21 posts in this topic

Post #: 1   Posted

Hello Broni

I doubt that my machine has run into trouble again...Please assist.

Thanks

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-03-2017
Ran by MJ (administrator) on MJ-PC (06-04-2017 10:32:51)
Running from E:\MJ1\Systems & Mobile Softwares\System Softwares
Loaded Profiles: MJ (Available Profiles: MJ & .NET v4.5 & DefaultAppPool & .NET v4.5 Classic)
Platform: Microsoft Windows 10 Pro Version 1607 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Code Sector) C:\Program Files\TeraCopy\TeraCopyService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\VPN\Avira.VpnService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc.exe
() C:\Program Files\Everything\Everything.exe
(Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Hewlett-Packard Company) C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(IObit) C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
(Lenovo) C:\Program Files\Common Files\LENOVO\easyplussdk\bin\EPHotspot.exe
() C:\Program Files\pSP2Clnt\service\pSP2Clnt.exe
(SEIKO EPSON CORPORATION) C:\Program Files\epson\MyEpson Portal\mepService.exe
(Monotype Imaging Inc.) C:\Program Files\Monotype\SkyFonts\Monotype.SkyFonts.Service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(SEIKO EPSON CORPORATION) C:\Program Files\epson\MyEpson Portal\mep.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
() C:\Program Files\Everything\Everything.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Monotype Imaging Inc.) C:\Program Files\Monotype\SkyFonts\SkyFonts.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Monotype Imaging Inc.) C:\Program Files\Monotype\SkyFonts\SkyFonts.Monitor.exe
(Secunia) C:\Program Files\Secunia\PSI\psia.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [7545088 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1024256 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [CNAP2 Launcher] => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\CNAP2LAK.EXE [226784 2015-06-02] (CANON INC.)
HKLM\...\Run: [Bonus.SSR.FR12] => C:\Program Files\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1517088 2017-03-31] (ABBYY Production LLC.)
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [28325288 2017-03-28] (Dropbox, Inc.)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1390336 2015-11-24] ()
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [63432 2017-03-09] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [909744 2017-03-21] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Seagull Drivers] => ssdal_nc.exe startup
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3536064 2016-04-28] (Synaptics Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [483840 2016-07-16] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\Run: [Monotype SkyFonts System Extension] => C:\Program Files\Monotype\SkyFonts\SkyFonts.exe [2282448 2017-02-16] (Monotype Imaging Inc.)
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\Run: [Monotype SkyFonts Rack Up] => C:\Program Files\Monotype\SkyFonts\SFC.exe [26064 2017-02-16] (Monotype Imaging Inc.)
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\Run: [QQ2009] => C:\Program Files\Tencent\QQIntl\Bin\QQ.exe [97976 2016-12-07] (Tencent)
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\MountPoints2: {54762659-7f04-11e6-9500-9cb70dbb8b7e} - "F:\AutoRun.exe" 
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\MountPoints2: {5a4a1736-15a4-11e6-9499-9cb70dbb8b7e} - "F:\AutoRun.exe" 
HKU\S-1-5-18\...\Run: [Monotype SkyFonts System Extension] => C:\Program Files\Monotype\SkyFonts\SkyFonts.exe [2282448 2017-02-16] (Monotype Imaging Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.15.0.dll [2017-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.15.0.dll [2017-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.15.0.dll [2017-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.15.0.dll [2017-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.15.0.dll [2017-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.15.0.dll [2017-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.15.0.dll [2017-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.15.0.dll [2017-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.15.0.dll [2017-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.15.0.dll [2017-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2017-04-01]
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files\Wondershare\MobileGo\MobileGoService.exe (Wondershare)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2016-01-23]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
GroupPolicy: Restriction ? <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Hosts: 127.0.0.1 magicalmailapp.com
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{4ea0dcdf-94ff-4c78-80bf-0851ac42ef7d}: [DhcpNameServer] 59.179.243.70 203.54.243.70
Tcpip\..\Interfaces\{91dcd243-38a7-49ed-8331-d8ba492bee96}: [DhcpNameServer] 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000 -> DefaultScope {442F256B-1A39-4415-B538-F81CA422699F} URL = hxxp://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000 -> {442F256B-1A39-4415-B538-F81CA422699F} URL = hxxp://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000 -> {A97D9458-8D22-4184-A0A0-CD79EEC909C9} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2016-12-11] (Internet Download Manager, Tonec Inc.)
