08-11 19:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2016-04-09 13:17 - 2014-08-11 18:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL 2016-04-09 13:17 - 2011-04-28 20:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2016-04-09 13:17 - 2011-04-28 20:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2016-04-09 13:17 - 2011-04-28 20:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2016-04-09 13:16 - 2015-12-08 14:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2016-04-09 13:16 - 2015-12-08 14:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL 2016-04-09 13:16 - 2015-12-08 14:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL 2016-04-09 13:16 - 2015-12-08 14:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL 2016-04-09 13:16 - 2015-12-08 14:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL 2016-04-09 13:16 - 2015-12-08 14:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll 2016-04-09 13:16 - 2015-12-08 14:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL 2016-04-09 13:16 - 2015-12-08 14:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL 2016-04-09 13:16 - 2015-12-08 14:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL 2016-04-09 13:16 - 2015-12-08 14:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL 2016-04-09 13:16 - 2015-12-08 14:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL 2016-04-09 13:16 - 2015-12-08 14:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2016-04-09 13:16 - 2015-12-08 14:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2016-04-09 13:16 - 2015-12-08 14:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll 2016-04-09 13:16 - 2015-12-08 14:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL 2016-04-09 13:16 - 2015-12-08 14:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL 2016-04-09 13:16 - 2015-12-08 14:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2016-04-09 13:16 - 2015-12-08 14:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2016-04-09 13:16 - 2015-12-08 14:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL 2016-04-09 13:16 - 2015-12-08 14:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2016-04-09 13:16 - 2015-12-08 14:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL 2016-04-09 13:16 - 2015-12-08 14:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL 2016-04-09 13:16 - 2015-12-08 14:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL 2016-04-09 13:16 - 2015-12-08 14:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll 2016-04-09 13:16 - 2015-12-08 14:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax 2016-04-09 13:16 - 2015-12-08 14:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL 2016-04-09 13:16 - 2015-12-08 14:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2016-04-09 13:16 - 2015-12-08 14:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL 2016-04-09 13:16 - 2015-12-08 14:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll 2016-04-09 13:16 - 2015-12-08 14:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll 2016-04-09 13:16 - 2015-12-08 14:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2016-04-09 13:16 - 2015-12-08 14:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2016-04-09 13:16 - 2015-12-08 14:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll 2016-04-09 13:16 - 2015-12-08 14:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2016-04-09 13:16 - 2015-12-08 12:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2016-04-09 13:16 - 2015-12-08 12:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL 2016-04-09 13:16 - 2015-12-08 12:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2016-04-09 13:16 - 2015-12-08 12:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL 2016-04-09 13:16 - 2015-12-08 12:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2016-04-09 13:16 - 2015-12-08 12:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll 2016-04-09 13:16 - 2015-12-08 12:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL 2016-04-09 13:16 - 2015-12-08 12:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL 2016-04-09 13:16 - 2015-12-08 12:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL 2016-04-09 13:16 - 2015-12-08 12:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll 2016-04-09 13:16 - 2015-12-08 12:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll 2016-04-09 13:16 - 2015-12-08 12:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL 2016-04-09 13:16 - 2015-12-08 12:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL 2016-04-09 13:16 - 2015-12-08 12:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL 2016-04-09 13:16 - 2015-12-08 12:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL 2016-04-09 13:16 - 2015-12-08 12:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2016-04-09 13:16 - 2015-12-08 12:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL 2016-04-09 13:16 - 2015-12-08 12:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL 2016-04-09 13:16 - 2015-12-08 12:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2016-04-09 13:16 - 2015-12-08 12:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll 2016-04-09 13:16 - 2015-12-08 12:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2016-04-09 13:16 - 2015-12-08 12:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL 2016-04-09 13:16 - 2015-12-08 12:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll 2016-04-09 13:16 - 2015-12-08 12:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL 2016-04-09 13:16 - 2015-12-08 12:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL 2016-04-09 13:16 - 2015-12-08 12:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL 2016-04-09 13:16 - 2015-12-08 12:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2016-04-09 13:16 - 2015-12-08 12:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL 2016-04-09 13:16 - 2015-12-08 12:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL 2016-04-09 13:16 - 2015-12-08 12:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll 2016-04-09 13:16 - 2015-12-08 12:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll 2016-04-09 13:16 - 2015-12-08 12:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2016-04-09 13:16 - 2015-12-08 12:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll 2016-04-09 13:16 - 2015-12-08 12:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax 2016-04-09 13:16 - 2015-12-08 12:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2016-04-09 13:16 - 2015-12-08 12:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2016-04-09 13:16 - 2015-12-08 11:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2016-04-09 13:16 - 2015-12-08 11:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2016-04-09 13:16 - 2015-12-08 11:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys 2016-04-09 13:13 - 2016-01-21 23:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll 2016-04-09 13:13 - 2016-01-21 23:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll 2016-04-09 13:13 - 2016-01-21 23:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll 2016-04-09 13:13 - 2016-01-21 23:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll 2016-04-09 13:13 - 2016-01-21 23:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll 2016-04-09 13:13 - 2016-01-21 23:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll 2016-04-09 13:13 - 2016-01-21 23:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll 2016-04-09 13:13 - 2015-09-23 06:18 - 00459344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2016-04-09 13:13 - 2015-09-23 06:18 - 00298192 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2016-04-09 13:13 - 2015-09-23 06:08 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2016-04-09 13:13 - 2015-09-14 14:40 - 00634432 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2016-04-09 13:13 - 2015-06-03 13:17 - 00546656 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2016-04-09 13:13 - 2013-04-25 22:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2016-04-09 13:13 - 2013-04-25 21:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2016-04-09 13:11 - 2013-10-11 19:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2016-04-09 13:11 - 2013-10-11 19:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2016-04-09 13:11 - 2013-10-11 19:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx 2016-04-09 13:11 - 2013-10-11 19:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll 2016-04-09 13:11 - 2013-10-11 18:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe 2016-04-09 13:11 - 2013-10-11 18:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2016-04-09 13:11 - 2013-10-11 18:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe 2016-04-09 13:11 - 2013-10-11 18:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe 2016-04-09 13:11 - 2012-11-22 20:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe 2016-04-09 13:10 - 2015-11-11 11:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2016-04-09 13:10 - 2015-11-11 11:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll 2016-04-09 13:10 - 2015-11-11 11:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2016-04-09 13:10 - 2015-11-11 11:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll 2016-04-09 13:10 - 2013-07-12 03:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys 2016-04-09 13:10 - 2013-07-12 03:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2016-04-09 13:10 - 2013-07-12 03:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys 2016-04-09 13:10 - 2012-06-05 23:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll 2016-04-09 13:10 - 2012-06-05 22:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll 2016-04-09 13:10 - 2012-05-13 22:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2016-04-09 13:10 - 2011-08-26 22:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll 2016-04-09 13:10 - 2011-08-26 21:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll 2016-04-09 13:09 - 2013-10-11 19:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2016-04-09 13:09 - 2013-10-11 19:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2016-04-09 13:09 - 2013-10-11 19:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2016-04-09 13:09 - 2013-10-11 19:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2016-04-09 13:09 - 2013-10-11 19:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2016-04-09 12:39 - 2016-02-04 18:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll 2016-04-09 12:39 - 2016-02-04 11:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll 2016-04-09 12:39 - 2015-10-13 09:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2016-04-09 12:39 - 2015-10-13 09:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2016-04-09 12:39 - 2013-07-02 21:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2016-04-09 12:39 - 2013-07-02 21:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2016-04-09 12:39 - 2011-03-02 23:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2016-04-09 12:39 - 2011-03-02 23:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll 2016-04-09 12:39 - 2011-03-02 23:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe 2016-04-09 12:39 - 2011-03-02 22:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll 2016-04-09 12:39 - 2011-03-02 22:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe 2016-04-09 12:38 - 2015-06-15 14:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2016-04-09 12:38 - 2015-06-15 14:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2016-04-09 12:38 - 2015-06-15 14:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2016-04-09 12:38 - 2015-06-15 14:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2016-04-09 12:38 - 2015-06-15 14:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2016-04-09 12:38 - 2015-06-15 14:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2016-04-09 12:38 - 2015-06-15 14:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2016-04-09 12:38 - 2015-06-15 14:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2016-04-09 12:38 - 2015-06-15 14:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2016-04-09 12:38 - 2015-06-15 14:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe 2016-04-09 12:38 - 2015-06-15 14:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll 2016-04-09 12:38 - 2015-06-15 14:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll 2016-04-09 12:35 - 2015-07-09 10:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe 2016-04-09 12:35 - 2015-07-09 10:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe 2016-04-09 12:35 - 2015-07-09 10:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe 2016-04-09 12:34 - 2014-06-15 19:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2016-04-09 12:34 - 2013-04-09 23:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2016-04-09 12:34 - 2011-02-03 04:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2016-04-09 12:32 - 2015-12-08 14:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2016-04-09 12:32 - 2015-12-08 12:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2016-04-09 12:32 - 2015-02-18 00:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2016-04-09 12:32 - 2015-02-18 00:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2016-04-09 12:32 - 2014-11-10 20:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll 2016-04-09 12:32 - 2014-11-10 19:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll 2016-04-09 12:32 - 2012-03-17 00:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys 2016-04-09 12:32 - 2011-08-16 22:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll 2016-04-09 12:32 - 2011-08-16 22:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax 2016-04-09 12:32 - 2011-08-16 21:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll 2016-04-09 12:32 - 2011-08-16 21:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax 2016-04-09 12:27 - 2016-02-09 02:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll 2016-04-09 12:26 - 2015-02-24 20:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2016-04-09 12:26 - 2012-09-25 15:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll 2016-04-09 12:26 - 2012-09-25 15:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll 2016-04-09 12:26 - 2011-02-05 10:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll 2016-04-09 12:26 - 2011-02-05 10:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll 2016-04-09 12:26 - 2011-02-05 10:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll 2016-04-09 12:15 - 2014-09-03 22:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2016-04-09 12:15 - 2014-09-03 22:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2016-04-09 12:10 - 2016-02-09 02:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2016-04-09 12:10 - 2016-02-09 02:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2016-04-09 12:10 - 2016-02-09 02:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2016-04-09 12:10 - 2016-02-09 02:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2016-04-09 12:10 - 2016-02-09 02:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2016-04-09 12:10 - 2016-02-09 02:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2016-04-09 12:10 - 2016-02-09 02:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2016-04-09 12:10 - 2016-02-09 02:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2016-04-09 12:10 - 2016-02-09 02:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2016-04-09 12:10 - 2016-02-09 02:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2016-04-09 12:09 - 2015-10-12 21:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2016-04-09 12:09 - 2011-05-24 04:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll 2016-04-09 12:09 - 2011-05-24 03:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll 2016-04-09 12:09 - 2011-05-24 03:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll 2016-04-09 12:09 - 2011-05-24 03:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll 2016-04-09 12:09 - 2011-05-24 03:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe 2016-04-09 12:04 - 2014-10-24 18:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2016-04-09 12:04 - 2014-10-24 18:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2016-04-09 12:04 - 2014-07-16 19:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2016-04-09 12:04 - 2014-07-16 19:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2016-04-09 12:04 - 2014-07-16 19:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2016-04-09 12:04 - 2014-07-16 19:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2016-04-09 12:04 - 2014-07-16 18:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll 2016-04-09 12:04 - 2014-07-16 18:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2016-04-09 12:04 - 2014-07-16 18:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2016-04-09 12:04 - 2014-07-16 18:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2016-04-09 12:04 - 2012-04-25 22:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll 2016-04-09 12:04 - 2012-04-25 22:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe 2016-04-09 12:02 - 2012-07-04 15:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll 2016-04-09 12:02 - 2012-07-04 15:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll 2016-04-09 12:02 - 2012-07-04 15:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll 2016-04-09 12:02 - 2012-07-04 14:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll 2016-04-09 12:02 - 2012-07-04 14:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll 2016-04-09 12:01 - 2015-12-08 14:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2016-04-09 12:01 - 2015-12-08 12:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-04-09 12:01 - 2011-05-02 22:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2016-04-09 12:01 - 2011-02-12 04:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe 2016-04-09 12:00 - 2015-11-03 12:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll 2016-04-09 12:00 - 2015-11-03 11:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll 2016-04-09 12:00 - 2014-12-07 20:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2016-04-09 12:00 - 2014-12-07 19:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll 2016-04-09 12:00 - 2013-05-12 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll 2016-04-09 12:00 - 2013-05-12 20:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe 2016-04-09 12:00 - 2013-05-12 20:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe 2016-04-09 12:00 - 2013-05-12 20:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll 2016-04-09 12:00 - 2011-12-16 01:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll 2016-04-09 12:00 - 2011-12-16 00:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll 2016-04-09 12:00 - 2011-05-02 21:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2016-04-09 11:57 - 2015-03-03 21:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2016-04-09 11:57 - 2015-03-03 21:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll 2016-04-09 11:57 - 2015-03-03 21:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll 2016-04-09 11:57 - 2011-02-22 21:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys 2016-04-09 11:55 - 2014-06-27 17:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2016-04-09 10:08 - 2012-02-16 23:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2016-04-09 10:08 - 2012-02-16 22:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll 2016-04-09 10:08 - 2012-02-16 21:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys 2016-04-08 11:41 - 2016-04-08 11:41 - 00000000 ____D C:\Windows\system32\SPReview 2016-04-07 20:21 - 2016-04-07 20:21 - 00000000 ____D C:\Windows\system32\EventProviders 2016-04-07 07:34 - 2010-11-20 06:33 - 00299392 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll 2016-04-07 07:34 - 2010-11-20 06:33 - 00273792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2016-04-07 07:34 - 2010-11-20 06:27 - 03860992 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll 2016-04-07 07:34 - 2010-11-20 06:27 - 03650560 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll 2016-04-07 07:34 - 2010-11-20 06:27 - 03027968 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL 2016-04-07 07:34 - 2010-11-20 06:27 - 03008000 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll 2016-04-07 07:34 - 2010-11-20 06:27 - 02314752 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2016-04-07 07:34 - 2010-11-20 06:27 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2016-04-07 07:34 - 2010-11-20 06:27 - 02018304 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2016-04-07 07:34 - 2010-11-20 06:27 - 01753088 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll 2016-04-07 07:34 - 2010-11-20 06:27 - 01646080 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll 2016-04-07 07:34 - 2010-11-20 06:27 - 01556992 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll 2016-04-07 07:34 - 2010-11-20 06:27 - 01326080 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll 2016-04-07 07:34 - 2010-11-20 06:27 - 01197056 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll 2016-04-07 07:34 - 2010-11-20 06:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2016-04-07 07:34 - 2010-11-20 06:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2016-04-07 07:34 - 2010-11-20 06:27 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll 2016-04-07 07:34 - 2010-11-20 06:27 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\tssrvlic.dll 2016-04-07 07:34 - 2010-11-20 06:27 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2016-04-07 07:34 - 2010-11-20 06:26 - 03205120 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll 2016-04-07 07:34 - 2010-11-20 06:26 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll 2016-04-07 07:34 - 2010-11-20 06:26 - 01340416 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll 2016-04-07 07:34 - 2010-11-20 06:25 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2016-04-07 07:34 - 2010-11-20 06:25 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2016-04-07 07:34 - 2010-11-20 06:25 - 00095744 _____ C:\Windows\system32\RDVGHelper.exe 2016-04-07 07:34 - 2010-11-20 06:24 - 02872320 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2016-04-07 07:34 - 2010-11-20 05:21 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll 2016-04-07 07:34 - 2010-11-20 05:20 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll 2016-04-07 07:34 - 2010-11-20 05:19 - 01698816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll 2016-04-07 07:34 - 2010-11-20 05:19 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll 2016-04-07 07:34 - 2010-11-20 05:19 - 00954752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40.dll 2016-04-07 07:34 - 2010-11-20 05:19 - 00954288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40u.dll 2016-04-07 07:34 - 2010-11-20 05:18 - 01334272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll 2016-04-07 07:34 - 2010-11-20 05:17 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe 2016-04-07 07:34 - 2010-11-20 05:17 - 00322048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe 2016-04-07 07:34 - 2010-11-20 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PushPrinterConnections.exe 2016-04-07 07:34 - 2010-11-20 04:07 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys 2016-04-07 07:34 - 2010-11-04 19:20 - 00347904 _____ C:\Windows\system32\systemsf.ebd 2016-04-07 07:34 - 2010-11-04 18:58 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll 2016-04-07 07:34 - 2010-11-04 18:57 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll 2016-04-07 07:34 - 2010-11-04 18:57 - 00048976 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll 2016-04-07 07:34 - 2010-11-04 18:53 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe 2016-04-07 07:34 - 2010-11-04 18:53 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe 2016-04-07 07:34 - 2010-11-04 18:53 - 00109928 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll 2016-04-07 07:34 - 2010-11-04 18:53 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll 2016-04-07 07:34 - 2009-07-13 18:16 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pmcsnap.dll 2016-04-07 07:34 - 2009-07-13 18:16 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ppcsnap.dll 2016-04-07 07:33 - 2010-11-20 06:39 - 05066752 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll 2016-04-07 07:33 - 2010-11-20 06:34 - 00215936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys 2016-04-07 07:33 - 2010-11-20 06:33 - 00189824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2016-04-07 07:33 - 2010-11-20 06:33 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys 2016-04-07 07:33 - 2010-11-20 06:33 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys 2016-04-07 07:33 - 2010-11-20 06:32 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys 2016-04-07 07:33 - 2010-11-20 06:27 - 02652160 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 02543616 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 01900544 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 01808384 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 01509888 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 01281024 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 01212416 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 01158656 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 01098240 _____ (Microsoft Corporation) C:\Windows\system32\Vault.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 00867840 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 00849920 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 00750080 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 00582656 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 00577536 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 00481280 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL 2016-04-07 07:33 - 2010-11-20 06:27 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\QAGENT.DLL 2016-04-07 07:33 - 2010-11-20 06:27 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\umrdp.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp.dll 2016-04-07 07:33 - 2010-11-20 06:27 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2016-04-07 07:33 - 2010-11-20 06:26 - 03391488 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll 2016-04-07 07:33 - 2010-11-20 06:26 - 02067456 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll 2016-04-07 07:33 - 2010-11-20 06:26 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2016-04-07 07:33 - 2010-11-20 06:26 - 01244160 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll 2016-04-07 07:33 - 2010-11-20 06:26 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll 2016-04-07 07:33 - 2010-11-20 06:26 - 00784896 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll 2016-04-07 07:33 - 2010-11-20 06:26 - 00777728 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll 2016-04-07 07:33 - 2010-11-20 06:26 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll 2016-04-07 07:33 - 2010-11-20 06:26 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll 2016-04-07 07:33 - 2010-11-20 06:26 - 00317952 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll 2016-04-07 07:33 - 2010-11-20 06:26 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll 2016-04-07 07:33 - 2010-11-20 06:26 - 00281600 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll 2016-04-07 07:33 - 2010-11-20 06:26 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\hgprint.dll 2016-04-07 07:33 - 2010-11-20 06:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\LSCSHostPolicy.dll 2016-04-07 07:33 - 2010-11-20 06:25 - 03957760 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe 2016-04-07 07:33 - 2010-11-20 06:25 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll 2016-04-07 07:33 - 2010-11-20 06:25 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll 2016-04-07 07:33 - 2010-11-20 06:25 - 01600512 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe 2016-04-07 07:33 - 2010-11-20 06:25 - 01504256 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe 2016-04-07 07:33 - 2010-11-20 06:25 - 00958464 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2016-04-07 07:33 - 2010-11-20 06:25 - 00897536 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll 2016-04-07 07:33 - 2010-11-20 06:25 - 00705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2016-04-07 07:33 - 2010-11-20 06:25 - 00692224 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll 2016-04-07 07:33 - 2010-11-20 06:25 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe 2016-04-07 07:33 - 2010-11-20 06:25 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll 2016-04-07 07:33 - 2010-11-20 06:25 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\appmgr.dll 2016-04-07 07:33 - 2010-11-20 06:25 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe 2016-04-07 07:33 - 2010-11-20 06:25 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll 2016-04-07 07:33 - 2010-11-20 06:25 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe 2016-04-07 07:33 - 2010-11-20 06:25 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe 2016-04-07 07:33 - 2010-11-20 06:25 - 00240640 _____ (Microsoft Corporation) C:\Windows\system32\cscobj.dll 2016-04-07 07:33 - 2010-11-20 06:25 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe 2016-04-07 07:33 - 2010-11-20 06:25 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\PushPrinterConnections.exe 2016-04-07 07:33 - 2010-11-20 06:24 - 00653312 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe 2016-04-07 07:33 - 2010-11-20 06:24 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\cmd.exe 2016-04-07 07:33 - 2010-11-20 06:24 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\lsm.exe 2016-04-07 07:33 - 2010-11-20 06:24 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe 2016-04-07 07:33 - 2010-11-20 05:32 - 05066752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthFWSnapin.dll 2016-04-07 07:33 - 2010-11-20 05:30 - 00079232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgumd32.dll 2016-04-07 07:33 - 2010-11-20 05:21 - 01667584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll 2016-04-07 07:33 - 2010-11-20 05:21 - 01548288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2016-04-07 07:33 - 2010-11-20 05:21 - 01363456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll 2016-04-07 07:33 - 2010-11-20 05:21 - 01175040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2016-04-07 07:33 - 2010-11-20 05:21 - 01128448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll 2016-04-07 07:33 - 2010-11-20 05:21 - 01115136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll 2016-04-07 07:33 - 2010-11-20 05:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll 2016-04-07 07:33 - 2010-11-20 05:21 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2016-04-07 07:33 - 2010-11-20 05:21 - 00505856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll 2016-04-07 07:33 - 2010-11-20 05:21 - 00351232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll 2016-04-07 07:33 - 2010-11-20 05:21 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll 2016-04-07 07:33 - 2010-11-20 05:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll 2016-04-07 07:33 - 2010-11-20 05:20 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll 2016-04-07 07:33 - 2010-11-20 05:20 - 00563712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll 2016-04-07 07:33 - 2010-11-20 05:20 - 00406528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll 2016-04-07 07:33 - 2010-11-20 05:19 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll 2016-04-07 07:33 - 2010-11-20 05:19 - 02151936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll 2016-04-07 07:33 - 2010-11-20 05:19 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll 2016-04-07 07:33 - 2010-11-20 05:18 - 02522624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll 2016-04-07 07:33 - 2010-11-20 05:18 - 01828352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll 2016-04-07 07:33 - 2010-11-20 05:18 - 01371136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2016-04-07 07:33 - 2010-11-20 05:18 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll 2016-04-07 07:33 - 2010-11-20 05:18 - 00252928 _____ (Microsoft) C:\Windows\SysWOW64\DShowRdpFilter.dll 2016-04-07 07:33 - 2010-11-20 05:18 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3api.dll 2016-04-07 07:33 - 2010-11-20 05:17 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2016-04-07 07:33 - 2010-11-20 04:05 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\rdpdd.dll 2016-04-07 07:33 - 2010-11-20 02:27 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys 2016-04-07 07:33 - 2010-11-20 02:23 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys 2016-04-07 07:33 - 2010-11-19 20:52 - 00419880 _____ C:\Windows\SysWOW64\locale.nls 2016-04-07 07:33 - 2010-11-19 20:52 - 00419880 _____ C:\Windows\system32\locale.nls 2016-04-07 07:33 - 2010-11-04 18:58 - 00049488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll 2016-04-07 07:33 - 2009-07-13 18:16 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpmonui.dll 2016-04-07 07:32 - 2010-11-20 06:34 - 00295808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys 2016-04-07 07:32 - 2010-11-20 06:34 - 00199552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys 2016-04-07 07:32 - 2010-11-20 06:34 - 00071552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys 2016-04-07 07:32 - 2010-11-20 06:33 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys 2016-04-07 07:32 - 2010-11-20 06:33 - 00366976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys 2016-04-07 07:32 - 2010-11-20 06:33 - 00289664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys 2016-04-07 07:32 - 2010-11-20 06:33 - 00263040 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2016-04-07 07:32 - 2010-11-20 06:33 - 00184704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys 2016-04-07 07:32 - 2010-11-20 06:33 - 00140672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys 2016-04-07 07:32 - 2010-11-20 06:33 - 00103808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys 2016-04-07 07:32 - 2010-11-20 06:33 - 00078720 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys 2016-04-07 07:32 - 2010-11-20 06:33 - 00063360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys 2016-04-07 07:32 - 2010-11-20 06:33 - 00031104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys 2016-04-07 07:32 - 2010-11-20 06:33 - 00027520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2016-04-07 07:32 - 2010-11-20 06:32 - 00334208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys 2016-04-07 07:32 - 2010-11-20 06:32 - 00179072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys 2016-04-07 07:32 - 2010-11-20 06:32 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys 2016-04-07 07:32 - 2010-11-20 06:29 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll 2016-04-07 07:32 - 2010-11-20 06:28 - 00223248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys 2016-04-07 07:32 - 2010-11-20 06:28 - 00166784 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 02262528 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 02072576 _____ (Microsoft Corporation) C:\Windows\system32\WMPEncEn.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 01363968 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 01243136 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 01082880 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 01050624 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00799744 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00691200 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00633344 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00605696 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\mspbda.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00568832 _____ (Microsoft Corporation) C:\Windows\system32\scrptadm.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\WinSATAPI.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\wiadefui.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00418816 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\mtxclu.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\netdiagfx.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00264192 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL 2016-04-07 07:32 - 2010-11-20 06:27 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\tscfgwmi.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\prncache.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\tspubwmi.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\ocsetapi.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\QUTIL.DLL 2016-04-07 07:32 - 2010-11-20 06:27 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\samcli.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll 2016-04-07 07:32 - 2010-11-20 06:27 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll 2016-04-07 07:32 - 2010-11-20 06:26 - 02746880 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll 2016-04-07 07:32 - 2010-11-20 06:26 - 01457664 _____ (Microsoft Corporation) C:\Windows\system32\DxpTaskSync.dll 2016-04-07 07:32 - 2010-11-20 06:26 - 00934912 _____ (Microsoft Corporation) C:\Windows\system32\FirewallControlPanel.dll 2016-04-07 07:32 - 2010-11-20 06:26 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll 2016-04-07 07:32 - 2010-11-20 06:26 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll 2016-04-07 07:32 - 2010-11-20 06:26 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\localsec.dll 2016-04-07 07:32 - 2010-11-20 06:26 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll 2016-04-07 07:32 - 2010-11-20 06:26 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL 2016-04-07 07:32 - 2010-11-20 06:26 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\DXP.dll 2016-04-07 07:32 - 2010-11-20 06:26 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll 2016-04-07 07:32 - 2010-11-20 06:26 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll 2016-04-07 07:32 - 2010-11-20 06:26 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll 2016-04-07 07:32 - 2010-11-20 06:26 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll 2016-04-07 07:32 - 2010-11-20 06:26 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll 2016-04-07 07:32 - 2010-11-20 06:26 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dskquoui.dll 2016-04-07 07:32 - 2010-11-20 06:26 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll 2016-04-07 07:32 - 2010-11-20 06:26 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll 2016-04-07 07:32 - 2010-11-20 06:26 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll 2016-04-07 07:32 - 2010-11-20 06:26 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\fde.dll 2016-04-07 07:32 - 2010-11-20 06:26 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll 2016-04-07 07:32 - 2010-11-20 06:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL 2016-04-07 07:32 - 2010-11-20 06:26 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll 2016-04-07 07:32 - 2010-11-20 06:26 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\dnscmmc.dll 2016-04-07 07:32 - 2010-11-20 06:26 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll 2016-04-07 07:32 - 2010-11-20 06:26 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll 2016-04-07 07:32 - 2010-11-20 06:26 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll 2016-04-07 07:32 - 2010-11-20 06:26 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\lsmproxy.dll 2016-04-07 07:32 - 2010-11-20 06:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll 2016-04-07 07:32 - 2010-11-20 06:25 - 00974336 _____ (Microsoft Corporation) C:\Windows\system32\WFS.exe 2016-04-07 07:32 - 2010-11-20 06:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayCpl.dll 2016-04-07 07:32 - 2010-11-20 06:25 - 00577024 _____ (Microsoft Corporation) C:\Windows\system32\AdmTmpl.dll 2016-04-07 07:32 - 2010-11-20 06:25 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2016-04-07 07:32 - 2010-11-20 06:25 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe 2016-04-07 07:32 - 2010-11-20 06:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\biocpl.dll 2016-04-07 07:32 - 2010-11-20 06:25 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll 2016-04-07 07:32 - 2010-11-20 06:25 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2016-04-07 07:32 - 2010-11-20 06:25 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe 2016-04-07 07:32 - 2010-11-20 06:25 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll 2016-04-07 07:32 - 2010-11-20 06:25 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe 2016-04-07 07:32 - 2010-11-20 06:25 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe 2016-04-07 07:32 - 2010-11-20 06:25 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe 2016-04-07 07:32 - 2010-11-20 06:25 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\cfgmgr32.dll 2016-04-07 07:32 - 2010-11-20 06:25 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe 2016-04-07 07:32 - 2010-11-20 06:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2016-04-07 07:32 - 2010-11-20 06:25 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe 2016-04-07 07:32 - 2010-11-20 06:25 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe 2016-04-07 07:32 - 2010-11-20 06:25 - 00128000 _____ (Microsoft) C:\Windows\system32\Robocopy.exe 2016-04-07 07:32 - 2010-11-20 06:25 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\setupcl.exe 2016-04-07 07:32 - 2010-11-20 06:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe 2016-04-07 07:32 - 2010-11-20 06:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl 2016-04-07 07:32 - 2010-11-20 06:24 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl 2016-04-07 07:32 - 2010-11-20 06:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\FXSSVC.exe 2016-04-07 07:32 - 2010-11-20 06:24 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\TabletPC.cpl 2016-04-07 07:32 - 2010-11-20 06:24 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl 2016-04-07 07:32 - 2010-11-20 06:24 - 00477696 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr 2016-04-07 07:32 - 2010-11-20 06:24 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2016-04-07 07:32 - 2010-11-20 06:24 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe 2016-04-07 07:32 - 2010-11-20 06:24 - 00300032 _____ (Microsoft Corporation) C:\Windows\system32\msconfig.exe 2016-04-07 07:32 - 2010-11-20 06:24 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax 2016-04-07 07:32 - 2010-11-20 06:24 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv 2016-04-07 07:32 - 2010-11-20 06:24 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\aitagent.exe 2016-04-07 07:32 - 2010-11-20 05:51 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-04-07 07:32 - 2010-11-20 05:23 - 00144768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll 2016-04-07 07:32 - 2010-11-20 05:21 - 02983424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll 2016-04-07 07:32 - 2010-11-20 05:21 - 02755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll 2016-04-07 07:32 - 2010-11-20 05:21 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll 2016-04-07 07:32 - 2010-11-20 05:21 - 02146304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncCenter.dll 2016-04-07 07:32 - 2010-11-20 05:21 - 01712640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll 2016-04-07 07:32 - 2010-11-20 05:21 - 00782336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll 2016-04-07 07:32 - 2010-11-20 05:21 - 00778240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlsrv32.dll 2016-04-07 07:32 - 2010-11-20 05:21 - 00464896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrptadm.dll 2016-04-07 07:32 - 2010-11-20 05:21 - 00458752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll 2016-04-07 07:32 - 2010-11-20 05:21 - 00411648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlangpui.dll 2016-04-07 07:32 - 2010-11-20 05:21 - 00380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxs.dll 2016-04-07 07:32 - 2010-11-20 05:21 - 00352256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpeffects.dll 2016-04-07 07:32 - 2010-11-20 05:21 - 00350208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shlwapi.dll 2016-04-07 07:32 - 2010-11-20 05:21 - 00335872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSATAPI.dll 2016-04-07 07:32 - 2010-11-20 05:21 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll 2016-04-07 07:32 - 2010-11-20 05:21 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll 2016-04-07 07:32 - 2010-11-20 05:21 - 00246272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scansetting.dll 2016-04-07 07:32 - 2010-11-20 05:21 - 00228352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll 2016-04-07 07:32 - 2010-11-20 05:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll 2016-04-07 07:32 - 2010-11-20 05:21 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll 2016-04-07 07:32 - 2010-11-20 05:21 - 00140800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp.dll 2016-04-07 07:32 - 2010-11-20 05:21 - 00134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2016-04-07 07:32 - 2010-11-20 05:21 - 00113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll 2016-04-07 07:32 - 2010-11-20 05:21 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll 2016-04-07 07:32 - 2010-11-20 05:21 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll 2016-04-07 07:32 - 2010-11-20 05:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll 2016-04-07 07:32 - 2010-11-20 05:20 - 02504192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL 2016-04-07 07:32 - 2010-11-20 05:20 - 02494464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll 2016-04-07 07:32 - 2010-11-20 05:20 - 01750528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pnidui.dll 2016-04-07 07:32 - 2010-11-20 05:20 - 01508864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll 2016-04-07 07:32 - 2010-11-20 05:20 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll 2016-04-07 07:32 - 2010-11-20 05:20 - 00932352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll 2016-04-07 07:32 - 2010-11-20 05:20 - 00801280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll 2016-04-07 07:32 - 2010-11-20 05:20 - 00547840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceApi.dll 2016-04-07 07:32 - 2010-11-20 05:20 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll 2016-04-07 07:32 - 2010-11-20 05:20 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netdiagfx.dll 2016-04-07 07:32 - 2010-11-20 05:20 - 00167936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL 2016-04-07 07:32 - 2010-11-20 05:20 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prncache.dll 2016-04-07 07:32 - 2010-11-20 05:19 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll 2016-04-07 07:32 - 2010-11-20 05:19 - 00732160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2fs.dll 2016-04-07 07:32 - 2010-11-20 05:19 - 00392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2.dll 2016-04-07 07:32 - 2010-11-20 05:19 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll 2016-04-07 07:32 - 2010-11-20 05:19 - 00213504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll 2016-04-07 07:32 - 2010-11-20 05:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll 2016-04-07 07:32 - 2010-11-20 05:19 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll 2016-04-07 07:32 - 2010-11-20 05:19 - 00124416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fde.dll 2016-04-07 07:32 - 2010-11-20 05:19 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msasn1.dll 2016-04-07 07:32 - 2010-11-20 05:18 - 01555456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certmgr.dll 2016-04-07 07:32 - 2010-11-20 05:18 - 00854016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll 2016-04-07 07:32 - 2010-11-20 05:18 - 00762880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\azroles.dll 2016-04-07 07:32 - 2010-11-20 05:18 - 00630784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll 2016-04-07 07:32 - 2010-11-20 05:18 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll 2016-04-07 07:32 - 2010-11-20 05:18 - 00339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgr.dll 2016-04-07 07:32 - 2010-11-20 05:18 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll 2016-04-07 07:32 - 2010-11-20 05:18 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll 2016-04-07 07:32 - 2010-11-20 05:18 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2016-04-07 07:32 - 2010-11-20 05:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscobj.dll 2016-04-07 07:32 - 2010-11-20 05:17 - 00302592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe 2016-04-07 07:32 - 2010-11-20 05:17 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe 2016-04-07 07:32 - 2010-11-20 05:17 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe 2016-04-07 07:32 - 2010-11-20 05:17 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\net1.exe 2016-04-07 07:32 - 2010-11-20 05:16 - 00776192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe 2016-04-07 07:32 - 2010-11-20 05:16 - 00320000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2016-04-07 07:32 - 2010-11-20 04:04 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2016-04-07 07:32 - 2010-11-20 03:52 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys 2016-04-07 07:32 - 2010-11-20 03:52 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys 2016-04-07 07:32 - 2010-11-20 03:52 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys 2016-04-07 07:32 - 2010-11-20 03:52 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys 2016-04-07 07:32 - 2010-11-20 03:44 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys 2016-04-07 07:32 - 2010-11-20 03:33 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys 2016-04-07 07:32 - 2010-11-20 02:58 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe 2016-04-07 07:32 - 2010-11-20 02:27 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys 2016-04-07 07:32 - 2010-11-20 02:26 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys 2016-04-07 07:31 - 2010-11-20 06:44 - 01077248 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe 2016-04-07 07:31 - 2010-11-20 06:34 - 00363392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys 2016-04-07 07:31 - 2010-11-20 06:34 - 00034688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsc.sys 2016-04-07 07:31 - 2010-11-20 06:33 - 00213888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys 2016-04-07 07:31 - 2010-11-20 06:33 - 00171392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys 2016-04-07 07:31 - 2010-11-20 06:33 - 00052096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys 2016-04-07 07:31 - 2010-11-20 06:33 - 00014720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys 2016-04-07 07:31 - 2010-11-20 06:32 - 02217856 _____ (Microsoft Corporation) C:\Windows\system32\bootres.dll 2016-04-07 07:31 - 2010-11-20 06:32 - 00155520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys 2016-04-07 07:31 - 2010-11-20 06:27 - 02250752 _____ (Microsoft Corporation) C:\Windows\system32\SensorsCpl.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 02193920 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 02146816 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00933376 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00898560 _____ (Microsoft Corporation) C:\Windows\system32\OobeFldr.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00812032 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\nshipsec.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\prnfldr.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00366080 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00300032 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\MSAC3ENC.DLL 2016-04-07 07:31 - 2010-11-20 06:27 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\taskbarcpl.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\wmpsrcwp.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\OnLineIDCpl.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\netjoin.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\provsvc.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\twext.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\uxlib.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\recovery.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\nci.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\RpcRtRemote.