BHO: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-23] (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO: Foxit PhantomPDF Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2017-02-15] ()
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-23] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Toolbar: HKLM - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2017-02-15] ()
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: vgs1o0m9.default
FF ProfilePath: C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\vgs1o0m9.default [2017-04-03]
FF NetworkProxy: Mozilla\Firefox\Profiles\vgs1o0m9.default -> ftp", "115.113.174.21"
FF NetworkProxy: Mozilla\Firefox\Profiles\vgs1o0m9.default -> ftp_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\vgs1o0m9.default -> http", "115.113.174.21"
FF NetworkProxy: Mozilla\Firefox\Profiles\vgs1o0m9.default -> http_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\vgs1o0m9.default -> socks", "115.113.174.21"
FF NetworkProxy: Mozilla\Firefox\Profiles\vgs1o0m9.default -> socks_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\vgs1o0m9.default -> ssl", "115.113.174.21"
FF NetworkProxy: Mozilla\Firefox\Profiles\vgs1o0m9.default -> ssl_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\vgs1o0m9.default -> type", 4
FF Extension: (Avira Browser Safety) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\vgs1o0m9.default\Extensions\abs@avira.com.xpi [2016-11-24]
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\vgs1o0m9.default\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-29]
FF Extension: (GPU Process on Windows (Beta 53)) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\vgs1o0m9.default\Extensions\gpu-process-beta53@experiments.mozilla.org.xpi [2017-03-29]
FF Extension: (Self-Destructing Cookies) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\vgs1o0m9.default\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2017-03-29]
FF Extension: (One Click Proxy) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\vgs1o0m9.default\Extensions\jid0-zXo3XFGyiDalgkeEO4UYJTUwo2I@jetpack.xpi [2015-08-29]
FF Extension: (Adblock Plus) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\vgs1o0m9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-02-08]
FF Extension: (Site Deployment Checker) - C:\Program Files\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-03-29] [not signed]
FF HKLM\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2016-04-02] [not signed]
FF HKLM\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2017-01-13]
FF HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2017-01-26]
FF HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\MJ\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\MJ\AppData\Roaming\IDM\idmmzcc5 [2017-03-21] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_25_0_0_149.dll [2017-04-01] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1228198.dll [2017-02-27] (Adobe Systems, Inc.)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-01-19] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-01-19] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-01-19] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-01-19] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-23] (Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-03-06] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin: @qq.com/npchrome -> C:\Program Files\Common Files\Tencent\Npchrome\npchrome.dll [2016-12-07] (Tencent)
FF Plugin: @qq.com/npqscall -> C:\Program Files\Common Files\Tencent\NPQSCALL\npqscall.dll [2016-12-07] (Tencent)
FF Plugin: @qq.com/TXSSO -> C:\Program Files\Common Files\Tencent\TXSSO\1.2.2.1\Bin\npSSOAxCtrlForPTLogin.dll [2013-04-08] (Tencent)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2017-01-03]

Chrome: 
=======
CHR Profile: C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default [2017-04-06]
CHR Extension: (Google Slides) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-18]
CHR Extension: (Google Docs) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-18]
CHR Extension: (Google Drive) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]
CHR Extension: (YouTube) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Adblock Plus) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-27]
CHR Extension: (Foxit PDF Creator) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifnddnffldieaamihfkhkdgnbhfmaci [2017-03-12]
CHR Extension: (uBlock Origin) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-03-15]
CHR Extension: (FullContact for Gmail™) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnaibnehbbinoohhjafknihmlopdhhip [2017-04-03]
CHR Extension: (Google Search) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Find Big Mail) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlhfndmknegaiibciljinpmkhiakhhmp [2015-09-12]
CHR Extension: (Google Sheets) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-18]
CHR Extension: (Avira Browser Safety) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-03-12]
CHR Extension: (Google Docs Offline) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Inbox by Gmail) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkljgfmjocfalijkgoogmfffkhmkbgol [2016-06-30]
CHR Extension: (Save to Google Drive) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2015-07-19]
CHR Extension: (Skype) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-03-12]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-01-23]
CHR Extension: (Mailtrack for Gmail & Inbox: Email tracking) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2017-03-18]
CHR Extension: (IDM Integration Module) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-03-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-12]
CHR Extension: (Mixmax: Email Tracking, Templates, Mail Merge) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocpljaamllnldhepankaeljmeeeghnid [2017-03-30]
CHR Extension: (Gmail) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-18]
CHR Extension: (Chrome Media Router) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-13]
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2017-01-13]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2016-12-11]
CHR HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 ABBYY.Licensing.FineReader.Corporate.12.0; C:\Program Files\Common Files\ABBYY\FineReader\12.00\Licensing\CE\NetworkLicenseServer.exe [961744 2014-07-17] (ABBYY Production LLC)
S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [1115552 2017-03-21] (Avira Operations GmbH & Co. KG)
S2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [476736 2016-12-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [487432 2017-03-21] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1519136 2017-03-21] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [349560 2017-03-09] (Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files\Avira\VPN\Avira.VpnService.exe [316976 2017-03-20] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2560192 2017-03-26] (Microsoft Corporation)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-14] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-14] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [40264 2017-03-28] (Dropbox, Inc.)
S4 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [595968 2016-08-02] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc.exe [126128 2012-05-17] (Seiko Epson Corporation)
R2 Everything; C:\Program Files\Everything\Everything.exe [1390336 2015-11-24] ()
R2 FoxitPhantomService; C:\Program Files\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe [1659080 2017-02-24] (Foxit Software Inc.)
R2 ftpsvc; C:\WINDOWS\system32\inetsrv\ftpsvc.dll [344576 2016-11-18] (Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
R2 Lenovo EasyPlus Hotspot; C:\Program Files\Common Files\LENOVO\easyplussdk\bin\EPHotspot.exe [509424 2015-06-08] (Lenovo)
R2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-12] (IObit)
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MyEpson Portal Service; C:\Program Files\EPSON\MyEpson Portal\mepService.exe [703696 2016-08-08] (SEIKO EPSON CORPORATION)
R2 pSP2clnt; C:\Program Files\pSP2Clnt\service\pSP2Clnt.exe [619008 2016-06-04] () [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [263936 2015-06-24] (Realtek Semiconductor)
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1572056 2015-12-01] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [839384 2015-12-01] (Secunia)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [1887272 2016-11-18] (Microsoft Corporation)
S3 ShareItSvc; C:\Program Files\Lenovo\SHAREit\Shareit.Service.exe [33224 2016-04-15] (SHAREit Technologies Co.Ltd)
R2 SkyFontsService; C:\Program Files\Monotype\SkyFonts\Monotype.SkyFonts.Service.exe [59856 2017-02-16] (Monotype Imaging Inc.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [227504 2016-04-28] (Synaptics Incorporated)
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [72016 2017-01-31] (Code Sector)
S3 uSHAREitSvc; C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2016-09-23] (SHAREit Technologies Co.Ltd)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84920 2017-03-04] (Microsoft Corporation)
S2 WsAppService; C:\Program Files\Wondershare\WAF\2.2.0.5\WsAppService.exe [411648 2016-03-31] (Wondershare) [File not signed]
S3 WsDrvInst; C:\Program Files\Wondershare\MobileGo\DriverInstall.exe [116368 2016-05-26] (Wondershare)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\System32\drivers\athwn.sys [3228672 2016-07-16] (Qualcomm Atheros Communications, Inc.)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [124552 2016-12-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [152816 2016-12-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44208 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [66872 2016-04-04] (Avira Operations GmbH & Co. KG)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [521248 2016-06-26] (Qualcomm Atheros)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [109184 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [108032 2013-12-10] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [316544 2013-12-10] (Huawei Technologies Co., Ltd.)