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\vpnikeapi.dll 2016-04-07 07:31 - 2010-11-20 06:27 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\sisbkup.dll 2016-04-07 07:31 - 2010-11-20 06:26 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\DiagCpl.dll 2016-04-07 07:31 - 2010-11-20 06:26 - 01066496 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll 2016-04-07 07:31 - 2010-11-20 06:26 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll 2016-04-07 07:31 - 2010-11-20 06:26 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\dsuiext.dll 2016-04-07 07:31 - 2010-11-20 06:26 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll 2016-04-07 07:31 - 2010-11-20 06:26 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll 2016-04-07 07:31 - 2010-11-20 06:26 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll 2016-04-07 07:31 - 2010-11-20 06:26 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll 2016-04-07 07:31 - 2010-11-20 06:26 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll 2016-04-07 07:31 - 2010-11-20 06:26 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll 2016-04-07 07:31 - 2010-11-20 06:26 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\defaultlocationcpl.dll 2016-04-07 07:31 - 2010-11-20 06:26 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll 2016-04-07 07:31 - 2010-11-20 06:26 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll 2016-04-07 07:31 - 2010-11-20 06:26 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\dps.dll 2016-04-07 07:31 - 2010-11-20 06:26 - 00116224 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\fms.dll 2016-04-07 07:31 - 2010-11-20 06:26 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll 2016-04-07 07:31 - 2010-11-20 06:26 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll 2016-04-07 07:31 - 2010-11-20 06:25 - 03745792 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll 2016-04-07 07:31 - 2010-11-20 06:25 - 03524608 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe 2016-04-07 07:31 - 2010-11-20 06:25 - 01264640 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe 2016-04-07 07:31 - 2010-11-20 06:25 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll 2016-04-07 07:31 - 2010-11-20 06:25 - 00749568 _____ (Microsoft Corporation) C:\Windows\system32\batmeter.dll 2016-04-07 07:31 - 2010-11-20 06:25 - 00472064 _____ (Microsoft Corporation) C:\Windows\system32\azroleui.dll 2016-04-07 07:31 - 2010-11-20 06:25 - 00349696 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe 2016-04-07 07:31 - 2010-11-20 06:25 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\taskmgr.exe 2016-04-07 07:31 - 2010-11-20 06:25 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\bcdsrv.dll 2016-04-07 07:31 - 2010-11-20 06:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll 2016-04-07 07:31 - 2010-11-20 06:25 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll 2016-04-07 07:31 - 2010-11-20 06:25 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\cca.dll 2016-04-07 07:31 - 2010-11-20 06:25 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\rdpsign.exe 2016-04-07 07:31 - 2010-11-20 06:25 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\tzutil.exe 2016-04-07 07:31 - 2010-11-20 06:25 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\proquota.exe 2016-04-07 07:31 - 2010-11-20 06:25 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\userinit.exe 2016-04-07 07:31 - 2010-11-20 06:24 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\mblctr.exe 2016-04-07 07:31 - 2010-11-20 06:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe 2016-04-07 07:31 - 2010-11-20 06:24 - 00777728 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe 2016-04-07 07:31 - 2010-11-20 06:24 - 00763904 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe 2016-04-07 07:31 - 2010-11-20 06:24 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl 2016-04-07 07:31 - 2010-11-20 06:24 - 00373248 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl 2016-04-07 07:31 - 2010-11-20 06:24 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe 2016-04-07 07:31 - 2010-11-20 06:24 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\sysdm.cpl 2016-04-07 07:31 - 2010-11-20 06:24 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe 2016-04-07 07:31 - 2010-11-20 06:24 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax 2016-04-07 07:31 - 2010-11-20 06:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\WSTPager.ax 2016-04-07 07:31 - 2010-11-20 06:24 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\isoburn.exe 2016-04-07 07:31 - 2010-11-20 05:21 - 02202624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsCpl.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 02157568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 01624064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPEncEn.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 01326592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanpref.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 01227776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 01003008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMNetMgr.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 00933376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vault.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 00638976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 00600064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 00416768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadefui.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 00410112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanui.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\termmgr.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 00346624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 00328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsvcs.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srchadmin.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 00276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 00242176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tapisrv.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 00181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpipcfg.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasppp.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 00111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\regapi.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samcli.dll 2016-04-07 07:31 - 2010-11-20 05:21 - 00046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RpcRtRemote.dll 2016-04-07 07:31 - 2010-11-20 05:20 - 01644032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcenter.dll 2016-04-07 07:31 - 2010-11-20 05:20 - 00600576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PerfCenterCPL.dll 2016-04-07 07:31 - 2010-11-20 05:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercpl.dll 2016-04-07 07:31 - 2010-11-20 05:20 - 00324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll 2016-04-07 07:31 - 2010-11-20 05:20 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\onex.dll 2016-04-07 07:31 - 2010-11-20 05:20 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QAGENT.DLL 2016-04-07 07:31 - 2010-11-20 05:20 - 00166400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiohlp.dll 2016-04-07 07:31 - 2010-11-20 05:20 - 00120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prntvpt.dll 2016-04-07 07:31 - 2010-11-20 05:20 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netid.dll 2016-04-07 07:31 - 2010-11-20 05:20 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nci.dll 2016-04-07 07:31 - 2010-11-20 05:19 - 00856576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallControlPanel.dll 2016-04-07 07:31 - 2010-11-20 05:19 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontext.dll 2016-04-07 07:31 - 2010-11-20 05:19 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll 2016-04-07 07:31 - 2010-11-20 05:19 - 00481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll 2016-04-07 07:31 - 2010-11-20 05:19 - 00429056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\localsec.dll 2016-04-07 07:31 - 2010-11-20 05:19 - 00400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ipsmsnap.dll 2016-04-07 07:31 - 2010-11-20 05:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxclu.dll 2016-04-07 07:31 - 2010-11-20 05:19 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll 2016-04-07 07:31 - 2010-11-20 05:19 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll 2016-04-07 07:31 - 2010-11-20 05:19 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll 2016-04-07 07:31 - 2010-11-20 05:19 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll 2016-04-07 07:31 - 2010-11-20 05:19 - 00167936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msutb.dll 2016-04-07 07:31 - 2010-11-20 05:19 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll 2016-04-07 07:31 - 2010-11-20 05:19 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL 2016-04-07 07:31 - 2010-11-20 05:19 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasacct.dll 2016-04-07 07:31 - 2010-11-20 05:19 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hbaapi.dll 2016-04-07 07:31 - 2010-11-20 05:19 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mimefilt.dll 2016-04-07 07:31 - 2010-11-20 05:18 - 03727872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\accessibilitycpl.dll 2016-04-07 07:31 - 2010-11-20 05:18 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DxpTaskSync.dll 2016-04-07 07:31 - 2010-11-20 05:18 - 01040384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll 2016-04-07 07:31 - 2010-11-20 05:18 - 00740864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\batmeter.dll 2016-04-07 07:31 - 2010-11-20 05:18 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuxiliaryDisplayCpl.dll 2016-04-07 07:31 - 2010-11-20 05:18 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\azroleui.dll 2016-04-07 07:31 - 2010-11-20 05:18 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2016-04-07 07:31 - 2010-11-20 05:18 - 00222208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll 2016-04-07 07:31 - 2010-11-20 05:18 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cabview.dll 2016-04-07 07:31 - 2010-11-20 05:18 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscmmc.dll 2016-04-07 07:31 - 2010-11-20 05:17 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe 2016-04-07 07:31 - 2010-11-20 05:17 - 00303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe 2016-04-07 07:31 - 2010-11-20 05:17 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eudcedit.exe 2016-04-07 07:31 - 2010-11-20 05:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskmgr.exe 2016-04-07 07:31 - 2010-11-20 05:17 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe 2016-04-07 07:31 - 2010-11-20 05:17 - 00098816 _____ (Microsoft) C:\Windows\SysWOW64\Robocopy.exe 2016-04-07 07:31 - 2010-11-20 05:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe 2016-04-07 07:31 - 2010-11-20 05:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\proquota.exe 2016-04-07 07:31 - 2010-11-20 05:17 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userinit.exe 2016-04-07 07:31 - 2010-11-20 05:16 - 00905216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl 2016-04-07 07:31 - 2010-11-20 05:16 - 00679424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe 2016-04-07 07:31 - 2010-11-20 05:16 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe 2016-04-07 07:31 - 2010-11-20 05:16 - 00658944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe 2016-04-07 07:31 - 2010-11-20 05:16 - 00649216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl 2016-04-07 07:31 - 2010-11-20 05:16 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl 2016-04-07 07:31 - 2010-11-20 05:16 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr 2016-04-07 07:31 - 2010-11-20 05:16 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysdm.cpl 2016-04-07 07:31 - 2010-11-20 05:16 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax 2016-04-07 07:31 - 2010-11-20 03:52 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys 2016-04-07 07:31 - 2010-11-20 03:43 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys 2016-04-07 07:31 - 2010-11-04 19:11 - 00433512 _____ (Microsoft Corporation) C:\Windows\system32\MCEWMDRMNDBootstrap.dll 2016-04-07 07:30 - 2010-11-20 06:44 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\NAPHLPR.DLL 2016-04-07 07:30 - 2010-11-20 06:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\NAPCRYPT.DLL 2016-04-07 07:30 - 2010-11-20 06:34 - 00046464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmstorfl.sys 2016-04-07 07:30 - 2010-11-20 06:33 - 00155008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys 2016-04-07 07:30 - 2010-11-20 06:27 - 01911808 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 01672704 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\sdcpl.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00681472 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00636416 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmdev.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00527872 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmnet.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\sqlcese30.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00435712 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceStatus.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00431104 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\termmgr.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00358400 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\wavemsp.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\qdv.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\mstask.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceSyncProvider.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\wpdwcn.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\sysclass.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\syncui.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00182784 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\qcap.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\remotepg.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\mydocs.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\wmpshell.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\ntlanman.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\wiavideo.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL 2016-04-07 07:30 - 2010-11-20 06:27 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountControlSettings.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\QCLIPROV.DLL 2016-04-07 07:30 - 2010-11-20 06:27 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\unimdmat.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\vfwwdm32.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\rdpd3d.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\WavDest.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\umb.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\PrintIsolationProxy.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\shimgvw.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\msdmo.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\netutils.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\syssetup.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\nrpsrv.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll 2016-04-07 07:30 - 2010-11-20 06:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll 2016-04-07 07:30 - 2010-11-20 06:26 - 01087488 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll 2016-04-07 07:30 - 2010-11-20 06:26 - 00623104 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll 2016-04-07 07:30 - 2010-11-20 06:26 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\dot3ui.dll 2016-04-07 07:30 - 2010-11-20 06:26 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\iTVData.dll 2016-04-07 07:30 - 2010-11-20 06:26 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll 2016-04-07 07:30 - 2010-11-20 06:26 - 00240640 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll 2016-04-07 07:30 - 2010-11-20 06:26 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingFolder.dll 2016-04-07 07:30 - 2010-11-20 06:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll 2016-04-07 07:30 - 2010-11-20 06:26 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll 2016-04-07 07:30 - 2010-11-20 06:26 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll 2016-04-07 07:30 - 2010-11-20 06:26 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\ifsutil.dll 2016-04-07 07:30 - 2010-11-20 06:26 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll 2016-04-07 07:30 - 2010-11-20 06:26 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\fphc.dll 2016-04-07 07:30 - 2010-11-20 06:26 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll 2016-04-07 07:30 - 2010-11-20 06:26 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\KMSVC.DLL 2016-04-07 07:30 - 2010-11-20 06:26 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\Mcx2Svc.dll 2016-04-07 07:30 - 2010-11-20 06:26 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll 2016-04-07 07:30 - 2010-11-20 06:26 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll 2016-04-07 07:30 - 2010-11-20 06:26 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll 2016-04-07 07:30 - 2010-11-20 06:26 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll 2016-04-07 07:30 - 2010-11-20 06:26 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\HotStartUserAgent.dll 2016-04-07 07:30 - 2010-11-20 06:25 - 00549888 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenterCPL.dll 2016-04-07 07:30 - 2010-11-20 06:25 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe 2016-04-07 07:30 - 2010-11-20 06:25 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2016-04-07 07:30 - 2010-11-20 06:25 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2016-04-07 07:30 - 2010-11-20 06:25 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeResults.exe 2016-04-07 07:30 - 2010-11-20 06:25 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe 2016-04-07 07:30 - 2010-11-20 06:25 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe 2016-04-07 07:30 - 2010-11-20 06:25 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\recdisc.exe 2016-04-07 07:30 - 2010-11-20 06:25 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe 2016-04-07 07:30 - 2010-11-20 06:25 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll 2016-04-07 07:30 - 2010-11-20 06:25 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\PresentationSettings.exe 2016-04-07 07:30 - 2010-11-20 06:25 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe 2016-04-07 07:30 - 2010-11-20 06:25 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll 2016-04-07 07:30 - 2010-11-20 06:25 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\net1.exe 2016-04-07 07:30 - 2010-11-20 06:25 - 00137216 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll 2016-04-07 07:30 - 2010-11-20 06:25 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayServices.dll 2016-04-07 07:30 - 2010-11-20 06:25 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe 2016-04-07 07:30 - 2010-11-20 06:25 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\cabinet.dll 2016-04-07 07:30 - 2010-11-20 06:25 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\amstream.dll 2016-04-07 07:30 - 2010-11-20 06:25 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll 2016-04-07 07:30 - 2010-11-20 06:25 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\tabcal.exe 2016-04-07 07:30 - 2010-11-20 06:25 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\CertPolEng.dll 2016-04-07 07:30 - 2010-11-20 06:25 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\takeown.exe 2016-04-07 07:30 - 2010-11-20 06:25 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe 2016-04-07 07:30 - 2010-11-20 06:25 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\runonce.exe 2016-04-07 07:30 - 2010-11-20 06:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\acppage.dll 2016-04-07 07:30 - 2010-11-20 06:25 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\MultiDigiMon.exe 2016-04-07 07:30 - 2010-11-20 06:25 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll 2016-04-07 07:30 - 2010-11-20 06:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe 2016-04-07 07:30 - 2010-11-20 06:25 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\AzSqlExt.dll 2016-04-07 07:30 - 2010-11-20 06:25 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe 2016-04-07 07:30 - 2010-11-20 06:25 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\BWUnpairElevated.dll 2016-04-07 07:30 - 2010-11-20 06:25 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2016-04-07 07:30 - 2010-11-20 06:24 - 00899584 _____ (Microsoft Corporation) C:\Windows\system32\Bubbles.scr 2016-04-07 07:30 - 2010-11-20 06:24 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe 2016-04-07 07:30 - 2010-11-20 06:24 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\main.cpl 2016-04-07 07:30 - 2010-11-20 06:24 - 00474112 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx 2016-04-07 07:30 - 2010-11-20 06:24 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe 2016-04-07 07:30 - 2010-11-20 06:24 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\ssText3d.scr 2016-04-07 07:30 - 2010-11-20 06:24 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp 2016-04-07 07:30 - 2010-11-20 06:24 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\Mystify.scr 2016-04-07 07:30 - 2010-11-20 06:24 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\Ribbons.scr 2016-04-07 07:30 - 2010-11-20 06:24 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\bitsadmin.exe 2016-04-07 07:30 - 2010-11-20 06:24 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax 2016-04-07 07:30 - 2010-11-20 06:24 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe 2016-04-07 07:30 - 2010-11-20 06:24 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl 2016-04-07 07:30 - 2010-11-20 06:24 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe 2016-04-07 07:30 - 2010-11-20 06:24 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\iscsicli.exe 2016-04-07 07:30 - 2010-11-20 06:24 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\MdSched.exe 2016-04-07 07:30 - 2010-11-20 06:24 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\Kswdmcap.ax 2016-04-07 07:30 - 2010-11-20 06:24 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe 2016-04-07 07:30 - 2010-11-20 06:24 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\desk.cpl 2016-04-07 07:30 - 2010-11-20 06:24 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe 2016-04-07 07:30 - 2010-11-20 06:24 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\kstvtune.ax 2016-04-07 07:30 - 2010-11-20 06:24 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\mobsync.exe 2016-04-07 07:30 - 2010-11-20 06:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\cmstp.exe 2016-04-07 07:30 - 2010-11-20 06:24 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax 2016-04-07 07:30 - 2010-11-20 06:24 - 00071168 _____ (Microsoft Corporation) C:\Windows\bfsvc.exe 2016-04-07 07:30 - 2010-11-20 06:24 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\ksxbar.ax 2016-04-07 07:30 - 2010-11-20 06:24 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\djoin.exe 2016-04-07 07:30 - 2010-11-20 06:24 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\g711codc.ax 2016-04-07 07:30 - 2010-11-20 06:24 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe 2016-04-07 07:30 - 2010-11-20 06:24 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\vbisurf.ax 2016-04-07 07:30 - 2010-11-20 06:02 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME 2016-04-07 07:30 - 2010-11-20 05:36 - 00107008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NAPHLPR.DLL 2016-04-07 07:30 - 2010-11-20 05:36 - 00046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NAPCRYPT.DLL 2016-04-07 07:30 - 2010-11-20 05:21 - 00755200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmdev.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00473600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched20.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmnet.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00428544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shwebsvc.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00406528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDSp.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\raschap.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlcese30.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpdxm.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00222208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wavemsp.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00198144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdwcn.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00186368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpsrcwp.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vdsbas.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\syncui.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remotepg.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twext.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxlib.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiavideo.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpshell.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppinst.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srvcli.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QUTIL.DLL 2016-04-07 07:30 - 2010-11-20 05:21 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountControlSettings.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdmat.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vfwwdm32.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpd3d.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00051200 _____ (Twain Working Group) C:\Windows\twain_32.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wkscli.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wtsapi32.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\utildll.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vpnikeapi.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sisbkup.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\syssetup.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll 2016-04-07 07:30 - 2010-11-20 05:21 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsbyuv.dll 2016-04-07 07:30 - 2010-11-20 05:20 - 02130944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\networkmap.dll 2016-04-07 07:30 - 2010-11-20 05:20 - 01661440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\networkexplorer.dll 2016-04-07 07:30 - 2010-11-20 05:20 - 01160192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll 2016-04-07 07:30 - 2010-11-20 05:20 - 01111552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\onexui.dll 2016-04-07 07:30 - 2010-11-20 05:20 - 00859648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OobeFldr.dll 2016-04-07 07:30 - 2010-11-20 05:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceStatus.dll 2016-04-07 07:30 - 2010-11-20 05:20 - 00395264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnfldr.dll 2016-04-07 07:30 - 2010-11-20 05:20 - 00346112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshipsec.dll 2016-04-07 07:30 - 2010-11-20 05:20 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll 2016-04-07 07:30 - 2010-11-20 05:20 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll 2016-04-07 07:30 - 2010-11-20 05:20 - 00283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdv.dll 2016-04-07 07:30 - 2010-11-20 05:20 - 00236544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll 2016-04-07 07:30 - 2010-11-20 05:20 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OnLineIDCpl.dll 2016-04-07 07:30 - 2010-11-20 05:20 - 00190976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qcap.dll 2016-04-07 07:30 - 2010-11-20 05:20 - 00183296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceSyncProvider.dll 2016-04-07 07:30 - 2010-11-20 05:20 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll 2016-04-07 07:30 - 2010-11-20 05:20 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ocsetapi.dll 2016-04-07 07:30 - 2010-11-20 05:20 - 00165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\provsvc.dll 2016-04-07 07:30 - 2010-11-20 05:20 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netjoin.dll 2016-04-07 07:30 - 2010-11-20 05:20 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mydocs.dll 2016-04-07 07:30 - 2010-11-20 05:20 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL 2016-04-07 07:30 - 2010-11-20 05:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll 2016-04-07 07:30 - 2010-11-20 05:20 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olethk32.dll 2016-04-07 07:30 - 2010-11-20 05:20 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QCLIPROV.DLL 2016-04-07 07:30 - 2010-11-20 05:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntlanman.dll 2016-04-07 07:30 - 2010-11-20 05:20 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptui.dll 2016-04-07 07:30 - 2010-11-20 05:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00592384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MediaMetadataHandler.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAC3ENC.DLL 2016-04-07 07:30 - 2010-11-20 05:19 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iTVData.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstask.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrad.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprapi.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00148992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ifsutil.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrecst.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvfw32.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\migisol.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fphc.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00093696 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\SysWOW64\fms.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciavi32.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdeploy.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iyuv_32.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\httpapi.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvidc32.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsium.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msyuv.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lsmproxy.dll 2016-04-07 07:30 - 2010-11-20 05:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrle32.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00744448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00685056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsuiext.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00537600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenterCPL.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00484864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceCenter.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00438272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AdmTmpl.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00333824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3ui.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00257024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpx.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\audiodev.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00242176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\defaultlocationcpl.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00211456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairingFolder.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiagn.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efscore.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\activeds.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dskquoui.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsldp.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoplay.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EhStorAPI.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3msm.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\avifil32.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3cfg.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\amstream.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cca.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertPolEng.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\acppage.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll 2016-04-07 07:30 - 2010-11-20 05:18 - 00028160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzSqlExt.dll 2016-04-07 07:30 - 2010-11-20 05:17 - 00586752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfrgui.exe 2016-04-07 07:30 - 2010-11-20 05:17 - 00327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimserv.exe 2016-04-07 07:30 - 2010-11-20 05:17 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe 2016-04-07 07:30 - 2010-11-20 05:17 - 00276480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskraid.exe 2016-04-07 07:30 - 2010-11-20 05:17 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sethc.exe 2016-04-07 07:30 - 2010-11-20 05:17 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PkgMgr.exe 2016-04-07 07:30 - 2010-11-20 05:17 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ocsetup.exe 2016-04-07 07:30 - 2010-11-20 05:17 - 00157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe 2016-04-07 07:30 - 2010-11-20 05:17 - 00144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsicli.exe 2016-04-07 07:30 - 2010-11-20 05:17 - 00133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskpart.exe 2016-04-07 07:30 - 2010-11-20 05:17 - 00113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe 2016-04-07 07:30 - 2010-11-20 05:17 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nslookup.exe 2016-04-07 07:30 - 2010-11-20 05:17 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logagent.exe 2016-04-07 07:30 - 2010-11-20 05:17 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\isoburn.exe 2016-04-07 07:30 - 2010-11-20 05:17 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmstp.exe 2016-04-07 07:30 - 2010-11-20 05:17 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe 2016-04-07 07:30 - 2010-11-20 05:17 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MuiUnattend.exe 2016-04-07 07:30 - 2010-11-20 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\takeown.exe 2016-04-07 07:30 - 2010-11-20 05:17 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\runonce.exe 2016-04-07 07:30 - 2010-11-20 05:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzutil.exe 2016-04-07 07:30 - 2010-11-20 05:17 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftp.exe 2016-04-07 07:30 - 2010-11-20 05:17 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe 2016-04-07 07:30 - 2010-11-20 05:17 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiougc.exe 2016-04-07 07:30 - 2010-11-20 05:17 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe 2016-04-07 07:30 - 2010-11-20 05:16 - 00878592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Bubbles.scr 2016-04-07 07:30 - 2010-11-20 05:16 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl 2016-04-07 07:30 - 2010-11-20 05:16 - 00516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\main.cpl 2016-04-07 07:30 - 2010-11-20 05:16 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx 2016-04-07 07:30 - 2010-11-20 05:16 - 00345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl 2016-04-07 07:30 - 2010-11-20 05:16 - 00293888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ssText3d.scr 2016-04-07 07:30 - 2010-11-20 05:16 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp 2016-04-07 07:30 - 2010-11-20 05:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mystify.scr 2016-04-07 07:30 - 2010-11-20 05:16 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Ribbons.scr 2016-04-07 07:30 - 2010-11-20 05:16 - 00186368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bitsadmin.exe 2016-04-07 07:30 - 2010-11-20 05:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdmaud.drv 2016-04-07 07:30 - 2010-11-20 05:16 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBICodec.ax 2016-04-07 07:30 - 2010-11-20 05:16 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl 2016-04-07 07:30 - 2010-11-20 05:16 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\desk.cpl 2016-04-07 07:30 - 2010-11-20 05:16 - 00107008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Kswdmcap.ax 2016-04-07 07:30 - 2010-11-20 05:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kstvtune.ax 2016-04-07 07:30 - 2010-11-20 05:16 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax 2016-04-07 07:30 - 2010-11-20 05:16 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSTPager.ax 2016-04-07 07:30 - 2010-11-20 05:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksxbar.ax 2016-04-07 07:30 - 2010-11-20 05:00 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME 2016-04-07 07:30 - 2010-11-20 04:06 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys 2016-04-07 07:30 - 2010-11-20 03:52 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys 2016-04-07 07:30 - 2010-11-20 03:52 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys 2016-04-07 07:30 - 2010-11-20 03:51 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys 2016-04-07 07:30 - 2010-11-20 03:50 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys 2016-04-07 07:30 - 2010-11-20 03:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys 2016-04-07 07:30 - 2010-11-20 02:57 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll 2016-04-07 07:30 - 2010-11-04 19:11 - 00312168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCEWMDRMNDBootstrap.dll 2016-04-07 07:29 - 2010-11-20 06:27 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\onexui.dll 2016-04-07 07:29 - 2010-11-20 06:27 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll 2016-04-07 07:29 - 2010-11-20 06:27 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\napdsnap.dll 2016-04-07 07:29 - 2010-11-20 06:27 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll 2016-04-07 07:29 - 2010-11-20 06:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll 2016-04-07 07:29 - 2010-11-20 06:27 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll 2016-04-07 07:29 - 2010-11-20 06:27 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\wdiasqmmodule.dll 2016-04-07 07:29 - 2010-11-20 06:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\profprov.dll 2016-04-07 07:29 - 2010-11-20 06:27 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\shgina.dll 2016-04-07 07:29 - 2010-11-20 06:27 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll 2016-04-07 07:29 - 2010-11-20 06:27 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\schedcli.dll 2016-04-07 07:29 - 2010-11-20 06:27 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\rdprefdrvapi.dll 2016-04-07 07:29 - 2010-11-20 06:27 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\TRAPI.dll 2016-04-07 07:29 - 2010-11-20 06:27 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\spopk.dll 2016-04-07 07:29 - 2010-11-20 06:27 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wshirda.dll 2016-04-07 07:29 - 2010-11-20 06:27 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\shunimpl.dll 2016-04-07 07:29 - 2010-11-20 06:27 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\riched32.dll 2016-04-07 07:29 - 2010-11-20 06:27 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\rdpcfgex.dll 2016-04-07 07:29 - 2010-11-20 06:26 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll 2016-04-07 07:29 - 2010-11-20 06:26 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll 2016-04-07 07:29 - 2010-11-20 06:26 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\inetmib1.dll 2016-04-07 07:29 - 2010-11-20 06:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\luainstall.dll 2016-04-07 07:29 - 2010-11-20 06:26 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\FXSMON.dll 2016-04-07 07:29 - 2010-11-20 06:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\mciqtz32.dll 2016-04-07 07:29 - 2010-11-20 06:26 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dsauth.dll 2016-04-07 07:29 - 2010-11-20 06:26 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\elsTrans.dll 2016-04-07 07:29 - 2010-11-20 06:25 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\repair-bde.exe 2016-04-07 07:29 - 2010-11-20 06:25 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe 2016-04-07 07:29 - 2010-11-20 06:25 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll 2016-04-07 07:29 - 2010-11-20 06:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\qprocess.exe 2016-04-07 07:29 - 2010-11-20 06:25 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\bitsperf.dll 2016-04-07 07:29 - 2010-11-20 06:25 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\tskill.exe 2016-04-07 07:29 - 2010-11-20 06:25 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\qappsrv.exe 2016-04-07 07:29 - 2010-11-20 06:25 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\tscon.exe 2016-04-07 07:29 - 2010-11-20 06:25 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\tsdiscon.exe 2016-04-07 07:29 - 2010-11-20 06:25 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\shadow.exe 2016-04-07 07:29 - 2010-11-20 06:25 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\rwinsta.exe 2016-04-07 07:29 - 2010-11-20 06:25 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\reset.exe 2016-04-07 07:29 - 2010-11-20 06:25 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\query.exe 2016-04-07 07:29 - 2010-11-20 06:25 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll 2016-04-07 07:29 - 2010-11-20 06:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\C_ISCII.DLL 2016-04-07 07:29 - 2010-11-20 06:24 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\manage-bde.exe 2016-04-07 07:29 - 2010-11-20 06:24 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe 2016-04-07 07:29 - 2010-11-20 06:24 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\choice.exe 2016-04-07 07:29 - 2010-11-20 06:24 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\LogonUI.exe 2016-04-07 07:29 - 2010-11-20 06:24 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\chgport.exe 2016-04-07 07:29 - 2010-11-20 06:24 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\chglogon.exe 2016-04-07 07:29 - 2010-11-20 06:24 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\logoff.exe 2016-04-07 07:29 - 2010-11-20 06:24 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\chgusr.exe 2016-04-07 07:29 - 2010-11-20 06:24 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\FXSUNATD.exe 2016-04-07 07:29 - 2010-11-20 06:24 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\change.exe 2016-04-07 07:29 - 2010-11-20 06:15 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll 2016-04-07 07:29 - 2010-11-20 06:14 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwizres.dll 2016-04-07 07:29 - 2010-11-20 06:13 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\RDPENCDD.dll 2016-04-07 07:29 - 2010-11-20 06:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll 2016-04-07 07:29 - 2010-11-20 06:12 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\pifmgr.dll 2016-04-07 07:29 - 2010-11-20 06:09 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll 2016-04-07 07:29 - 2010-11-20 06:09 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\vmbusres.dll 2016-04-07 07:29 - 2010-11-20 06:09 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\vmstorfltres.dll 2016-04-07 07:29 - 2010-11-20 06:02 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime 2016-04-07 07:29 - 2010-11-20 06:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUQ.DLL 2016-04-07 07:29 - 2010-11-20 06:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUF.DLL 2016-04-07 07:29 - 2010-11-20 06:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDSG.DLL 2016-04-07 07:29 - 2010-11-20 06:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\kbdlk41a.dll 2016-04-07 07:29 - 2010-11-20 06:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDGKL.DLL 2016-04-07 07:29 - 2010-11-20 06:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDCZ1.DLL 2016-04-07 07:29 - 2010-11-20 06:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDSF.DLL 2016-04-07 07:29 - 2010-11-20 06:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDPO.DLL 2016-04-07 07:29 - 2010-11-20 06:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDNEPR.DLL 2016-04-07 07:29 - 2010-11-20 06:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTAM.DLL 2016-04-07 07:29 - 2010-11-20 06:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDINBEN.DLL 2016-04-07 07:29 - 2010-11-20 06:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDGR1.DLL 2016-04-07 07:29 - 2010-11-20 06:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDUS.DLL 2016-04-07 07:29 - 2010-11-20 06:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDUGHR1.DLL 2016-04-07 07:29 - 2010-11-20 06:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTURME.DLL 2016-04-07 07:29 - 2010-11-20 06:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAJIK.DLL 2016-04-07 07:29 - 2010-11-20 06:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDMON.DLL 2016-04-07 07:29 - 2010-11-20 06:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDMAORI.DLL 2016-04-07 07:29 - 2010-11-20 06:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDLT1.DLL 2016-04-07 07:29 - 2010-11-20 06:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTEL.DLL 2016-04-07 07:29 - 2010-11-20 06:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINORI.DLL 2016-04-07 07:29 - 2010-11-20 06:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINMAR.DLL 2016-04-07 07:29 - 2010-11-20 06:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINKAN.DLL 2016-04-07 07:29 - 2010-11-20 06:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINHIN.DLL 2016-04-07 07:29 - 2010-11-20 06:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBULG.DLL 2016-04-07 07:29 - 2010-11-20 06:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBLR.DLL 2016-04-07 07:29 - 2010-11-20 06:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2016-04-07 07:29 - 2010-11-20 06:02 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDGEO.DLL 2016-04-07 07:29 - 2010-11-20 05:58 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll 2016-04-07 07:29 - 2010-11-20 05:54 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\BlbEvents.dll 2016-04-07 07:29 - 2010-11-20 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-ums-l1-1-0.dll 2016-04-07 07:29 - 2010-11-20 05:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpps.dll 2016-04-07 07:29 - 2010-11-20 05:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll 2016-04-07 07:29 - 2010-11-20 05:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll 2016-04-07 07:29 - 2010-11-20 05:21 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimgvw.dll 2016-04-07 07:29 - 2010-11-20 05:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsdchngr.dll 2016-04-07 07:29 - 2010-11-20 05:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TRAPI.dll 2016-04-07 07:29 - 2010-11-20 05:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdprefdrvapi.dll 2016-04-07 07:29 - 2010-11-20 05:21 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shgina.dll 2016-04-07 07:29 - 2010-11-20 05:21 - 00019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spopk.dll 2016-04-07 07:29 - 2010-11-20 05:21 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schedcli.dll 2016-04-07 07:29 - 2010-11-20 05:21 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshirda.dll 2016-04-07 07:29 - 2010-11-20 05:21 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shunimpl.dll 2016-04-07 07:29 - 2010-11-20 05:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll 2016-04-07 07:29 - 2010-11-20 05:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched32.dll 2016-04-07 07:29 - 2010-11-20 05:20 - 00121344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll 2016-04-07 07:29 - 2010-11-20 05:20 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\napdsnap.dll 2016-04-07 07:29 - 2010-11-20 05:20 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll 2016-04-07 07:29 - 2010-11-20 05:20 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netutils.dll 2016-04-07 07:29 - 2010-11-20 05:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfts.dll 2016-04-07 07:29 - 2010-11-20 05:19 - 00082944 _____ (Radius Inc.) C:\Windows\SysWOW64\iccvid.dll 2016-04-07 07:29 - 2010-11-20 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetmib1.dll 2016-04-07 07:29 - 2010-11-20 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\luainstall.dll 2016-04-07 07:29 - 2010-11-20 05:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciqtz32.dll 2016-04-07 07:29 - 2010-11-20 05:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdmo.dll 2016-04-07 07:29 - 2010-11-20 05:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll 2016-04-07 07:29 - 2010-11-20 05:18 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll 2016-04-07 07:29 - 2010-11-20 05:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cabinet.dll 2016-04-07 07:29 - 2010-11-20 05:18 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsauth.dll 2016-04-07 07:29 - 2010-11-20 05:18 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll 2016-04-07 07:29 - 2010-11-20 05:18 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elsTrans.dll 2016-04-07 07:29 - 2010-11-20 05:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bitsperf.dll 2016-04-07 07:29 - 2010-11-20 05:18 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\C_ISCII.DLL 2016-04-07 07:29 - 2010-11-20 05:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browseui.dll 2016-04-07 07:29 - 2010-11-20 05:17 - 00280064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe 2016-04-07 07:29 - 2010-11-20 05:17 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2016-04-07 07:29 - 2010-11-20 05:17 - 00101376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mobsync.exe 2016-04-07 07:29 - 2010-11-20 05:17 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findstr.exe 2016-04-07 07:29 - 2010-11-20 05:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unlodctr.exe 2016-04-07 07:29 - 2010-11-20 05:17 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe 2016-04-07 07:29 - 2010-11-20 05:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe 2016-04-07 07:29 - 2010-11-20 05:17 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe 2016-04-07 07:29 - 2010-11-20 05:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax 2016-04-07 07:29 - 2010-11-20 05:16 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\g711codc.ax 2016-04-07 07:29 - 2010-11-20 05:16 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbisurf.ax 2016-04-07 07:29 - 2010-11-20 05:08 - 00119808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imm32.dll 2016-04-07 07:29 - 2010-11-20 05:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTUQ.DLL 2016-04-07 07:29 - 2010-11-20 05:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTUF.DLL 2016-04-07 07:29 - 2010-11-20 05:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDSG.DLL 2016-04-07 07:29 - 2010-11-20 05:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdlk41a.dll 2016-04-07 07:29 - 2010-11-20 05:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDGR1.DLL 2016-04-07 07:29 - 2010-11-20 05:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDGKL.DLL 2016-04-07 07:29 - 2010-11-20 05:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDCZ1.DLL 2016-04-07 07:29 - 2010-11-20 05:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDSF.DLL 2016-04-07 07:29 - 2010-11-20 05:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDPO.DLL 2016-04-07 07:29 - 2010-11-20 05:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDNEPR.DLL 2016-04-07 07:29 - 2010-11-20 05:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINTAM.DLL 2016-04-07 07:29 - 2010-11-20 05:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINORI.DLL 