R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [94936 2015-10-05] (Malwarebytes)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [170200 2016-11-14] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
R1 MpKslacf5ce1d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1DDA99D5-7F4B-4863-9775-EBA8F498AF12}\MpKslacf5ce1d.sys [39168 2017-04-06] (Microsoft Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
R3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_x86.sys [16024 2015-12-01] (Secunia)
R3 RSPCIESTOR; C:\WINDOWS\system32\DRIVERS\RtsPStor.sys [256616 2012-03-29] (Realtek Semiconductor Corp.)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [494080 2016-07-16] (Realtek                                            )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [44216 2016-04-28] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [147072 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [161280 2016-07-16] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-04 14:54 - 2017-04-04 14:54 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-04-01 12:54 - 2017-04-01 12:54 - 00001194 _____ C:\Users\Public\Desktop\Wondershare MobileGo.lnk
2017-04-01 11:19 - 2017-04-03 14:57 - 20605528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2017-03-29 11:34 - 2017-03-29 11:34 - 02673080 _____ C:\Users\MJ\Desktop\131334286570378175.PDF
2017-03-29 11:28 - 2017-03-29 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-03-28 02:50 - 2017-03-28 02:50 - 00040264 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-03-27 10:52 - 2017-03-27 10:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-03-27 10:52 - 2017-03-27 10:52 - 00000000 ____D C:\Program Files\Common Files\Skype
2017-03-23 05:24 - 2017-03-23 05:24 - 00035432 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-03-23 05:24 - 2017-03-23 05:24 - 00035432 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-03-23 05:24 - 2017-03-23 05:24 - 00035432 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-03-19 15:03 - 2017-03-19 15:03 - 00000000 ____D C:\Users\MJ\AppData\Roaming\SolidDocuments
2017-03-19 15:03 - 2017-03-19 15:03 - 00000000 ____D C:\ProgramData\SolidDocuments
2017-03-18 22:14 - 2017-03-18 22:14 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-03-18 22:13 - 2017-03-18 22:13 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2017-03-18 22:13 - 2017-03-18 22:13 - 00000000 ____D C:\Program Files\Common Files\Scan Process Machine
2017-03-18 15:38 - 2017-03-18 15:38 - 00000000 ____D C:\Users\MJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Technologies
2017-03-18 15:38 - 2017-03-18 15:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Technologies
2017-03-18 15:38 - 2017-03-18 15:38 - 00000000 ____D C:\Program Files\PDF Technologies
2017-03-15 15:46 - 2017-03-04 12:26 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-03-15 15:46 - 2017-03-04 12:20 - 00100704 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2017-03-15 15:46 - 2017-03-04 11:59 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2017-03-15 15:46 - 2017-03-04 11:59 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInputUap.dll
2017-03-15 15:46 - 2017-03-04 11:57 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-03-15 15:46 - 2017-03-04 11:56 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.UI.GameBar.dll
2017-03-15 15:46 - 2017-03-04 11:55 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-03-15 15:46 - 2017-03-04 11:53 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-03-15 15:46 - 2017-03-04 11:53 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-03-15 15:46 - 2017-03-04 11:53 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2017-03-15 15:46 - 2017-03-04 11:52 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2017-03-15 15:46 - 2017-03-04 11:52 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-03-15 15:46 - 2017-03-04 11:51 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-03-15 15:46 - 2017-03-04 11:51 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-03-15 15:46 - 2017-03-04 11:49 - 00714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2017-03-15 15:46 - 2017-03-04 11:49 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2017-03-15 15:46 - 2017-03-04 11:48 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-03-15 15:46 - 2017-03-04 11:48 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-03-15 15:46 - 2017-03-04 11:48 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-03-15 15:46 - 2017-03-04 11:48 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-03-15 15:46 - 2017-03-04 11:48 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2017-03-15 15:46 - 2017-03-04 11:48 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2017-03-15 15:46 - 2017-03-04 11:47 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-03-15 15:46 - 2017-03-04 11:47 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-03-15 15:46 - 2017-03-04 11:37 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-03-15 15:46 - 2017-03-04 11:32 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-03-15 15:46 - 2017-03-04 11:31 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-03-15 15:46 - 2017-03-04 11:31 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-03-15 15:46 - 2017-03-04 11:31 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-03-15 15:45 - 2017-03-04 13:10 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-03-15 15:45 - 2017-03-04 12:39 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-03-15 15:45 - 2017-03-04 12:34 - 01362512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-03-15 15:45 - 2017-03-04 12:32 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-03-15 15:45 - 2017-03-04 12:29 - 00274272 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-03-15 15:45 - 2017-03-04 12:23 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-03-15 15:45 - 2017-03-04 12:23 - 00781152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-03-15 15:45 - 2017-03-04 12:22 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2017-03-15 15:45 - 2017-03-04 12:22 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-03-15 15:45 - 2017-03-04 12:17 - 06667528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-03-15 15:45 - 2017-03-04 12:17 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-03-15 15:45 - 2017-03-04 12:10 - 01967968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-03-15 15:45 - 2017-03-04 12:01 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2017-03-15 15:45 - 2017-03-04 12:00 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-03-15 15:45 - 2017-03-04 12:00 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-03-15 15:45 - 2017-03-04 12:00 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-03-15 15:45 - 2017-03-04 11:59 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2017-03-15 15:45 - 2017-03-04 11:58 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-03-15 15:45 - 2017-03-04 11:58 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-03-15 15:45 - 2017-03-04 11:57 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-03-15 15:45 - 2017-03-04 11:56 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-03-15 15:45 - 2017-03-04 11:56 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-03-15 15:45 - 2017-03-04 11:56 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-03-15 15:45 - 2017-03-04 11:56 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-03-15 15:45 - 2017-03-04 11:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-03-15 15:45 - 2017-03-04 11:56 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-03-15 15:45 - 2017-03-04 11:56 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2017-03-15 15:45 - 2017-03-04 11:55 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-03-15 15:45 - 2017-03-04 11:55 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2017-03-15 15:45 - 2017-03-04 11:55 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShServiceObj.dll