2016-04-07 07:29 - 2010-11-20 05:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINMAR.DLL 2016-04-07 07:29 - 2010-11-20 05:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINKAN.DLL 2016-04-07 07:29 - 2010-11-20 05:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINHIN.DLL 2016-04-07 07:29 - 2010-11-20 05:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINBEN.DLL 2016-04-07 07:29 - 2010-11-20 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDUS.DLL 2016-04-07 07:29 - 2010-11-20 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDUGHR1.DLL 2016-04-07 07:29 - 2010-11-20 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTURME.DLL 2016-04-07 07:29 - 2010-11-20 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAJIK.DLL 2016-04-07 07:29 - 2010-11-20 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDMON.DLL 2016-04-07 07:29 - 2010-11-20 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDMAORI.DLL 2016-04-07 07:29 - 2010-11-20 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDLT1.DLL 2016-04-07 07:29 - 2010-11-20 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINTEL.DLL 2016-04-07 07:29 - 2010-11-20 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDGEO.DLL 2016-04-07 07:29 - 2010-11-20 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBULG.DLL 2016-04-07 07:29 - 2010-11-20 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBLR.DLL 2016-04-07 07:29 - 2010-11-20 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2016-04-07 07:29 - 2010-11-20 05:07 - 01164800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll 2016-04-07 07:29 - 2010-11-20 05:07 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizres.dll 2016-04-07 07:29 - 2010-11-20 05:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll 2016-04-07 07:29 - 2010-11-20 05:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pifmgr.dll 2016-04-07 07:29 - 2010-11-20 05:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime 2016-04-07 07:29 - 2010-11-20 04:57 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll 2016-04-07 07:29 - 2010-11-20 04:37 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys 2016-04-07 07:29 - 2010-11-20 03:51 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys 2016-04-07 07:29 - 2010-11-20 03:44 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys 2016-04-07 07:29 - 2010-11-20 03:44 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys 2016-04-07 07:29 - 2010-11-20 03:43 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys 2016-04-07 07:29 - 2010-11-20 03:43 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys 2016-04-07 07:29 - 2010-11-20 03:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys 2016-04-07 07:29 - 2010-11-20 03:42 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys 2016-04-07 07:29 - 2010-11-20 03:34 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys 2016-04-07 07:29 - 2010-11-20 03:33 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys 2016-04-07 07:29 - 2010-11-20 03:33 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys 2016-04-07 07:29 - 2010-11-20 03:09 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys 2016-04-07 07:29 - 2010-11-20 03:04 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys 2016-04-07 07:29 - 2010-11-20 02:57 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\VmbusCoinstaller.dll 2016-04-07 07:29 - 2010-11-20 02:57 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\VmdCoinstall.dll 2016-04-07 07:29 - 2010-11-20 02:57 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll 2016-04-07 07:29 - 2010-11-20 02:57 - 00021760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VMBusHID.sys 2016-04-07 07:29 - 2010-11-20 02:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspipe.dll 2016-04-07 07:29 - 2010-11-20 02:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vms3cap.sys 2016-04-07 07:29 - 2010-11-20 02:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys 2016-04-07 07:29 - 2010-11-20 02:26 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys 2016-04-07 07:29 - 2010-11-20 02:22 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys 2016-04-07 07:29 - 2010-11-20 02:19 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys 2016-04-07 07:29 - 2010-11-09 18:48 - 00010429 _____ C:\Windows\system32\ScavengeSpace.xml 2016-04-07 07:29 - 2010-11-04 19:20 - 00105559 _____ C:\Windows\SysWOW64\RacRules.xml 2016-04-07 07:29 - 2010-11-04 19:20 - 00105559 _____ C:\Windows\system32\RacRules.xml 2016-04-07 07:28 - 2010-11-20 06:26 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\dpx.dll 2016-04-07 07:28 - 2010-11-20 05:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdscore.dll 2016-04-07 07:28 - 2009-06-10 14:40 - 00146389 _____ C:\Windows\SysWOW64\printmanagement.msc 2016-04-07 07:28 - 2009-06-10 14:39 - 00001041 _____ C:\Windows\SysWOW64\tcpbidi.xml 2016-04-07 07:26 - 2010-11-20 05:21 - 00363008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wbemcomn.dll 2016-04-07 07:20 - 2010-11-20 06:27 - 00529408 _____ (Microsoft Corporation) C:\Windows\system32\wbemcomn.dll 2016-04-06 14:33 - 2016-04-06 14:33 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Camfrog Video Chat 2016-04-06 12:02 - 2016-04-06 12:04 - 11255504 _____ (TeamViewer GmbH) C:\Users\User\Downloads\TeamViewer_Setup(1).exe 2016-04-06 11:08 - 2016-04-06 11:08 - 00002697 _____ C:\Users\Public\Desktop\Skype.lnk 2016-04-06 11:08 - 2016-04-06 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2016-04-06 11:03 - 2016-04-06 11:03 - 01505408 _____ (Skype Technologies S.A.) C:\Users\User\Downloads\SkypeSetup.exe 2016-04-06 08:09 - 2016-04-06 08:30 - 00002848 _____ C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini 2016-04-06 08:09 - 2016-04-06 08:30 - 00002848 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini 2016-04-06 08:09 - 2016-04-06 08:08 - 00425744 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll 2016-04-06 08:08 - 2016-04-06 08:08 - 00345360 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll 2016-04-06 07:45 - 2016-04-06 07:45 - 00000000 ____D C:\Users\User\AppData\Local\CrashRpt 2016-04-06 06:44 - 2016-04-06 06:51 - 00000000 ____D C:\AdwCleaner 2016-04-06 06:15 - 2016-04-06 06:15 - 00024688 _____ C:\Windows\system32\Drivers\TrueSight.sys 2016-04-06 06:14 - 2016-04-06 06:43 - 00000000 ____D C:\ProgramData\RogueKiller 2016-04-05 07:02 - 2016-04-28 11:07 - 00000000 ____D C:\FRST 2016-04-05 06:17 - 2016-04-05 06:17 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-04-05 05:58 - 2016-04-28 08:23 - 00000000 ____D C:\Users\User\AppData\Roaming\TeamViewer 2016-04-05 05:57 - 2016-04-27 18:56 - 00000000 ____D C:\Program Files (x86)\TeamViewer ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-04-28 10:59 - 2015-08-16 14:50 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype 2016-04-28 10:58 - 2015-08-16 14:55 - 00000454 _____ C:\Windows\Tasks\UCBrowserUpdater{e23df38b34103b001ee4a910a2610d11}.job 2016-04-28 10:34 - 2009-07-13 21:45 - 00017360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-04-28 10:34 - 2009-07-13 21:45 - 00017360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-04-28 10:31 - 2015-08-16 14:48 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-04-28 10:25 - 2015-08-16 15:17 - 00000000 ____D C:\ProgramData\AVAST Software 2016-04-28 10:25 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-04-28 10:11 - 2015-08-16 19:34 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3095993379-2960881611-2283259630-1000UA.job 2016-04-28 05:37 - 2015-08-16 22:04 - 00000000 ____D C:\Users\User\AppData\Local\ManyCam 2016-04-28 00:32 - 2015-08-16 14:48 - 00800448 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-04-28 00:32 - 2015-08-16 14:48 - 00143040 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-04-28 00:32 - 2015-08-16 14:48 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-04-27 23:27 - 2015-08-16 18:18 - 00000000 ____D C:\Users\User\AppData\Roaming\Camfrog 2016-04-27 23:11 - 2015-08-16 19:34 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3095993379-2960881611-2283259630-1000Core.job 2016-04-27 15:19 - 2015-08-16 14:55 - 00000000 ____D C:\Users\User\AppData\Roaming\Adobe 2016-04-25 18:17 - 2015-08-16 14:55 - 00003450 _____ C:\Windows\System32\Tasks\UCBrowserUpdater{e23df38b34103b001ee4a910a2610d11} 2016-04-25 18:04 - 2009-07-13 21:45 - 00433728 _____ C:\Windows\system32\FNTCACHE.DAT 2016-04-25 05:02 - 2015-08-16 14:40 - 00111520 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT 2016-04-25 02:30 - 2015-10-09 14:13 - 00000000 ____D C:\Users\User\Documents\Hugot 2016-04-25 02:30 - 2015-08-16 14:55 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc 2016-04-23 20:25 - 2016-01-08 21:52 - 00000000 ____D C:\Users\User\Documents\download 2016-04-21 15:05 - 2015-08-16 18:48 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-04-20 02:58 - 2015-08-16 14:50 - 00000000 ____D C:\ProgramData\Skype 2016-04-20 02:44 - 2015-09-10 23:22 - 00000000 ____D C:\Users\User\Documents\vivi 2016-04-17 02:17 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache 2016-04-15 20:13 - 2016-03-27 17:50 - 00000000 ____D C:\Users\User\Documents\Jellyn 2016-04-15 19:56 - 2015-08-16 14:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-04-14 22:12 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\inf 2016-04-14 22:02 - 2009-07-13 22:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI 2016-04-14 21:58 - 2015-08-16 16:22 - 00000000 ____D C:\ProgramData\DatacardService 2016-04-14 21:57 - 2015-08-16 16:22 - 00000000 ____D C:\Program Files (x86)\Smart Bro 2016-04-13 16:49 - 2009-07-13 22:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2016-04-13 16:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2016-04-12 18:21 - 2015-08-16 14:44 - 00002333 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-04-12 17:58 - 2015-08-16 14:27 - 00001417 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-04-12 14:56 - 2009-07-14 00:46 - 00000000 ____D C:\Program Files\Windows Journal 2016-04-12 14:56 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\System 2016-04-12 14:55 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\Dism 2016-04-12 14:55 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\Dism 2016-04-12 14:53 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Windows Defender 2016-04-12 14:53 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2016-04-12 14:42 - 2015-08-16 14:33 - 00773568 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2016-04-11 12:40 - 2015-08-19 22:05 - 00000000 ____D C:\Users\User\Documents\MUSIC♫ 2016-04-08 13:07 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar 2016-04-08 13:07 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices 2016-04-08 13:07 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2016-04-08 13:06 - 2009-07-14 00:46 - 00000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents 2016-04-08 13:06 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Windows Sidebar 2016-04-08 13:06 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Windows Portable Devices 2016-04-08 13:06 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2016-04-08 13:06 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\DVD Maker 2016-04-08 13:06 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\Setup 2016-04-08 13:06 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\oobe 2016-04-08 13:06 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\manifeststore 2016-04-08 13:06 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\AdvancedInstallers 2016-04-08 13:06 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\servicing 2016-04-08 13:05 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz 2016-04-08 13:04 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\Setup 2016-04-08 13:04 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\oobe 2016-04-08 13:04 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\migwiz 2016-04-08 13:04 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\manifeststore 2016-04-08 13:04 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers 2016-04-08 11:45 - 2009-07-13 19:36 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll 2016-04-08 11:45 - 2009-07-13 19:36 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll 2016-04-06 14:33 - 2015-08-16 18:18 - 00000000 ____D C:\Program Files (x86)\Camfrog 2016-04-06 13:52 - 2015-08-16 14:50 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-04-06 10:43 - 2016-02-29 12:52 - 00000000 ____D C:\ProgramData\MobileBrServ 2016-04-05 08:47 - 2009-07-13 22:08 - 00032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-03-29 17:49 - 2015-08-16 14:54 - 00000000 ____D C:\Program Files (x86)\UCBrowser Some files in TEMP: ==================== C:\Users\User\AppData\Local\Temp\BingSvc.exe C:\Users\User\AppData\Local\Temp\BSvcProcessor.exe C:\Users\User\AppData\Local\Temp\BSvcUpdater.exe C:\Users\User\AppData\Local\Temp\dllnt_dump.dll C:\Users\User\AppData\Local\Temp\libeay32.dll C:\Users\User\AppData\Local\Temp\msvcr120.dll C:\Users\User\AppData\Local\Temp\SkypeSetup.exe C:\Users\User\AppData\Local\Temp\sqlite3.dll C:\Users\User\AppData\Local\Temp\{0C3654DF-0FEF-41A5-82AD-A8DF7FD023B8}-49.0.2623.112_chrome_installer.exe C:\Users\User\AppData\Local\Temp\{1E220A46-53C4-4E0D-AC43-22864FE68CE9}-44.0.2403.155_chrome_installer.exe C:\Users\User\AppData\Local\Temp\{6B8BB3AB-C4E1-42E2-A0A7-269CCEAEA557}-44.0.2403.157_44.0.2403.155_chrome_updater.exe C:\Users\User\AppData\Local\Temp\{E1DCE038-D873-48DD-B0D2-5DBC99E7E7A8}-45.0.2454.101_45.0.2454.99_chrome_updater.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-04-19 00:39 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-04-2016 Ran by User (2016-04-28 11:09:39) Running from C:\Users\User\Desktop Windows 7 Ultimate Service Pack 1 (X64) (2015-08-16 21:26:38) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3095993379-2960881611-2283259630-500 - Administrator - Disabled) Guest (S-1-5-21-3095993379-2960881611-2283259630-501 - Limited - Disabled) User (S-1-5-21-3095993379-2960881611-2283259630-1000 - Administrator - Enabled) => C:\Users\User ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: COMODO Cloud Antivirus (Enabled - Up to date) {D0CC7563-ABD2-DEBE-138E-FDD553335AF2} AS: COMODO Sandbox (Disabled - Up to date) {6BAD9487-8DE8-D130-293E-C6A728B4104F} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.137 - Adobe Systems Incorporated) Adobe Photoshop CS5 Extended (HKLM-x32\...\Adobe Photoshop CS5 Extended) (Version: - ) Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Camfrog Video Chat 6.11 (HKLM-x32\...\Camfrog) (Version: 6.11.543 - Camshare, Inc.) COMODO Cloud Antivirus (HKLM-x32\...\Comodo Cloud Antivirus_list_uninstall) (Version: 1.1.387596.183 - Comodo) COMODO Cloud Antivirus (x32 Version: 1.1.183.0 - COMODO) Hidden Google Chrome (HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) ManyCam 4.1.2 (HKLM-x32\...\ManyCam) (Version: 4.1.2 - Visicom Media Inc.) Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Mozilla Firefox 45.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 en-US)) (Version: 45.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla) Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.1.1 - Lenovo Group Limited) Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.) Smart Bro (HKLM-x32\...\Smart Bro) (Version: 23.009.09.01.238 - Huawei Technologies Co.,Ltd) Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer) UC Browser (HKLM-x32\...\UCBrowser) (Version: 5.6.11651.1011 - UCWeb Inc.) VLC media player 2.0.4 (HKLM-x32\...\VLC media player) (Version: 2.0.4 - VideoLAN) WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3095993379-2960881611-2283259630-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3095993379-2960881611-2283259630-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3095993379-2960881611-2283259630-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3095993379-2960881611-2283259630-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3095993379-2960881611-2283259630-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3095993379-2960881611-2283259630-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1CAD1622-DE9B-4361-8517-A445EE4A4A7E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {1E12F467-B95A-48C4-AFF0-81BB4F9470C0} - System32\Tasks\UCBrowserUpdater{e23df38b34103b001ee4a910a2610d11} => C:\Program Files (x86)\UCBrowser\Application\update_task.exe [2016-03-28] (UCWeb Inc) Task: {2E12A760-9AF4-40FF-AE1A-0DB9500E1AFC} - System32\Tasks\{49064DC5-4363-459F-86EC-02321DB82D39} => Firefox.exe hxxp://ui.skype.com/ui/0/7.7.0.103/en/abandoninstall?page=tsProgressBar Task: {786BF700-5801-4987-AF5C-444F52EC5D1C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3095993379-2960881611-2283259630-1000UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-16] (Google Inc.) Task: {9CD1E715-7F1B-4FC2-A07B-9EFE0684A9CB} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-07-06] (Lenovo) Task: {AED189BF-39B1-4CFD-AD04-F9AFEE9A1584} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-28] (Adobe Systems Incorporated) Task: {B6D0A7CD-DA80-4FC5-9A55-842001FADF6A} - System32\Tasks\{EB548845-927F-47B9-A411-0757EB62C074} => Firefox.exe hxxp://ui.skype.com/ui/0/7.7.0.103/en/abandoninstall?page=tsProgressBar Task: {D233D48F-7990-4DE9-B188-5A28FA2ABA9E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {E6EADB4F-32F0-4FE9-BDAD-C362060D3C21} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {F5A74045-4776-477E-B381-87E54DEF4A07} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-18] (AVAST Software) Task: {FD6A6AC7-D017-4947-9B62-12A4DED15793} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3095993379-2960881611-2283259630-1000Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-16] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3095993379-2960881611-2283259630-1000Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3095993379-2960881611-2283259630-1000UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\UCBrowserUpdater{e23df38b34103b001ee4a910a2610d11}.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2011-03-14 08:27 - 2011-03-14 08:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe 2015-08-16 16:24 - 2012-11-11 22:59 - 00657504 _____ () C:\ProgramData\Smart Bro\OnlineUpdate\ouc.exe 2012-10-01 20:36 - 2012-10-01 20:36 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2015-08-16 16:24 - 2009-01-10 11:32 - 00011362 _____ () C:\ProgramData\Smart Bro\OnlineUpdate\mingwm10.dll 2015-08-16 16:24 - 2009-06-22 19:42 - 00043008 _____ () C:\ProgramData\Smart Bro\OnlineUpdate\libgcc_s_dw2-1.dll 2015-08-16 16:24 - 2012-10-31 02:11 - 02417152 _____ () C:\ProgramData\Smart Bro\OnlineUpdate\QtCore4.dll 2015-08-16 16:24 - 2012-10-31 02:14 - 01148416 _____ () C:\ProgramData\Smart Bro\OnlineUpdate\QtNetwork4.dll 2015-08-16 16:24 - 2012-11-11 20:48 - 00843264 _____ () C:\ProgramData\Smart Bro\OnlineUpdate\QueryStrategy.dll 2015-08-16 16:24 - 2012-10-31 02:11 - 00398336 _____ () C:\ProgramData\Smart Bro\OnlineUpdate\QtXml4.dll 2012-10-01 20:37 - 2012-10-01 20:37 - 06522480 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2012-11-13 20:22 - 2012-11-13 20:22 - 02010624 _____ () C:\Program Files (x86)\ManyCam\opencv_core220.dll 2012-11-13 20:23 - 2012-11-13 20:23 - 01241088 _____ () C:\Program Files (x86)\ManyCam\opencv_imgproc220.dll 2012-11-13 20:23 - 2012-11-13 20:23 - 00241152 _____ () C:\Program Files (x86)\ManyCam\opencv_objdetect220.dll 2012-11-13 20:23 - 2012-11-13 20:23 - 00775680 _____ () C:\Program Files (x86)\ManyCam\opencv_highgui220.dll 2012-11-13 20:23 - 2012-11-13 20:23 - 00201216 _____ () C:\Program Files (x86)\ManyCam\opencv_video220.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com IE trusted site: HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.22.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: camfrog_update_service => 2 MSCONFIG\Services: HWDeviceService64.exe => 2 MSCONFIG\Services: Lenovo EasyPlus Hotspot => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: Smart Bro. RunOuc => 2 MSCONFIG\Services: WSearch => 2 MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AppEx Accelerator UI => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h MSCONFIG\startupreg: BingSvc => C:\Users\User\AppData\Local\Microsoft\BingSvc\BingSvc.exe MSCONFIG\startupreg: ManyCam => "C:\Program Files (x86)\ManyCam\ManyCam.exe" --silent MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{D5425F2C-7291-43A9-91E4-B37126E2F6ED}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{0F023C5F-FF1F-430F-981E-789B507869C2}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{39A0AFE5-9913-4D98-A45E-2453C8161E75}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe FirewallRules: [{41C8A8FD-44EA-4D8F-B2A6-0E0DB7C3094B}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\Downloader\download\MiniThunderPlatform.exe FirewallRules: [{8C3C948F-1DAC-45BE-9CF0-2184F392C734}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe FirewallRules: [{9A4CF22D-135E-4552-9763-58825816486B}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{1ED4FBC5-BFD2-4B24-A178-396D2D672DD9}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{00AD8756-B7D6-4EFE-987B-76E1EA11CB72}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{26C31837-E11F-4202-9720-D07C3F114E0D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{2F8CC454-AE7F-4120-BD12-78545BFDC31B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{88DF22C6-C21F-4B99-835A-2D25653169BC}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{664F90EE-D61C-420B-A798-4468CBA468BE}] => (Allow) c:\program files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{5CB0DF22-F1B4-4E16-ABBC-0F4926113CAC}] => (Allow) c:\program files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{6D0C4A2C-CA16-4912-B57D-464D424B87E7}] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{01E7261D-B03D-4A5E-9281-EE2A2F36801D}] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{259FC354-8F14-4CBB-BBEF-AC9727B7F1B1}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Allow) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [UDP Query User{4BA9D5E1-42FC-4CA2-B078-F62BC8F8F510}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Allow) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [{30B72247-9763-42EE-AA80-552A30106893}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{A00E3D49-1509-47D2-B1A4-B2F4C81C7F02}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{18B1B861-CDAB-4581-A479-7190D2FE6FA3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{59A16E7F-EFEC-46B0-A131-F5684EFBD638}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{37F7B2A2-041D-45BD-B83C-438F6555AF7B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Restore Points ========================= 19-04-2016 14:16:19 Windows Update 22-04-2016 17:23:41 Windows Update 24-04-2016 19:00:43 Windows Backup 25-04-2016 18:14:38 Windows Update 28-04-2016 10:36:20 Installed COMODO Cloud Antivirus ==================== Faulty Device Manager Devices ============= Name: AppEx Networks Accelerator LWF Description: AppEx Networks Accelerator LWF Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: APXACC Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (04/28/2016 02:11:59 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418154 Error: (04/27/2016 07:19:17 PM) (Source: ESENT) (EventID: 454) (User: ) Description: taskhost (2428) WebCacheLocal: Database recovery/restore failed with unexpected error -1032. Error: (04/27/2016 07:19:17 PM) (Source: ESENT) (EventID: 439) (User: ) Description: taskhost (2428) WebCacheLocal: Unable to write a shadowed header for file C:\Users\User\AppData\Local\Microsoft\Windows\WebCache\V01.chk. Error -1032. Error: (04/27/2016 07:19:17 PM) (Source: ESENT) (EventID: 490) (User: ) Description: taskhost (2428) WebCacheLocal: An attempt to open the file "C:\Users\User\AppData\Local\Microsoft\Windows\WebCache\V01.chk" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8). Error: (04/27/2016 06:47:20 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "5.6.11651.1011,language="*",type="win32",version="5.6.11651.1011"1". Dependent Assembly 5.6.11651.1011,language="*",type="win32",version="5.6.11651.1011" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (04/27/2016 06:47:19 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "5.6.11651.1011,language="*",type="win32",version="5.6.11651.1011"1". Dependent Assembly 5.6.11651.1011,language="*",type="win32",version="5.6.11651.1011" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (04/27/2016 06:44:33 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418154 Error: (04/26/2016 11:28:24 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Camfrog Video Chat.exe version 6.11.543.7268 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: b28 Start Time: 01d1a04d3d5c39bb Termination Time: 790 Application Path: C:\Program Files (x86)\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe Report Id: Error: (04/26/2016 11:27:15 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Skype.exe version 7.22.0.109 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: a14 Start Time: 01d1a04d3a29605d Termination Time: 4257 Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe Report Id: Error: (04/26/2016 10:42:32 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "5.6.11651.1011,language="*",type="win32",version="5.6.11651.1011"1". Dependent Assembly 5.6.11651.1011,language="*",type="win32",version="5.6.11651.1011" could not be found. Please use sxstrace.exe for detailed diagnosis. System errors: ============= Error: (04/28/2016 10:39:55 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The ccavsrv service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (04/28/2016 10:28:08 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {CC957078-B838-47C4-A7CF-626E7A82FC58} Error: (04/28/2016 10:25:44 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cdrom Error: (04/28/2016 10:25:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Smart Bro. OUC service failed to start due to the following error: %%1053 Error: (04/28/2016 10:25:39 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Smart Bro. OUC service to connect. Error: (04/28/2016 10:25:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The AppEx Networks Accelerator LWF service failed to start due to the following error: %%2 Error: (04/28/2016 02:02:30 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cdrom Error: (04/28/2016 02:02:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Smart Bro. OUC service failed to start due to the following error: %%1053 Error: (04/28/2016 02:02:13 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Smart Bro. OUC service to connect. Error: (04/28/2016 02:01:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The AppEx Networks Accelerator LWF service failed to start due to the following error: %%2 ==================== Memory info =========================== Processor: AMD A4-6300 APU with Radeon(tm) HD Graphics Percentage of memory in use: 91% Total physical RAM: 999.59 MB Available physical RAM: 82.69 MB Total Virtual: 2023.59 MB Available Virtual: 513.11 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:244.04 GB) (Free:203.28 GB) NTFS Drive d: () (Fixed) (Total:221.62 GB) (Free:166.04 GB) NTFS Drive f: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7DB5F6AC) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=244 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=221.6 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================
  4. The computer is doing much better aside from the slow 3g net. Thanks a lot Bron!
  5. Ok, the scans finished. Sophos come back clean so I don't have a log for that. Here is Security check and FSS logs: Results of screen317's Security Check version 1.014 --- 12/23/15 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! COMODO Antivirus Windows Defender Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Adobe Flash Player 21.0.0.213 Adobe Reader XI Mozilla Firefox (45.0.2) Google Chrome (49.0.2623.110) Google Chrome (49.0.2623.112) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Comodo Firewall cmdagent.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` ---------------------------------------------------------------------------- Farbar Service Scanner Version: 27-01-2016 Ran by Valued User (administrator) on 25-04-2016 at 22:39:47 Running from "C:\Users\Valued User\Desktop" Windows 8.1 Connected Single Language (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Policy: ======================== Action Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== WinDefend Service is not running. Checking service configuration: The start type of WinDefend service is set to Demand. The default start type is Auto. The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"". Windows Defender Disabled Policy: ========================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=DWORD:1 Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => File is digitally signed C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed C:\Windows\System32\dhcpcore.dll => File is digitally signed C:\Windows\System32\drivers\afd.sys => File is digitally signed C:\Windows\System32\drivers\tdx.sys => File is digitally signed C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed C:\Windows\System32\dnsrslvr.dll => File is digitally signed C:\Windows\System32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\System32\mpssvc.dll => File is digitally signed C:\Windows\System32\bfe.dll => File is digitally signed C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed C:\Windows\System32\wscsvc.dll => File is digitally signed C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed C:\Windows\System32\wuaueng.dll => File is digitally signed C:\Windows\System32\qmgr.dll => File is digitally signed C:\Windows\System32\es.dll => File is digitally signed C:\Windows\System32\cryptsvc.dll => File is digitally signed C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed C:\Windows\System32\ipnathlp.dll => File is digitally signed C:\Windows\System32\iphlpsvc.dll => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed **** End of log ****
  6. Ok, the fix is finished. Here is the log: Fix result of Farbar Recovery Scan Tool (x64) Version:17-04-2016 01 Ran by Valued User (2016-04-22 22:54:57) Run:1 Running from C:\Users\Valued User\Desktop Loaded Profiles: Valued User (Available Profiles: Valued User) Boot Mode: Normal ============================================== fixlist content: ***************** ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (No File) C:\Users\Valued User\AppData\Local\Temp\dllnt_dump.dll C:\Users\Valued User\AppData\Local\Temp\libeay32.dll C:\Users\Valued User\AppData\Local\Temp\msvcr120.dll C:\Users\Valued User\AppData\Local\Temp\sqlite3.dll AlternateDataStreams: C:\WINDOWS\explorer.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\acmigration.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\actxprxy.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\aeinv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\aepic.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\appraiser.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\AppxAllUserStore.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentExtensions.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentServer.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\asycfilt.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\atmfd.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\atmlib.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\basesrv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\BFE.DLL:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\certcli.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\CompatTelRunner.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\comsvcs.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\devinv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\dhcpsapi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\dxtrans.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ExplorerFrame.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\FWPUCLNT.DLL:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\generaltel.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\glcndFilter.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\hgcpl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\hlink.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ie4uinit.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ieapfltr.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\iedkcs32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ieframe.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\iepeers.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\iertutil.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\IKEEXT.DLL:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\inetcomm.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\inetcpl.cpl:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\invagent.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\jscript.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\jscript9.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\kerberos.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\KernelBase.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\lsasrv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\mfds.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\mfmp4srcsnk.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\mispace.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\MRT.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\msfeeds.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\mshtml.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\mshtmled.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\msvcp120_clr0400.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\msvcr120_clr0400.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\msxml3.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\mtxoci.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\netlogon.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nshwfp.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ntoskrnl.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ole32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\rpcss.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\rsaenh.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\samlib.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\samsrv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\seclogon.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SettingMonitor.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SettingSync.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SettingSyncCore.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SettingSyncHost.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\shell32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\stobject.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\storagewmi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SystemSettingsAdminFlows.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\themecpl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\twinui.appcore.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\twinui.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ucrtbase.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\urlmon.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\usercpl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\vbscript.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\VSSVC.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wbengine.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\webcheck.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Windows.Data.Pdf.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wininet.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\winload.efi:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\winload.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\winlogon.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\winresume.efi:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\winresume.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WMASF.DLL:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wmp.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WorkfoldersControl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\workfolderssvc.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wscapi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wscsvc.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WsmAgent.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WsmAuto.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WsmSvc.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WsmWmiPl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wuapi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wuapp.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wuauclt.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wuaueng.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wucltux.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wudriver.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WUSettingsProvider.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wuwebv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\AppxAllUserStore.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\asycfilt.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\atmfd.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\atmlib.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\certcli.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\comsvcs.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\dhcpsapi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\dxtrans.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\explorer.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\ExplorerFrame.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerApp.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\FWPUCLNT.DLL:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\glcndFilter.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\hgcpl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\hlink.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\ieapfltr.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\iedkcs32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\ieframe.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\iepeers.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\iertutil.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\inetcomm.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\inetcpl.cpl:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\jscript.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\jscript9.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\kerberos.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\KernelBase.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\mfds.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\mispace.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\msfeeds.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\mshtml.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\msorcl32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\msxml3.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\mtxoci.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\netlogon.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\nshwfp.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\ole32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\olepro32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\rsaenh.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\samlib.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingMonitor.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSync.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSyncCore.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSyncHost.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\shell32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\stobject.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\storagewmi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\themecpl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\twinui.appcore.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\twinui.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\ucrtbase.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\urlmon.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\usercpl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\vbscript.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\webcheck.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\wininet.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\WMASF.DLL:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\wmp.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\wscapi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\WsmAgent.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\WsmAuto.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\WsmSvc.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\WsmWmiPl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\wuapi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\wuapp.exe:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\SysWOW64\wudriver.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\wuwebv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\Classpnp.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\cng.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\disk.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\IPMIDrv.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\mcaudrv_x64.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\mcvidrv.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxsmb.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxsmb10.sys:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxsmb20.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\netio.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\ntfs.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\rasl2tp.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\spaceport.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\srv.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\storport.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\USBSTOR.SYS:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\vhdmp.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\volsnap.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\vpci.sys:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Desktop\adwcleaner_5.112.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Desktop\adwcleaner_5.112.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Valued User\Desktop\FRST64.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Desktop\FRST64.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Valued User\Desktop\JRT.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Desktop\JRT.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Valued User\Desktop\RogueKiller.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Desktop\RogueKiller.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Valued User\Downloads\Beyluxe_Setup521 (1).exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Downloads\Beyluxe_Setup521 (1).exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Valued User\Downloads\Firefox Setup Stub 45.0.2.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Downloads\Firefox Setup Stub 45.0.2.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Valued User\Downloads\ManyCamWebInstaller.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Downloads\ManyCamWebInstaller.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Valued User\Downloads\pal_install_u45593004_a729_r109813_p180.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Downloads\pal_install_u45593004_a729_r109813_p180.exe:$CmdZnID [26] ***************** C:\Program Files (x86)\Paltalk Messenger\paltalk.exe => not found. C:\Users\Valued User\AppData\Local\Temp\dllnt_dump.dll => moved successfully C:\Users\Valued User\AppData\Local\Temp\libeay32.dll => moved successfully C:\Users\Valued User\AppData\Local\Temp\msvcr120.dll => moved successfully C:\Users\Valued User\AppData\Local\Temp\sqlite3.dll => moved successfully "C:\WINDOWS\explorer.exe" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\acmigration.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\actxprxy.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\aeinv.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\aepic.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\appraiser.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\AppxAllUserStore.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\AppXDeploymentExtensions.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\AppXDeploymentServer.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\asycfilt.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\atmfd.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\atmlib.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\basesrv.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\BFE.DLL" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\certcli.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\CompatTelRunner.exe" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\comsvcs.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\devinv.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\dhcpsapi.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\dxtrans.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\ExplorerFrame.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\FWPUCLNT.DLL" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\generaltel.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\glcndFilter.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\hgcpl.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\hlink.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\ie4uinit.exe" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\ieapfltr.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\iedkcs32.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\ieframe.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\iepeers.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\iertutil.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\IKEEXT.DLL" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\inetcomm.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\inetcpl.cpl" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\invagent.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\jscript.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\jscript9.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\kerberos.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\KernelBase.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\lsasrv.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\mfds.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\mfmp4srcsnk.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\mispace.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\MRT.exe" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\msfeeds.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\mshtml.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\mshtmled.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\msvcp120_clr0400.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\msvcr120_clr0400.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\msxml3.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\mtxoci.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\netlogon.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\nshwfp.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\ntoskrnl.exe" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\ole32.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\rpcss.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\rsaenh.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\samlib.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\samsrv.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\seclogon.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\SettingMonitor.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\SettingsHandlers.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\SettingSync.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\SettingSyncCore.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\SettingSyncHost.exe" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\shell32.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\stobject.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\storagewmi.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\SystemSettingsAdminFlows.exe" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\themecpl.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\twinui.appcore.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\twinui.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\ucrtbase.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\urlmon.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\usercpl.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\vbscript.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\VSSVC.exe" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\wbengine.exe" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\webcheck.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\Windows.Data.Pdf.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\wininet.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\winload.efi" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\winload.exe" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\winlogon.exe" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\winresume.efi" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\winresume.exe" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\WMASF.DLL" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\wmp.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\WorkfoldersControl.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\workfolderssvc.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\wscapi.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\wscsvc.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\WsmAgent.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\WsmAuto.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\WsmSvc.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\WsmWmiPl.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\wuapi.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\wuapp.exe" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\wuauclt.exe" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\wuaueng.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\wucltux.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\wudriver.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\WUSettingsProvider.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\wuwebv.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\AppxAllUserStore.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\asycfilt.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\atmfd.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\atmlib.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\certcli.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\comsvcs.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\dhcpsapi.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\dxtrans.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\explorer.exe" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\ExplorerFrame.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\FlashPlayerApp.exe" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\FWPUCLNT.DLL" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\glcndFilter.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\hgcpl.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\hlink.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\ieapfltr.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\iedkcs32.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\ieframe.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\iepeers.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\iertutil.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\inetcomm.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\inetcpl.cpl" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\jscript.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\jscript9.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\kerberos.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\KernelBase.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\mfds.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\mispace.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\msfeeds.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\mshtml.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\msorcl32.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\msxml3.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\mtxoci.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\netlogon.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\nshwfp.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\ole32.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\olepro32.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\rsaenh.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\samlib.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\SettingMonitor.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\SettingSync.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\SettingSyncCore.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\SettingSyncHost.exe" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\shell32.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\stobject.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\storagewmi.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\themecpl.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\twinui.appcore.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\twinui.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\ucrtbase.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\urlmon.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\usercpl.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\vbscript.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\webcheck.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\wininet.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\WMASF.DLL" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\wmp.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\wscapi.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\WsmAgent.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\WsmAuto.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\WsmSvc.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\WsmWmiPl.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\wuapi.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\wuapp.exe" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\wudriver.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\SysWOW64\wuwebv.dll" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\Drivers\Classpnp.sys" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\Drivers\cng.sys" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\Drivers\disk.sys" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\Drivers\IPMIDrv.sys" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\Drivers\mcaudrv_x64.sys" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\Drivers\mcvidrv.sys" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\Drivers\mrxsmb.sys" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\Drivers\mrxsmb10.sys" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\Drivers\mrxsmb20.sys" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\Drivers\netio.sys" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\Drivers\ntfs.sys" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\Drivers\rasl2tp.sys" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\Drivers\spaceport.sys" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\Drivers\srv.sys" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\Drivers\storport.sys" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\Drivers\USBSTOR.SYS" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\Drivers\vhdmp.sys" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\Drivers\volsnap.sys" => ":$CmdTcID" ADS not found. "C:\WINDOWS\system32\Drivers\vpci.sys" => ":$CmdTcID" ADS not found. "C:\Users\Valued User\Desktop\adwcleaner_5.112.exe" => ":$CmdTcID" ADS not found. C:\Users\Valued User\Desktop\adwcleaner_5.112.exe => ":$CmdZnID" ADS removed successfully. "C:\Users\Valued User\Desktop\FRST64.exe" => ":$CmdTcID" ADS not found. C:\Users\Valued User\Desktop\FRST64.exe => ":$CmdZnID" ADS removed successfully. "C:\Users\Valued User\Desktop\JRT.exe" => ":$CmdTcID" ADS not found. C:\Users\Valued User\Desktop\JRT.exe => ":$CmdZnID" ADS removed successfully. "C:\Users\Valued User\Desktop\RogueKiller.exe" => ":$CmdTcID" ADS not found. C:\Users\Valued User\Desktop\RogueKiller.exe => ":$CmdZnID" ADS removed successfully. "C:\Users\Valued User\Downloads\Beyluxe_Setup521 (1).exe" => ":$CmdTcID" ADS not found. C:\Users\Valued User\Downloads\Beyluxe_Setup521 (1).exe => ":$CmdZnID" ADS removed successfully. "C:\Users\Valued User\Downloads\Firefox Setup Stub 45.0.2.exe" => ":$CmdTcID" ADS not found. C:\Users\Valued User\Downloads\Firefox Setup Stub 45.0.2.exe => ":$CmdZnID" ADS removed successfully. "C:\Users\Valued User\Downloads\ManyCamWebInstaller.exe" => ":$CmdTcID" ADS not found. C:\Users\Valued User\Downloads\ManyCamWebInstaller.exe => ":$CmdZnID" ADS removed successfully. "C:\Users\Valued User\Downloads\pal_install_u45593004_a729_r109813_p180.exe" => ":$CmdTcID" ADS not found. C:\Users\Valued User\Downloads\pal_install_u45593004_a729_r109813_p180.exe => ":$CmdZnID" ADS removed successfully. ==== End of Fixlog 22:55:01 ====
  7. Ok, the scan finished here is logs: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-04-2016 01 Ran by Valued User (administrator) on LEA (21-04-2016 16:36:52) Running from C:\Users\Valued User\Desktop Loaded Profiles: Valued User (Available Profiles: Valued User) Platform: Windows 8.1 Connected Single Language (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (Visicom Media Inc.) C:\ProgramData\ManyCam\Service\service.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe () C:\Windows\SysWOW64\UMonit64.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe (Google Inc.) C:\Users\Valued User\AppData\Local\Google\Update\GoogleUpdate.exe () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe () C:\Program Files (x86)\Acer\Live Updater\updater.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe (Visicom Media Inc.) C:\Program Files (x86)\ManyCam\ManyCam.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-04-11] (COMODO) HKLM-x32\...\Run: [CheckNDISPort_df] => C:\Program Files (x86)\Hostless Modem\3G Mobile Hotspot\CheckNDISPort_df.exe [442696 2012-09-07] () HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare) HKLM-x32\...\Run: [tvncontrol] => "C:\Program Files (x86)\ShowMyPCService\tvnserver.exe" -controlservice -slave HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [133760 2013-12-24] (Qualcomm®Atheros®) HKU\S-1-5-21-2990771943-463371173-480832279-1001\...\Run: [Google Update] => C:\Users\Valued User\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.) HKU\S-1-5-21-2990771943-463371173-480832279-1001\...\Run: [BeyluxeMessenger] => C:\Program Files (x86)\Beyluxe Messenger\Beyluxe Messenger.exe [10685440 2014-10-01] () HKU\S-1-5-21-2990771943-463371173-480832279-1001\...\Run: [ZamTalk] => C:\Program Files (x86)\ZamTalk\ZamTalk.exe HKU\S-1-5-21-2990771943-463371173-480832279-1001\...\Run: [BingSvc] => C:\Users\Valued User\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation) HKU\S-1-5-21-2990771943-463371173-480832279-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50670720 2016-03-01] (Skype Technologies S.A.) Startup: C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk [2016-04-17] ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (No File) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.1 Tcpip\..\Interfaces\{F33EE3A1-9868-45B4-80B6-F7DE21CB4861}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{F33EE3A1-9868-45B4-80B6-F7DE21CB4861}: [DhcpNameServer] 192.168.0.1 192.168.0.1 Internet Explorer: ================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130907363000866539&GUID=7B262538-9030-496B-A22F-B05D6E8E3ED3 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ph.yahoo.com/?fr=mkg029 HKU\S-1-5-21-2990771943-463371173-480832279-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.beyluxe.com/ HKU\S-1-5-21-2990771943-463371173-480832279-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2990771943-463371173-480832279-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms} SearchScopes: HKU\S-1-5-21-2990771943-463371173-480832279-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms} SearchScopes: HKU\S-1-5-21-2990771943-463371173-480832279-1001 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://ph.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Valued User\AppData\Roaming\Mozilla\Firefox\Profiles\yyrvydwg.default-1460845667610 FF Homepage: google.com FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-14] () FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-17] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-14] () FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll [2015-12-24] () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-02-28] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2990771943-463371173-480832279-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Valued User\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF Plugin HKU\S-1-5-21-2990771943-463371173-480832279-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Valued User\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF Extension: WOT - C:\Users\Valued User\AppData\Roaming\Mozilla\Firefox\Profiles\yyrvydwg.default-1460845667610\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016-04-17] FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06] Chrome: ======= CHR HomePage: Default -> hxxp://google.com/ CHR StartupUrls: Default -> "hxxp://google.com/" CHR Profile: C:\Users\Valued User\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Chrome Web Store Payments) - C:\Users\Valued User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [318592 2013-12-24] (Windows (R) Win 7 DDK provider) [File not signed] R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-03-25] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-03-25] (Microsoft Corporation) S4 camfrog_update_service; C:\Program Files (x86)\Camfrog\Camfrog Video Chat\update\cf_update_service.exe [1063968 2016-04-16] (Camshare Inc.) R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-01-14] (Acer Incorporated) R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5799552 2016-04-11] (COMODO) S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-04-11] (COMODO) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573544 2014-03-21] (Acer Incorporated) S4 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-05-07] (Intel Corporation) S4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed] S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation) S4 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [93408 2015-03-17] (Intel(R) Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-06-09] () S4 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [459496 2014-03-17] (Acer Incorporate) R2 ManyCam Service; C:\ProgramData\ManyCam\Service\service.exe [77528 2016-02-17] (Visicom Media Inc.) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] () R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-05] (TeamViewer GmbH) R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-24] (acer) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3881472 2013-12-12] (Qualcomm Atheros Communications, Inc.) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-12-24] (Qualcomm Atheros) R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [32224 2016-04-06] (COMODO) R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [846104 2016-04-06] (COMODO) R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [45600 2016-04-06] (COMODO) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 ETDI2C; C:\Windows\system32\DRIVERS\ETDI2C.sys [173384 2014-04-08] (ELAN Microelectronic Corp.) S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [111336 2014-04-28] (GenesysLogic) R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation) R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation) R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [138560 2016-04-06] (COMODO) R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated) R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2016-02-17] (Visicom Media Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-21] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-12-10] (Intel Corporation) R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2016-02-17] (Visicom Media Inc.) R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2014-10-30] (Intel Corporation) R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2014-10-30] (Intel Corporation) R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated) U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-04-20] () R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-04-21 16:36 - 2016-04-21 16:38 - 00015933 _____ C:\Users\Valued User\Desktop\FRST.txt 2016-04-20 19:29 - 2016-04-20 19:29 - 00000717 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RNB i'm an albatraoz mp3.lnk 2016-04-20 11:50 - 2016-04-20 11:50 - 00000000 ____D C:\Users\Valued User\AppData\Local\CrashRpt 2016-04-20 10:35 - 2016-04-20 10:35 - 00000936 _____ C:\Users\Valued User\Desktop\JRT.txt 2016-04-20 10:09 - 2016-04-20 10:09 - 00001009 _____ C:\Users\Valued User\Desktop\AdwCleaner[S1] - Shortcut.lnk 2016-04-20 09:56 - 2016-04-20 09:56 - 00004112 _____ C:\Users\Valued User\Desktop\roguekillerlog.txt 2016-04-20 08:29 - 2016-04-20 08:33 - 03683904 _____ C:\Users\Valued User\Desktop\adwcleaner_5.112.exe 2016-04-20 08:26 - 2016-04-20 08:27 - 01610352 _____ (Malwarebytes) C:\Users\Valued User\Desktop\JRT.exe 2016-04-20 08:25 - 2016-04-20 08:41 - 19764296 _____ C:\Users\Valued User\Desktop\RogueKiller.exe 2016-04-19 12:02 - 2016-04-19 12:02 - 00002415 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Camfrog Video Chat.lnk 2016-04-19 02:40 - 2016-04-21 16:36 - 00000000 ____D C:\FRST 2016-04-19 02:33 - 2016-04-19 02:35 - 02375680 _____ (Farbar) C:\Users\Valued User\Desktop\FRST64.exe 2016-04-19 02:19 - 2016-04-19 02:19 - 00001055 _____ C:\Users\Valued User\Desktop\mbamlog.txt 2016-04-19 00:34 - 2016-04-19 00:34 - 00000000 ____D C:\Users\Valued User\AppData\Roaming\addpcs 2016-04-17 05:25 - 2016-04-17 07:23 - 00001159 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-04-17 05:18 - 2016-04-17 05:18 - 00242144 _____ C:\Users\Valued User\Downloads\Firefox Setup Stub 45.0.2.exe 2016-04-16 06:39 - 2016-04-17 07:22 - 00002199 _____ C:\Users\Valued User\Desktop\Camfrog Video Chat.lnk 2016-04-15 15:22 - 2016-04-14 12:57 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-04-15 15:22 - 2016-04-14 12:57 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-04-15 04:34 - 2016-04-15 04:34 - 00000911 _____ C:\Users\Valued User\Documents\Documents - Shortcut (2).lnk 2016-04-15 04:18 - 2016-04-15 04:18 - 01514524 _____ C:\Users\Valued User\Downloads\Misty Meye.html 2016-04-15 04:18 - 2016-04-15 04:18 - 00000000 ____D C:\Users\Valued User\Downloads\Misty Meye_files 2016-04-14 18:22 - 2016-04-14 18:22 - 22365472 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 19794896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 14466560 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 12879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 03120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 02757616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-04-14 18:22 - 2016-04-14 18:22 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 02592256 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 02412576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-04-14 18:22 - 2016-04-14 18:22 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 01348096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 01278464 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 01197056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00954880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2016-04-14 18:22 - 2016-04-14 18:22 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2016-04-14 18:22 - 2016-04-14 18:22 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00273264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2016-04-14 18:22 - 2016-04-14 18:22 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll 2016-04-14 18:12 - 2016-04-14 18:12 - 02487296 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2016-04-14 18:12 - 2016-04-14 18:12 - 01482240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll 2016-04-14 18:11 - 2016-04-14 18:11 - 02609152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2016-04-14 18:11 - 2016-04-14 18:11 - 02170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2016-04-14 18:11 - 2016-04-14 18:11 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll 2016-04-14 18:11 - 2016-04-14 18:11 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll 2016-04-14 18:11 - 2016-04-14 18:11 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll 2016-04-14 18:11 - 2016-04-14 18:11 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll 2016-04-14 18:11 - 2016-04-14 18:11 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll 2016-04-14 18:11 - 2016-04-14 18:11 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll 2016-04-14 18:06 - 2016-04-14 18:06 - 01673728 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2016-04-14 18:06 - 2016-04-14 18:06 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2016-04-14 18:06 - 2016-04-14 18:06 - 00072024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys 2016-04-14 18:05 - 2016-04-14 18:05 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe 2016-04-14 18:03 - 2016-04-14 18:03 - 07452512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-04-14 18:03 - 2016-04-14 18:03 - 01663192 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-04-14 18:03 - 2016-04-14 18:03 - 01574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe 2016-04-14 18:03 - 2016-04-14 18:03 - 01523216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-04-14 18:03 - 2016-04-14 18:03 - 01490128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-04-14 18:03 - 2016-04-14 18:03 - 01455104 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe 2016-04-14 18:03 - 2016-04-14 18:03 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 01358960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-04-14 18:03 - 2016-04-14 18:03 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 01133752 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2016-04-14 18:03 - 2016-04-14 18:03 - 00952928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2016-04-14 18:03 - 2016-04-14 18:03 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00786152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00698368 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2016-04-14 18:03 - 2016-04-14 18:03 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2016-04-14 18:03 - 2016-04-14 18:03 - 00378712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2016-04-14 18:03 - 2016-04-14 18:03 - 00316760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys 2016-04-14 18:03 - 2016-04-14 18:03 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2016-04-14 18:03 - 2016-04-14 18:03 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpsapi.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpsapi.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys 2016-04-14 18:03 - 2016-04-14 18:03 - 00099672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys 2016-04-14 18:03 - 2016-04-14 18:03 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys 2016-04-14 18:03 - 2016-04-14 18:03 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00046768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-04-14 13:06 - 2016-04-17 07:02 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job 2016-04-14 13:06 - 2016-04-14 13:06 - 00003858 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2016-04-14 12:39 - 2016-04-14 12:39 - 25817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-04-14 12:39 - 2016-04-14 12:39 - 20352512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 15415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 13811712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 02892800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 02596864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 02285056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-04-14 12:38 - 2016-04-14 12:38 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-04-14 12:38 - 2016-04-14 12:38 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-04-14 12:38 - 2016-04-14 12:38 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2016-04-14 12:36 - 2016-04-14 12:36 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-04-14 12:36 - 2016-04-14 12:36 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2016-04-14 12:36 - 2016-04-14 12:36 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-04-14 12:36 - 2016-04-14 12:36 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2016-04-14 12:36 - 2016-04-14 12:36 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2016-04-14 12:36 - 2016-04-14 12:36 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2016-04-14 12:36 - 2016-04-14 12:36 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2016-04-14 12:36 - 2016-04-14 12:36 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2016-04-14 12:36 - 2016-04-14 12:36 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll 2016-04-14 12:36 - 2016-04-14 12:36 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll 2016-04-14 12:35 - 2016-04-14 12:35 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2016-04-14 12:35 - 2016-04-14 12:35 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-04-14 12:35 - 2016-04-14 12:35 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2016-04-14 12:35 - 2016-04-14 12:35 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-04-14 12:35 - 2016-04-14 12:35 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll 2016-04-14 12:34 - 2016-03-29 21:05 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-04-13 12:35 - 2016-04-13 12:35 - 00000000 ____D C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger 2016-04-13 11:56 - 2016-04-13 12:04 - 01251528 _____ (AVM Software Inc.) C:\Users\Valued User\Downloads\pal_install_u45593004_a729_r109813_p180.exe 2016-04-13 11:13 - 2016-04-17 07:22 - 00002041 _____ C:\Users\Valued User\Desktop\Beyluxe Messenger.lnk 2016-04-13 11:13 - 2016-04-13 11:13 - 00000000 ____D C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beyluxe Messenger 2016-04-13 10:50 - 2016-04-13 11:12 - 12091280 _____ C:\Users\Valued User\Downloads\Beyluxe_Setup521 (1).exe 2016-04-12 09:55 - 2016-04-12 09:55 - 00088221 _____ C:\Users\Valued User\Downloads\Downloads.html 2016-04-02 06:07 - 2016-04-17 07:23 - 00001997 _____ C:\Users\Public\Desktop\abMusic.lnk 2016-03-24 00:46 - 2016-04-21 16:18 - 03922164 _____ C:\WINDOWS\system32\Drivers\fvstore.dat 2016-03-24 00:46 - 2016-03-24 00:46 - 00000000 ___HD C:\VTRoot 2016-03-24 00:42 - 2016-03-24 00:42 - 00003028 _____ C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} 2016-03-24 00:42 - 2016-03-24 00:42 - 00000000 ____D C:\ProgramData\Comodo Downloader ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-04-21 16:37 - 2016-02-16 00:05 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat 2016-04-21 16:35 - 2015-01-02 15:02 - 00000000 ____D C:\Users\Valued User\AppData\Roaming\Skype 2016-04-21 16:03 - 2015-01-23 00:18 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-04-21 15:42 - 2015-01-02 14:19 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2990771943-463371173-480832279-1001 2016-04-21 15:34 - 2015-02-24 14:24 - 00040256 _____ C:\IFRToolLog.txt 2016-04-21 15:34 - 2015-02-21 23:25 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-04-21 15:34 - 2015-01-02 15:06 - 00000000 ____D C:\Program Files (x86)\Opera 2016-04-21 15:32 - 2014-03-18 16:53 - 01161006 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-04-21 15:32 - 2013-08-22 20:36 - 00000000 ____D C:\WINDOWS\Inf 2016-04-21 15:28 - 2016-02-10 12:22 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-04-21 15:27 - 2013-08-22 21:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-04-21 15:26 - 2015-01-02 14:12 - 00000000 ____D C:\Users\Valued User 2016-04-21 11:50 - 2015-09-23 08:50 - 00000000 ____D C:\Users\Valued User\AppData\Roaming\Camfrog 2016-04-21 11:28 - 2015-02-10 17:19 - 00000000 ____D C:\Users\Valued User\AppData\Local\CrashDumps 2016-04-20 19:49 - 2015-02-24 00:38 - 00000000 ____D C:\Users\Valued User\AppData\Roaming\vlc 2016-04-20 09:57 - 2016-02-26 03:13 - 00000000 ____D C:\AdwCleaner 2016-04-20 08:43 - 2016-02-12 11:35 - 00024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys 2016-04-20 01:17 - 2015-02-09 16:35 - 03971072 ___SH C:\Users\Valued User\Documents\Thumbs.db 2016-04-19 00:35 - 2014-07-26 14:55 - 00000000 ____D C:\ProgramData\Temp 2016-04-18 03:06 - 2013-08-22 22:36 - 00000000 ____D C:\WINDOWS\rescache 2016-04-18 02:09 - 2013-08-22 20:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-04-17 07:46 - 2016-02-04 20:21 - 00068608 ___SH C:\Users\Valued User\Desktop\Thumbs.db 2016-04-17 07:24 - 2016-02-22 12:59 - 00000983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-04-17 07:24 - 2015-10-06 01:52 - 00001064 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beyluxe Hidden Emoticons - Copy - Copy.lnk 2016-04-17 07:24 - 2015-08-30 16:00 - 00000352 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD RW Drive (D).lnk 2016-04-17 07:24 - 2015-08-05 09:15 - 00000605 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\pic.lnk 2016-04-17 07:24 - 2015-07-23 23:28 - 00001239 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ShowMyPC3161.lnk 2016-04-17 07:24 - 2015-07-15 04:33 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2016-04-17 07:24 - 2015-07-12 04:33 - 00001087 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Robes Pride 2015 (basketball league celebration 3rd place!!!).lnk 2016-04-17 07:24 - 2015-07-12 04:30 - 00001071 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\kids youcam pic's.lnk 2016-04-17 07:24 - 2015-05-10 22:18 - 00001756 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamViewer_Setup_en.lnk 2016-04-17 07:24 - 2015-05-03 16:17 - 00000567 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Libraries.lnk 2016-04-17 07:24 - 2015-05-03 16:17 - 00000291 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Network.lnk 2016-04-17 07:24 - 2015-05-02 03:25 - 00001272 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Realtek HD Audio Manager.lnk 2016-04-17 07:24 - 2015-01-02 15:06 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-04-17 07:24 - 2015-01-02 14:26 - 00002451 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-04-17 07:24 - 2015-01-02 14:13 - 00001442 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-04-17 07:24 - 2015-01-02 14:12 - 00000469 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2016-04-17 07:24 - 2015-01-02 14:12 - 00000467 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2016-04-17 07:24 - 2014-07-26 15:07 - 00002000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk 2016-04-17 07:24 - 2014-06-04 15:58 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2016-04-17 07:24 - 2014-06-04 15:48 - 00002470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk 2016-04-17 07:23 - 2016-02-17 03:41 - 00001003 _____ C:\Users\Public\Desktop\ManyCam.lnk 2016-04-17 07:23 - 2016-02-16 00:06 - 00001969 _____ C:\Users\Public\Desktop\COMODO Antivirus.lnk 2016-04-17 07:23 - 2016-02-14 03:22 - 00002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk 2016-04-17 07:23 - 2016-02-10 12:21 - 00001114 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-04-17 07:23 - 2015-12-05 11:59 - 00002454 _____ C:\Users\Public\Desktop\WildTangent Games App - acer.lnk 2016-04-17 07:23 - 2015-11-26 23:36 - 00002001 _____ C:\Users\Public\Desktop\abPhoto.lnk 2016-04-17 07:23 - 2015-09-30 03:06 - 00001898 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beyluxe Heart Smiles 1.2(1)(1)(3)(2)(1)(1)(1)(1)(1)(1)(1)(1).lnk 2016-04-17 07:23 - 2015-01-03 18:48 - 00000386 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\About Us (E).lnk 2016-04-17 07:23 - 2015-01-02 14:29 - 00000931 _____ C:\Users\Public\Desktop\VLC media player.lnk 2016-04-17 07:22 - 2016-02-27 02:49 - 00001486 _____ C:\Users\Valued User\Desktop\TeamViewer - Shortcut.lnk 2016-04-17 07:22 - 2015-12-16 19:30 - 00002713 _____ C:\Users\Valued User\Desktop\Skype.lnk 2016-04-17 07:22 - 2015-09-18 09:33 - 00000424 _____ C:\Users\Valued User\Desktop\This PC - Shortcut.lnk 2016-04-17 07:22 - 2015-08-05 09:28 - 00004297 _____ C:\Users\Valued User\Desktop\Tum Hi Ho - Aashiqui 2.mp3 - Shortcut.lnk 2016-04-17 07:22 - 2015-01-02 14:46 - 00002475 _____ C:\Users\Valued User\Desktop\Adobe Reader XI.lnk 2016-04-17 07:22 - 2015-01-02 14:26 - 00002443 _____ C:\Users\Valued User\Desktop\Google Chrome.lnk 2016-04-17 05:25 - 2016-01-09 00:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-04-16 22:51 - 2015-01-02 14:30 - 00000000 ____D C:\Users\Valued User\Desktop\OpenOffice 4.0.1 (en-US) Installation Files 2016-04-16 08:51 - 2016-02-17 03:43 - 00000000 ____D C:\Users\Valued User\AppData\Local\ManyCam 2016-04-16 07:12 - 2015-01-06 07:14 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-04-16 07:12 - 2013-08-22 22:36 - 00000000 ___RD C:\WINDOWS\ToastData 2016-04-16 06:35 - 2016-01-25 19:53 - 00440832 ___SH C:\Users\Valued User\Downloads\Thumbs.db 2016-04-16 06:34 - 2015-05-02 06:34 - 00000000 ____D C:\Users\Valued User\Downloads\Compressed 2016-04-15 22:33 - 2015-01-11 22:56 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-04-15 22:33 - 2013-08-22 22:20 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-04-15 22:24 - 2015-01-11 22:56 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-04-15 15:25 - 2013-08-22 21:44 - 00372768 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-04-14 16:57 - 2016-03-09 23:44 - 01737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-04-14 16:57 - 2016-03-09 23:44 - 01501488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-04-14 16:57 - 2016-03-09 23:44 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-04-14 13:06 - 2015-01-23 00:19 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2016-04-14 12:17 - 2016-01-13 19:58 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-04-13 21:05 - 2015-01-28 00:33 - 00003836 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1420186013 2016-04-13 11:13 - 2015-01-27 20:18 - 00000000 ____D C:\Program Files (x86)\Beyluxe Messenger 2016-04-09 17:04 - 2013-08-22 22:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-04-06 19:19 - 2015-11-18 17:14 - 00846104 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdguard.sys 2016-04-06 19:19 - 2015-11-18 17:14 - 00032224 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmderd.sys 2016-04-06 19:19 - 2015-08-05 00:31 - 00138560 _____ (COMODO) C:\WINDOWS\system32\Drivers\inspect.sys 2016-04-06 19:19 - 2015-08-05 00:31 - 00045600 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdhlp.sys 2016-04-06 19:17 - 2015-08-05 00:29 - 00051800 _____ (COMODO) C:\WINDOWS\system32\cmdcsr.dll 2016-04-06 19:16 - 2015-09-03 11:52 - 00596232 _____ (COMODO) C:\WINDOWS\system32\guard64.dll 2016-04-06 19:16 - 2015-09-03 11:52 - 00461648 _____ (COMODO) C:\WINDOWS\SysWOW64\guard32.dll 2016-04-06 19:14 - 2015-08-05 00:28 - 00365752 _____ (COMODO) C:\WINDOWS\system32\cmdvrt64.dll 2016-04-06 19:14 - 2015-08-05 00:28 - 00051896 _____ (COMODO) C:\WINDOWS\system32\cmdkbd64.dll 2016-04-06 19:12 - 2015-08-05 00:27 - 00296120 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdvrt32.dll 2016-04-06 19:11 - 2015-08-05 00:26 - 00046776 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdkbd32.dll 2016-04-02 06:07 - 2014-06-04 15:48 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer 2016-04-02 06:06 - 2014-06-04 15:48 - 00000000 ____D C:\Program Files (x86)\Acer 2016-04-02 06:02 - 2015-01-02 14:15 - 00000000 ____D C:\Users\Valued User\AppData\Local\clear.fi 2016-03-26 23:02 - 2015-04-05 03:09 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX 2016-03-26 23:02 - 2015-04-05 03:09 - 00000000 ___SD C:\WINDOWS\system32\GWX 2016-03-25 20:06 - 2015-10-05 16:05 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-03-25 20:05 - 2015-01-02 15:01 - 00000000 ____D C:\ProgramData\Skype Some files in TEMP: ==================== C:\Users\Valued User\AppData\Local\Temp\dllnt_dump.dll C:\Users\Valued User\AppData\Local\Temp\libeay32.dll C:\Users\Valued User\AppData\Local\Temp\msvcr120.dll C:\Users\Valued User\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-04-13 11:23 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-04-2016 01 Ran by Valued User (2016-04-21 16:41:06) Running from C:\Users\Valued User\Desktop Windows 8.1 Connected Single Language (X64) (2015-01-02 07:12:30) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2990771943-463371173-480832279-500 - Administrator - Disabled) Guest (S-1-5-21-2990771943-463371173-480832279-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2990771943-463371173-480832279-1003 - Limited - Enabled) Valued User (S-1-5-21-2990771943-463371173-480832279-1001 - Administrator - Enabled) => C:\Users\Valued User ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: COMODO Antivirus (Enabled - Up to date) {D0CC7563-ABD2-DEBE-138E-FDD553335AF2} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Comodo Defense+ (Enabled - Up to date) {6BAD9487-8DE8-D130-293E-C6A728B4104F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 3G Mobile Hotspot Hostless Modem (HKLM-x32\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.2 - ZTE Corporation) 7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov) abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated) abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.00.2003.6 - Acer Incorporated) abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.06.2000.22 - Acer Incorporated) Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated) Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8105 - Acer Incorporated) Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8104 - Acer Incorporated) Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8106 - Acer Incorporated) Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated) Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.01.3003 - Acer Incorporated) Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.01.3003 - Acer Incorporated) Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2001.4 - Acer Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Adobe Reader XI (11.0.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.15 - Adobe Systems Incorporated) Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.15.2000.1 - Acer Incorporated) Beyluxe Messenger (HKLM-x32\...\Beyluxe Messenger1) (Version: 1 - Hichatters Srl) Camfrog Video Chat 6.11 (HKLM-x32\...\Camfrog) (Version: 6.11.543 - Camshare, Inc.) COMODO Antivirus (HKLM\...\{04833277-EE61-4251-9273-0CF86C0FE710}) (Version: 8.2.0.4792 - COMODO Security Solutions Inc.) Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.3721 - CyberLink Corp.) CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3914.57 - CyberLink Corp.) DriverIdentifier 4.2.8 (HKLM-x32\...\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1) (Version: - DriverIdentifier) eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM) ELAN HIDI2C Filter Driver X64 13.6.1.1_WHQL (HKLM\...\Elantech) (Version: 13.6.1.1 - ELAN Microelectronic Corp.) Game Channels (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 9.2.0.11 - WildTangent, Inc.) Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.2.1 - Genesys Logic) Google Chrome (HKU\S-1-5-21-2990771943-463371173-480832279-1001\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.) Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation) Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation) Intel(R) Technology Access (HKLM-x32\...\{efc54997-dfa9-44b1-afac-3a7ac4f45730}) (Version: 1.3.6.1042 - Intel Corporation) Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{43FA4AC8-46F8-423F-96FD-9A7D67048F1C}) (Version: 2.5.1634 - Intel Corporation) Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated) Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) ManyCam 5.1.0 (HKLM-x32\...\ManyCam) (Version: 5.1.0 - Visicom Media Inc.) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Mozilla Firefox 45.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 en-US)) (Version: 45.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla) OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation) Opera Stable 36.0.2130.65 (HKLM-x32\...\Opera 36.0.2130.65) (Version: 36.0.2130.65 - Opera Software) Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications) Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.25 - Qualcomm Atheros) Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.37.1119.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation) Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.) Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.5 - Sophos Limited) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer) The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - ) VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) WildTangent Games App (x32 Version: 4.0.11.14 - WildTangent) Hidden Wondershare Video Editor(Build 5.1.1) (HKLM-x32\...\Wondershare Video Editor_is1) (Version: - Wondershare Software) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2990771943-463371173-480832279-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Valued User\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2990771943-463371173-480832279-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-2990771943-463371173-480832279-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Valued User\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {049415C7-10EB-4F82-8F49-79CF8C3AF2FF} - System32\Tasks\{4C5D8014-4C4B-426B-BA51-4413EA683020} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12002 Task: {05805890-58AC-4698-A09F-CE8DD2A62D66} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-09] () Task: {10716E78-E95E-4502-9A04-F1467ECCB378} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-04-11] (COMODO) Task: {1AB9EA82-1A8D-4620-8E7E-101532129706} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-04-11] (COMODO) Task: {1E347CE0-80C4-43D4-BBC3-F411ABC2C135} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-04-11] (COMODO) Task: {21492B2E-B0B1-4CD5-ABEC-CCC13E2BC964} - System32\Tasks\{B5DCBA7D-5A61-4FA5-852D-396995712F47} => Chrome.exe hxxp://ui.skype.com/ui/0/7.0.0.102/en/abandoninstall?page=tsMain Task: {21EA1CD8-38CB-422B-8057-E564627E4BEA} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-04-11] (COMODO) Task: {25D89FD7-D33C-434C-9D7A-F16A8CA78893} - System32\Tasks\{A375AB04-4A99-481D-B0EB-1601F96BCF30} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12002 Task: {31CFA3A5-24B7-4BC7-87A1-159D0DF6B7ED} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2014-02-26] () Task: {39220496-211C-4A01-9B06-BFACA912B44C} - System32\Tasks\{1BAD3E11-89C1-49CA-99DE-FD58BC4997B2} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12002 Task: {4643E4F0-F375-45F9-8ACE-A258641EB444} - System32\Tasks\{52CD0227-3E08-4AC5-A0FD-91C74B1A7FBE} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.5.0.102&amp;LastError=12002 Task: {60E56F48-ABE5-4E1A-92FE-D236F43170A9} - System32\Tasks\{B3B02AEE-7226-4A51-B544-45E89155E0CD} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12002 Task: {620D072A-58DE-45C7-A465-565D5EA80791} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-15] (Microsoft Corporation) Task: {680D1151-F04A-4FB2-A439-CF4ED6BFEB1A} - System32\Tasks\{9E14391A-A700-45C9-A8A6-6F45954D38EA} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.5.0.102&amp;LastError=12002 Task: {6CE03F3C-7B12-4FA7-95E2-DAE4A5D8B8F1} - System32\Tasks\Opera scheduled Autoupdate 1420186013 => C:\Program Files (x86)\Opera\launcher.exe [2016-04-13] (Opera Software) Task: {6E756A75-A5CB-459B-8323-94ECE61F34FA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {74AEEDD5-5266-4A18-B330-8141E90BC3C0} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-04-11] (COMODO) Task: {78D1EC83-1D8A-40A1-AE33-2575BBA6D948} - System32\Tasks\{2D5DA554-F54D-45A3-8C71-2C7E7B33B961} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12007 Task: {80981AFD-358C-4C60-9D17-FF6EF1C4EB3B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe [2016-04-14] (Adobe Systems Incorporated) Task: {8657D6CE-2D0E-4E83-9B19-4410532A959E} - System32\Tasks\{B160DC4B-5225-46D5-820E-B38BE85D15A0} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.5.0.102&amp;LastError=12002 Task: {86ABF491-C471-4208-B258-A87AEE61FABD} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09] () Task: {8E41E03F-3F67-405D-9285-09A435378FDC} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-04-11] (COMODO) Task: {AEA428A2-B19B-4A6E-9E94-59B2A56E07E6} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-01-14] (Acer Incorporated) Task: {B4761431-F97D-44C6-9E35-4A8CCE6C4DCB} - System32\Tasks\{4D9FF39B-316A-4C54-B14B-DE5A3F396075} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=404 Task: {B942F5A0-98AB-4359-BBE6-770E590EDA32} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-24] (TODO: <Company name>) Task: {BE0B4EFA-3E8D-444E-BF36-773C190A7B03} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09] () Task: {C740B023-F01D-40CE-9688-6FEB7A1002EA} - System32\Tasks\{CC87FCA1-0E19-43F2-9465-F0F753609E48} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.5.0.102&amp;LastError=12002 Task: {C8699B07-BE64-40E5-8063-85BFDEF2B8C7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2990771943-463371173-480832279-1001Core => C:\Users\Valued User\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {CA26BABB-1D28-4429-B99E-0FEF2EB7B450} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-03-18] (Acer Incorporated) Task: {D1D1D764-BB4E-439C-B108-E6CA5F8BE06D} - System32\Tasks\{C075B6C7-518D-4D90-8B99-246F05C7449E} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12002 Task: {D2D27CAE-38D5-4A14-A9C6-D92A28303666} - System32\Tasks\{ED3812D4-3F23-4066-8A0D-1BA1BDEA8AFB} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12002 Task: {D729E818-CE2C-4155-A76E-37DC73771147} - System32\Tasks\{4918C21A-1A31-4784-A0AC-D0FB8BDD8A62} => Chrome.exe hxxp://ui.skype.com/ui/0/6.22.81.105/en/go/help.faq.installer?source=lightinstaller&amp;LastError=1618 Task: {D9627621-7E32-469B-9307-302816506D0F} - System32\Tasks\{46B5C890-32B5-44E4-9A9C-21A20184FB75} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12002 Task: {DF751EDF-16BA-4F0F-81D6-0D4024DC5B3F} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-03-17] (Acer Incorporate) Task: {E5D92B43-9DEC-4409-A9B4-583D1A880947} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] () Task: {F6E7BB19-293D-4ABF-B1D3-CE7222A39EAD} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-14] (Adobe Systems Incorporated) Task: {F77C2BCF-2899-421D-BD26-BB7F8B6244BD} - System32\Tasks\{D6B27AD6-59E3-4B71-9C1A-022FE48B81EB} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12007 Task: {F984CF2B-2D0B-480C-8AAA-462EC1ADE45F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2990771943-463371173-480832279-1001UA => C:\Users\Valued User\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {FFFF37C7-B1CC-4686-8920-5EB18342DC52} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-03-21] (Acer Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2990771943-463371173-480832279-1001Core.job => C:\Users\Valued User\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2990771943-463371173-480832279-1001UA.job => C:\Users\Valued User\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2014-07-26 14:29 - 2014-02-26 10:13 - 00053248 _____ () C:\Windows\SysWOW64\UMonit64.exe 2013-12-24 02:22 - 2013-12-24 02:22 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2013-12-24 02:20 - 2013-12-24 02:20 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll 2013-12-24 02:26 - 2013-12-24 02:26 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe 2013-07-09 04:34 - 2013-07-09 04:34 - 04150312 _____ () C:\Program Files (x86)\Acer\Live Updater\updater.exe 2015-01-08 22:02 - 2016-03-16 17:25 - 00073912 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav 2015-11-16 19:55 - 2015-11-16 19:55 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll 2015-11-16 19:56 - 2015-11-16 19:56 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll 2015-11-16 19:56 - 2015-11-16 19:56 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll 2015-11-16 19:56 - 2015-11-16 19:56 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll 2016-02-09 02:52 - 2016-02-09 02:52 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll 2016-01-14 17:12 - 2016-01-14 17:12 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll 2016-01-14 17:11 - 2016-01-14 17:11 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll 2014-10-01 16:23 - 2016-02-17 03:39 - 02140672 _____ () C:\Program Files (x86)\ManyCam\opencv_core2410.dll 2014-10-01 16:24 - 2016-02-17 03:39 - 01891840 _____ () C:\Program Files (x86)\ManyCam\opencv_imgproc2410.dll 2014-10-01 16:25 - 2016-02-17 03:39 - 00654848 _____ () C:\Program Files (x86)\ManyCam\opencv_objdetect2410.dll 2014-10-01 16:24 - 2016-02-17 03:39 - 02147840 _____ () C:\Program Files (x86)\ManyCam\opencv_highgui2410.dll 2014-10-01 16:24 - 2016-02-17 03:39 - 00360960 _____ () C:\Program Files (x86)\ManyCam\opencv_video2410.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\WINDOWS\explorer.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\acmigration.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\actxprxy.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\aeinv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\aepic.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\appraiser.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\AppxAllUserStore.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentExtensions.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentServer.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\asycfilt.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\atmfd.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\atmlib.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\basesrv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\BFE.DLL:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\certcli.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\CompatTelRunner.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\comsvcs.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\devinv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\dhcpsapi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\dxtrans.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ExplorerFrame.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\FWPUCLNT.DLL:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\generaltel.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\glcndFilter.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\hgcpl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\hlink.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ie4uinit.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ieapfltr.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\iedkcs32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ieframe.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\iepeers.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\iertutil.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\IKEEXT.DLL:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\inetcomm.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\inetcpl.cpl:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\invagent.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\jscript.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\jscript9.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\kerberos.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\KernelBase.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\lsasrv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\mfds.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\mfmp4srcsnk.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\mispace.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\MRT.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\msfeeds.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\mshtml.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\mshtmled.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\msvcp120_clr0400.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\msvcr120_clr0400.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\msxml3.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\mtxoci.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\netlogon.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nshwfp.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ntoskrnl.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ole32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\rpcss.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\rsaenh.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\samlib.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\samsrv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\seclogon.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SettingMonitor.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SettingSync.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SettingSyncCore.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SettingSyncHost.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\shell32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\stobject.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\storagewmi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SystemSettingsAdminFlows.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\themecpl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\twinui.appcore.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\twinui.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ucrtbase.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\urlmon.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\usercpl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\vbscript.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\VSSVC.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wbengine.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\webcheck.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Windows.Data.Pdf.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wininet.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\winload.efi:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\winload.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\winlogon.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\winresume.efi:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\winresume.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WMASF.DLL:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wmp.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WorkfoldersControl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\workfolderssvc.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wscapi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wscsvc.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WsmAgent.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WsmAuto.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WsmSvc.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WsmWmiPl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wuapi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wuapp.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wuauclt.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wuaueng.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wucltux.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wudriver.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WUSettingsProvider.