2017-03-15 15:45 - 2017-03-04 11:54 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-03-15 15:45 - 2017-03-04 11:53 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2017-03-15 15:45 - 2017-03-04 11:53 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2017-03-15 15:45 - 2017-03-04 11:52 - 06534656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2017-03-15 15:45 - 2017-03-04 11:52 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-03-15 15:45 - 2017-03-04 11:52 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2017-03-15 15:45 - 2017-03-04 11:52 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2017-03-15 15:45 - 2017-03-04 11:51 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-03-15 15:45 - 2017-03-04 11:51 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2017-03-15 15:45 - 2017-03-04 11:50 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-03-15 15:45 - 2017-03-04 11:50 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2017-03-15 15:45 - 2017-03-04 11:50 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-03-15 15:45 - 2017-03-04 11:50 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-03-15 15:45 - 2017-03-04 11:49 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-03-15 15:45 - 2017-03-04 11:49 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2017-03-15 15:45 - 2017-03-04 11:48 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2017-03-15 15:45 - 2017-03-04 11:48 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-03-15 15:45 - 2017-03-04 11:48 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-03-15 15:45 - 2017-03-04 11:47 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-03-15 15:45 - 2017-03-04 11:47 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-03-15 15:45 - 2017-03-04 11:46 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-03-15 15:45 - 2017-03-04 11:46 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-03-15 15:45 - 2017-03-04 11:46 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-03-15 15:45 - 2017-03-04 11:46 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-03-15 15:45 - 2017-03-04 11:46 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-03-15 15:45 - 2017-03-04 11:46 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-03-15 15:45 - 2017-03-04 11:46 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-03-15 15:45 - 2017-03-04 11:46 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-03-15 15:45 - 2017-03-04 11:44 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2017-03-15 15:45 - 2017-03-04 11:43 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-03-15 15:45 - 2017-03-04 11:43 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2017-03-15 15:45 - 2017-03-04 11:43 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-03-15 15:45 - 2017-03-04 11:43 - 01056768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2017-03-15 15:45 - 2017-03-04 11:43 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2017-03-15 15:45 - 2017-03-04 11:43 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-03-15 15:45 - 2017-03-04 11:43 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-03-15 15:45 - 2017-03-04 11:41 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-03-15 15:45 - 2017-03-04 11:41 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-03-15 15:45 - 2017-03-04 11:41 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabletPC.cpl
2017-03-15 15:45 - 2017-03-04 11:41 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\tabcal.exe
2017-03-15 15:45 - 2017-03-04 11:40 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Tabbtn.dll
2017-03-15 15:45 - 2017-03-04 11:37 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-03-15 15:45 - 2017-03-04 11:37 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-03-15 15:45 - 2017-03-04 11:36 - 01017856 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-03-15 15:45 - 2017-03-04 11:35 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-03-15 15:45 - 2017-03-04 11:35 - 01133568 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2017-03-15 15:45 - 2017-03-04 11:34 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-03-15 15:45 - 2017-03-04 11:33 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2017-03-15 15:45 - 2017-03-04 11:33 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MultiDigiMon.exe
2017-03-15 15:45 - 2017-03-04 11:32 - 01485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-03-15 15:45 - 2017-03-04 11:32 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-03-15 15:45 - 2017-03-04 11:31 - 03478528 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-03-15 15:45 - 2017-03-04 11:31 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-03-15 15:45 - 2017-03-04 11:31 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-03-15 15:45 - 2017-03-04 11:31 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2017-03-15 15:45 - 2017-03-04 11:31 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-03-15 15:45 - 2017-03-04 11:31 - 01154560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2017-03-15 15:45 - 2017-03-04 11:31 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-03-15 15:45 - 2017-03-04 11:31 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-03-15 15:45 - 2017-03-04 11:31 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-03-15 15:45 - 2017-03-04 11:31 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2017-03-15 15:45 - 2017-03-04 11:31 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-03-15 15:45 - 2017-03-04 11:30 - 04557824 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2017-03-15 15:45 - 2017-03-04 11:30 - 02996736 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-03-15 15:45 - 2017-03-04 11:30 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-03-15 15:45 - 2017-03-04 11:30 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-03-15 15:45 - 2017-03-04 11:30 - 01235968 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-03-15 15:45 - 2017-03-04 11:30 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-03-15 15:45 - 2017-03-04 11:30 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2017-03-15 15:45 - 2017-03-04 11:30 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-03-15 15:45 - 2017-03-04 11:30 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-03-15 15:45 - 2017-03-04 11:29 - 01252352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-03-15 15:45 - 2017-03-04 11:27 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-03-15 15:45 - 2017-02-22 07:33 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-03-15 15:45 - 2016-07-16 07:15 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CspCellularSettings.dll
2017-03-15 15:45 - 2016-07-16 07:13 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-03-15 15:45 - 2016-07-16 07:13 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-03-15 15:44 - 2017-03-04 12:39 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-03-15 15:44 - 2017-03-04 12:39 - 00320144 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2017-03-15 15:44 - 2017-03-04 12:39 - 00092000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-03-15 15:44 - 2017-03-04 12:38 - 05999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-03-15 15:44 - 2017-03-04 12:38 - 00036704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2017-03-15 15:44 - 2017-03-04 12:36 - 01956704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-03-15 15:44 - 2017-03-04 12:36 - 00106336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-03-15 15:44 - 2017-03-04 12:32 - 00950112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-03-15 15:44 - 2017-03-04 12:32 - 00184416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2017-03-15 15:44 - 2017-03-04 12:29 - 00869728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-03-15 15:44 - 2017-03-04 12:24 - 00290272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-03-15 15:44 - 2017-03-04 12:23 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-03-15 15:44 - 2017-03-04 12:23 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-03-15 15:44 - 2017-03-04 12:23 - 00493912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-03-15 15:44 - 2017-03-04 12:23 - 00313568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2017-03-15 15:44 - 2017-03-04 12:21 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-03-15 15:44 - 2017-03-04 12:21 - 00454496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-03-15 15:44 - 2017-03-04 12:21 - 00399712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-03-15 15:44 - 2017-03-04 12:21 - 00186720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-03-15 15:44 - 2017-03-04 12:20 - 00355680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-03-15 15:44 - 2017-03-04 12:17 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-03-15 15:44 - 2017-03-04 12:17 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-03-15 15:44 - 2017-03-04 12:16 - 01384704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-03-15 15:44 - 2017-03-04 12:16 - 01224104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2017-03-15 15:44 - 2017-03-04 12:15 - 00173408 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-03-15 15:44 - 2017-03-04 12:15 - 00117280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2017-03-15 15:44 - 2017-03-04 12:15 - 00093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2017-03-15 15:44 - 2017-03-04 12:12 - 01260784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-03-15 15:44 - 2017-03-04 12:12 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-03-15 15:44 - 2017-03-04 12:04 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-03-15 15:44 - 2017-03-04 11:59 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2017-03-15 15:44 - 2017-03-04 11:58 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothDesktopHandlers.dll
2017-03-15 15:44 - 2017-03-04 11:57 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2017-03-15 15:44 - 2017-03-04 11:57 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2017-03-15 15:44 - 2017-03-04 11:56 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-03-15 15:44 - 2017-03-04 11:56 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2017-03-15 15:44 - 2017-03-04 11:56 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-03-15 15:44 - 2017-03-04 11:56 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-03-15 15:44 - 2017-03-04 11:56 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2017-03-15 15:44 - 2017-03-04 11:55 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-03-15 15:44 - 2017-03-04 11:55 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscandui.dll
2017-03-15 15:44 - 2017-03-04 11:55 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2017-03-15 15:44 - 2017-03-04 11:55 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-03-15 15:44 - 2017-03-04 11:55 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2017-03-15 15:44 - 2017-03-04 11:54 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-03-15 15:44 - 2017-03-04 11:54 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-03-15 15:44 - 2017-03-04 11:54 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-03-15 15:44 - 2017-03-04 11:54 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-03-15 15:44 - 2017-03-04 11:54 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfui.dll
2017-03-15 15:44 - 2017-03-04 11:54 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-15 15:44 - 2017-03-04 11:54 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2017-03-15 15:44 - 2017-03-04 11:53 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-03-15 15:44 - 2017-03-04 11:53 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ppcsnap.dll
2017-03-15 15:44 - 2017-03-04 11:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-03-15 15:44 - 2017-03-04 11:53 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-03-15 15:44 - 2017-03-04 11:52 - 01299968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-03-15 15:44 - 2017-03-04 11:52 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-03-15 15:44 - 2017-03-04 11:52 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-03-15 15:44 - 2017-03-04 11:52 - 00265728 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-03-15 15:44 - 2017-03-04 11:52 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-03-15 15:44 - 2017-03-04 11:52 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-03-15 15:44 - 2017-03-04 11:52 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-03-15 15:44 - 2017-03-04 11:52 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-03-15 15:44 - 2017-03-04 11:51 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-03-15 15:44 - 2017-03-04 11:51 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-03-15 15:44 - 2017-03-04 11:51 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-03-15 15:44 - 2017-03-04 11:50 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2017-03-15 15:44 - 2017-03-04 11:50 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-03-15 15:44 - 2017-03-04 11:50 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-03-15 15:44 - 2017-03-04 11:50 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2017-03-15 15:44 - 2017-03-04 11:50 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-03-15 15:44 - 2017-03-04 11:50 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-03-15 15:44 - 2017-03-04 11:50 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-03-15 15:44 - 2017-03-04 11:49 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-03-15 15:44 - 2017-03-04 11:49 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-03-15 15:44 - 2017-03-04 11:49 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-03-15 15:44 - 2017-03-04 11:49 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-03-15 15:44 - 2017-03-04 11:49 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-03-15 15:44 - 2017-03-04 11:48 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-03-15 15:44 - 2017-03-04 11:48 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2017-03-15 15:44 - 2017-03-04 11:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2017-03-15 15:44 - 2017-03-04 11:48 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-15 15:44 - 2017-03-04 11:47 - 02318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-03-15 15:44 - 2017-03-04 11:47 - 01110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-03-15 15:44 - 2017-03-04 11:47 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-03-15 15:44 - 2017-03-04 11:47 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2017-03-15 15:44 - 2017-03-04 11:47 - 00482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-03-15 15:44 - 2017-03-04 11:47 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2017-03-15 15:44 - 2017-03-04 11:46 - 00994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2017-03-15 15:44 - 2017-03-04 11:46 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-03-15 15:44 - 2017-03-04 11:46 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-03-15 15:44 - 2017-03-04 11:46 - 00762880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-03-15 15:44 - 2017-03-04 11:46 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2017-03-15 15:44 - 2017-03-04 11:46 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-03-15 15:44 - 2017-03-04 11:46 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-03-15 15:44 - 2017-03-04 11:46 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-03-15 15:44 - 2017-03-04 11:46 - 00473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-03-15 15:44 - 2017-03-04 11:46 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-03-15 15:44 - 2017-03-04 11:46 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-03-15 15:44 - 2017-03-04 11:46 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-03-15 15:44 - 2017-03-04 11:45 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-03-15 15:44 - 2017-03-04 11:44 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-03-15 15:44 - 2017-03-04 11:43 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-03-15 15:44 - 2017-03-04 11:43 - 04613120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-03-15 15:44 - 2017-03-04 11:43 - 01104896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-03-15 15:44 - 2017-03-04 11:43 - 01003520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-03-15 15:44 - 2017-03-04 11:43 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll