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wuwebv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\AppxAllUserStore.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\asycfilt.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\atmfd.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\atmlib.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\certcli.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\comsvcs.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\dhcpsapi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\dxtrans.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\explorer.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\ExplorerFrame.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerApp.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\FWPUCLNT.DLL:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\glcndFilter.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\hgcpl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\hlink.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\ieapfltr.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\iedkcs32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\ieframe.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\iepeers.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\iertutil.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\inetcomm.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\inetcpl.cpl:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\jscript.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\jscript9.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\kerberos.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\KernelBase.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\mfds.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\mispace.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\msfeeds.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\mshtml.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\msorcl32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\msxml3.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\mtxoci.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\netlogon.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\nshwfp.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\ole32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\olepro32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\rsaenh.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\samlib.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingMonitor.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSync.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSyncCore.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSyncHost.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\shell32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\stobject.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\storagewmi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\themecpl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\twinui.appcore.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\twinui.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\ucrtbase.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\urlmon.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\usercpl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\vbscript.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\webcheck.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\wininet.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\WMASF.DLL:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\wmp.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\wscapi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\WsmAgent.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\WsmAuto.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\WsmSvc.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\WsmWmiPl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\wuapi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\wuapp.exe:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\SysWOW64\wudriver.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\wuwebv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\Classpnp.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\cng.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\disk.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\IPMIDrv.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\mcaudrv_x64.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\mcvidrv.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxsmb.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxsmb10.sys:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxsmb20.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\netio.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\ntfs.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\rasl2tp.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\spaceport.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\srv.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\storport.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\USBSTOR.SYS:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\vhdmp.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\volsnap.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\vpci.sys:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Desktop\adwcleaner_5.112.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Desktop\adwcleaner_5.112.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Valued User\Desktop\FRST64.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Desktop\FRST64.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Valued User\Desktop\JRT.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Desktop\JRT.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Valued User\Desktop\RogueKiller.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Desktop\RogueKiller.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Valued User\Downloads\Beyluxe_Setup521 (1).exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Downloads\Beyluxe_Setup521 (1).exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Valued User\Downloads\Firefox Setup Stub 45.0.2.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Downloads\Firefox Setup Stub 45.0.2.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Valued User\Downloads\ManyCamWebInstaller.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Downloads\ManyCamWebInstaller.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Valued User\Downloads\pal_install_u45593004_a729_r109813_p180.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Downloads\pal_install_u45593004_a729_r109813_p180.exe:$CmdZnID [26] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMPCHelper => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tvnserver => ""="" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 20:25 - 2016-04-17 06:16 - 00000967 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 keystone.mwbsys.com 127.0.0.1 sirius.mwbsys.com 127.0.0.1 bactem.mwbsys.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2990771943-463371173-480832279-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Valued User\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: 0155351455077364mcinstcleanup => 2 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: APNMCP => 2 MSCONFIG\Services: camfrog_update_service => 2 MSCONFIG\Services: GamesAppIntegrationService => 2 MSCONFIG\Services: GamesAppService => 3 MSCONFIG\Services: ICCS => 3 MSCONFIG\Services: igfxCUIService1.0.0.0 => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3 MSCONFIG\Services: Intel(R) TechnologyAccessService => 2 MSCONFIG\Services: LMSvc => 2 MSCONFIG\Services: QASvc => 3 MSCONFIG\Services: RichVideo => 2 MSCONFIG\Services: RMSvc => 3 MSCONFIG\Services: tvnserver => 2 HKLM\...\StartupApproved\Run32: => "CheckNDISPort_df" HKLM\...\StartupApproved\Run32: => "YouCam Service" HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "tvncontrol" HKU\S-1-5-21-2990771943-463371173-480832279-1001\...\StartupApproved\StartupFolder: => "PalTalk.lnk" HKU\S-1-5-21-2990771943-463371173-480832279-1001\...\StartupApproved\Run: => "BeyluxeMessenger" HKU\S-1-5-21-2990771943-463371173-480832279-1001\...\StartupApproved\Run: => "ZamTalk" HKU\S-1-5-21-2990771943-463371173-480832279-1001\...\StartupApproved\Run: => "BingSvc" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{ABB6DF67-8632-4B0F-B6E0-ECF744F1DAA1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{842674E4-D4C4-4DCE-9579-36881ACEC705}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe FirewallRules: [{64E21B38-132E-46D6-95FC-5B784E52E17D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe FirewallRules: [{EBD6F9A4-B67C-406E-8754-33C1697FAAC3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe FirewallRules: [{F1684950-7A66-41FA-9BA1-472D242D4D2F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe FirewallRules: [{D46BAE7C-D22E-46FC-9D2C-8A3A7F0D664C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe FirewallRules: [{C34965F4-6EEC-40F5-9F95-AE440E84E403}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe FirewallRules: [{A80F0CB0-E935-4489-AD6E-76FD63A1F474}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{FB06A5F8-792C-43A8-A865-214386C7F6D6}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{D65172A9-805E-48F3-8A63-1BF7E03CA94B}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{3D2809A1-3E13-47EF-BC6A-3A462302ACC5}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{0E89BEB9-91E3-416A-8F03-F9511812F65D}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{7FB12568-CBE9-41CF-A9F4-105A839308E3}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{F19FC465-3CFE-4FBB-A532-B558F337F227}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{5E080EAF-6739-486E-B73B-5AA74B592DF0}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{C28A9483-2C63-43C9-B46A-1BFCD6239CA5}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{B31112CE-33AC-40C6-9CD5-0FFF52E32612}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{5E7EC795-C0A7-4B38-83E3-5161A0EB1E19}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{AD041410-7503-4E43-B6CA-49F964BAD99D}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{F5018241-9DCA-4B67-A7D4-7646BA271C3F}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{86BFE9B9-6B55-4285-B448-AB0939438892}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{83F91F26-3F18-4814-A1F0-F44E009B8F9C}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{3E115B61-1FA5-4B09-A47E-BDCB1D763124}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{46786221-B4FE-4006-9328-891009B90B1D}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{7EC6972D-404E-4C4D-8910-6C38433E0279}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{51B9E294-5D44-49CE-AC02-E3BEDC1C837E}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe FirewallRules: [{80FFF6BB-E29B-45A6-B928-7A9479AC505C}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe FirewallRules: [{4AFF4927-CCCD-4316-9B47-C4982A5DF4C1}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe FirewallRules: [{F075769E-593E-418A-8FCB-0A09A03DC4C9}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe FirewallRules: [{A59ED16C-2A3F-4D14-9D43-016327A1A530}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{FCA76900-DAB4-47A5-BA0F-4B0EE88A06D9}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{4EFDDE5A-E559-4828-8115-FB9B2D3BD389}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{A4E79097-C10F-4E12-A326-7AAEF3FB869E}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{EA1A687F-B943-4B50-9D19-7882E2D9D610}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{59685312-1F34-4B43-AA80-C141170F482A}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{E1D5DDA2-7B94-4B62-9E8E-EB542519909C}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [TCP Query User{E4C85192-FA35-484F-AAEB-83280B7E7BC2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{9A1A6DBE-DC36-4476-B558-74D962157B8B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{E38BDA3C-A7B4-420C-9C85-56EECCD1654A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{11EECA65-2412-46DD-AC20-3084C990A504}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{70F9D400-AB0A-4886-BC02-243CDADC033B}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Block) C:\program files (x86)\paltalk messenger\paltalk.exe FirewallRules: [UDP Query User{357A6F57-1931-4616-B5BB-E47A39C662C4}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Block) C:\program files (x86)\paltalk messenger\paltalk.exe FirewallRules: [{5B212C08-43BF-4CA0-99FA-E6CC0B2FBC87}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe FirewallRules: [{88A5FF0C-9BA3-4459-840A-2A2F8894CBC3}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe FirewallRules: [{D0E3757A-ED68-4F7F-9427-CAB0CCB39147}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe FirewallRules: [{D9AEE2D4-944F-48CA-854E-32E390B12F78}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe FirewallRules: [{678529EB-7FCE-404E-95FA-892DA4A840A6}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{D161A54E-5574-4FBF-AFC2-D28994775C27}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{60E6B2E0-0555-4216-B599-9E1B4B7C513E}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{CBDE7C0D-EDD9-419C-86FA-40FB72267248}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{3D7A1B98-EAAE-4B4F-A2A1-71C42F99D43B}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe FirewallRules: [{DF46B9EB-4FE5-4C0F-B6DB-1DEAAAC5E432}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe FirewallRules: [{E5F7EC45-826A-4767-87ED-E3AF88CD1E84}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe FirewallRules: [{602E5781-F6F6-4AE2-9CB4-C7B35B6C85A5}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe FirewallRules: [{B7F6E09B-F5F6-485A-B6EA-08EE9DAA030D}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe FirewallRules: [{5CB3C640-67C5-42E0-B29E-9D88113B425E}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe FirewallRules: [{1548EA00-FCD8-4C75-B19E-7A59BF0E65DC}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe FirewallRules: [{2EA53F06-B210-4013-8F9E-8F2631CEF84E}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe FirewallRules: [{8368AC44-63F5-4503-8CD8-B6F7527176ED}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{B40EC191-D7AD-456A-86EE-D0D67FDE5A21}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{8AB22AF0-68F1-4A62-BCB6-44D0D19F2B55}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{D1BAC995-DCB6-4C28-A6F5-F4CA4C93D70E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{7F8FE66C-DB67-456E-A650-51BE1653803E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{3E3FBCBF-3D5E-45D7-A748-77CA4F520E8E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{6767AE8C-A83E-49E2-80FE-23DCB7890FFD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{7A20795A-7065-409C-9315-F25E9AF3CFB1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [TCP Query User{E341E415-0C80-4A1E-8B42-D69A8BC9293F}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Block) C:\program files (x86)\paltalk messenger\paltalk.exe FirewallRules: [UDP Query User{A85036DE-727F-4FA2-B31C-171624D1F910}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Block) C:\program files (x86)\paltalk messenger\paltalk.exe FirewallRules: [TCP Query User{A1A61FFB-542C-4F86-A752-F52554BE1106}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{A72D2746-EDC0-4F6D-8192-228343E31AEA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{F12FB72C-F518-4DC3-8838-B11EF54497DA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{2277A6CF-5915-487A-A887-15A56FE74AC5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{DD8AB1DC-98C8-473B-8F9E-AEB9A17FB68F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{CB44A943-3650-4A71-99B4-4E3455A409D2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{EB5B04A8-18C8-47AF-BDF2-C4AD4A18C6DB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{76D1D252-8511-4FC7-8F36-27A231C2EF72}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{47E0FC17-BA52-4FF8-998D-D26C664A82AF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{195D621B-DF53-49D5-BCD2-3EEF5B89A981}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [TCP Query User{6E03D9C8-2333-4CAC-8C0C-AD5C64EB2621}C:\users\valued user\desktop\aa_v3.2.exe] => (Block) C:\users\valued user\desktop\aa_v3.2.exe FirewallRules: [UDP Query User{EFFA99C7-6A2D-4CD2-826F-D1BD7EC89521}C:\users\valued user\desktop\aa_v3.2.exe] => (Block) C:\users\valued user\desktop\aa_v3.2.exe FirewallRules: [TCP Query User{D5216150-8B64-4806-90EE-350D63F5EAD4}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe] => (Allow) C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe FirewallRules: [UDP Query User{1B14D14D-A2B1-45BD-938E-8F8EEA1F3546}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe] => (Allow) C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe FirewallRules: [TCP Query User{7947DB53-7DA8-476D-96C6-F46695A70D00}C:\users\valued user\appdata\local\temp\showmypc\smpc3160\smpcph.exe] => (Allow) C:\users\valued user\appdata\local\temp\showmypc\smpc3160\smpcph.exe FirewallRules: [UDP Query User{F6A48A1D-CE29-43F3-9ECF-66C63F8F6FF2}C:\users\valued user\appdata\local\temp\showmypc\smpc3160\smpcph.exe] => (Allow) C:\users\valued user\appdata\local\temp\showmypc\smpc3160\smpcph.exe FirewallRules: [{C5D15A9A-DCAB-4B57-898D-5CEEAE724C3E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{8074EFE2-5E6E-482B-84CA-C8EC70EBEEA2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{91C35F0A-58ED-4F84-832A-E68EBA647F6B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{59D7996A-BA56-405A-9323-C167CCE5A761}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{76290946-409A-4004-B957-B6EF1D756B07}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{3C0200DA-C008-47F1-A454-C4CD7135ABFD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{4C1255EB-4CE6-4C53-8A8C-BF5987AFD494}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{8DCDCC22-6EE6-47AE-BE24-6963DC0FA01A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{095DD76F-E143-4E26-B260-AE541C32A2F5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{4FFF58F5-7153-465D-B57C-7D359554F391}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{F71A43A0-1203-4CA2-B38D-81CF5B336476}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{0EA7995B-2B4D-465E-B2B3-DFE3BCFBBE5B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{E6652DF1-4741-4B50-9719-15AA0CCE6FE4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{1EEC80A0-9379-405A-B69F-E65D1B5C8757}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{09D63AFC-FC80-4F68-866F-6677160DE814}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{0860946E-E42D-4F90-9701-B3E12C9131F6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{C162670F-A2C3-4DB5-B1B7-5AD848CC74DE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{CE696FF3-1FC3-4296-BCAC-A28FBD76AED8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{1158F0A8-3D4F-425B-8CA8-89F6DA49B09B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{831F6CC9-3753-4396-B48E-00813AB6B465}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [TCP Query User{80C954A5-CFC9-43AD-824A-CF8600092C74}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{6D6C1456-977D-47BB-8B63-9FF2105B0003}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Allow) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [UDP Query User{569C9025-4A18-4AFF-BC43-B7F06D9A9B16}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Allow) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [TCP Query User{FD698C2C-51E0-4807-B949-9A02FD450248}C:\program files (x86)\teamviewer\teamviewer.exe] => (Block) C:\program files (x86)\teamviewer\teamviewer.exe FirewallRules: [UDP Query User{D99E9068-6993-4C68-ADD1-5BC29C99190B}C:\program files (x86)\teamviewer\teamviewer.exe] => (Block) C:\program files (x86)\teamviewer\teamviewer.exe FirewallRules: [{DDF1A932-36BE-4818-90DC-0B0F9C58AF28}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{CB9DA8C2-E05F-48F4-A297-313446784A36}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{0492CA64-36B7-4521-822E-6F8249B153D0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{62925AF0-877B-4584-9244-3AECE8763BEC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{35918846-15F0-4AD0-B7E8-27FBE07CBBA7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{D7C9E5B8-BC63-4C14-A08C-2CA0D2B22F3C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [TCP Query User{6E6F1AB5-D259-4BB7-91B1-C049ACF1FA43}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Block) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [UDP Query User{7E6F25B0-3580-411D-8FEC-93A92F59DA00}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Block) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [{C56EF5F4-A676-459A-847A-8EF0E24BF287}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{D6E6DE68-2580-4098-B39C-C7706C59D820}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{3A364FBF-6D44-4A05-A4B3-DB0916A57044}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{BCD9281A-3E2D-4DC4-95A7-8C93FABEA0A7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{A45D4BC1-3AE6-4376-8AD5-D0EE9D926A2A}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe FirewallRules: [{1CCA43F2-60C8-4939-8F3E-40B58ADEBDBF}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe FirewallRules: [{EF2A265F-93B9-47EE-BC60-503D87C507F2}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe FirewallRules: [{787FB2D2-B19F-41B7-B9AF-001DCC412F7F}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe FirewallRules: [{F48D14FD-6CC9-4B6E-9BEE-F2FCA8DBE922}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe FirewallRules: [{ECD4D78C-3BB1-4BA7-BCA2-BA410C3A3C76}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe FirewallRules: [{8ADF0045-FB77-489F-A688-65A1ACB0F131}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe FirewallRules: [{F908ABDF-558A-42A0-9F79-57D8692D2F94}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe ==================== Restore Points ========================= Check "winmgmt" service or repair WMI. ==================== Faulty Device Manager Devices ============= Could not list Devices. Check "winmgmt" service or repair WMI. ==================== Event log errors: ========================= Application errors: ================== Error: (04/21/2016 04:44:00 PM) (Source: ESENT) (EventID: 467) (User: ) Description: svchost (1324) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AppIdTimeStamp of table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} is corrupted (0). Error: (04/21/2016 04:44:00 PM) (Source: ESENT) (EventID: 537) (User: ) Description: svchost (1324) SRUJet: A request for a node on an empty page (Pgno: 6444) has been made (error -351) for a B-Tree (ObjectId: 10, PgnoRoot: 45) of database C:\WINDOWS\system32\SRU\SRUDB.dat. This is typically due to a lost I/O from storage hardware. Please check with your hardware vendor for latest firmware revisions, make changes to your controller's caching parameters, use crash consistent hardware with Forced Unit Access support, and/or replace faulty hardware. Error: (04/21/2016 04:43:00 PM) (Source: ESENT) (EventID: 467) (User: ) Description: svchost (1324) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AppIdTimeStamp of table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} is corrupted (0). Error: (04/21/2016 04:43:00 PM) (Source: ESENT) (EventID: 537) (User: ) Description: svchost (1324) SRUJet: A request for a node on an empty page (Pgno: 6444) has been made (error -351) for a B-Tree (ObjectId: 10, PgnoRoot: 45) of database C:\WINDOWS\system32\SRU\SRUDB.dat. This is typically due to a lost I/O from storage hardware. Please check with your hardware vendor for latest firmware revisions, make changes to your controller's caching parameters, use crash consistent hardware with Forced Unit Access support, and/or replace faulty hardware. Error: (04/21/2016 04:42:00 PM) (Source: ESENT) (EventID: 467) (User: ) Description: svchost (1324) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AppIdTimeStamp of table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} is corrupted (0). Error: (04/21/2016 04:42:00 PM) (Source: ESENT) (EventID: 537) (User: ) Description: svchost (1324) SRUJet: A request for a node on an empty page (Pgno: 6444) has been made (error -351) for a B-Tree (ObjectId: 10, PgnoRoot: 45) of database C:\WINDOWS\system32\SRU\SRUDB.dat. This is typically due to a lost I/O from storage hardware. Please check with your hardware vendor for latest firmware revisions, make changes to your controller's caching parameters, use crash consistent hardware with Forced Unit Access support, and/or replace faulty hardware. Error: (04/21/2016 04:41:00 PM) (Source: ESENT) (EventID: 467) (User: ) Description: svchost (1324) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AppIdTimeStamp of table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} is corrupted (0). Error: (04/21/2016 04:41:00 PM) (Source: ESENT) (EventID: 537) (User: ) Description: svchost (1324) SRUJet: A request for a node on an empty page (Pgno: 6444) has been made (error -351) for a B-Tree (ObjectId: 10, PgnoRoot: 45) of database C:\WINDOWS\system32\SRU\SRUDB.dat. This is typically due to a lost I/O from storage hardware. Please check with your hardware vendor for latest firmware revisions, make changes to your controller's caching parameters, use crash consistent hardware with Forced Unit Access support, and/or replace faulty hardware. Error: (04/21/2016 04:40:00 PM) (Source: ESENT) (EventID: 467) (User: ) Description: svchost (1324) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AppIdTimeStamp of table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} is corrupted (0). Error: (04/21/2016 04:40:00 PM) (Source: ESENT) (EventID: 537) (User: ) Description: svchost (1324) SRUJet: A request for a node on an empty page (Pgno: 6444) has been made (error -351) for a B-Tree (ObjectId: 10, PgnoRoot: 45) of database C:\WINDOWS\system32\SRU\SRUDB.dat. This is typically due to a lost I/O from storage hardware. Please check with your hardware vendor for latest firmware revisions, make changes to your controller's caching parameters, use crash consistent hardware with Forced Unit Access support, and/or replace faulty hardware. System errors: ============= Error: (04/21/2016 04:03:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The COMODO Virtual Service Manager service terminated unexpectedly. It has done this 1 time(s). Error: (04/21/2016 03:44:10 PM) (Source: DCOM) (EventID: 10010) (User: LEA) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (04/21/2016 03:43:39 PM) (Source: DCOM) (EventID: 10010) (User: LEA) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (04/21/2016 11:40:43 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40. Error: (04/21/2016 11:26:49 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 9:24:28 AM on ‎4/‎21/‎2016 was unexpected. Error: (04/21/2016 08:34:59 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40. Error: (04/21/2016 08:24:27 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 8:20:57 AM on ‎4/‎21/‎2016 was unexpected. Error: (04/20/2016 10:26:43 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: The Diagnostics Tracking Service service did not shut down properly after receiving a preshutdown control. Error: (04/20/2016 10:24:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Microsoft Account Sign-in Assistant service failed to start due to the following error: %%1053 Error: (04/20/2016 10:21:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Group Policy Client service failed to start due to the following error: %%1053 CodeIntegrity: =================================== Date: 2016-04-21 15:43:32.639 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-21 15:27:59.109 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-21 11:44:05.694 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-21 11:27:10.498 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-21 08:24:49.761 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-21 05:51:12.738 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-21 03:15:36.644 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-20 22:27:41.256 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-20 18:15:12.811 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-20 10:37:42.882 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Celeron(R) CPU N2830 @ 2.16GHz Percentage of memory in use: 73% Total physical RAM: 1929.7 MB Available physical RAM: 502.91 MB Total Virtual: 3465.7 MB Available Virtual: 966.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:450.08 GB) (Free:401.13 GB) NTFS Drive d: (My Disc) (CDROM) (Total:0.35 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 0BE089D7) Partition: GPT. ==================== End of Addition.txt ============================
  8. Ok, scans done here is the logs: RogueKiller V12.1.3.0 [Apr 18 2016] (Free) by Adlice Software mail : http://www.adlice.com/contact/ Feedback : http://forum.adlice.com Website : http://www.adlice.com/software/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 8.1 (6.3.9600) 64 bits version Started in : Normal mode User : Valued User [Administrator] Started from : C:\Users\Valued User\Desktop\RogueKiller.exe Mode : Delete -- Date : 04/20/2016 09:51:30 ¤¤¤ Processes : 1 ¤¤¤ [Suspicious.Path] service.exe(916) -- C:\ProgramData\ManyCam\Service\service.exe[x] -> Found ¤¤¤ Registry : 4 ¤¤¤ [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2990771943-463371173-480832279-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.beyluxe.com/ -> Not selected [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2990771943-463371173-480832279-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.beyluxe.com/ -> Not selected [PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Not selected [PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Not selected ¤¤¤ Tasks : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: +++++ --- User --- [MBR] baa3a7259940ed157e6136201eeb76c7 [BSP] 3d0aeaf4ea1622b526ca35e127ef30d8 : Empty|VT.Unknown MBR Code Partition table: 0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 600 MB 1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 1230848 | Size: 300 MB 2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1845248 | Size: 128 MB 3 - Basic data partition | Offset (sectors): 2107392 | Size: 460879 MB 4 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 945987584 | Size: 15032 MB User = LL1 ... OK User = LL2 ... OK ------------------------------------------------------------------------------------------------- Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 4/18/2016 Scan Time: 9:45 PM Logfile: mbamlog.txt Administrator: Yes Version: 2.2.1.1043 Malware Database: v2016.04.18.03 Rootkit Database: v2016.04.17.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 8.1 CPU: x64 File System: NTFS User: Valued User Scan Type: Threat Scan Result: Completed Objects Scanned: 357571 Time Elapsed: 1 hr, 6 min, 45 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) --------------------------------------------------------------------------- # AdwCleaner v5.036 - Logfile created 26/02/2016 at 03:14:12 # Updated 22/02/2016 by Xplode # Database : 2016-02-24.1 [Server] # Operating system : Windows 8.1 Connected Single Language (x64) # Username : Valued User - LEA # Running from : C:\Users\Valued User\Desktop\pc cleaner tools\adwcleaner_5.036.exe # Option : Scan # Support : http://toolslib.net/forum ***** [ Services ] ***** ***** [ Folders ] ***** ***** [ Files ] ***** ***** [ DLL ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled tasks ] ***** ***** [ Registry ] ***** Value Found : HKU\S-1-5-21-2990771943-463371173-480832279-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki] ***** [ Web browsers ] ***** ************************* C:\AdwCleaner\AdwCleaner[S1].txt - [828 bytes] - [26/02/2016 03:14:12] ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [900 bytes] ########## # AdwCleaner v5.112 - Logfile created 20/04/2016 at 09:58:44 # Updated 17/04/2016 by Xplode # Database : 2016-04-19.5 [Server] # Operating system : Windows 8.1 Connected Single Language (X64) # Username : Valued User - LEA # Running from : C:\Users\Valued User\Desktop\adwcleaner_5.112.exe # Option : Scan # Support : http://toolslib.net/forum ***** [ Services ] ***** ***** [ Folders ] ***** ***** [ Files ] ***** ***** [ DLL ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled tasks ] ***** ***** [ Registry ] ***** Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1 Key Found : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar Key Found : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1 Key Found : HKCU\Software\APN PIP Key Found : HKU\S-1-5-21-2990771943-463371173-480832279-1001\Software\APN PIP Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024 Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0AA24E16-07B3-4694-8357-3C21ACC5F516} Data Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {0AA24E16-07B3-4694-8357-3C21ACC5F516} Key Found : HKU\S-1-5-21-2990771943-463371173-480832279-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0AA24E16-07B3-4694-8357-3C21ACC5F516} Data Found : HKU\S-1-5-21-2990771943-463371173-480832279-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {0AA24E16-07B3-4694-8357-3C21ACC5F516} Value Found : HKU\S-1-5-21-2990771943-463371173-480832279-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki] ***** [ Web browsers ] ***** ************************* C:\AdwCleaner\AdwCleaner[C1].txt - [1149 bytes] - [26/02/2016 03:19:50] C:\AdwCleaner\AdwCleaner[S1].txt - [2887 bytes] - [26/02/2016 03:14:12] ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2960 bytes] ########## ------------------------------------------------------------------------------------------------------- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.4 (03.14.2016) Operating System: Windows 8.1 Connected Single Language x64 Ran by Valued User (Administrator) on Wed 04/20/2016 at 10:11:19.98 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 1 Successfully deleted: C:\Users\Valued User\AppData\Local\crashrpt (Folder) Registry: 2 Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key) Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Wed 04/20/2016 at 10:35:37.28 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  9. I made these topics from the machine said here. The net or something is bad. Please delete the other topic without this post.
  10. The machine running Windows 8.1. Sometimes the machine runs very slow. Also I had to enable windows firewall. The internet seems weak. It's only 3g. This could be why it's having disconnect issues? Here is FRST46 log: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-04-2016 01 Ran by Valued User (administrator) on LEA (19-04-2016 02:40:35) Running from C:\Users\Valued User\Desktop Loaded Profiles: Valued User (Available Profiles: Valued User) Platform: Windows 8.1 Connected Single Language (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (Visicom Media Inc.) C:\ProgramData\ManyCam\Service\service.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe () C:\Windows\SysWOW64\UMonit64.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe (Google Inc.) C:\Users\Valued User\AppData\Local\Google\Update\GoogleUpdate.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe (Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe (acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe (Visicom Media Inc.) C:\Program Files (x86)\ManyCam\ManyCam.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe () C:\Program Files (x86)\Acer\Live Updater\updater.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-04-11] (COMODO) HKLM-x32\...\Run: [CheckNDISPort_df] => C:\Program Files (x86)\Hostless Modem\3G Mobile Hotspot\CheckNDISPort_df.exe [442696 2012-09-07] () HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare) HKLM-x32\...\Run: [tvncontrol] => "C:\Program Files (x86)\ShowMyPCService\tvnserver.exe" -controlservice -slave HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [133760 2013-12-24] (Qualcomm®Atheros®) HKU\S-1-5-21-2990771943-463371173-480832279-1001\...\Run: [Google Update] => C:\Users\Valued User\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.) HKU\S-1-5-21-2990771943-463371173-480832279-1001\...\Run: [BeyluxeMessenger] => C:\Program Files (x86)\Beyluxe Messenger\Beyluxe Messenger.exe [10685440 2014-10-01] () HKU\S-1-5-21-2990771943-463371173-480832279-1001\...\Run: [ZamTalk] => C:\Program Files (x86)\ZamTalk\ZamTalk.exe HKU\S-1-5-21-2990771943-463371173-480832279-1001\...\Run: [BingSvc] => C:\Users\Valued User\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation) Startup: C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk [2016-04-17] ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (No File) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.1 Tcpip\..\Interfaces\{F33EE3A1-9868-45B4-80B6-F7DE21CB4861}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{F33EE3A1-9868-45B4-80B6-F7DE21CB4861}: [DhcpNameServer] 192.168.0.1 192.168.0.1 Internet Explorer: ================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130907363000866539&GUID=7B262538-9030-496B-A22F-B05D6E8E3ED3 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ph.yahoo.com/?fr=mkg029 HKU\S-1-5-21-2990771943-463371173-480832279-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.beyluxe.com/ HKU\S-1-5-21-2990771943-463371173-480832279-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2990771943-463371173-480832279-1001 -> DefaultScope {0AA24E16-07B3-4694-8357-3C21ACC5F516} URL = hxxps://ph.search.yahoo.com/yhs/search?hspart=comodo&hsimp=yhs-com_chrome&type=33010001005_ds_sp&p={searchTerms} SearchScopes: HKU\S-1-5-21-2990771943-463371173-480832279-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms} SearchScopes: HKU\S-1-5-21-2990771943-463371173-480832279-1001 -> {0AA24E16-07B3-4694-8357-3C21ACC5F516} URL = hxxps://ph.search.yahoo.com/yhs/search?hspart=comodo&hsimp=yhs-com_chrome&type=33010001005_ds_sp&p={searchTerms} SearchScopes: HKU\S-1-5-21-2990771943-463371173-480832279-1001 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://ph.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Valued User\AppData\Roaming\Mozilla\Firefox\Profiles\yyrvydwg.default-1460845667610 FF Homepage: google.com FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-14] () FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-17] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-14] () FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll [2015-12-24] () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-02-28] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2990771943-463371173-480832279-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Valued User\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF Plugin HKU\S-1-5-21-2990771943-463371173-480832279-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Valued User\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF Extension: WOT - C:\Users\Valued User\AppData\Roaming\Mozilla\Firefox\Profiles\yyrvydwg.default-1460845667610\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016-04-17] FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06] Chrome: ======= CHR HomePage: Default -> hxxp://google.com/ CHR StartupUrls: Default -> "hxxp://google.com/" CHR Profile: C:\Users\Valued User\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Chrome Web Store Payments) - C:\Users\Valued User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [318592 2013-12-24] (Windows (R) Win 7 DDK provider) [File not signed] R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-03-25] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-03-25] (Microsoft Corporation) S4 camfrog_update_service; C:\Program Files (x86)\Camfrog\Camfrog Video Chat\update\cf_update_service.exe [1063968 2016-04-16] (Camshare Inc.) R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-01-14] (Acer Incorporated) R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5799552 2016-04-11] (COMODO) S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-04-11] (COMODO) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573544 2014-03-21] (Acer Incorporated) S4 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-05-07] (Intel Corporation) S4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed] S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation) S4 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [93408 2015-03-17] (Intel(R) Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-06-09] () S4 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [459496 2014-03-17] (Acer Incorporate) R2 ManyCam Service; C:\ProgramData\ManyCam\Service\service.exe [77528 2016-02-17] (Visicom Media Inc.) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] () R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-05] (TeamViewer GmbH) R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-24] (acer) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3881472 2013-12-12] (Qualcomm Atheros Communications, Inc.) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-12-24] (Qualcomm Atheros) R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [32224 2016-04-06] (COMODO) R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [846104 2016-04-06] (COMODO) R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [45600 2016-04-06] (COMODO) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 ETDI2C; C:\Windows\system32\DRIVERS\ETDI2C.sys [173384 2014-04-08] (ELAN Microelectronic Corp.) S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [111336 2014-04-28] (GenesysLogic) R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation) R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation) R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [138560 2016-04-06] (COMODO) R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated) R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2016-02-17] (Visicom Media Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-19] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-12-10] (Intel Corporation) R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2016-02-17] (Visicom Media Inc.) R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2014-10-30] (Intel Corporation) R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2014-10-30] (Intel Corporation) R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated) U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-02-12] () R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-04-19 02:40 - 2016-04-19 02:41 - 00015606 _____ C:\Users\Valued User\Desktop\FRST.txt 2016-04-19 02:40 - 2016-04-19 02:40 - 00000000 ____D C:\FRST 2016-04-19 02:33 - 2016-04-19 02:35 - 02375680 _____ (Farbar) C:\Users\Valued User\Desktop\FRST64.exe 2016-04-19 02:19 - 2016-04-19 02:19 - 00001055 _____ C:\Users\Valued User\Desktop\mbamlog.txt 2016-04-19 00:34 - 2016-04-19 00:34 - 00000000 ____D C:\Users\Valued User\AppData\Roaming\addpcs 2016-04-17 05:25 - 2016-04-17 07:23 - 00001159 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-04-17 05:18 - 2016-04-17 05:18 - 00242144 _____ C:\Users\Valued User\Downloads\Firefox Setup Stub 45.0.2.exe 2016-04-16 06:39 - 2016-04-17 07:22 - 00002199 _____ C:\Users\Valued User\Desktop\Camfrog Video Chat.lnk 2016-04-15 15:22 - 2016-04-14 12:57 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-04-15 15:22 - 2016-04-14 12:57 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-04-15 04:34 - 2016-04-15 04:34 - 00000911 _____ C:\Users\Valued User\Documents\Documents - Shortcut (2).lnk 2016-04-15 04:18 - 2016-04-15 04:18 - 01514524 _____ C:\Users\Valued User\Downloads\Misty Meye.html 2016-04-15 04:18 - 2016-04-15 04:18 - 00000000 ____D C:\Users\Valued User\Downloads\Misty Meye_files 2016-04-14 18:22 - 2016-04-14 18:22 - 22365472 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 19794896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 14466560 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 12879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 03120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 02757616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-04-14 18:22 - 2016-04-14 18:22 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 02592256 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 02412576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-04-14 18:22 - 2016-04-14 18:22 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 01348096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 01278464 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 01197056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00954880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2016-04-14 18:22 - 2016-04-14 18:22 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2016-04-14 18:22 - 2016-04-14 18:22 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00273264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2016-04-14 18:22 - 2016-04-14 18:22 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2016-04-14 18:22 - 2016-04-14 18:22 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll 2016-04-14 18:12 - 2016-04-14 18:12 - 02487296 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2016-04-14 18:12 - 2016-04-14 18:12 - 01482240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll 2016-04-14 18:11 - 2016-04-14 18:11 - 02609152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2016-04-14 18:11 - 2016-04-14 18:11 - 02170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2016-04-14 18:11 - 2016-04-14 18:11 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll 2016-04-14 18:11 - 2016-04-14 18:11 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll 2016-04-14 18:11 - 2016-04-14 18:11 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll 2016-04-14 18:11 - 2016-04-14 18:11 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll 2016-04-14 18:11 - 2016-04-14 18:11 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll 2016-04-14 18:11 - 2016-04-14 18:11 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll 2016-04-14 18:06 - 2016-04-14 18:06 - 01673728 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2016-04-14 18:06 - 2016-04-14 18:06 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2016-04-14 18:06 - 2016-04-14 18:06 - 00072024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys 2016-04-14 18:05 - 2016-04-14 18:05 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe 2016-04-14 18:03 - 2016-04-14 18:03 - 07452512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-04-14 18:03 - 2016-04-14 18:03 - 01663192 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-04-14 18:03 - 2016-04-14 18:03 - 01574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe 2016-04-14 18:03 - 2016-04-14 18:03 - 01523216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-04-14 18:03 - 2016-04-14 18:03 - 01490128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-04-14 18:03 - 2016-04-14 18:03 - 01455104 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe 2016-04-14 18:03 - 2016-04-14 18:03 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 01358960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-04-14 18:03 - 2016-04-14 18:03 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 01133752 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2016-04-14 18:03 - 2016-04-14 18:03 - 00952928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2016-04-14 18:03 - 2016-04-14 18:03 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00786152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00698368 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2016-04-14 18:03 - 2016-04-14 18:03 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2016-04-14 18:03 - 2016-04-14 18:03 - 00378712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2016-04-14 18:03 - 2016-04-14 18:03 - 00316760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys 2016-04-14 18:03 - 2016-04-14 18:03 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2016-04-14 18:03 - 2016-04-14 18:03 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpsapi.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpsapi.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys 2016-04-14 18:03 - 2016-04-14 18:03 - 00099672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys 2016-04-14 18:03 - 2016-04-14 18:03 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys 2016-04-14 18:03 - 2016-04-14 18:03 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-04-14 18:03 - 2016-04-14 18:03 - 00046768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-04-14 13:06 - 2016-04-17 07:02 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job 2016-04-14 13:06 - 2016-04-14 13:06 - 00003858 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2016-04-14 12:39 - 2016-04-14 12:39 - 25817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-04-14 12:39 - 2016-04-14 12:39 - 20352512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 15415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 13811712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 02892800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 02596864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 02285056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-04-14 12:38 - 2016-04-14 12:38 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-04-14 12:38 - 2016-04-14 12:38 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-04-14 12:38 - 2016-04-14 12:38 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2016-04-14 12:38 - 2016-04-14 12:38 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2016-04-14 12:36 - 2016-04-14 12:36 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-04-14 12:36 - 2016-04-14 12:36 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2016-04-14 12:36 - 2016-04-14 12:36 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-04-14 12:36 - 2016-04-14 12:36 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2016-04-14 12:36 - 2016-04-14 12:36 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2016-04-14 12:36 - 2016-04-14 12:36 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2016-04-14 12:36 - 2016-04-14 12:36 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2016-04-14 12:36 - 2016-04-14 12:36 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2016-04-14 12:36 - 2016-04-14 12:36 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll 2016-04-14 12:36 - 2016-04-14 12:36 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll 2016-04-14 12:35 - 2016-04-14 12:35 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2016-04-14 12:35 - 2016-04-14 12:35 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-04-14 12:35 - 2016-04-14 12:35 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2016-04-14 12:35 - 2016-04-14 12:35 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-04-14 12:35 - 2016-04-14 12:35 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll 2016-04-14 12:34 - 2016-03-29 21:05 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-04-13 12:35 - 2016-04-13 12:35 - 00000000 ____D C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger 2016-04-13 11:56 - 2016-04-13 12:04 - 01251528 _____ (AVM Software Inc.) C:\Users\Valued User\Downloads\pal_install_u45593004_a729_r109813_p180.exe 2016-04-13 11:13 - 2016-04-17 07:22 - 00002041 _____ C:\Users\Valued User\Desktop\Beyluxe Messenger.lnk 2016-04-13 11:13 - 2016-04-13 11:13 - 00000000 ____D C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beyluxe Messenger 2016-04-13 10:50 - 2016-04-13 11:12 - 12091280 _____ C:\Users\Valued User\Downloads\Beyluxe_Setup521 (1).exe 2016-04-12 09:55 - 2016-04-12 09:55 - 00088221 _____ C:\Users\Valued User\Downloads\Downloads.html 2016-04-02 06:07 - 2016-04-17 07:23 - 00001997 _____ C:\Users\Public\Desktop\abMusic.lnk 2016-03-24 00:46 - 2016-04-17 21:09 - 03523122 _____ C:\WINDOWS\system32\Drivers\fvstore.dat 2016-03-24 00:46 - 2016-03-24 00:46 - 00000000 ___HD C:\VTRoot 2016-03-24 00:42 - 2016-03-24 00:42 - 00003028 _____ C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} 2016-03-24 00:42 - 2016-03-24 00:42 - 00000000 ____D C:\ProgramData\Comodo Downloader ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-04-19 02:42 - 2016-02-16 00:05 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat 2016-04-19 02:25 - 2016-02-10 12:22 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-04-19 02:17 - 2015-01-02 15:02 - 00000000 ____D C:\Users\Valued User\AppData\Roaming\Skype 2016-04-19 02:04 - 2015-01-02 14:19 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2990771943-463371173-480832279-1001 2016-04-19 02:03 - 2015-01-23 00:18 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-04-19 00:51 - 2015-02-21 23:25 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-04-19 00:46 - 2014-03-18 16:53 - 01161006 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-04-19 00:46 - 2013-08-22 20:36 - 00000000 ____D C:\WINDOWS\Inf 2016-04-19 00:35 - 2014-07-26 14:55 - 00000000 ____D C:\ProgramData\Temp 2016-04-19 00:31 - 2015-02-24 14:24 - 00039576 _____ C:\IFRToolLog.txt 2016-04-19 00:24 - 2015-02-10 17:19 - 00000000 ____D C:\Users\Valued User\AppData\Local\CrashDumps 2016-04-19 00:22 - 2013-08-22 21:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-04-18 09:25 - 2015-01-02 15:06 - 00000000 ____D C:\Program Files (x86)\Opera 2016-04-18 08:42 - 2015-09-23 08:50 - 00000000 ____D C:\Users\Valued User\AppData\Roaming\Camfrog 2016-04-18 03:06 - 2013-08-22 22:36 - 00000000 ____D C:\WINDOWS\rescache 2016-04-18 02:09 - 2013-08-22 20:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-04-17 07:46 - 2016-02-04 20:21 - 00068608 ___SH C:\Users\Valued User\Desktop\Thumbs.db 2016-04-17 07:24 - 2016-02-22 12:59 - 00000983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-04-17 07:24 - 2015-10-06 01:52 - 00001064 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beyluxe Hidden Emoticons - Copy - Copy.lnk 2016-04-17 07:24 - 2015-08-30 16:00 - 00000352 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD RW Drive (D).lnk 2016-04-17 07:24 - 2015-08-05 09:15 - 00000605 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\pic.lnk 2016-04-17 07:24 - 2015-07-23 23:28 - 00001239 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ShowMyPC3161.lnk 2016-04-17 07:24 - 2015-07-15 04:33 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2016-04-17 07:24 - 2015-07-12 04:33 - 00001087 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Robes Pride 2015 (basketball league celebration 3rd place!!!).lnk 2016-04-17 07:24 - 2015-07-12 04:30 - 00001071 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\kids youcam pic's.lnk 2016-04-17 07:24 - 2015-05-10 22:18 - 00001756 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamViewer_Setup_en.lnk 2016-04-17 07:24 - 2015-05-03 16:17 - 00000567 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Libraries.lnk 2016-04-17 07:24 - 2015-05-03 16:17 - 00000291 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Network.lnk 2016-04-17 07:24 - 2015-05-02 03:25 - 00001272 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Realtek HD Audio Manager.lnk 2016-04-17 07:24 - 2015-01-02 15:06 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-04-17 07:24 - 2015-01-02 14:26 - 00002451 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-04-17 07:24 - 2015-01-02 14:13 - 00001442 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-04-17 07:24 - 2015-01-02 14:12 - 00000469 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2016-04-17 07:24 - 2015-01-02 14:12 - 00000467 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2016-04-17 07:24 - 2014-07-26 15:07 - 00002000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk 2016-04-17 07:24 - 2014-06-04 15:58 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2016-04-17 07:24 - 2014-06-04 15:48 - 00002470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk 2016-04-17 07:23 - 2016-02-22 12:59 - 00000971 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk 2016-04-17 07:23 - 2016-02-17 03:41 - 00001003 _____ C:\Users\Public\Desktop\ManyCam.lnk 2016-04-17 07:23 - 2016-02-16 00:06 - 00001969 _____ C:\Users\Public\Desktop\COMODO Antivirus.lnk 2016-04-17 07:23 - 2016-02-14 03:22 - 00002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk 2016-04-17 07:23 - 2016-02-10 12:21 - 00001114 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-04-17 07:23 - 2015-12-05 11:59 - 00002454 _____ C:\Users\Public\Desktop\WildTangent Games App - acer.lnk 2016-04-17 07:23 - 2015-11-26 23:36 - 00002001 _____ C:\Users\Public\Desktop\abPhoto.lnk 2016-04-17 07:23 - 2015-09-30 03:06 - 00001898 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beyluxe Heart Smiles 1.2(1)(1)(3)(2)(1)(1)(1)(1)(1)(1)(1)(1).lnk 2016-04-17 07:23 - 2015-01-03 18:48 - 00000386 _____ C:\Users\Valued User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\About Us (E).lnk 2016-04-17 07:23 - 2015-01-02 14:29 - 00000931 _____ C:\Users\Public\Desktop\VLC media player.lnk 2016-04-17 07:22 - 2016-02-27 02:49 - 00001486 _____ C:\Users\Valued User\Desktop\TeamViewer - Shortcut.lnk 2016-04-17 07:22 - 2015-12-16 19:30 - 00002713 _____ C:\Users\Valued User\Desktop\Skype.lnk 2016-04-17 07:22 - 2015-09-18 09:33 - 00000424 _____ C:\Users\Valued User\Desktop\This PC - Shortcut.lnk 2016-04-17 07:22 - 2015-08-05 09:28 - 00004297 _____ C:\Users\Valued User\Desktop\Tum Hi Ho - Aashiqui 2.mp3 - Shortcut.lnk 2016-04-17 07:22 - 2015-01-02 14:46 - 00002475 _____ C:\Users\Valued User\Desktop\Adobe Reader XI.lnk 2016-04-17 07:22 - 2015-01-02 14:26 - 00002443 _____ C:\Users\Valued User\Desktop\Google Chrome.lnk 2016-04-17 07:20 - 2015-01-02 14:12 - 00000000 ____D C:\Users\Valued User 2016-04-17 05:25 - 2016-01-09 00:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-04-16 22:51 - 2015-01-02 14:30 - 00000000 ____D C:\Users\Valued User\Desktop\OpenOffice 4.0.1 (en-US) Installation Files 2016-04-16 08:51 - 2016-02-17 03:43 - 00000000 ____D C:\Users\Valued User\AppData\Local\ManyCam 2016-04-16 07:12 - 2015-01-06 07:14 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-04-16 07:12 - 2013-08-22 22:36 - 00000000 ___RD C:\WINDOWS\ToastData 2016-04-16 06:35 - 2016-01-25 19:53 - 00440832 ___SH C:\Users\Valued User\Downloads\Thumbs.db 2016-04-16 06:34 - 2015-05-02 06:34 - 00000000 ____D C:\Users\Valued User\Downloads\Compressed 2016-04-15 22:33 - 2015-01-11 22:56 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-04-15 22:33 - 2013-08-22 22:20 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-04-15 22:24 - 2015-01-11 22:56 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-04-15 15:25 - 2013-08-22 21:44 - 00372768 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-04-14 16:57 - 2016-03-09 23:44 - 01737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-04-14 16:57 - 2016-03-09 23:44 - 01501488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-04-14 16:57 - 2016-03-09 23:44 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-04-14 13:06 - 2015-01-23 00:19 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2016-04-14 12:17 - 2016-01-13 19:58 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-04-13 21:05 - 2015-01-28 00:33 - 00003836 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1420186013 2016-04-13 11:13 - 2015-01-27 20:18 - 00000000 ____D C:\Program Files (x86)\Beyluxe Messenger 2016-04-12 08:27 - 2015-02-24 00:38 - 00000000 ____D C:\Users\Valued User\AppData\Roaming\vlc 2016-04-09 17:04 - 2013-08-22 22:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-04-08 20:55 - 2015-02-09 16:35 - 03971072 ___SH C:\Users\Valued User\Documents\Thumbs.db 2016-04-06 19:19 - 2015-11-18 17:14 - 00846104 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdguard.sys 2016-04-06 19:19 - 2015-11-18 17:14 - 00032224 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmderd.sys 2016-04-06 19:19 - 2015-08-05 00:31 - 00138560 _____ (COMODO) C:\WINDOWS\system32\Drivers\inspect.sys 2016-04-06 19:19 - 2015-08-05 00:31 - 00045600 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdhlp.sys 2016-04-06 19:17 - 2015-08-05 00:29 - 00051800 _____ (COMODO) C:\WINDOWS\system32\cmdcsr.dll 2016-04-06 19:16 - 2015-09-03 11:52 - 00596232 _____ (COMODO) C:\WINDOWS\system32\guard64.dll 2016-04-06 19:16 - 2015-09-03 11:52 - 00461648 _____ (COMODO) C:\WINDOWS\SysWOW64\guard32.dll 2016-04-06 19:14 - 2015-08-05 00:28 - 00365752 _____ (COMODO) C:\WINDOWS\system32\cmdvrt64.dll 2016-04-06 19:14 - 2015-08-05 00:28 - 00051896 _____ (COMODO) C:\WINDOWS\system32\cmdkbd64.dll 2016-04-06 19:12 - 2015-08-05 00:27 - 00296120 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdvrt32.dll 2016-04-06 19:11 - 2015-08-05 00:26 - 00046776 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdkbd32.dll 2016-04-02 06:07 - 2014-06-04 15:48 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer 2016-04-02 06:06 - 2014-06-04 15:48 - 00000000 ____D C:\Program Files (x86)\Acer 2016-04-02 06:02 - 2015-01-02 14:15 - 00000000 ____D C:\Users\Valued User\AppData\Local\clear.fi 2016-03-26 23:02 - 2015-04-05 03:09 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX 2016-03-26 23:02 - 2015-04-05 03:09 - 00000000 ___SD C:\WINDOWS\system32\GWX 2016-03-25 20:06 - 2015-10-05 16:05 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-03-25 20:05 - 2015-01-02 15:01 - 00000000 ____D C:\ProgramData\Skype ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-04-13 11:23 ==================== End of FRST.txt ============================ -- Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-04-2016 01 Ran by Valued User (2016-04-19 02:43:32) Running from C:\Users\Valued User\Desktop Windows 8.1 Connected Single Language (X64) (2015-01-02 07:12:30) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2990771943-463371173-480832279-500 - Administrator - Disabled) Guest (S-1-5-21-2990771943-463371173-480832279-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2990771943-463371173-480832279-1003 - Limited - Enabled) Valued User (S-1-5-21-2990771943-463371173-480832279-1001 - Administrator - Enabled) => C:\Users\Valued User ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: COMODO Antivirus (Enabled - Up to date) {D0CC7563-ABD2-DEBE-138E-FDD553335AF2} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Comodo Defense+ (Enabled - Up to date) {6BAD9487-8DE8-D130-293E-C6A728B4104F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 3G Mobile Hotspot Hostless Modem (HKLM-x32\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.2 - ZTE Corporation) 7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov) abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated) abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.00.2003.6 - Acer Incorporated) abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.06.2000.22 - Acer Incorporated) Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated) Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8105 - Acer Incorporated) Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8104 - Acer Incorporated) Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8106 - Acer Incorporated) Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated) Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.01.3003 - Acer Incorporated) Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.01.3003 - Acer Incorporated) Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2001.4 - Acer Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Adobe Reader XI (11.0.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.15 - Adobe Systems Incorporated) Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.15.2000.1 - Acer Incorporated) Beyluxe Messenger (HKLM-x32\...\Beyluxe Messenger1) (Version: 1 - Hichatters Srl) Camfrog Video Chat 6.11 (HKLM-x32\...\Camfrog) (Version: 6.11.543 - Camshare, Inc.) COMODO Antivirus (HKLM\...\{04833277-EE61-4251-9273-0CF86C0FE710}) (Version: 8.2.0.4792 - COMODO Security Solutions Inc.) Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.3721 - CyberLink Corp.) CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3914.57 - CyberLink Corp.) DriverIdentifier 4.2.8 (HKLM-x32\...\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1) (Version: - DriverIdentifier) eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM) ELAN HIDI2C Filter Driver X64 13.6.1.1_WHQL (HKLM\...\Elantech) (Version: 13.6.1.1 - ELAN Microelectronic Corp.) Game Channels (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 9.2.0.11 - WildTangent, Inc.) Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.2.1 - Genesys Logic) Google Chrome (HKU\S-1-5-21-2990771943-463371173-480832279-1001\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.) Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation) Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation) Intel(R) Technology Access (HKLM-x32\...\{efc54997-dfa9-44b1-afac-3a7ac4f45730}) (Version: 1.3.6.1042 - Intel Corporation) Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{43FA4AC8-46F8-423F-96FD-9A7D67048F1C}) (Version: 2.5.1634 - Intel Corporation) Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated) Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) ManyCam 5.1.0 (HKLM-x32\...\ManyCam) (Version: 5.1.0 - Visicom Media Inc.) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Mozilla Firefox 45.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 en-US)) (Version: 45.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla) OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation) Opera Stable 36.0.2130.65 (HKLM-x32\...\Opera 36.0.2130.65) (Version: 36.0.2130.65 - Opera Software) Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications) Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.25 - Qualcomm Atheros) Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.37.1119.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation) Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.) Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.5 - Sophos Limited) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer) The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - ) VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) WildTangent Games App (x32 Version: 4.0.11.14 - WildTangent) Hidden Wondershare Video Editor(Build 5.1.1) (HKLM-x32\...\Wondershare Video Editor_is1) (Version: - Wondershare Software) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2990771943-463371173-480832279-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Valued User\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2990771943-463371173-480832279-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-2990771943-463371173-480832279-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Valued User\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {049415C7-10EB-4F82-8F49-79CF8C3AF2FF} - System32\Tasks\{4C5D8014-4C4B-426B-BA51-4413EA683020} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12002 Task: {05805890-58AC-4698-A09F-CE8DD2A62D66} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-09] () Task: {10716E78-E95E-4502-9A04-F1467ECCB378} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-04-11] (COMODO) Task: {1AB9EA82-1A8D-4620-8E7E-101532129706} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-04-11] (COMODO) Task: {1E347CE0-80C4-43D4-BBC3-F411ABC2C135} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-04-11] (COMODO) Task: {21492B2E-B0B1-4CD5-ABEC-CCC13E2BC964} - System32\Tasks\{B5DCBA7D-5A61-4FA5-852D-396995712F47} => Chrome.exe hxxp://ui.skype.com/ui/0/7.0.0.102/en/abandoninstall?page=tsMain Task: {21EA1CD8-38CB-422B-8057-E564627E4BEA} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-04-11] (COMODO) Task: {25D89FD7-D33C-434C-9D7A-F16A8CA78893} - System32\Tasks\{A375AB04-4A99-481D-B0EB-1601F96BCF30} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12002 Task: {31CFA3A5-24B7-4BC7-87A1-159D0DF6B7ED} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2014-02-26] () Task: {39220496-211C-4A01-9B06-BFACA912B44C} - System32\Tasks\{1BAD3E11-89C1-49CA-99DE-FD58BC4997B2} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12002 Task: {4643E4F0-F375-45F9-8ACE-A258641EB444} - System32\Tasks\{52CD0227-3E08-4AC5-A0FD-91C74B1A7FBE} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.5.0.102&amp;LastError=12002 Task: {60E56F48-ABE5-4E1A-92FE-D236F43170A9} - System32\Tasks\{B3B02AEE-7226-4A51-B544-45E89155E0CD} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12002 Task: {620D072A-58DE-45C7-A465-565D5EA80791} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-15] (Microsoft Corporation) Task: {680D1151-F04A-4FB2-A439-CF4ED6BFEB1A} - System32\Tasks\{9E14391A-A700-45C9-A8A6-6F45954D38EA} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.5.0.102&amp;LastError=12002 Task: {6CE03F3C-7B12-4FA7-95E2-DAE4A5D8B8F1} - System32\Tasks\Opera scheduled Autoupdate 1420186013 => C:\Program Files (x86)\Opera\launcher.exe [2016-04-13] (Opera Software) Task: {6E756A75-A5CB-459B-8323-94ECE61F34FA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {74AEEDD5-5266-4A18-B330-8141E90BC3C0} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-04-11] (COMODO) Task: {78D1EC83-1D8A-40A1-AE33-2575BBA6D948} - System32\Tasks\{2D5DA554-F54D-45A3-8C71-2C7E7B33B961} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12007 Task: {80981AFD-358C-4C60-9D17-FF6EF1C4EB3B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe [2016-04-14] (Adobe Systems Incorporated) Task: {8657D6CE-2D0E-4E83-9B19-4410532A959E} - System32\Tasks\{B160DC4B-5225-46D5-820E-B38BE85D15A0} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.5.0.102&amp;LastError=12002 Task: {86ABF491-C471-4208-B258-A87AEE61FABD} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09] () Task: {8E41E03F-3F67-405D-9285-09A435378FDC} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-04-11] (COMODO) Task: {AEA428A2-B19B-4A6E-9E94-59B2A56E07E6} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-01-14] (Acer Incorporated) Task: {B4761431-F97D-44C6-9E35-4A8CCE6C4DCB} - System32\Tasks\{4D9FF39B-316A-4C54-B14B-DE5A3F396075} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=404 Task: {B942F5A0-98AB-4359-BBE6-770E590EDA32} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-24] (TODO: <Company name>) Task: {BE0B4EFA-3E8D-444E-BF36-773C190A7B03} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09] () Task: {C740B023-F01D-40CE-9688-6FEB7A1002EA} - System32\Tasks\{CC87FCA1-0E19-43F2-9465-F0F753609E48} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.5.0.102&amp;LastError=12002 Task: {C8699B07-BE64-40E5-8063-85BFDEF2B8C7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2990771943-463371173-480832279-1001Core => C:\Users\Valued User\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {CA26BABB-1D28-4429-B99E-0FEF2EB7B450} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-03-18] (Acer Incorporated) Task: {D1D1D764-BB4E-439C-B108-E6CA5F8BE06D} - System32\Tasks\{C075B6C7-518D-4D90-8B99-246F05C7449E} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12002 Task: {D2D27CAE-38D5-4A14-A9C6-D92A28303666} - System32\Tasks\{ED3812D4-3F23-4066-8A0D-1BA1BDEA8AFB} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12002 Task: {D729E818-CE2C-4155-A76E-37DC73771147} - System32\Tasks\{4918C21A-1A31-4784-A0AC-D0FB8BDD8A62} => Chrome.exe hxxp://ui.skype.com/ui/0/6.22.81.105/en/go/help.faq.installer?source=lightinstaller&amp;LastError=1618 Task: {D9627621-7E32-469B-9307-302816506D0F} - System32\Tasks\{46B5C890-32B5-44E4-9A9C-21A20184FB75} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12002 Task: {DF751EDF-16BA-4F0F-81D6-0D4024DC5B3F} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-03-17] (Acer Incorporate) Task: {E5D92B43-9DEC-4409-A9B4-583D1A880947} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] () Task: {F6E7BB19-293D-4ABF-B1D3-CE7222A39EAD} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-14] (Adobe Systems Incorporated) Task: {F77C2BCF-2899-421D-BD26-BB7F8B6244BD} - System32\Tasks\{D6B27AD6-59E3-4B71-9C1A-022FE48B81EB} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12007 Task: {F984CF2B-2D0B-480C-8AAA-462EC1ADE45F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2990771943-463371173-480832279-1001UA => C:\Users\Valued User\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {FFFF37C7-B1CC-4686-8920-5EB18342DC52} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-03-21] (Acer Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2990771943-463371173-480832279-1001Core.job => C:\Users\Valued User\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2990771943-463371173-480832279-1001UA.job => C:\Users\Valued User\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2014-07-26 15:14 - 2014-01-03 14:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll 2014-07-26 14:29 - 2014-02-26 10:13 - 00053248 _____ () C:\Windows\SysWOW64\UMonit64.exe 2013-12-24 02:22 - 2013-12-24 02:22 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2013-12-24 02:20 - 2013-12-24 02:20 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll 2015-01-08 22:02 - 2016-03-16 17:25 - 00073912 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav 2013-12-24 02:26 - 2013-12-24 02:26 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe 2013-07-09 04:34 - 2013-07-09 04:34 - 04150312 _____ () C:\Program Files (x86)\Acer\Live Updater\updater.exe 2015-11-16 19:55 - 2015-11-16 19:55 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll 2015-11-16 19:56 - 2015-11-16 19:56 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll 2015-11-16 19:56 - 2015-11-16 19:56 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll 2015-11-16 19:56 - 2015-11-16 19:56 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll 2016-02-09 02:52 - 2016-02-09 02:52 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll 2016-01-14 17:12 - 2016-01-14 17:12 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll 2016-01-14 17:11 - 2016-01-14 17:11 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll 2014-10-01 16:23 - 2016-02-17 03:39 - 02140672 _____ () C:\Program Files (x86)\ManyCam\opencv_core2410.dll 2014-10-01 16:24 - 2016-02-17 03:39 - 01891840 _____ () C:\Program Files (x86)\ManyCam\opencv_imgproc2410.dll 2014-10-01 16:25 - 2016-02-17 03:39 - 00654848 _____ () C:\Program Files (x86)\ManyCam\opencv_objdetect2410.dll 2014-10-01 16:24 - 2016-02-17 03:39 - 02147840 _____ () C:\Program Files (x86)\ManyCam\opencv_highgui2410.dll 2014-10-01 16:24 - 2016-02-17 03:39 - 00360960 _____ () C:\Program Files (x86)\ManyCam\opencv_video2410.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\WINDOWS\explorer.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\acmigration.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\actxprxy.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\aeinv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\aepic.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\appraiser.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\AppxAllUserStore.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentExtensions.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentServer.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\asycfilt.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\atmfd.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\atmlib.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\basesrv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\BFE.DLL:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\certcli.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\CompatTelRunner.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\comsvcs.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\devinv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\dhcpsapi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\dxtrans.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ExplorerFrame.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\FWPUCLNT.DLL:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\generaltel.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\glcndFilter.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\hgcpl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\hlink.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ie4uinit.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ieapfltr.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\iedkcs32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ieframe.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\iepeers.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\iertutil.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\IKEEXT.DLL:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\inetcomm.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\inetcpl.cpl:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\invagent.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\jscript.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\jscript9.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\kerberos.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\KernelBase.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\lsasrv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\mfds.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\mfmp4srcsnk.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\mispace.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\MRT.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\msfeeds.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\mshtml.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\mshtmled.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\msvcp120_clr0400.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\msvcr120_clr0400.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\msxml3.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\mtxoci.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\netlogon.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nshwfp.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ntoskrnl.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ole32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\rpcss.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\rsaenh.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\samlib.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\samsrv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\seclogon.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SettingMonitor.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SettingSync.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SettingSyncCore.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SettingSyncHost.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\shell32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\stobject.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\storagewmi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SystemSettingsAdminFlows.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\themecpl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\twinui.appcore.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\twinui.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ucrtbase.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\urlmon.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\usercpl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\vbscript.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\VSSVC.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wbengine.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\webcheck.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Windows.Data.Pdf.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wininet.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\winload.efi:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\winload.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\winlogon.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\winresume.efi:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\winresume.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WMASF.DLL:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wmp.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WorkfoldersControl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\workfolderssvc.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wscapi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wscsvc.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WsmAgent.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WsmAuto.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WsmSvc.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WsmWmiPl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wuapi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wuapp.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wuauclt.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wuaueng.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wucltux.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wudriver.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WUSettingsProvider.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wuwebv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\AppxAllUserStore.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\asycfilt.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\atmfd.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\atmlib.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\certcli.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\comsvcs.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\dhcpsapi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\dxtrans.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\explorer.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\ExplorerFrame.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerApp.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\FWPUCLNT.DLL:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\glcndFilter.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\hgcpl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\hlink.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\ieapfltr.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\iedkcs32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\ieframe.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\iepeers.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\iertutil.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\inetcomm.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\inetcpl.cpl:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\jscript.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\jscript9.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\kerberos.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\KernelBase.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\mfds.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\mispace.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\msfeeds.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\mshtml.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\msorcl32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\msxml3.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\mtxoci.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\netlogon.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\nshwfp.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\ole32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\olepro32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\rsaenh.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\samlib.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingMonitor.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSync.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSyncCore.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSyncHost.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\shell32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\stobject.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\storagewmi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\themecpl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\twinui.appcore.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\twinui.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\ucrtbase.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\urlmon.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\usercpl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\vbscript.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\webcheck.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\wininet.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\WMASF.DLL:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\wmp.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\wscapi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\WsmAgent.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\WsmAuto.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\WsmSvc.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\WsmWmiPl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\wuapi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\wuapp.exe:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\SysWOW64\wudriver.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\wuwebv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\Classpnp.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\cng.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\disk.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\IPMIDrv.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\mcaudrv_x64.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\mcvidrv.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxsmb.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxsmb10.sys:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxsmb20.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\netio.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\ntfs.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\rasl2tp.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\spaceport.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\srv.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\storport.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\USBSTOR.SYS:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\vhdmp.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\volsnap.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\vpci.sys:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Desktop\FRST64.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Desktop\FRST64.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Valued User\Downloads\Beyluxe_Setup521 (1).exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Downloads\Beyluxe_Setup521 (1).exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Valued User\Downloads\Firefox Setup Stub 45.0.2.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Downloads\Firefox Setup Stub 45.0.2.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Valued User\Downloads\ManyCamWebInstaller.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Downloads\ManyCamWebInstaller.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Valued User\Downloads\pal_install_u45593004_a729_r109813_p180.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Downloads\pal_install_u45593004_a729_r109813_p180.exe:$CmdZnID [26] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMPCHelper => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tvnserver => ""="" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 20:25 - 2016-04-17 06:16 - 00000967 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 keystone.mwbsys.com 127.0.0.1 sirius.mwbsys.com 127.0.0.1 bactem.mwbsys.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2990771943-463371173-480832279-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Valued User\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: 0155351455077364mcinstcleanup => 2 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: APNMCP => 2 MSCONFIG\Services: camfrog_update_service => 2 MSCONFIG\Services: GamesAppIntegrationService => 2 MSCONFIG\Services: GamesAppService => 3 MSCONFIG\Services: ICCS => 3 MSCONFIG\Services: igfxCUIService1.0.0.0 => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3 MSCONFIG\Services: Intel(R) TechnologyAccessService => 2 MSCONFIG\Services: LMSvc => 2 MSCONFIG\Services: QASvc => 3 MSCONFIG\Services: RichVideo => 2 MSCONFIG\Services: RMSvc => 3 MSCONFIG\Services: tvnserver => 2 HKLM\...\StartupApproved\Run32: => "CheckNDISPort_df" HKLM\...\StartupApproved\Run32: => "YouCam Service" HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "tvncontrol" HKU\S-1-5-21-2990771943-463371173-480832279-1001\...\StartupApproved\StartupFolder: => "PalTalk.lnk" HKU\S-1-5-21-2990771943-463371173-480832279-1001\...\StartupApproved\Run: => "BeyluxeMessenger" HKU\S-1-5-21-2990771943-463371173-480832279-1001\...\StartupApproved\Run: => "ZamTalk" HKU\S-1-5-21-2990771943-463371173-480832279-1001\...\StartupApproved\Run: => "BingSvc" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{ABB6DF67-8632-4B0F-B6E0-ECF744F1DAA1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{842674E4-D4C4-4DCE-9579-36881ACEC705}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe FirewallRules: [{64E21B38-132E-46D6-95FC-5B784E52E17D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe FirewallRules: [{EBD6F9A4-B67C-406E-8754-33C1697FAAC3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe FirewallRules: [{F1684950-7A66-41FA-9BA1-472D242D4D2F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe FirewallRules: [{D46BAE7C-D22E-46FC-9D2C-8A3A7F0D664C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe FirewallRules: [{C34965F4-6EEC-40F5-9F95-AE440E84E403}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe FirewallRules: [{A80F0CB0-E935-4489-AD6E-76FD63A1F474}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{FB06A5F8-792C-43A8-A865-214386C7F6D6}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{D65172A9-805E-48F3-8A63-1BF7E03CA94B}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{3D2809A1-3E13-47EF-BC6A-3A462302ACC5}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{0E89BEB9-91E3-416A-8F03-F9511812F65D}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{7FB12568-CBE9-41CF-A9F4-105A839308E3}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{F19FC465-3CFE-4FBB-A532-B558F337F227}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{5E080EAF-6739-486E-B73B-5AA74B592DF0}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{C28A9483-2C63-43C9-B46A-1BFCD6239CA5}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{B31112CE-33AC-40C6-9CD5-0FFF52E32612}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{5E7EC795-C0A7-4B38-83E3-5161A0EB1E19}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{AD041410-7503-4E43-B6CA-49F964BAD99D}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{F5018241-9DCA-4B67-A7D4-7646BA271C3F}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{86BFE9B9-6B55-4285-B448-AB0939438892}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{83F91F26-3F18-4814-A1F0-F44E009B8F9C}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{3E115B61-1FA5-4B09-A47E-BDCB1D763124}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{46786221-B4FE-4006-9328-891009B90B1D}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{7EC6972D-404E-4C4D-8910-6C38433E0279}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{51B9E294-5D44-49CE-AC02-E3BEDC1C837E}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe FirewallRules: [{80FFF6BB-E29B-45A6-B928-7A9479AC505C}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe FirewallRules: [{4AFF4927-CCCD-4316-9B47-C4982A5DF4C1}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe FirewallRules: [{F075769E-593E-418A-8FCB-0A09A03DC4C9}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe FirewallRules: [{A59ED16C-2A3F-4D14-9D43-016327A1A530}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{FCA76900-DAB4-47A5-BA0F-4B0EE88A06D9}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{4EFDDE5A-E559-4828-8115-FB9B2D3BD389}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{A4E79097-C10F-4E12-A326-7AAEF3FB869E}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{EA1A687F-B943-4B50-9D19-7882E2D9D610}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{59685312-1F34-4B43-AA80-C141170F482A}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{E1D5DDA2-7B94-4B62-9E8E-EB542519909C}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [TCP Query User{E4C85192-FA35-484F-AAEB-83280B7E7BC2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{9A1A6DBE-DC36-4476-B558-74D962157B8B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{E38BDA3C-A7B4-420C-9C85-56EECCD1654A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{11EECA65-2412-46DD-AC20-3084C990A504}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{70F9D400-AB0A-4886-BC02-243CDADC033B}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Block) C:\program files (x86)\paltalk messenger\paltalk.exe FirewallRules: [UDP Query User{357A6F57-1931-4616-B5BB-E47A39C662C4}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Block) C:\program files (x86)\paltalk messenger\paltalk.exe FirewallRules: [{5B212C08-43BF-4CA0-99FA-E6CC0B2FBC87}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe FirewallRules: [{88A5FF0C-9BA3-4459-840A-2A2F8894CBC3}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe FirewallRules: [{D0E3757A-ED68-4F7F-9427-CAB0CCB39147}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe FirewallRules: [{D9AEE2D4-944F-48CA-854E-32E390B12F78}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe FirewallRules: [{678529EB-7FCE-404E-95FA-892DA4A840A6}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{D161A54E-5574-4FBF-AFC2-D28994775C27}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{60E6B2E0-0555-4216-B599-9E1B4B7C513E}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{CBDE7C0D-EDD9-419C-86FA-40FB72267248}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{3D7A1B98-EAAE-4B4F-A2A1-71C42F99D43B}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe FirewallRules: [{DF46B9EB-4FE5-4C0F-B6DB-1DEAAAC5E432}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe FirewallRules: [{E5F7EC45-826A-4767-87ED-E3AF88CD1E84}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe FirewallRules: [{602E5781-F6F6-4AE2-9CB4-C7B35B6C85A5}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe FirewallRules: [{B7F6E09B-F5F6-485A-B6EA-08EE9DAA030D}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe FirewallRules: [{5CB3C640-67C5-42E0-B29E-9D88113B425E}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe FirewallRules: [{1548EA00-FCD8-4C75-B19E-7A59BF0E65DC}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe FirewallRules: [{2EA53F06-B210-4013-8F9E-8F2631CEF84E}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe FirewallRules: [{8368AC44-63F5-4503-8CD8-B6F7527176ED}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{B40EC191-D7AD-456A-86EE-D0D67FDE5A21}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{8AB22AF0-68F1-4A62-BCB6-44D0D19F2B55}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{D1BAC995-DCB6-4C28-A6F5-F4CA4C93D70E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{7F8FE66C-DB67-456E-A650-51BE1653803E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{3E3FBCBF-3D5E-45D7-A748-77CA4F520E8E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{6767AE8C-A83E-49E2-80FE-23DCB7890FFD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{7A20795A-7065-409C-9315-F25E9AF3CFB1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [TCP Query User{E341E415-0C80-4A1E-8B42-D69A8BC9293F}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Block) C:\program files (x86)\paltalk messenger\paltalk.exe FirewallRules: [UDP Query User{A85036DE-727F-4FA2-B31C-171624D1F910}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Block) C:\program files (x86)\paltalk messenger\paltalk.exe FirewallRules: [TCP Query User{A1A61FFB-542C-4F86-A752-F52554BE1106}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{A72D2746-EDC0-4F6D-8192-228343E31AEA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{F12FB72C-F518-4DC3-8838-B11EF54497DA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{2277A6CF-5915-487A-A887-15A56FE74AC5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{DD8AB1DC-98C8-473B-8F9E-AEB9A17FB68F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{CB44A943-3650-4A71-99B4-4E3455A409D2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{EB5B04A8-18C8-47AF-BDF2-C4AD4A18C6DB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{76D1D252-8511-4FC7-8F36-27A231C2EF72}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{47E0FC17-BA52-4FF8-998D-D26C664A82AF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{195D621B-DF53-49D5-BCD2-3EEF5B89A981}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [TCP Query User{6E03D9C8-2333-4CAC-8C0C-AD5C64EB2621}C:\users\valued user\desktop\aa_v3.2.exe] => (Block) C:\users\valued user\desktop\aa_v3.2.exe FirewallRules: [UDP Query User{EFFA99C7-6A2D-4CD2-826F-D1BD7EC89521}C:\users\valued user\desktop\aa_v3.2.exe] => (Block) C:\users\valued user\desktop\aa_v3.2.exe FirewallRules: [TCP Query User{D5216150-8B64-4806-90EE-350D63F5EAD4}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe] => (Allow) C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe FirewallRules: [UDP Query User{1B14D14D-A2B1-45BD-938E-8F8EEA1F3546}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe] => (Allow) C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe FirewallRules: [TCP Query User{7947DB53-7DA8-476D-96C6-F46695A70D00}C:\users\valued user\appdata\local\temp\showmypc\smpc3160\smpcph.exe] => (Allow) C:\users\valued user\appdata\local\temp\showmypc\smpc3160\smpcph.exe FirewallRules: [UDP Query User{F6A48A1D-CE29-43F3-9ECF-66C63F8F6FF2}C:\users\valued user\appdata\local\temp\showmypc\smpc3160\smpcph.exe] => (Allow) C:\users\valued user\appdata\local\temp\showmypc\smpc3160\smpcph.exe FirewallRules: [{C5D15A9A-DCAB-4B57-898D-5CEEAE724C3E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{8074EFE2-5E6E-482B-84CA-C8EC70EBEEA2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{91C35F0A-58ED-4F84-832A-E68EBA647F6B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{59D7996A-BA56-405A-9323-C167CCE5A761}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{76290946-409A-4004-B957-B6EF1D756B07}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{3C0200DA-C008-47F1-A454-C4CD7135ABFD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{4C1255EB-4CE6-4C53-8A8C-BF5987AFD494}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{8DCDCC22-6EE6-47AE-BE24-6963DC0FA01A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{095DD76F-E143-4E26-B260-AE541C32A2F5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{4FFF58F5-7153-465D-B57C-7D359554F391}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{F71A43A0-1203-4CA2-B38D-81CF5B336476}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{0EA7995B-2B4D-465E-B2B3-DFE3BCFBBE5B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{E6652DF1-4741-4B50-9719-15AA0CCE6FE4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{1EEC80A0-9379-405A-B69F-E65D1B5C8757}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{09D63AFC-FC80-4F68-866F-6677160DE814}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{0860946E-E42D-4F90-9701-B3E12C9131F6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{C162670F-A2C3-4DB5-B1B7-5AD848CC74DE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{CE696FF3-1FC3-4296-BCAC-A28FBD76AED8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{1158F0A8-3D4F-425B-8CA8-89F6DA49B09B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{831F6CC9-3753-4396-B48E-00813AB6B465}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [TCP Query User{80C954A5-CFC9-43AD-824A-CF8600092C74}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{6D6C1456-977D-47BB-8B63-9FF2105B0003}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Allow) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [UDP Query User{569C9025-4A18-4AFF-BC43-B7F06D9A9B16}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Allow) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [TCP Query User{FD698C2C-51E0-4807-B949-9A02FD450248}C:\program files (x86)\teamviewer\teamviewer.exe] => (Block) C:\program files (x86)\teamviewer\teamviewer.exe FirewallRules: [UDP Query User{D99E9068-6993-4C68-ADD1-5BC29C99190B}C:\program files (x86)\teamviewer\teamviewer.exe] => (Block) C:\program files (x86)\teamviewer\teamviewer.exe FirewallRules: [{DDF1A932-36BE-4818-90DC-0B0F9C58AF28}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{CB9DA8C2-E05F-48F4-A297-313446784A36}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{0492CA64-36B7-4521-822E-6F8249B153D0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{62925AF0-877B-4584-9244-3AECE8763BEC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{35918846-15F0-4AD0-B7E8-27FBE07CBBA7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{D7C9E5B8-BC63-4C14-A08C-2CA0D2B22F3C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [TCP Query User{6E6F1AB5-D259-4BB7-91B1-C049ACF1FA43}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Block) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [UDP Query User{7E6F25B0-3580-411D-8FEC-93A92F59DA00}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Block) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [{C56EF5F4-A676-459A-847A-8EF0E24BF287}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{D6E6DE68-2580-4098-B39C-C7706C59D820}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{3A364FBF-6D44-4A05-A4B3-DB0916A57044}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{BCD9281A-3E2D-4DC4-95A7-8C93FABEA0A7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{A45D4BC1-3AE6-4376-8AD5-D0EE9D926A2A}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe FirewallRules: [{1CCA43F2-60C8-4939-8F3E-40B58ADEBDBF}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe FirewallRules: [{EF2A265F-93B9-47EE-BC60-503D87C507F2}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe FirewallRules: [{787FB2D2-B19F-41B7-B9AF-001DCC412F7F}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe FirewallRules: [{F48D14FD-6CC9-4B6E-9BEE-F2FCA8DBE922}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe FirewallRules: [{ECD4D78C-3BB1-4BA7-BCA2-BA410C3A3C76}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe FirewallRules: [{8ADF0045-FB77-489F-A688-65A1ACB0F131}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe FirewallRules: [{F908ABDF-558A-42A0-9F79-57D8692D2F94}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe ==================== Restore Points ========================= Check "winmgmt" service or repair WMI. ==================== Faulty Device Manager Devices ============= Could not list Devices. Check "winmgmt" service or repair WMI. ==================== Event log errors: ========================= Application errors: ================== Error: (04/19/2016 02:45:00 AM) (Source: ESENT) (EventID: 467) (User: ) Description: svchost (1320) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AppIdTimeStamp of table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} is corrupted (0). Error: (04/19/2016 02:45:00 AM) (Source: ESENT) (EventID: 537) (User: ) Description: svchost (1320) SRUJet: A request for a node on an empty page (Pgno: 6444) has been made (error -351) for a B-Tree (ObjectId: 10, PgnoRoot: 45) of database C:\WINDOWS\system32\SRU\SRUDB.dat. This is typically due to a lost I/O from storage hardware. Please check with your hardware vendor for latest firmware revisions, make changes to your controller's caching parameters, use crash consistent hardware with Forced Unit Access support, and/or replace faulty hardware. Error: (04/19/2016 02:44:00 AM) (Source: ESENT) (EventID: 467) (User: ) Description: svchost (1320) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AppIdTimeStamp of table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} is corrupted (0). Error: (04/19/2016 02:44:00 AM) (Source: ESENT) (EventID: 537) (User: ) Description: svchost (1320) SRUJet: A request for a node on an empty page (Pgno: 6444) has been made (error -351) for a B-Tree (ObjectId: 10, PgnoRoot: 45) of database C:\WINDOWS\system32\SRU\SRUDB.dat. This is typically due to a lost I/O from storage hardware. Please check with your hardware vendor for latest firmware revisions, make changes to your controller's caching parameters, use crash consistent hardware with Forced Unit Access support, and/or replace faulty hardware. Error: (04/19/2016 02:43:00 AM) (Source: ESENT) (EventID: 467) (User: ) Description: svchost (1320) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AppIdTimeStamp of table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} is corrupted (0). Error: (04/19/2016 02:43:00 AM) (Source: ESENT) (EventID: 537) (User: ) Description: svchost (1320) SRUJet: A request for a node on an empty page (Pgno: 6444) has been made (error -351) for a B-Tree (ObjectId: 10, PgnoRoot: 45) of database C:\WINDOWS\system32\SRU\SRUDB.dat. This is typically due to a lost I/O from storage hardware. Please check with your hardware vendor for latest firmware revisions, make changes to your controller's caching parameters, use crash consistent hardware with Forced Unit Access support, and/or replace faulty hardware. Error: (04/19/2016 02:42:00 AM) (Source: ESENT) (EventID: 467) (User: ) Description: svchost (1320) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AppIdTimeStamp of table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} is corrupted (0). Error: (04/19/2016 02:42:00 AM) (Source: ESENT) (EventID: 537) (User: ) Description: svchost (1320) SRUJet: A request for a node on an empty page (Pgno: 6444) has been made (error -351) for a B-Tree (ObjectId: 10, PgnoRoot: 45) of database C:\WINDOWS\system32\SRU\SRUDB.dat. This is typically due to a lost I/O from storage hardware. Please check with your hardware vendor for latest firmware revisions, make changes to your controller's caching parameters, use crash consistent hardware with Forced Unit Access support, and/or replace faulty hardware. Error: (04/19/2016 02:41:00 AM) (Source: ESENT) (EventID: 467) (User: ) Description: svchost (1320) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AppIdTimeStamp of table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} is corrupted (0). Error: (04/19/2016 02:41:00 AM) (Source: ESENT) (EventID: 537) (User: ) Description: svchost (1320) SRUJet: A request for a node on an empty page (Pgno: 6444) has been made (error -351) for a B-Tree (ObjectId: 10, PgnoRoot: 45) of database C:\WINDOWS\system32\SRU\SRUDB.dat. This is typically due to a lost I/O from storage hardware. Please check with your hardware vendor for latest firmware revisions, make changes to your controller's caching parameters, use crash consistent hardware with Forced Unit Access support, and/or replace faulty hardware. System errors: ============= Error: (04/19/2016 12:43:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The WLAN AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. Error: (04/19/2016 12:43:13 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Diagnostic System Host service terminated unexpectedly. It has done this 1 time(s). Error: (04/19/2016 12:43:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. Error: (04/19/2016 12:43:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (04/19/2016 12:43:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (04/19/2016 12:43:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service. Error: (04/19/2016 12:43:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Network Connection Broker service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. Error: (04/19/2016 12:43:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The HomeGroup Listener service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (04/19/2016 12:43:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Human Interface Device Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. Error: (04/19/2016 12:43:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Device Association Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. CodeIntegrity: =================================== Date: 2016-04-19 00:23:10.811 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-18 12:58:28.233 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-18 09:19:13.178 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-18 08:48:37.138 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-18 06:48:49.029 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-18 02:10:37.734 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-17 21:10:25.113 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-17 08:25:19.583 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-17 08:12:00.103 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-17 07:24:55.582 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Celeron(R) CPU N2830 @ 2.16GHz Percentage of memory in use: 73% Total physical RAM: 1929.7 MB Available physical RAM: 514.66 MB Total Virtual: 3337.7 MB Available Virtual: 1173.93 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:450.08 GB) (Free:399.45 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 0BE089D7) Partition: GPT. ==================== End of Addition.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-04-2016 01 Ran by Valued User (2016-04-19 02:43:32) Running from C:\Users\Valued User\Desktop Windows 8.1 Connected Single Language (X64) (2015-01-02 07:12:30) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2990771943-463371173-480832279-500 - Administrator - Disabled) Guest (S-1-5-21-2990771943-463371173-480832279-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2990771943-463371173-480832279-1003 - Limited - Enabled) Valued User (S-1-5-21-2990771943-463371173-480832279-1001 - Administrator - Enabled) => C:\Users\Valued User ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: COMODO Antivirus (Enabled - Up to date) {D0CC7563-ABD2-DEBE-138E-FDD553335AF2} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Comodo Defense+ (Enabled - Up to date) {6BAD9487-8DE8-D130-293E-C6A728B4104F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 3G Mobile Hotspot Hostless Modem (HKLM-x32\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.2 - ZTE Corporation) 7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov) abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated) abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.00.2003.6 - Acer Incorporated) abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.06.2000.22 - Acer Incorporated) Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated) Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8105 - Acer Incorporated) Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8104 - Acer Incorporated) Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8106 - Acer Incorporated) Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated) Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.01.3003 - Acer Incorporated) Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.01.3003 - Acer Incorporated) Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2001.4 - Acer Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Adobe Reader XI (11.0.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.15 - Adobe Systems Incorporated) Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.15.2000.1 - Acer Incorporated) Beyluxe Messenger (HKLM-x32\...\Beyluxe Messenger1) (Version: 1 - Hichatters Srl) Camfrog Video Chat 6.11 (HKLM-x32\...\Camfrog) (Version: 6.11.543 - Camshare, Inc.) COMODO Antivirus (HKLM\...\{04833277-EE61-4251-9273-0CF86C0FE710}) (Version: 8.2.0.4792 - COMODO Security Solutions Inc.) Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.3721 - CyberLink Corp.) CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3914.57 - CyberLink Corp.) DriverIdentifier 4.2.8 (HKLM-x32\...\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1) (Version: - DriverIdentifier) eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM) ELAN HIDI2C Filter Driver X64 13.6.1.1_WHQL (HKLM\...\Elantech) (Version: 13.6.1.1 - ELAN Microelectronic Corp.) Game Channels (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 9.2.0.11 - WildTangent, Inc.) Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.2.1 - Genesys Logic) Google Chrome (HKU\S-1-5-21-2990771943-463371173-480832279-1001\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.) Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation) Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation) Intel(R) Technology Access (HKLM-x32\...\{efc54997-dfa9-44b1-afac-3a7ac4f45730}) (Version: 1.3.6.1042 - Intel Corporation) Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{43FA4AC8-46F8-423F-96FD-9A7D67048F1C}) (Version: 2.5.1634 - Intel Corporation) Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated) Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) ManyCam 5.1.0 (HKLM-x32\...\ManyCam) (Version: 5.1.0 - Visicom Media Inc.) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Mozilla Firefox 45.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 en-US)) (Version: 45.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla) OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation) Opera Stable 36.0.2130.65 (HKLM-x32\...\Opera 36.0.2130.65) (Version: 36.0.2130.65 - Opera Software) Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications) Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.25 - Qualcomm Atheros) Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.37.1119.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation) Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.) Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.5 - Sophos Limited) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer) The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - ) VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) WildTangent Games App (x32 Version: 4.0.11.14 - WildTangent) Hidden Wondershare Video Editor(Build 5.1.1) (HKLM-x32\...\Wondershare Video Editor_is1) (Version: - Wondershare Software) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2990771943-463371173-480832279-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Valued User\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2990771943-463371173-480832279-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-2990771943-463371173-480832279-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Valued User\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {049415C7-10EB-4F82-8F49-79CF8C3AF2FF} - System32\Tasks\{4C5D8014-4C4B-426B-BA51-4413EA683020} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12002 Task: {05805890-58AC-4698-A09F-CE8DD2A62D66} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-09] () Task: {10716E78-E95E-4502-9A04-F1467ECCB378} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-04-11] (COMODO) Task: {1AB9EA82-1A8D-4620-8E7E-101532129706} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-04-11] (COMODO) Task: {1E347CE0-80C4-43D4-BBC3-F411ABC2C135} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-04-11] (COMODO) Task: {21492B2E-B0B1-4CD5-ABEC-CCC13E2BC964} - System32\Tasks\{B5DCBA7D-5A61-4FA5-852D-396995712F47} => Chrome.exe hxxp://ui.skype.com/ui/0/7.0.0.102/en/abandoninstall?page=tsMain Task: {21EA1CD8-38CB-422B-8057-E564627E4BEA} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-04-11] (COMODO) Task: {25D89FD7-D33C-434C-9D7A-F16A8CA78893} - System32\Tasks\{A375AB04-4A99-481D-B0EB-1601F96BCF30} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12002 Task: {31CFA3A5-24B7-4BC7-87A1-159D0DF6B7ED} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2014-02-26] () Task: {39220496-211C-4A01-9B06-BFACA912B44C} - System32\Tasks\{1BAD3E11-89C1-49CA-99DE-FD58BC4997B2} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12002 Task: {4643E4F0-F375-45F9-8ACE-A258641EB444} - System32\Tasks\{52CD0227-3E08-4AC5-A0FD-91C74B1A7FBE} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.5.0.102&amp;LastError=12002 Task: {60E56F48-ABE5-4E1A-92FE-D236F43170A9} - System32\Tasks\{B3B02AEE-7226-4A51-B544-45E89155E0CD} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12002 Task: {620D072A-58DE-45C7-A465-565D5EA80791} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-15] (Microsoft Corporation) Task: {680D1151-F04A-4FB2-A439-CF4ED6BFEB1A} - System32\Tasks\{9E14391A-A700-45C9-A8A6-6F45954D38EA} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.5.0.102&amp;LastError=12002 Task: {6CE03F3C-7B12-4FA7-95E2-DAE4A5D8B8F1} - System32\Tasks\Opera scheduled Autoupdate 1420186013 => C:\Program Files (x86)\Opera\launcher.exe [2016-04-13] (Opera Software) Task: {6E756A75-A5CB-459B-8323-94ECE61F34FA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {74AEEDD5-5266-4A18-B330-8141E90BC3C0} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-04-11] (COMODO) Task: {78D1EC83-1D8A-40A1-AE33-2575BBA6D948} - System32\Tasks\{2D5DA554-F54D-45A3-8C71-2C7E7B33B961} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12007 Task: {80981AFD-358C-4C60-9D17-FF6EF1C4EB3B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe [2016-04-14] (Adobe Systems Incorporated) Task: {8657D6CE-2D0E-4E83-9B19-4410532A959E} - System32\Tasks\{B160DC4B-5225-46D5-820E-B38BE85D15A0} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.5.0.102&amp;LastError=12002 Task: {86ABF491-C471-4208-B258-A87AEE61FABD} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09] () Task: {8E41E03F-3F67-405D-9285-09A435378FDC} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-04-11] (COMODO) Task: {AEA428A2-B19B-4A6E-9E94-59B2A56E07E6} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-01-14] (Acer Incorporated) Task: {B4761431-F97D-44C6-9E35-4A8CCE6C4DCB} - System32\Tasks\{4D9FF39B-316A-4C54-B14B-DE5A3F396075} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=404 Task: {B942F5A0-98AB-4359-BBE6-770E590EDA32} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-24] (TODO: <Company name>) Task: {BE0B4EFA-3E8D-444E-BF36-773C190A7B03} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09] () Task: {C740B023-F01D-40CE-9688-6FEB7A1002EA} - System32\Tasks\{CC87FCA1-0E19-43F2-9465-F0F753609E48} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.5.0.102&amp;LastError=12002 Task: {C8699B07-BE64-40E5-8063-85BFDEF2B8C7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2990771943-463371173-480832279-1001Core => C:\Users\Valued User\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {CA26BABB-1D28-4429-B99E-0FEF2EB7B450} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-03-18] (Acer Incorporated) Task: {D1D1D764-BB4E-439C-B108-E6CA5F8BE06D} - System32\Tasks\{C075B6C7-518D-4D90-8B99-246F05C7449E} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12002 Task: {D2D27CAE-38D5-4A14-A9C6-D92A28303666} - System32\Tasks\{ED3812D4-3F23-4066-8A0D-1BA1BDEA8AFB} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12002 Task: {D729E818-CE2C-4155-A76E-37DC73771147} - System32\Tasks\{4918C21A-1A31-4784-A0AC-D0FB8BDD8A62} => Chrome.exe hxxp://ui.skype.com/ui/0/6.22.81.105/en/go/help.faq.installer?source=lightinstaller&amp;LastError=1618 Task: {D9627621-7E32-469B-9307-302816506D0F} - System32\Tasks\{46B5C890-32B5-44E4-9A9C-21A20184FB75} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12002 Task: {DF751EDF-16BA-4F0F-81D6-0D4024DC5B3F} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-03-17] (Acer Incorporate) Task: {E5D92B43-9DEC-4409-A9B4-583D1A880947} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] () Task: {F6E7BB19-293D-4ABF-B1D3-CE7222A39EAD} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-14] (Adobe Systems Incorporated) Task: {F77C2BCF-2899-421D-BD26-BB7F8B6244BD} - System32\Tasks\{D6B27AD6-59E3-4B71-9C1A-022FE48B81EB} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12007 Task: {F984CF2B-2D0B-480C-8AAA-462EC1ADE45F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2990771943-463371173-480832279-1001UA => C:\Users\Valued User\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {FFFF37C7-B1CC-4686-8920-5EB18342DC52} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-03-21] (Acer Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2990771943-463371173-480832279-1001Core.job => C:\Users\Valued User\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2990771943-463371173-480832279-1001UA.job => C:\Users\Valued User\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2014-07-26 15:14 - 2014-01-03 14:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll 2014-07-26 14:29 - 2014-02-26 10:13 - 00053248 _____ () C:\Windows\SysWOW64\UMonit64.exe 2013-12-24 02:22 - 2013-12-24 02:22 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2013-12-24 02:20 - 2013-12-24 02:20 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll 2015-01-08 22:02 - 2016-03-16 17:25 - 00073912 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav 2013-12-24 02:26 - 2013-12-24 02:26 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe 2013-07-09 04:34 - 2013-07-09 04:34 - 04150312 _____ () C:\Program Files (x86)\Acer\Live Updater\updater.exe 2015-11-16 19:55 - 2015-11-16 19:55 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll 2015-11-16 19:56 - 2015-11-16 19:56 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll 2015-11-16 19:56 - 2015-11-16 19:56 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll 2015-11-16 19:56 - 2015-11-16 19:56 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll 2016-02-09 02:52 - 2016-02-09 02:52 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll 2016-01-14 17:12 - 2016-01-14 17:12 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll 2016-01-14 17:11 - 2016-01-14 17:11 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll 2014-10-01 16:23 - 2016-02-17 03:39 - 02140672 _____ () C:\Program Files (x86)\ManyCam\opencv_core2410.dll 2014-10-01 16:24 - 2016-02-17 03:39 - 01891840 _____ () C:\Program Files (x86)\ManyCam\opencv_imgproc2410.dll 2014-10-01 16:25 - 2016-02-17 03:39 - 00654848 _____ () C:\Program Files (x86)\ManyCam\opencv_objdetect2410.dll 2014-10-01 16:24 - 2016-02-17 03:39 - 02147840 _____ () C:\Program Files (x86)\ManyCam\opencv_highgui2410.dll 2014-10-01 16:24 - 2016-02-17 03:39 - 00360960 _____ () C:\Program Files (x86)\ManyCam\opencv_video2410.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\WINDOWS\explorer.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\acmigration.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\actxprxy.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\aeinv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\aepic.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\appraiser.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\AppxAllUserStore.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentExtensions.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentServer.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\asycfilt.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\atmfd.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\atmlib.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\basesrv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\BFE.DLL:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\certcli.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\CompatTelRunner.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\comsvcs.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\devinv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\dhcpsapi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\dxtrans.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ExplorerFrame.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\FWPUCLNT.DLL:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\generaltel.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\glcndFilter.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\hgcpl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\hlink.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ie4uinit.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ieapfltr.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\iedkcs32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ieframe.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\iepeers.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\iertutil.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\IKEEXT.DLL:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\inetcomm.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\inetcpl.cpl:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\invagent.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\jscript.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\jscript9.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\kerberos.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\KernelBase.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\lsasrv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\mfds.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\mfmp4srcsnk.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\mispace.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\MRT.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\msfeeds.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\mshtml.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\mshtmled.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\msvcp120_clr0400.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\msvcr120_clr0400.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\msxml3.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\mtxoci.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\netlogon.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nshwfp.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ntoskrnl.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ole32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\rpcss.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\rsaenh.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\samlib.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\samsrv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\seclogon.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SettingMonitor.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SettingSync.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SettingSyncCore.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SettingSyncHost.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\shell32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\stobject.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\storagewmi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SystemSettingsAdminFlows.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\themecpl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\twinui.appcore.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\twinui.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ucrtbase.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\urlmon.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\usercpl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\vbscript.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\VSSVC.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wbengine.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\webcheck.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Windows.Data.Pdf.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wininet.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\winload.efi:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\winload.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\winlogon.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\winresume.efi:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\winresume.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WMASF.DLL:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wmp.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WorkfoldersControl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\workfolderssvc.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wscapi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wscsvc.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WsmAgent.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WsmAuto.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WsmSvc.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WsmWmiPl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wuapi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wuapp.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wuauclt.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wuaueng.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wucltux.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wudriver.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WUSettingsProvider.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wuwebv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\AppxAllUserStore.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\asycfilt.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\atmfd.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\atmlib.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\certcli.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\comsvcs.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\dhcpsapi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\dxtrans.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\explorer.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\ExplorerFrame.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerApp.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\FWPUCLNT.DLL:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\glcndFilter.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\hgcpl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\hlink.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\ieapfltr.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\iedkcs32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\ieframe.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\iepeers.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\iertutil.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\inetcomm.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\inetcpl.cpl:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\jscript.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\jscript9.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\kerberos.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\KernelBase.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\mfds.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\mispace.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\msfeeds.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\mshtml.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\msorcl32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\msxml3.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\mtxoci.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\netlogon.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\nshwfp.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\ole32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\olepro32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\rsaenh.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\samlib.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingMonitor.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSync.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSyncCore.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSyncHost.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\shell32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\stobject.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\storagewmi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\themecpl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\twinui.appcore.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\twinui.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\ucrtbase.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\urlmon.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\usercpl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\vbscript.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\webcheck.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\wininet.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\WMASF.DLL:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\wmp.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\wscapi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\WsmAgent.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\WsmAuto.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\WsmSvc.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\WsmWmiPl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\wuapi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\wuapp.exe:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\SysWOW64\wudriver.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\wuwebv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\Classpnp.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\cng.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\disk.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\IPMIDrv.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\mcaudrv_x64.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\mcvidrv.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxsmb.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxsmb10.sys:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxsmb20.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\netio.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\ntfs.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\rasl2tp.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\spaceport.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\srv.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\storport.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\USBSTOR.SYS:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\vhdmp.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\volsnap.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\vpci.sys:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Desktop\FRST64.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Desktop\FRST64.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Valued User\Downloads\Beyluxe_Setup521 (1).exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Downloads\Beyluxe_Setup521 (1).exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Valued User\Downloads\Firefox Setup Stub 45.0.2.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Downloads\Firefox Setup Stub 45.0.2.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Valued User\Downloads\ManyCamWebInstaller.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Downloads\ManyCamWebInstaller.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Valued User\Downloads\pal_install_u45593004_a729_r109813_p180.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Valued User\Downloads\pal_install_u45593004_a729_r109813_p180.exe:$CmdZnID [26] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMPCHelper => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tvnserver => ""="" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 20:25 - 2016-04-17 06:16 - 00000967 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 keystone.mwbsys.com 127.0.0.1 sirius.mwbsys.com 127.0.0.1 bactem.mwbsys.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2990771943-463371173-480832279-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Valued User\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: 0155351455077364mcinstcleanup => 2 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: APNMCP => 2 MSCONFIG\Services: camfrog_update_service => 2 MSCONFIG\Services: GamesAppIntegrationService => 2 MSCONFIG\Services: GamesAppService => 3 MSCONFIG\Services: ICCS => 3 MSCONFIG\Services: igfxCUIService1.0.0.0 => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3 MSCONFIG\Services: Intel(R) TechnologyAccessService => 2 MSCONFIG\Services: LMSvc => 2 MSCONFIG\Services: QASvc => 3 MSCONFIG\Services: RichVideo => 2 MSCONFIG\Services: RMSvc => 3 MSCONFIG\Services: tvnserver => 2 HKLM\...\StartupApproved\Run32: => "CheckNDISPort_df" HKLM\...\StartupApproved\Run32: => "YouCam Service" HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "tvncontrol" HKU\S-1-5-21-2990771943-463371173-480832279-1001\...\StartupApproved\StartupFolder: => "PalTalk.lnk" HKU\S-1-5-21-2990771943-463371173-480832279-1001\...\StartupApproved\Run: => "BeyluxeMessenger" HKU\S-1-5-21-2990771943-463371173-480832279-1001\...\StartupApproved\Run: => "ZamTalk" HKU\S-1-5-21-2990771943-463371173-480832279-1001\...\StartupApproved\Run: => "BingSvc" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{ABB6DF67-8632-4B0F-B6E0-ECF744F1DAA1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{842674E4-D4C4-4DCE-9579-36881ACEC705}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe FirewallRules: [{64E21B38-132E-46D6-95FC-5B784E52E17D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe FirewallRules: [{EBD6F9A4-B67C-406E-8754-33C1697FAAC3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe FirewallRules: [{F1684950-7A66-41FA-9BA1-472D242D4D2F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe FirewallRules: [{D46BAE7C-D22E-46FC-9D2C-8A3A7F0D664C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe FirewallRules: [{C34965F4-6EEC-40F5-9F95-AE440E84E403}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe FirewallRules: [{A80F0CB0-E935-4489-AD6E-76FD63A1F474}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{FB06A5F8-792C-43A8-A865-214386C7F6D6}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{D65172A9-805E-48F3-8A63-1BF7E03CA94B}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{3D2809A1-3E13-47EF-BC6A-3A462302ACC5}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{0E89BEB9-91E3-416A-8F03-F9511812F65D}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{7FB12568-CBE9-41CF-A9F4-105A839308E3}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{F19FC465-3CFE-4FBB-A532-B558F337F227}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{5E080EAF-6739-486E-B73B-5AA74B592DF0}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{C28A9483-2C63-43C9-B46A-1BFCD6239CA5}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{B31112CE-33AC-40C6-9CD5-0FFF52E32612}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{5E7EC795-C0A7-4B38-83E3-5161A0EB1E19}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{AD041410-7503-4E43-B6CA-49F964BAD99D}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{F5018241-9DCA-4B67-A7D4-7646BA271C3F}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{86BFE9B9-6B55-4285-B448-AB0939438892}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{83F91F26-3F18-4814-A1F0-F44E009B8F9C}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{3E115B61-1FA5-4B09-A47E-BDCB1D763124}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{46786221-B4FE-4006-9328-891009B90B1D}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{7EC6972D-404E-4C4D-8910-6C38433E0279}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{51B9E294-5D44-49CE-AC02-E3BEDC1C837E}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe FirewallRules: [{80FFF6BB-E29B-45A6-B928-7A9479AC505C}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe FirewallRules: [{4AFF4927-CCCD-4316-9B47-C4982A5DF4C1}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe FirewallRules: [{F075769E-593E-418A-8FCB-0A09A03DC4C9}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe FirewallRules: [{A59ED16C-2A3F-4D14-9D43-016327A1A530}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{FCA76900-DAB4-47A5-BA0F-4B0EE88A06D9}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{4EFDDE5A-E559-4828-8115-FB9B2D3BD389}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{A4E79097-C10F-4E12-A326-7AAEF3FB869E}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{EA1A687F-B943-4B50-9D19-7882E2D9D610}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{59685312-1F34-4B43-AA80-C141170F482A}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{E1D5DDA2-7B94-4B62-9E8E-EB542519909C}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [TCP Query User{E4C85192-FA35-484F-AAEB-83280B7E7BC2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{9A1A6DBE-DC36-4476-B558-74D962157B8B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{E38BDA3C-A7B4-420C-9C85-56EECCD1654A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{11EECA65-2412-46DD-AC20-3084C990A504}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{70F9D400-AB0A-4886-BC02-243CDADC033B}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Block) C:\program files (x86)\paltalk messenger\paltalk.exe FirewallRules: [UDP Query User{357A6F57-1931-4616-B5BB-E47A39C662C4}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Block) C:\program files (x86)\paltalk messenger\paltalk.exe FirewallRules: [{5B212C08-43BF-4CA0-99FA-E6CC0B2FBC87}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe FirewallRules: [{88A5FF0C-9BA3-4459-840A-2A2F8894CBC3}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe FirewallRules: [{D0E3757A-ED68-4F7F-9427-CAB0CCB39147}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe FirewallRules: [{D9AEE2D4-944F-48CA-854E-32E390B12F78}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe FirewallRules: [{678529EB-7FCE-404E-95FA-892DA4A840A6}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{D161A54E-5574-4FBF-AFC2-D28994775C27}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{60E6B2E0-0555-4216-B599-9E1B4B7C513E}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{CBDE7C0D-EDD9-419C-86FA-40FB72267248}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{3D7A1B98-EAAE-4B4F-A2A1-71C42F99D43B}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe FirewallRules: [{DF46B9EB-4FE5-4C0F-B6DB-1DEAAAC5E432}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe FirewallRules: [{E5F7EC45-826A-4767-87ED-E3AF88CD1E84}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe FirewallRules: [{602E5781-F6F6-4AE2-9CB4-C7B35B6C85A5}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe FirewallRules: [{B7F6E09B-F5F6-485A-B6EA-08EE9DAA030D}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe FirewallRules: [{5CB3C640-67C5-42E0-B29E-9D88113B425E}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe FirewallRules: [{1548EA00-FCD8-4C75-B19E-7A59BF0E65DC}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe FirewallRules: [{2EA53F06-B210-4013-8F9E-8F2631CEF84E}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe FirewallRules: [{8368AC44-63F5-4503-8CD8-B6F7527176ED}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{B40EC191-D7AD-456A-86EE-D0D67FDE5A21}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{8AB22AF0-68F1-4A62-BCB6-44D0D19F2B55}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{D1BAC995-DCB6-4C28-A6F5-F4CA4C93D70E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{7F8FE66C-DB67-456E-A650-51BE1653803E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{3E3FBCBF-3D5E-45D7-A748-77CA4F520E8E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{6767AE8C-A83E-49E2-80FE-23DCB7890FFD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{7A20795A-7065-409C-9315-F25E9AF3CFB1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [TCP Query User{E341E415-0C80-4A1E-8B42-D69A8BC9293F}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Block) C:\program files (x86)\paltalk messenger\paltalk.exe FirewallRules: [UDP Query User{A85036DE-727F-4FA2-B31C-171624D1F910}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Block) C:\program files (x86)\paltalk messenger\paltalk.exe FirewallRules: [TCP Query User{A1A61FFB-542C-4F86-A752-F52554BE1106}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{A72D2746-EDC0-4F6D-8192-228343E31AEA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{F12FB72C-F518-4DC3-8838-B11EF54497DA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{2277A6CF-5915-487A-A887-15A56FE74AC5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{DD8AB1DC-98C8-473B-8F9E-AEB9A17FB68F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{CB44A943-3650-4A71-99B4-4E3455A409D2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{EB5B04A8-18C8-47AF-BDF2-C4AD4A18C6DB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{76D1D252-8511-4FC7-8F36-27A231C2EF72}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{47E0FC17-BA52-4FF8-998D-D26C664A82AF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{195D621B-DF53-49D5-BCD2-3EEF5B89A981}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [TCP Query User{6E03D9C8-2333-4CAC-8C0C-AD5C64EB2621}C:\users\valued user\desktop\aa_v3.2.exe] => (Block) C:\users\valued user\desktop\aa_v3.2.exe FirewallRules: [UDP Query User{EFFA99C7-6A2D-4CD2-826F-D1BD7EC89521}C:\users\valued user\desktop\aa_v3.2.exe] => (Block) C:\users\valued user\desktop\aa_v3.2.exe FirewallRules: [TCP Query User{D5216150-8B64-4806-90EE-350D63F5EAD4}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe] => (Allow) C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe FirewallRules: [UDP Query User{1B14D14D-A2B1-45BD-938E-8F8EEA1F3546}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe] => (Allow) C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe FirewallRules: [TCP Query User{7947DB53-7DA8-476D-96C6-F46695A70D00}C:\users\valued user\appdata\local\temp\showmypc\smpc3160\smpcph.exe] => (Allow) C:\users\valued user\appdata\local\temp\showmypc\smpc3160\smpcph.exe FirewallRules: [UDP Query User{F6A48A1D-CE29-43F3-9ECF-66C63F8F6FF2}C:\users\valued user\appdata\local\temp\showmypc\smpc3160\smpcph.exe] => (Allow) C:\users\valued user\appdata\local\temp\showmypc\smpc3160\smpcph.exe FirewallRules: [{C5D15A9A-DCAB-4B57-898D-5CEEAE724C3E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{8074EFE2-5E6E-482B-84CA-C8EC70EBEEA2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{91C35F0A-58ED-4F84-832A-E68EBA647F6B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{59D7996A-BA56-405A-9323-C167CCE5A761}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{76290946-409A-4004-B957-B6EF1D756B07}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{3C0200DA-C008-47F1-A454-C4CD7135ABFD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{4C1255EB-4CE6-4C53-8A8C-BF5987AFD494}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{8DCDCC22-6EE6-47AE-BE24-6963DC0FA01A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{095DD76F-E143-4E26-B260-AE541C32A2F5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{4FFF58F5-7153-465D-B57C-7D359554F391}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{F71A43A0-1203-4CA2-B38D-81CF5B336476}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{0EA7995B-2B4D-465E-B2B3-DFE3BCFBBE5B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{E6652DF1-4741-4B50-9719-15AA0CCE6FE4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{1EEC80A0-9379-405A-B69F-E65D1B5C8757}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{09D63AFC-FC80-4F68-866F-6677160DE814}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{0860946E-E42D-4F90-9701-B3E12C9131F6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{C162670F-A2C3-4DB5-B1B7-5AD848CC74DE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{CE696FF3-1FC3-4296-BCAC-A28FBD76AED8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{1158F0A8-3D4F-425B-8CA8-89F6DA49B09B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{831F6CC9-3753-4396-B48E-00813AB6B465}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [TCP Query User{80C954A5-CFC9-43AD-824A-CF8600092C74}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{6D6C1456-977D-47BB-8B63-9FF2105B0003}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Allow) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [UDP Query User{569C9025-4A18-4AFF-BC43-B7F06D9A9B16}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Allow) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [TCP Query User{FD698C2C-51E0-4807-B949-9A02FD450248}C:\program files (x86)\teamviewer\teamviewer.exe] => (Block) C:\program files (x86)\teamviewer\teamviewer.exe FirewallRules: [UDP Query User{D99E9068-6993-4C68-ADD1-5BC29C99190B}C:\program files (x86)\teamviewer\teamviewer.exe] => (Block) C:\program files (x86)\teamviewer\teamviewer.exe FirewallRules: [{DDF1A932-36BE-4818-90DC-0B0F9C58AF28}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{CB9DA8C2-E05F-48F4-A297-313446784A36}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{0492CA64-36B7-4521-822E-6F8249B153D0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{62925AF0-877B-4584-9244-3AECE8763BEC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{35918846-15F0-4AD0-B7E8-27FBE07CBBA7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{D7C9E5B8-BC63-4C14-A08C-2CA0D2B22F3C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [TCP Query User{6E6F1AB5-D259-4BB7-91B1-C049ACF1FA43}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Block) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [UDP Query User{7E6F25B0-3580-411D-8FEC-93A92F59DA00}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Block) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [{C56EF5F4-A676-459A-847A-8EF0E24BF287}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{D6E6DE68-2580-4098-B39C-C7706C59D820}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{3A364FBF-6D44-4A05-A4B3-DB0916A57044}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{BCD9281A-3E2D-4DC4-95A7-8C93FABEA0A7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{A45D4BC1-3AE6-4376-8AD5-D0EE9D926A2A}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe FirewallRules: [{1CCA43F2-60C8-4939-8F3E-40B58ADEBDBF}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe FirewallRules: [{EF2A265F-93B9-47EE-BC60-503D87C507F2}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe FirewallRules: [{787FB2D2-B19F-41B7-B9AF-001DCC412F7F}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe FirewallRules: [{F48D14FD-6CC9-4B6E-9BEE-F2FCA8DBE922}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe FirewallRules: [{ECD4D78C-3BB1-4BA7-BCA2-BA410C3A3C76}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe FirewallRules: [{8ADF0045-FB77-489F-A688-65A1ACB0F131}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe FirewallRules: [{F908ABDF-558A-42A0-9F79-57D8692D2F94}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe ==================== Restore Points ========================= Check "winmgmt" service or repair WMI. ==================== Faulty Device Manager Devices ============= Could not list Devices. Check "winmgmt" service or repair WMI. ==================== Event log errors: ========================= Application errors: ================== Error: (04/19/2016 02:45:00 AM) (Source: ESENT) (EventID: 467) (User: ) Description: svchost (1320) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AppIdTimeStamp of table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} is corrupted (0). Error: (04/19/2016 02:45:00 AM) (Source: ESENT) (EventID: 537) (User: ) Description: svchost (1320) SRUJet: A request for a node on an empty page (Pgno: 6444) has been made (error -351) for a B-Tree (ObjectId: 10, PgnoRoot: 45) of database C:\WINDOWS\system32\SRU\SRUDB.dat. This is typically due to a lost I/O from storage hardware. Please check with your hardware vendor for latest firmware revisions, make changes to your controller's caching parameters, use crash consistent hardware with Forced Unit Access support, and/or replace faulty hardware. Error: (04/19/2016 02:44:00 AM) (Source: ESENT) (EventID: 467) (User: ) Description: svchost (1320) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AppIdTimeStamp of table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} is corrupted (0). Error: (04/19/2016 02:44:00 AM) (Source: ESENT) (EventID: 537) (User: ) Description: svchost (1320) SRUJet: A request for a node on an empty page (Pgno: 6444) has been made (error -351) for a B-Tree (ObjectId: 10, PgnoRoot: 45) of database C:\WINDOWS\system32\SRU\SRUDB.dat. This is typically due to a lost I/O from storage hardware. Please check with your hardware vendor for latest firmware revisions, make changes to your controller's caching parameters, use crash consistent hardware with Forced Unit Access support, and/or replace faulty hardware. Error: (04/19/2016 02:43:00 AM) (Source: ESENT) (EventID: 467) (User: ) Description: svchost (1320) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AppIdTimeStamp of table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} is corrupted (0). Error: (04/19/2016 02:43:00 AM) (Source: ESENT) (EventID: 537) (User: ) Description: svchost (1320) SRUJet: A request for a node on an empty page (Pgno: 6444) has been made (error -351) for a B-Tree (ObjectId: 10, PgnoRoot: 45) of database C:\WINDOWS\system32\SRU\SRUDB.dat. This is typically due to a lost I/O from storage hardware. Please check with your hardware vendor for latest firmware revisions, make changes to your controller's caching parameters, use crash consistent hardware with Forced Unit Access support, and/or replace faulty hardware. Error: (04/19/2016 02:42:00 AM) (Source: ESENT) (EventID: 467) (User: ) Description: svchost (1320) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AppIdTimeStamp of table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} is corrupted (0). Error: (04/19/2016 02:42:00 AM) (Source: ESENT) (EventID: 537) (User: ) Description: svchost (1320) SRUJet: A request for a node on an empty page (Pgno: 6444) has been made (error -351) for a B-Tree (ObjectId: 10, PgnoRoot: 45) of database C:\WINDOWS\system32\SRU\SRUDB.dat. This is typically due to a lost I/O from storage hardware. Please check with your hardware vendor for latest firmware revisions, make changes to your controller's caching parameters, use crash consistent hardware with Forced Unit Access support, and/or replace faulty hardware. Error: (04/19/2016 02:41:00 AM) (Source: ESENT) (EventID: 467) (User: ) Description: svchost (1320) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AppIdTimeStamp of table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} is corrupted (0). Error: (04/19/2016 02:41:00 AM) (Source: ESENT) (EventID: 537) (User: ) Description: svchost (1320) SRUJet: A request for a node on an empty page (Pgno: 6444) has been made (error -351) for a B-Tree (ObjectId: 10, PgnoRoot: 45) of database C:\WINDOWS\system32\SRU\SRUDB.dat. This is typically due to a lost I/O from storage hardware. Please check with your hardware vendor for latest firmware revisions, make changes to your controller's caching parameters, use crash consistent hardware with Forced Unit Access support, and/or replace faulty hardware. System errors: ============= Error: (04/19/2016 12:43:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The WLAN AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. Error: (04/19/2016 12:43:13 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Diagnostic System Host service terminated unexpectedly. It has done this 1 time(s). Error: (04/19/2016 12:43:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. Error: (04/19/2016 12:43:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (04/19/2016 12:43:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (04/19/2016 12:43:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service. Error: (04/19/2016 12:43:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Network Connection Broker service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. Error: (04/19/2016 12:43:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The HomeGroup Listener service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (04/19/2016 12:43:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Human Interface Device Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. Error: (04/19/2016 12:43:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Device Association Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. CodeIntegrity: =================================== Date: 2016-04-19 00:23:10.811 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-18 12:58:28.233 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-18 09:19:13.178 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-18 08:48:37.138 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-18 06:48:49.029 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-18 02:10:37.734 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-17 21:10:25.113 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-17 08:25:19.583 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-17 08:12:00.103 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-17 07:24:55.582 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Celeron(R) CPU N2830 @ 2.16GHz Percentage of memory in use: 73% Total physical RAM: 1929.7 MB Available physical RAM: 514.66 MB Total Virtual: 3337.7 MB Available Virtual: 1173.93 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:450.08 GB) (Free:399.45 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 0BE089D7) Partition: GPT. ==================== End of Addition.txt ============================
  11. [Inactive] Friends pc infected

    Broni, I am very sorry again I lost contact with this person, nothing from what we did here. Personal issues. I have to have close/inactive this thread. I am very sorry.