2017-03-15 15:44 - 2017-03-04 11:43 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-03-15 15:44 - 2017-03-04 11:43 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-03-15 15:44 - 2017-03-04 11:42 - 01842688 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-03-15 15:44 - 2017-03-04 11:42 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2017-03-15 15:44 - 2017-03-04 11:42 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-03-15 15:44 - 2017-03-04 11:42 - 00818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-03-15 15:44 - 2017-03-04 11:42 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-03-15 15:44 - 2017-03-04 11:41 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-03-15 15:44 - 2017-03-04 11:41 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-03-15 15:44 - 2017-03-04 11:40 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-03-15 15:44 - 2017-03-04 11:40 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2017-03-15 15:44 - 2017-03-04 11:40 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
2017-03-15 15:44 - 2017-03-04 11:40 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2017-03-15 15:44 - 2017-03-04 11:40 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2017-03-15 15:44 - 2017-03-04 11:39 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-03-15 15:44 - 2017-03-04 11:39 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-03-15 15:44 - 2017-03-04 11:39 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-03-15 15:44 - 2017-03-04 11:39 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2017-03-15 15:44 - 2017-03-04 11:38 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-03-15 15:44 - 2017-03-04 11:37 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-03-15 15:44 - 2017-03-04 11:37 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-03-15 15:44 - 2017-03-04 11:37 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-03-15 15:44 - 2017-03-04 11:36 - 03774464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-03-15 15:44 - 2017-03-04 11:36 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-03-15 15:44 - 2017-03-04 11:36 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-03-15 15:44 - 2017-03-04 11:36 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2017-03-15 15:44 - 2017-03-04 11:35 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-03-15 15:44 - 2017-03-04 11:35 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-03-15 15:44 - 2017-03-04 11:34 - 01136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-03-15 15:44 - 2017-03-04 11:33 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-03-15 15:44 - 2017-03-04 11:33 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-03-15 15:44 - 2017-03-04 11:33 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-03-15 15:44 - 2017-03-04 11:32 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-03-15 15:44 - 2017-03-04 11:32 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-03-15 15:44 - 2017-03-04 11:32 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-03-15 15:44 - 2017-03-04 11:31 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-03-15 15:44 - 2017-03-04 11:31 - 01571840 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-03-15 15:44 - 2017-03-04 11:31 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2017-03-15 15:44 - 2017-03-04 11:31 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-03-15 15:44 - 2017-03-04 11:30 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-03-15 15:44 - 2017-03-04 11:30 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-03-15 15:44 - 2017-03-04 11:30 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-03-15 15:44 - 2017-03-04 11:30 - 00529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-03-15 15:44 - 2017-03-04 11:27 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-03-15 15:44 - 2017-03-04 11:27 - 01438720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-03-15 15:44 - 2017-03-04 11:27 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-03-15 15:44 - 2017-03-04 11:27 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-03-15 15:44 - 2017-03-04 11:27 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2017-03-15 15:44 - 2017-03-04 11:27 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-03-15 15:44 - 2016-05-30 00:08 - 08886976 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSetup.exe
2017-03-15 15:43 - 2017-03-04 13:14 - 00685440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-03-15 15:43 - 2017-03-04 12:38 - 01725136 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-03-15 15:43 - 2017-03-04 12:24 - 01897824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-03-15 15:43 - 2017-03-04 12:23 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-03-15 15:43 - 2017-03-04 12:23 - 02256080 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-03-15 15:43 - 2017-03-04 12:23 - 00551264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-03-15 15:43 - 2017-03-04 12:23 - 00342880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-03-15 15:43 - 2017-03-04 12:21 - 00523784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-03-15 15:43 - 2017-03-04 12:17 - 04023000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-03-15 15:43 - 2017-03-04 12:17 - 01853224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-03-15 15:43 - 2017-03-04 12:17 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-03-15 15:43 - 2017-03-04 12:17 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-03-15 15:43 - 2017-03-04 12:17 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-03-15 15:43 - 2017-03-04 12:17 - 01202384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-03-15 15:43 - 2017-03-04 12:17 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-03-15 15:43 - 2017-03-04 12:17 - 00981376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-03-15 15:43 - 2017-03-04 12:17 - 00976184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-03-15 15:43 - 2017-03-04 12:17 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-03-15 15:43 - 2017-03-04 12:17 - 00530480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-03-15 15:43 - 2017-03-04 12:17 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-03-15 15:43 - 2017-03-04 12:16 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2017-03-15 15:43 - 2017-03-04 12:00 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-03-15 15:43 - 2017-03-04 11:59 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.SecureAssessment.dll
2017-03-15 15:43 - 2017-03-04 11:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-03-15 15:43 - 2017-03-04 11:57 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2017-03-15 15:43 - 2017-03-04 11:55 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCCSEngineShared.dll
2017-03-15 15:43 - 2017-03-04 11:55 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-03-15 15:43 - 2017-03-04 11:54 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2017-03-15 15:43 - 2017-03-04 11:53 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2017-03-15 15:43 - 2017-03-04 11:53 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-03-15 15:43 - 2017-03-04 11:52 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-03-15 15:43 - 2017-03-04 11:52 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2017-03-15 15:43 - 2017-03-04 11:51 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\main.cpl