  12. [Inactive] Friends pc infected

    Ok, all finished . Here logs thanks for help : RogueKiller V12.1.1.0 [Apr 4 2016] (Free) by Adlice Software mail : http://www.adlice.com/contact/ Feedback : http://forum.adlice.com Website : http://www.adlice.com/software/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7600) 64 bits version Started in : Normal mode User : User [Administrator] Started from : C:\Users\User\Desktop\RogueKiller.exe Mode : Scan -- Date : 04/06/2016 06:35:35 ¤¤¤ Processes : 0 ¤¤¤ ¤¤¤ Registry : 2 ¤¤¤ [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3095993379-2960881611-2283259630-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://mystart.com/?pr=manycam&id=manycam_ot&v=4_1 -> Found [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3095993379-2960881611-2283259630-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://mystart.com/?pr=manycam&id=manycam_ot&v=4_1 -> Found ¤¤¤ Tasks : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: TOSHIBA DT01ACA050 ATA Device +++++ --- User --- [MBR] b9916e36da6699d8c46c162dab8a51b8 [BSP] 9df843fdf19ee6640b24103918adf451 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 249899 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 512000000 | Size: 226939 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK ---------------------------------------------------------------------- Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 4/5/2016 Scan Time: 6:26 AM Logfile: mbamfuck u.txt Administrator: Yes Version: 2.2.1.1043 Malware Database: v2016.04.04.08 Rootkit Database: v2016.04.03.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 CPU: x64 File System: NTFS User: User Scan Type: Threat Scan Result: Completed Objects Scanned: 335679 Time Elapsed: 15 min, 43 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 88 PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, Quarantined, [28b041693b5e90a66a6819e01ee439c7], PUP.Optional.ASK.Gen, C:\Users\User\AppData\Local\Temp\APN-Stub, Delete-on-Reboot, [b523acfecfcaac8aa24e071b6f946b95], PUP.Optional.ASK.Gen, C:\Users\User\AppData\Local\Temp\APN-Stub\CMG-SP3, Quarantined, [b523acfecfcaac8aa24e071b6f946b95], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\adapter, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\abstractbutton, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\abstractbutton\background, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\alert, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\alert\background, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\embedhtml, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\embedhtml\background, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\embedhtml\html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\embedhtml\js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\embedscript, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\embedscript\background, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\embedscript\html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\embedscript\js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\flare, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\flare\background, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\flare\icons, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\generic, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\generic\background, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\link, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\link\background, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\menu, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\menu\background, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\menu\css, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\menu\html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\menu\images, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\menu\js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\rss, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\rss\background, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\thirdparty, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\thirdparty\background, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\uninstall, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\uninstall\background, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\weather, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\weather\background, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\common, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\radio, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\radio\css, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\radio\js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\rss, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\rss\js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\test, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\topapps, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\topapps\css, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\topapps\js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\weather, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\weather\css, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\weather\js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\api, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\api\background, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\api\window, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\defaultSearch, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\defaultSearch\background, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\defaultSearch\foreground, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\moviereviews, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\moviereviews\background, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\moviereviews\css, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\moviereviews\html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\moviereviews\js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\radio, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\radio\background, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\radio\css, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\radio\foreground, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\radio\radioWrapper, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\search, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\search\background, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\search\html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\supertab, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\supertab\css, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\supertab\html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\supertab\js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\icons, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\images, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\native, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\native\libs, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\shared, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\_metadata, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog, Delete-on-Reboot, [a5335d4d11889a9c3e366becec1910f0], Files: 236 PUP.Optional.ASK.Gen, C:\Users\User\AppData\Local\Temp\APN-Stub\CMG-SP3\Msie65c59ff-0de1-4e0a-aa1c-10a1f8b92fbb.log, Quarantined, [b523acfecfcaac8aa24e071b6f946b95], PUP.Optional.ASK.Gen, C:\Users\User\AppData\Local\Temp\APN-Stub\CMG-SP3\Stbe65c59ff-0de1-4e0a-aa1c-10a1f8b92fbb.log, Quarantined, [b523acfecfcaac8aa24e071b6f946b95], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\manifest.json, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\spent.css, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\bg.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\buildVars, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\buildVars.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\companionSW.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\config.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\contentScript.css, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\contentScript.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\debug.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\debug.jade, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\extension_toolbar_api.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\initWidgetWindow.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\newTabContentScript.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\options.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\spent.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\spent.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\spent2.css, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\spent2.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\spentJ.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\spentK.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\spentK.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\startup.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\stub.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\stubby.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\superFrame.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\toolbar.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\toolbar.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\toolbarUI.css, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\toolbarUI.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\toolbarUI.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\url.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\webtooltab.cs.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\adapter\adapterUtil.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\adapter\widget-adapter.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\abstractbutton\background\abstractButton.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\alert\background\alertButton.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\embedhtml\background\embedHtmlWidget.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\embedhtml\html\embedHtmlTemplate.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\embedhtml\html\innerEmbedHtmlTemplate.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\embedhtml\js\embedHtmlUI.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\embedscript\background\embedScriptWidget.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\embedscript\html\embedScriptTemplate.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\embedscript\html\innerEmbedScriptTemplate.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\embedscript\js\embedScriptUI.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\flare\background\FlareWidget.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\flare\icons\Icon_Flare_blue.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\flare\icons\Icon_Flare_pink.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\flare\icons\Thumbs.db, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\generic\background\GenericWidget.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\link\background\linkButton.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\menu\README.txt, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\menu\background\menuButton.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\menu\css\menuframe.css, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\menu\html\menuframe.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\menu\images\right_arrow.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\menu\images\right_arrow_white.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\menu\js\jquery-1.7.1.min.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\menu\js\menuframe.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\menu\js\query-string.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\menu\js\underscore-1.3.1.min.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\rss\background\RssWidget.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\thirdparty\background\thirdPartyWidget.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\uninstall\background\uninstallButton.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\components\weather\background\weatherButton.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\js\bs.30.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\js\common.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\js\dynamic.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\js\enableDetect.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\js\eventListening.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\js\global.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\js\jquery-1.7.1.min.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\js\list-interaction.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\js\messageEventListener.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\js\navRedirector.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\js\paramReplacer.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\js\PartnerId.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\js\set.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\js\underscore-1.3.1.min.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\js\underscore-1.5.2.min.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\js\unifiedLogging.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widget-context-1.0.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\common\common.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\common\eventListening.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\common\jquery-1.7.1.min.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\common\list-interaction.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\common\set.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\common\underscore-1.3.1.min.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\radio\radio-widget.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\radio\css\radio-widget.css, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\radio\js\radio-custom.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\radio\js\radio-parser.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\radio\js\radio-widget-ui.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\radio\js\radio-widget.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\rss\rssWidget.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\rss\js\rss-widget-custom.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\rss\js\rss-widget-parse.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\rss\js\rss-widget.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\test\invalid.json, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\test\jquery.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\test\qunit.css, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\test\qunit.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\test\resource.json, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\test\resource.xml, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\test\testWidget.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\test\testWidget.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\topapps\widget.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\topapps\css\widget.css, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\topapps\js\nanigans-topapps-feed.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\topapps\js\topapps-config.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\topapps\js\widget.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\weather\weatherButton.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\weather\css\weatherButton.css, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\common\widget-api\widgets\weather\js\weather.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\api\background\ApiBasedWidget.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\api\background\widget-api-impl.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\api\window\hiddenWidgetWindow.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\api\window\hiddenWidgetWindow.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\api\window\hiddenWidgetWindowInit.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\api\window\widgetWindow.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\api\window\widgetWindow.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\defaultSearch\background\updateSearch.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\defaultSearch\background\updateSearchPromptBg.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\defaultSearch\foreground\07_buttons2.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\defaultSearch\foreground\08_buttons2.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\defaultSearch\foreground\defaultSearchModal.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\defaultSearch\foreground\defaultSearchModalInjector.css, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\defaultSearch\foreground\defaultSearchModalInjector.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\defaultSearch\foreground\tvf_btn_ok.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\defaultSearch\foreground\tvf_btn_ok2.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\defaultSearch\foreground\tvf_restart_alert_icon.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\defaultSearch\foreground\tvf_restart_icon.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\defaultSearch\foreground\updateSearchPromptFg.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\moviereviews\background\MovieReviewsWidget.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\moviereviews\css\movieReviews.css, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\moviereviews\html\movieReviews.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\moviereviews\js\movieReviews.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\radio\background\RadioWidget.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\radio\css\toolbar-item.css, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\radio\foreground\button.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\radio\radioWrapper\radioWrapper.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\radio\radioWrapper\radioWrapper.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\search\background\searchBox.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\search\html\searchSuggestions.css, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\search\html\searchSuggestions.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\search\html\searchSuggestions.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\search\html\searchSuggestionsInit.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\supertab\css\supertab.css, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\supertab\html\supertab.html, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\supertab\js\newtabfork.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\supertab\js\reporting.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\supertab\js\srchsugg.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\supertab\js\supertab.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\supertab\js\unifiedLogging.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\components\supertab\js\__utm.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\icons\arrowSprite.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\icons\icon128.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\icons\icon16.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\icons\icon19disabled.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\icons\icon19on.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\icons\icon48.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\icons\tb_icon_search_disappearing_ask.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\images\225079934.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\images\225079946.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\images\225079968.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\images\225079969.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\images\225079970.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\images\225080001.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\images\225080018.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\images\down_arrow.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\images\IDR_PRODUCT_LOGO_16.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\images\IDR_WEBSTORE_ICON.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\images\magnifying_glass.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\images\RadioPlayerSprite.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\images\search_button.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\images\tvf_icon_guide.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\images\tvf_logo.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\images\wrench.png, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\chromeUtils.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\companionSWUtils.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\exeManager.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\exeManagerNMD.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\exePackageManager.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\focusManager.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\globalBlacklistManager.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\messaging.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\mutation_summary-min.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\mutation_summary.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\nativeMessagingDispatcher.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\newTabInfo.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\newTabInitialize.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\options.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\readLocalStorage.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\reservespacefortoolbar.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\reservespaceifenabled.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\scriptInjector.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\searchContext.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\settingsOverrides.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\toolbarCookieParser.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\toolbarPreinit.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\underscore-1.3.1.min.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\URILoaderContentScript.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\webTooltabAPI.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\Widget.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\widgetContentScriptInjectee.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\widgetFactory.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\js\widgetWindowManager.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\native\cache.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\native\ce.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\native\debug.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\native\ss.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\native\libs\jquery-1.7.1.min.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\native\libs\jquery-1.9.1.min.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\native\libs\underscore-1.5.2.min.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\shared\activePing.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\shared\buttonLogger.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\shared\competitorDnsList.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\shared\console.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\shared\FFPreferencesPersister.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\shared\httpTransport.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\shared\HttpURL.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\shared\internationalSearch.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\shared\LocalStoragePersister.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\shared\MindsparkGlobal.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\shared\MindsparkGlobal.unitTest.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\shared\MindsparkGlobalNotes.txt, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\shared\rsvp-latest.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\shared\searchSuggestLocale.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\shared\testHttpTransport.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\shared\unifiedLogger.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\shared\unifiedLogging.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\shared\universalConsole.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\shared\utils.js, Quarantined, [a5335d4d11889a9c3e366becec1910f0], PUP.Optional.MindSpark, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfiaddpdlefkmdlhhalfhjjgbmglpoog\12.41.9.22194_0\_metadata\verified_contents.json, Quarantined, [a5335d4d11889a9c3e366becec1910f0], Physical Sectors: 0 (No malicious items detected) (end) ---- # AdwCleaner v5.109 - Logfile created 06/04/2016 at 06:44:26 # Updated 04/04/2016 by Xplode # Database : 2016-04-05.1 [Server] # Operating system : Windows 7 Ultimate (x64) # Username : User - USER-PC # Running from : C:\Users\User\Desktop\adwcleaner_5.109.exe # Option : Scan # Support : http://toolslib.net/forum ***** [ Services ] ***** Service Found : UCBrowserSvc ***** [ Folders ] ***** Folder Found : C:\ProgramData\apn Folder Found : C:\ProgramData\Application Data\apn Folder Found : C:\Users\User\AppData\Local\Temp\apn ***** [ Files ] ***** ***** [ DLL ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled tasks ] ***** ***** [ Registry ] ***** ***** [ Web browsers ] ***** [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : aol.com [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask.com ************************* C:\AdwCleaner\AdwCleaner[S1].txt - [980 bytes] - [06/04/2016 06:44:26] ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1052 bytes] ########## ---- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.4 (03.14.2016) Operating System: Windows 7 Ultimate x64 Ran by User (Administrator) on Wed 04/06/2016 at 6:51:04.55 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 25 Successfully deleted: C:\Users\User\AppData\Local\crashrpt (Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\13LPDLE9 (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7QVLT1SR (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8XE661F5 (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8YNPZHL (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYVYNOX (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I8VGCLQ7 (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QSGB92J0 (Temporary Internet Files Folder) Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YK1K4LMD (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\13LPDLE9 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7QVLT1SR (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8XE661F5 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8YNPZHL (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYVYNOX (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I8VGCLQ7 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QSGB92J0 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YK1K4LMD (Temporary Internet Files Folder) Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Wed 04/06/2016 at 6:56:38.86 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  13. I scanned with malwarebytes and found over 350 infection. here is the logs: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01 Ran by User (administrator) on USER-PC (05-04-2016 07:02:28) Running from C:\Users\User\Desktop Loaded Profiles: User (Available Profiles: User) Platform: Windows 7 Ultimate (X64) Language: English (United States) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Camshare Inc.) C:\Program Files (x86)\Camfrog\Camfrog Video Chat\update\cf_update_service.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe () C:\ProgramData\MobileBrServ\mbbService.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe () C:\ProgramData\Smart Bro\OnlineUpdate\ouc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe () C:\Program Files (x86)\UCBrowser\Application\UCService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (Visicom Media Inc.) C:\Program Files (x86)\ManyCam\ManyCam.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (Mozilla Corporation) C:\Program Files (x86)\mozilla firefox\firefox.exe () C:\Program Files (x86)\UCBrowser\Application\5.6.11651.1011\UCAgent.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-24] (AVAST Software) HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-16] (Google Inc.) HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [10182440 2015-04-06] (Visicom Media Inc.) HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\Run: [Mobile Partner] => C:\Program Files (x86)\MobileWiFi\MobileWiFi HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\Run: [Camfrog] => C:\Program Files (x86)\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe [15709240 2016-03-16] (Camshare, Inc.) HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\MountPoints2: {0de5656f-def4-11e5-b5a9-00e0700eb31a} - E:\AutoRun.exe HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\MountPoints2: {1332ef5e-9d36-11e5-8efa-020ce70b0102} - E:\AutoRun.exe HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\MountPoints2: {283f71b3-43ee-11e5-91a3-00e0700eb31a} - E:\AutoRun.exe HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\MountPoints2: {283f71c2-43ee-11e5-91a3-00e0700eb31a} - E:\AutoRun.exe HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\MountPoints2: {283f71e0-43ee-11e5-91a3-00e0700eb31a} - E:\AutoRun.exe HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\MountPoints2: {296545c9-a56e-11e5-88ca-00e0700eb31a} - E:\AutoRun.exe HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\MountPoints2: {4b9cb842-46ca-11e5-9713-020ce70b0102} - E:\AutoRun.exe HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\MountPoints2: {4fb66646-88f9-11e5-bbcf-a2160f627aeb} - E:\AutoRun.exe HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\MountPoints2: {6fb8c234-9fcc-11e5-bd3f-e853ac0ccaec} - E:\AutoRun.exe HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\MountPoints2: {aa894358-5997-11e5-897d-020ce70b0102} - E:\AutoRun.exe HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\MountPoints2: {aa89435c-5997-11e5-897d-020ce70b0102} - E:\AutoRun.exe ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-10] (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.22.1 Tcpip\..\Interfaces\{0054AB16-62F5-4A65-A0EF-A31D99BF7289}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{68CEF436-CA00-440C-8349-5205CC3F3770}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{7EB6E636-6CA5-426C-8539-6BA6BB9D2C76}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{8FE85266-9C6C-4759-92DB-5F4122ADC5B2}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{DD60B469-1CC9-4935-9F76-F32689EBD0CF}: [DhcpNameServer] 192.168.22.1 Internet Explorer: ================== HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mystart.com/?pr=manycam&id=manycam_ot&v=4_1 SearchScopes: HKU\S-1-5-21-3095993379-2960881611-2283259630-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO: No Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> No File BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-10] (AVAST Software) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO-x32: No Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> No File BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-10] (AVAST Software) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation) Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) FireFox: ======== FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\b1fsrkhw.default-1449466420050 FF Homepage: google.com FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_204.dll [2016-03-25] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_204.dll [2016-03-25] () FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2011-08-22] (Yahoo! Inc.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-10-15] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3095993379-2960881611-2283259630-1000: @tools.google.com/Google Update;version=3 -> C:\Users\User\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF Plugin HKU\S-1-5-21-3095993379-2960881611-2283259630-1000: @tools.google.com/Google Update;version=9 -> C:\Users\User\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation) FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-04-02] [not signed] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-10] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-02-10] Chrome: ======= CHR Plugin: (Shockwave Flash) - C:\Users\User\AppData\Local\Google\Chrome\Application\49.0.2623.110\PepperFlash\pepflashplayer.dll () CHR Plugin: (Native Client) - C:\Users\User\AppData\Local\Google\Chrome\Application\49.0.2623.110\ppGoogleNaClPluginChrome.dll => No File CHR Plugin: (Chrome PDF Viewer) - C:\Users\User\AppData\Local\Google\Chrome\Application\49.0.2623.110\pdf.dll => No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Microsoft Office 2013) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation) CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_108.dll => No File CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-10] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-10] (AVAST Software) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation) R2 camfrog_update_service; C:\Program Files (x86)\Camfrog\Camfrog Video Chat\update\cf_update_service.exe [1063968 2016-03-14] (Camshare Inc.) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-27] () S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625648 2015-06-08] (Lenovo) R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [242256 2014-08-20] () S2 Smart Bro. RunOuc; C:\Program Files (x86)\Smart Bro\UpdateDog\ouc.exe [657504 2012-11-11] () R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH) R2 UCBrowserSvc; C:\Program Files (x86)\UCBrowser\Application\UCService.exe [557216 2016-03-28] () R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2012-12-03] (Advanced Micro Devices Inc.) S3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [18959360 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed] S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [589312 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed] R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-10] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-03-23] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-03-11] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-10] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-10] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-03-11] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-24] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-10] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-02-10] (AVAST Software) S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [94720 2014-06-21] (Advanced Micro Devices) [File not signed] S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [246272 2013-06-29] (Huawei Technologies Co., Ltd.) R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-28] (Visicom Media Inc.) R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-28] (Visicom Media Inc.) R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Windows (R) Win 7 DDK provider) R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Nuvoton Technology Corp.) S2 APXACC; system32\DRIVERS\appexDrv.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-04-05 07:02 - 2016-04-05 07:03 - 00017046 _____ C:\Users\User\Desktop\FRST.txt 2016-04-05 07:02 - 2016-04-05 07:02 - 00000000 ____D C:\FRST 2016-04-05 07:01 - 2016-04-05 07:01 - 02374144 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe 2016-04-05 06:18 - 2016-04-05 06:21 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-04-05 06:17 - 2016-04-05 06:17 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-04-05 06:17 - 2016-04-05 06:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-04-05 06:17 - 2016-04-05 06:17 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-04-05 06:17 - 2016-04-05 06:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-04-05 06:17 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-04-05 06:17 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-04-05 06:17 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-04-05 06:12 - 2016-04-05 06:14 - 22851472 _____ (Malwarebytes ) C:\Users\User\Downloads\mbam-setup-2.2.1.1043.exe 2016-04-05 05:58 - 2016-04-05 05:58 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-04-05 05:58 - 2016-04-05 05:58 - 00001035 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk 2016-04-05 05:58 - 2016-04-05 05:58 - 00000000 ____D C:\Users\User\AppData\Roaming\TeamViewer 2016-04-05 05:57 - 2016-04-05 06:48 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-04-05 05:55 - 2016-04-05 05:56 - 09740464 _____ (TeamViewer GmbH) C:\Users\User\Downloads\TeamViewer_Setup_en.exe 2016-04-02 09:57 - 2016-04-02 21:20 - 00000000 ____D C:\Program Files (x86)\mozilla firefox 2016-03-27 17:50 - 2016-03-27 17:54 - 00000000 ____D C:\Users\User\Documents\Jellyn 2016-03-25 06:21 - 2016-03-25 06:21 - 00382139 _____ C:\Users\User\Documents\Untitled.wma 2016-03-23 05:57 - 2016-03-25 10:48 - 00003046 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1458737818 2016-03-23 05:57 - 2016-03-23 05:57 - 00001037 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk 2016-03-23 05:57 - 2016-03-23 05:57 - 00001037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2016-03-23 05:56 - 2016-03-23 05:56 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2016-03-21 15:38 - 2016-03-21 15:38 - 00000000 ____D C:\Users\User\Documents\tebhaby 2016-03-21 15:33 - 2015-07-23 14:11 - 50132025 _____ C:\Users\User\Documents\VID_20150723_131116.3gp ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-04-05 06:58 - 2009-07-13 21:45 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-04-05 06:58 - 2009-07-13 21:45 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-04-05 06:56 - 2009-07-13 22:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI 2016-04-05 06:56 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\inf 2016-04-05 06:51 - 2015-08-16 15:18 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2016-04-05 06:50 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-04-05 06:50 - 2009-07-13 21:45 - 00443360 _____ C:\Windows\system32\FNTCACHE.DAT 2016-04-05 06:46 - 2015-08-16 18:20 - 00000000 ____D C:\ProgramData\APN 2016-04-05 06:32 - 2015-08-16 14:48 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-04-05 06:17 - 2015-08-16 14:55 - 00000454 _____ C:\Windows\Tasks\UCBrowserUpdater{e23df38b34103b001ee4a910a2610d11}.job 2016-04-05 06:11 - 2015-08-16 19:34 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3095993379-2960881611-2283259630-1000UA.job 2016-04-05 06:07 - 2015-08-16 18:18 - 00000000 ____D C:\Users\User\AppData\Roaming\Camfrog 2016-04-05 06:06 - 2015-08-16 14:40 - 00111520 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT 2016-04-03 23:11 - 2015-08-16 19:34 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3095993379-2960881611-2283259630-1000Core.job 2016-04-03 10:23 - 2015-08-16 14:55 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc 2016-04-02 21:20 - 2015-08-16 14:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-04-02 14:40 - 2015-08-16 14:50 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype 2016-04-01 21:43 - 2015-10-09 14:13 - 00000000 ____D C:\Users\User\Documents\Hugot 2016-03-31 05:15 - 2015-08-16 14:44 - 00002333 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-03-30 06:35 - 2015-08-19 22:05 - 00000000 ____D C:\Users\User\Documents\MUSIC♫ 2016-03-30 02:15 - 2016-01-08 21:52 - 00000000 ____D C:\Users\User\Documents\download 2016-03-29 17:49 - 2015-08-16 14:54 - 00000000 ____D C:\Program Files (x86)\UCBrowser 2016-03-27 23:04 - 2015-08-16 22:04 - 00000000 ____D C:\Users\User\AppData\Local\ManyCam 2016-03-26 08:37 - 2015-08-16 14:55 - 00003450 _____ C:\Windows\System32\Tasks\UCBrowserUpdater{e23df38b34103b001ee4a910a2610d11} 2016-03-25 23:30 - 2015-08-19 23:24 - 00000000 ____D C:\Users\User\Documents\QOUTES♥ 2016-03-25 06:31 - 2015-08-16 14:48 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-03-25 05:32 - 2015-08-16 14:48 - 00801984 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-03-25 05:32 - 2015-08-16 14:48 - 00143040 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-03-23 05:56 - 2015-08-16 15:17 - 00000000 ____D C:\ProgramData\AVAST Software 2016-03-23 05:56 - 2015-08-16 15:17 - 00000000 ____D C:\Program Files\AVAST Software 2016-03-21 04:06 - 2015-08-16 18:18 - 00000000 ____D C:\ProgramData\Camfrog Update 2016-03-13 03:49 - 2015-08-20 03:48 - 00003088 _____ C:\Windows\System32\Tasks\{49064DC5-4363-459F-86EC-02321DB82D39} 2016-03-11 01:08 - 2015-08-16 15:18 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2016-03-11 01:08 - 2015-08-16 15:18 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys Some files in TEMP: ==================== C:\Users\User\AppData\Local\Temp\SkypeSetup.exe C:\Users\User\AppData\Local\Temp\{1E220A46-53C4-4E0D-AC43-22864FE68CE9}-44.0.2403.155_chrome_installer.exe C:\Users\User\AppData\Local\Temp\{6B8BB3AB-C4E1-42E2-A0A7-269CCEAEA557}-44.0.2403.157_44.0.2403.155_chrome_updater.exe C:\Users\User\AppData\Local\Temp\{E1DCE038-D873-48DD-B0D2-5DBC99E7E7A8}-45.0.2454.101_45.0.2454.99_chrome_updater.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-04-05 00:45 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01 Ran by User (2016-04-05 07:04:46) Running from C:\Users\User\Desktop Windows 7 Ultimate (X64) (2015-08-16 21:26:38) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3095993379-2960881611-2283259630-500 - Administrator - Disabled) Guest (S-1-5-21-3095993379-2960881611-2283259630-501 - Limited - Disabled) User (S-1-5-21-3095993379-2960881611-2283259630-1000 - Administrator - Enabled) => C:\Users\User ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.204 - Adobe Systems Incorporated) Adobe Photoshop CS5 Extended (HKLM-x32\...\Adobe Photoshop CS5 Extended) (Version: - ) Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Avast Free Antivirus (HKLM-x32\...\avast) (Version: 11.1.2253 - AVAST Software) Camfrog Video Chat 6.11 (HKLM-x32\...\Camfrog) (Version: 6.11.529 - Camshare, Inc.) Google Chrome (HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\...\Google Chrome) (Version: 49.0.2623.110 - Google Inc.) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) ManyCam 4.1.2 (HKLM-x32\...\ManyCam) (Version: 4.1.2 - Visicom Media Inc.) Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.26.01.03 - Huawei Technologies Co.,Ltd) MobileWiFi (HKLM-x32\...\MobileWiFi) (Version: TOOL-ConnLaucher_WIN1.12.08.00 - Huawei Technologies Co.,Ltd) Mozilla Firefox 45.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 en-US)) (Version: 45.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1.5918 - Mozilla) Outils de vérification linguistique 2013 de Microsoft Office- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden SafeZone Stable 1.48.2066.95 (x32 Version: 1.48.2066.95 - Avast Software) Hidden SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.1.1 - Lenovo Group Limited) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation) Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.) Smart Bro (HKLM-x32\...\Smart Bro) (Version: 23.009.09.01.238 - Huawei Technologies Co.,Ltd) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer) UC Browser (HKLM-x32\...\UCBrowser) (Version: 5.6.11651.1011 - UCWeb Inc.) VLC media player 2.0.4 (HKLM-x32\...\VLC media player) (Version: 2.0.4 - VideoLAN) WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3095993379-2960881611-2283259630-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3095993379-2960881611-2283259630-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3095993379-2960881611-2283259630-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3095993379-2960881611-2283259630-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3095993379-2960881611-2283259630-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3095993379-2960881611-2283259630-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1CAD1622-DE9B-4361-8517-A445EE4A4A7E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {1E12F467-B95A-48C4-AFF0-81BB4F9470C0} - System32\Tasks\UCBrowserUpdater{e23df38b34103b001ee4a910a2610d11} => C:\Program Files (x86)\UCBrowser\Application\update_task.exe [2016-03-28] (UCWeb Inc) Task: {2E12A760-9AF4-40FF-AE1A-0DB9500E1AFC} - System32\Tasks\{49064DC5-4363-459F-86EC-02321DB82D39} => Firefox.exe hxxp://ui.skype.com/ui/0/7.7.0.103/en/abandoninstall?page=tsProgressBar Task: {4C172FB7-650A-4F8B-9D56-A7C1595FF61B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-02-10] (AVAST Software) Task: {786BF700-5801-4987-AF5C-444F52EC5D1C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3095993379-2960881611-2283259630-1000UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-16] (Google Inc.) Task: {9CD1E715-7F1B-4FC2-A07B-9EFE0684A9CB} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-07-06] (Lenovo) Task: {AED189BF-39B1-4CFD-AD04-F9AFEE9A1584} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-25] (Adobe Systems Incorporated) Task: {B6D0A7CD-DA80-4FC5-9A55-842001FADF6A} - System32\Tasks\{EB548845-927F-47B9-A411-0757EB62C074} => Firefox.exe hxxp://ui.skype.com/ui/0/7.7.0.103/en/abandoninstall?page=tsProgressBar Task: {D0BAC7FE-F3D5-4FF7-AA1A-A377700790E8} - System32\Tasks\SafeZone scheduled Autoupdate 1458737818 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-03-08] (Avast Software) Task: {D233D48F-7990-4DE9-B188-5A28FA2ABA9E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {E6EADB4F-32F0-4FE9-BDAD-C362060D3C21} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {F5A74045-4776-477E-B381-87E54DEF4A07} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-18] (AVAST Software) Task: {FD6A6AC7-D017-4947-9B62-12A4DED15793} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3095993379-2960881611-2283259630-1000Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-16] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3095993379-2960881611-2283259630-1000Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3095993379-2960881611-2283259630-1000UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\UCBrowserUpdater{e23df38b34103b001ee4a910a2610d11}.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2012-10-01 20:36 - 2012-10-01 20:36 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2013-10-27 19:02 - 2013-10-27 19:02 - 00351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe 2016-02-29 12:52 - 2014-08-20 00:27 - 00242256 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe 2015-08-16 16:24 - 2012-11-11 22:59 - 00657504 _____ () C:\ProgramData\Smart Bro\OnlineUpdate\ouc.exe 2015-08-16 14:54 - 2016-03-28 22:15 - 00557216 _____ () C:\Program Files (x86)\UCBrowser\Application\UCService.exe 2016-03-29 17:48 - 2016-03-28 22:15 - 02059936 _____ () C:\Program Files (x86)\UCBrowser\Application\5.6.11651.1011\UCAgent.exe 2016-02-10 05:31 - 2016-02-10 05:31 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2016-02-10 05:31 - 2016-02-10 05:31 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-04-04 09:32 - 2016-04-04 09:32 - 02850816 _____ () C:\Program Files\AVAST Software\Avast\defs\16040301\algo.dll 2016-02-10 05:31 - 2016-02-10 05:31 - 00480760 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-04-05 06:51 - 2016-04-05 06:51 - 02850816 _____ () C:\Program Files\AVAST Software\Avast\defs\16040400\algo.dll 2016-02-10 05:31 - 2016-02-10 05:31 - 00307808 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll 2015-08-16 16:24 - 2009-01-10 11:32 - 00011362 _____ () C:\ProgramData\Smart Bro\OnlineUpdate\mingwm10.dll 2015-08-16 16:24 - 2009-06-22 19:42 - 00043008 _____ () C:\ProgramData\Smart Bro\OnlineUpdate\libgcc_s_dw2-1.dll 2015-08-16 16:24 - 2012-10-31 02:11 - 02417152 _____ () C:\ProgramData\Smart Bro\OnlineUpdate\QtCore4.dll 2015-08-16 16:24 - 2012-10-31 02:14 - 01148416 _____ () C:\ProgramData\Smart Bro\OnlineUpdate\QtNetwork4.dll 2015-08-16 16:24 - 2012-11-11 20:48 - 00843264 _____ () C:\ProgramData\Smart Bro\OnlineUpdate\QueryStrategy.dll 2015-08-16 16:24 - 2012-10-31 02:11 - 00398336 _____ () C:\ProgramData\Smart Bro\OnlineUpdate\QtXml4.dll 2012-10-01 20:37 - 2012-10-01 20:37 - 06522480 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2012-11-13 20:22 - 2012-11-13 20:22 - 02010624 _____ () C:\Program Files (x86)\ManyCam\opencv_core220.dll 2012-11-13 20:23 - 2012-11-13 20:23 - 01241088 _____ () C:\Program Files (x86)\ManyCam\opencv_imgproc220.dll 2012-11-13 20:23 - 2012-11-13 20:23 - 00241152 _____ () C:\Program Files (x86)\ManyCam\opencv_objdetect220.dll 2012-11-13 20:23 - 2012-11-13 20:23 - 00775680 _____ () C:\Program Files (x86)\ManyCam\opencv_highgui220.dll 2012-11-13 20:23 - 2012-11-13 20:23 - 00201216 _____ () C:\Program Files (x86)\ManyCam\opencv_video220.dll 2015-12-10 06:12 - 2015-12-10 06:12 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2012-10-15 13:27 - 2012-10-15 13:27 - 00111616 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 02286592 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00219648 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00049664 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libaout_directx_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00051200 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00070144 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectx_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00037376 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmxext\libmemcpymmxext_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00157696 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00093696 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00258560 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00047616 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00043520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll 2012-10-15 13:27 - 2012-10-15 13:27 - 00440320 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libstream_filter_httplive_plugin.dll 2012-10-15 13:27 - 2012-10-15 13:27 - 00724992 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libstream_filter_dash_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00038912 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00083968 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll 2012-10-15 13:27 - 2012-10-15 13:27 - 00035840 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libstream_filter_record_plugin.dll 2012-10-15 13:27 - 2012-10-15 13:27 - 00106496 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 01544192 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00310784 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 01238016 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00051200 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00037888 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 11998208 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll 2012-10-15 13:27 - 2012-10-15 13:27 - 00198656 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00092160 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libavi_plugin.dll 2012-10-15 13:27 - 2012-10-15 13:27 - 00073728 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libasf_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00045568 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00044544 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libes_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00095744 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmpc_plugin.dll 2012-10-15 13:27 - 2012-10-15 13:27 - 00044032 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll 2012-10-15 13:27 - 2012-10-15 13:27 - 00037888 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libtta_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00040448 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libwav_plugin.dll 2012-10-15 13:27 - 2012-10-15 13:27 - 00973312 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libsid_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00085504 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll 2012-10-15 13:27 - 2012-10-15 13:27 - 01227264 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00695296 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\liblive555_plugin.dll 2012-10-15 13:27 - 2012-10-15 13:27 - 00110592 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libogg_plugin.dll 2012-10-15 13:27 - 2012-10-15 13:27 - 00035840 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libdirac_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00040448 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libsmf_plugin.dll 2012-10-15 13:27 - 2012-10-15 13:27 - 00040960 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\librawvid_plugin.dll 2012-10-15 13:27 - 2012-10-15 13:27 - 00039936 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libpva_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00134656 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libts_plugin.dll 2012-10-15 13:27 - 2012-10-15 13:27 - 00039424 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libnsv_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00036352 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libau_plugin.dll 2012-10-15 13:27 - 2012-10-15 13:27 - 00411648 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libgme_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00039424 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libvoc_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00035840 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libxa_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00484864 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmod_plugin.dll 2012-10-15 13:27 - 2012-10-15 13:27 - 00037888 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libaiff_plugin.dll 2012-10-15 13:27 - 2012-10-15 13:27 - 00047104 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libimage_plugin.dll 2012-10-15 13:27 - 2012-10-15 13:27 - 00055296 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libps_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00057344 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libty_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00035328 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmpgv_plugin.dll 2012-10-15 13:27 - 2012-10-15 13:27 - 00039936 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmjpeg_plugin.dll 2012-10-15 13:27 - 2012-10-15 13:27 - 00037376 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libnsc_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00037888 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\librawdv_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00035328 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libdemux_cdg_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00288768 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00041984 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00038400 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00036352 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 09263104 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00035840 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00185856 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00038400 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 01318912 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00051200 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 01719296 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00043008 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00372224 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00154624 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00037376 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00386560 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00265216 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 01887232 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00310784 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libopus_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00041472 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00043008 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00263168 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfluidsynth_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00040448 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liba52_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00042496 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00703488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00052224 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00044032 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00379392 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libswscale_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00139264 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00050688 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00041984 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00077824 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00040960 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00042496 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00056320 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00036352 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00040960 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00044544 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00036864 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00035840 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00034816 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00070656 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll 2012-10-15 13:28 - 2012-10-15 13:28 - 00194048 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libblend_plugin.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3095993379-2960881611-2283259630-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.22.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: WSearch => 2 MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AppEx Accelerator UI => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{D5425F2C-7291-43A9-91E4-B37126E2F6ED}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{0F023C5F-FF1F-430F-981E-789B507869C2}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{5AAFEB1F-A10F-4B72-8398-526FFB72D8F6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{39A0AFE5-9913-4D98-A45E-2453C8161E75}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe FirewallRules: [{41C8A8FD-44EA-4D8F-B2A6-0E0DB7C3094B}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\Downloader\download\MiniThunderPlatform.exe FirewallRules: [{8C3C948F-1DAC-45BE-9CF0-2184F392C734}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe FirewallRules: [{9A4CF22D-135E-4552-9763-58825816486B}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{1ED4FBC5-BFD2-4B24-A178-396D2D672DD9}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{00AD8756-B7D6-4EFE-987B-76E1EA11CB72}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{26C31837-E11F-4202-9720-D07C3F114E0D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{2F8CC454-AE7F-4120-BD12-78545BFDC31B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{88DF22C6-C21F-4B99-835A-2D25653169BC}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{664F90EE-D61C-420B-A798-4468CBA468BE}] => (Allow) c:\program files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{5CB0DF22-F1B4-4E16-ABBC-0F4926113CAC}] => (Allow) c:\program files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{6D0C4A2C-CA16-4912-B57D-464D424B87E7}] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{01E7261D-B03D-4A5E-9281-EE2A2F36801D}] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{259FC354-8F14-4CBB-BBEF-AC9727B7F1B1}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Allow) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [UDP Query User{4BA9D5E1-42FC-4CA2-B078-F62BC8F8F510}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Allow) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [{BA1A8DF9-F3F8-4E74-9505-B3ECA27B311F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{D3331CE3-C6C9-4D1C-B505-A4F1C7CA3D0A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{C153E735-E1C4-4CBD-BA65-7687551F6F9D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{64502B64-FD53-4AA2-955B-71EBE51C74D1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Restore Points ========================= 17-01-2016 08:54:33 Scheduled Checkpoint 20-01-2016 06:10:37 Windows Update 29-01-2016 13:51:48 Scheduled Checkpoint 25-02-2016 06:20:12 Scheduled Checkpoint 31-03-2016 02:47:24 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= Name: AppEx Networks Accelerator LWF Description: AppEx Networks Accelerator LWF Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: APXACC Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (04/05/2016 07:01:02 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418154 Error: (04/05/2016 06:08:58 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program chrome.exe version 49.0.2623.110 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 3c0 Start Time: 01d18f26a2083523 Termination Time: 1246 Application Path: C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe Report Id: 7f0d2d6d-fb2f-11e5-a40a-00e0700eb31a Error: (04/05/2016 12:47:01 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "5.6.11651.1011,language="&#x2a;",type="win32",version="5.6.11651.1011"1". Dependent Assembly 5.6.11651.1011,language="&#x2a;",type="win32",version="5.6.11651.1011" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (04/05/2016 12:46:59 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "5.6.11651.1011,language="&#x2a;",type="win32",version="5.6.11651.1011"1". Dependent Assembly 5.6.11651.1011,language="&#x2a;",type="win32",version="5.6.11651.1011" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (04/04/2016 01:14:14 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418154 Error: (04/03/2016 02:14:43 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418154 Error: (04/02/2016 01:23:13 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418154 Error: (04/01/2016 11:56:21 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program YahooMessenger.exe version 11.0.0.2014 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 430 Start Time: 01d18c9ece8ce29f Termination Time: 203 Application Path: C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe Report Id: f4b38619-f89f-11e5-a850-00e0700eb31a Error: (04/01/2016 06:30:41 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Camfrog Video Chat.exe version 6.11.529.7223 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 924 Start Time: 01d18c172b452967 Termination Time: 41 Application Path: C:\Program Files (x86)\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe Report Id: eb9809f0-f80d-11e5-84a7-00e0700eb31a Error: (04/01/2016 06:13:42 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418154 System errors: ============= Error: (04/05/2016 06:50:29 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cdrom Error: (04/05/2016 06:50:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Smart Bro. OUC service failed to start due to the following error: %%1053 Error: (04/05/2016 06:50:23 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Smart Bro. OUC service to connect. Error: (04/05/2016 06:50:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The AppEx Networks Accelerator LWF service failed to start due to the following error: %%2 Error: (04/05/2016 12:06:09 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cdrom Error: (04/05/2016 12:06:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Smart Bro. OUC service failed to start due to the following error: %%1053 Error: (04/05/2016 12:06:08 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Smart Bro. OUC service to connect. Error: (04/05/2016 12:05:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The AppEx Networks Accelerator LWF service failed to start due to the following error: %%2 Error: (04/03/2016 02:00:29 AM) (Source: Microsoft-Windows-Time-Service) (EventID: 34) (User: NT AUTHORITY) Description: The time service has detected that the system time needs to be changed by -57513 seconds. The time service will not change the system time by more than 54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->191.233.81.105:123) is working properly. Error: (04/02/2016 09:21:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cdrom ==================== Memory info =========================== Processor: AMD A4-6300 APU with Radeon(tm) HD Graphics Percentage of memory in use: 94% Total physical RAM: 999.59 MB Available physical RAM: 50.42 MB Total Virtual: 2023.59 MB Available Virtual: 748.6 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:244.04 GB) (Free:209.72 GB) NTFS Drive d: () (Fixed) (Total:221.62 GB) (Free:221.25 GB) NTFS Drive f: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7DB5F6AC) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=244 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=221.6 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================
  14. I have to end this here Broni, I am sorry. The person I was working with ended up going ahead and formatting on their own. Sorry about this. :/
  15. ADWCleaner Error

    Thanks for the replay. I downloaded it from toolslib. I went downloaded a new version and no more error. Thanks for your suggestion.