2017-03-15 15:43 - 2017-03-04 11:51 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-03-15 15:43 - 2017-03-04 11:50 - 00301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-03-15 15:43 - 2017-03-04 11:49 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2017-03-15 15:43 - 2017-03-04 11:49 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-03-15 15:43 - 2017-03-04 11:48 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-03-15 15:43 - 2017-03-04 11:47 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-03-15 15:43 - 2017-03-04 11:47 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-03-15 15:43 - 2017-03-04 11:46 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2017-03-15 15:43 - 2017-03-04 11:46 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-03-15 15:43 - 2017-03-04 11:45 - 18362368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-03-15 15:43 - 2017-03-04 11:43 - 19411968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-03-15 15:43 - 2017-03-04 11:43 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-03-15 15:43 - 2017-03-04 11:42 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-03-15 15:43 - 2017-03-04 11:42 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2017-03-15 15:43 - 2017-03-04 11:41 - 01357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2017-03-15 15:43 - 2017-03-04 11:40 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-03-15 15:43 - 2017-03-04 11:38 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-03-15 15:43 - 2017-03-04 11:37 - 12178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-03-15 15:43 - 2017-03-04 11:37 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-03-15 15:43 - 2017-03-04 11:37 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-03-15 15:43 - 2017-03-04 11:36 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-03-15 15:43 - 2017-03-04 11:36 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-03-15 15:43 - 2017-03-04 11:35 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-03-15 15:43 - 2017-03-04 11:34 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-03-15 15:43 - 2017-03-04 11:33 - 02363904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-03-15 15:43 - 2017-03-04 11:33 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-03-15 15:43 - 2017-03-04 11:32 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-03-15 15:43 - 2017-03-04 11:32 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-03-15 15:43 - 2017-03-04 11:32 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-03-15 15:43 - 2017-03-04 11:30 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-03-15 15:43 - 2017-03-04 11:30 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-03-15 15:43 - 2017-03-04 11:30 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-03-15 15:43 - 2017-03-04 11:30 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-03-15 15:43 - 2017-03-04 11:29 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-03-15 15:43 - 2017-03-04 11:29 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-03-15 15:42 - 2017-03-04 13:27 - 01339744 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-03-15 15:42 - 2017-03-04 13:27 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-03-15 15:42 - 2017-03-04 13:27 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-03-15 15:42 - 2017-03-04 13:27 - 00229720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-03-15 15:42 - 2017-03-04 13:27 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-03-15 15:42 - 2017-03-04 13:27 - 00073056 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-03-15 15:42 - 2017-03-04 13:27 - 00031584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-03-15 15:42 - 2017-03-04 13:16 - 00448864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-03-15 15:42 - 2017-03-04 12:39 - 00497416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-03-15 15:42 - 2017-03-04 12:36 - 00341336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2017-03-15 15:42 - 2017-03-04 12:34 - 02048496 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-15 15:42 - 2017-03-04 12:29 - 00055136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-03-15 15:42 - 2017-03-04 12:27 - 00581672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-03-15 15:42 - 2017-03-04 12:26 - 00248992 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-03-15 15:42 - 2017-03-04 12:24 - 02277288 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-03-15 15:42 - 2017-03-04 12:24 - 00524776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-03-15 15:42 - 2017-03-04 12:21 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-03-15 15:42 - 2017-03-04 12:20 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-03-15 15:42 - 2017-03-04 12:17 - 00432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2017-03-15 15:42 - 2017-03-04 12:17 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-03-15 15:42 - 2017-03-04 12:16 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-03-15 15:42 - 2017-03-04 12:16 - 00198496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-03-15 15:42 - 2017-03-04 12:16 - 00125792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-03-15 15:42 - 2017-03-04 12:15 - 00112120 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2017-03-15 15:42 - 2017-03-04 12:12 - 01411616 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-03-15 15:42 - 2017-03-04 12:12 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-03-15 15:42 - 2017-03-04 12:06 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-03-15 15:42 - 2017-03-04 12:00 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-03-15 15:42 - 2017-03-04 11:59 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dggpext.dll
2017-03-15 15:42 - 2017-03-04 11:57 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-03-15 15:42 - 2017-03-04 11:57 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-03-15 15:42 - 2017-03-04 11:57 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2017-03-15 15:42 - 2017-03-04 11:57 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dplaysvr.exe
2017-03-15 15:42 - 2017-03-04 11:56 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-03-15 15:42 - 2017-03-04 11:54 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-03-15 15:42 - 2017-03-04 11:54 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-03-15 15:42 - 2017-03-04 11:53 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-03-15 15:42 - 2017-03-04 11:53 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dxpserver.exe
2017-03-15 15:42 - 2017-03-04 11:52 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-03-15 15:42 - 2017-03-04 11:52 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-03-15 15:42 - 2017-03-04 11:51 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-03-15 15:42 - 2017-03-04 11:51 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-03-15 15:42 - 2017-03-04 11:50 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-03-15 15:42 - 2017-03-04 11:50 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-03-15 15:42 - 2017-03-04 11:50 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-03-15 15:42 - 2017-03-04 11:50 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-03-15 15:42 - 2017-03-04 11:50 - 00322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-03-15 15:42 - 2017-03-04 11:49 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2017-03-15 15:42 - 2017-03-04 11:49 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-03-15 15:42 - 2017-03-04 11:49 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2017-03-15 15:42 - 2017-03-04 11:49 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-03-15 15:42 - 2017-03-04 11:48 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2017-03-15 15:42 - 2017-03-04 11:48 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2017-03-15 15:42 - 2017-03-04 11:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-03-15 15:42 - 2017-03-04 11:48 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-03-15 15:42 - 2017-03-04 11:47 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2017-03-15 15:42 - 2017-03-04 11:46 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-03-15 15:42 - 2017-03-04 11:43 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-03-15 15:42 - 2017-03-04 11:43 - 00699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-03-15 15:42 - 2017-03-04 11:42 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-03-15 15:42 - 2017-03-04 11:42 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-03-15 15:42 - 2017-03-04 11:42 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-03-15 15:42 - 2017-03-04 11:42 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-03-15 15:42 - 2017-03-04 11:41 - 01284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-03-15 15:42 - 2017-03-04 11:40 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2017-03-15 15:42 - 2017-03-04 11:40 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2017-03-15 15:42 - 2017-03-04 11:39 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-03-15 15:42 - 2017-03-04 11:39 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
2017-03-15 15:42 - 2017-03-04 11:38 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-03-15 15:42 - 2017-03-04 11:37 - 01406976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-03-15 15:42 - 2017-03-04 11:37 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhtask.dll
2017-03-15 15:42 - 2017-03-04 11:36 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-03-15 15:42 - 2017-03-04 11:36 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-03-15 15:42 - 2017-03-04 11:35 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-03-15 15:42 - 2017-03-04 11:35 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-03-15 15:42 - 2017-03-04 11:35 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2017-03-15 15:42 - 2017-03-04 11:35 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-03-15 15:42 - 2017-03-04 11:35 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2017-03-15 15:42 - 2017-03-04 11:33 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-03-15 15:42 - 2017-03-04 11:32 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-03-15 15:42 - 2017-03-04 11:32 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-03-15 15:42 - 2017-03-04 11:32 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2017-03-15 15:42 - 2017-03-04 11:31 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-03-15 15:42 - 2017-03-04 11:31 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-03-15 15:42 - 2017-03-04 11:31 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-03-15 15:42 - 2017-03-04 11:31 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2017-03-15 15:42 - 2017-03-04 11:31 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2017-03-15 15:42 - 2017-03-04 11:30 - 02003968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-03-15 15:42 - 2017-03-04 11:30 - 01524224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-03-15 15:42 - 2017-03-04 11:30 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-03-15 15:41 - 2017-03-04 13:27 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-03-15 15:41 - 2017-03-04 12:39 - 00890984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-03-15 15:41 - 2017-03-04 12:39 - 00783552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-03-15 15:41 - 2017-03-04 12:37 - 01073816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-03-15 15:41 - 2017-03-04 12:37 - 00945760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-03-15 15:41 - 2017-03-04 12:10 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-03-15 15:41 - 2017-03-04 11:55 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2017-03-15 15:41 - 2017-03-04 11:52 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-03-15 15:41 - 2017-03-04 11:50 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-03-15 15:41 - 2017-03-04 11:50 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2017-03-15 15:41 - 2017-03-04 11:49 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2017-03-15 15:41 - 2017-03-04 11:46 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-03-15 15:41 - 2017-03-04 11:45 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroleui.dll
2017-03-15 15:41 - 2017-03-04 11:41 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-03-15 15:41 - 2017-03-04 11:37 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-03-15 15:41 - 2017-03-04 11:33 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxclu.dll
2017-03-15 15:40 - 2017-03-04 13:27 - 00980320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-03-15 15:40 - 2017-03-04 13:27 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-03-15 15:40 - 2017-03-04 13:27 - 00279392 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-03-15 15:40 - 2017-03-04 13:27 - 00192352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-03-15 15:40 - 2017-03-04 13:14 - 01470816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems32.dll
2017-03-15 15:40 - 2017-03-04 13:11 - 00078176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2017-03-15 15:40 - 2017-03-04 12:33 - 00583136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-03-15 15:40 - 2017-03-04 12:21 - 00086360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-03-15 15:40 - 2017-03-04 12:21 - 00060768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-03-15 15:40 - 2017-03-04 11:56 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2017-03-15 15:40 - 2017-03-04 11:55 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2017-03-15 15:40 - 2017-03-04 11:54 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-03-15 15:40 - 2017-03-04 11:53 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-03-15 15:40 - 2017-03-04 11:53 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-03-15 15:40 - 2017-03-04 11:53 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-03-15 15:40 - 2017-03-04 11:51 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-03-15 15:40 - 2017-03-04 11:50 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-03-15 15:40 - 2017-03-04 11:50 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-03-15 15:40 - 2017-03-04 11:50 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-03-15 15:40 - 2017-03-04 11:49 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-03-15 15:40 - 2017-03-04 11:49 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2017-03-15 15:40 - 2017-03-04 11:48 - 01378304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-03-15 15:40 - 2017-03-04 11:46 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-03-15 15:40 - 2017-03-04 11:45 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-03-15 15:40 - 2017-03-04 11:44 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2017-03-15 15:40 - 2017-03-04 11:43 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-03-15 15:40 - 2017-03-04 11:35 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-03-15 15:40 - 2017-03-04 11:32 - 01949696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-03-15 15:40 - 2017-03-04 11:31 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-03-15 15:40 - 2017-03-04 11:30 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-03-15 15:39 - 2017-03-04 12:21 - 00458592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-03-15 15:39 - 2017-03-04 11:58 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-03-15 10:55 - 2017-03-15 10:55 - 01468697 _____ C:\Users\MJ\Desktop\172123.pdf
2017-03-15 10:54 - 2017-03-15 10:54 - 01495357 _____ C:\Users\MJ\Desktop\172206.pdf
2017-03-15 10:53 - 2017-03-15 10:53 - 00120375 _____ C:\Users\MJ\Desktop\172290.pdf
2017-03-14 17:11 - 2017-04-04 17:20 - 00000000 ____D C:\Users\MJ\AppData\Roaming\Everything
2017-03-13 21:05 - 2017-03-13 21:05 - 00000936 _____ C:\Users\MJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2017-03-13 21:05 - 2017-03-13 21:05 - 00000888 _____ C:\Users\MJ\Desktop\Start Tor Browser.lnk
2017-03-13 21:03 - 2017-03-13 21:03 - 00000000 ____D C:\Users\MJ\Desktop\Tor Browser
2017-03-13 20:30 - 2017-03-13 20:30 - 00001048 _____ C:\Users\Public\Desktop\WinRAR.lnk
2017-03-13 19:43 - 2017-03-13 19:43 - 00001094 _____ C:\Users\Public\Desktop\Beyond Compare 4.lnk
2017-03-13 19:21 - 2017-03-13 19:21 - 00000000 ___HD C:\Users\MJ\AppData\Roaming\Obsidium
2017-03-13 19:21 - 2017-03-13 19:21 - 00000000 ___HD C:\Users\MJ\.obs32
2017-03-13 19:20 - 2017-03-13 19:20 - 00001910 _____ C:\ProgramData\Microsoft\Windows\Start Menu\TeraCopy.lnk
2017-03-12 21:01 - 2017-03-13 22:06 - 00000000 ____D C:\Users\MJ\AppData\Roaming\tixati
2017-03-12 21:01 - 2017-03-12 21:01 - 00001010 _____ C:\Users\MJ\Desktop\Tixati.lnk
2017-03-12 21:01 - 2017-03-12 21:01 - 00000000 ____D C:\Users\MJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tixati
2017-03-12 21:01 - 2017-03-12 21:01 - 00000000 ____D C:\Program Files\tixati
2017-03-12 20:39 - 2017-03-12 20:39 - 00000000 ____D C:\Foxit Software
2017-03-12 20:32 - 2017-03-12 20:32 - 00000000 ____D C:\ProgramData\Foxit Software
2017-03-12 20:29 - 2017-03-12 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2017-03-12 18:12 - 2017-03-12 18:12 - 00000000 _____ C:\SophosBootTasks.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-06 10:34 - 2016-09-20 16:33 - 00000000 ____D C:\Users\MJ\AppData\Roaming\Monotype
2017-04-06 10:32 - 2016-07-16 13:59 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-06 10:32 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-06 10:32 - 2016-01-21 15:12 - 00000000 ____D C:\FRST
2017-04-06 10:27 - 2016-11-17 13:03 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-04 17:21 - 2016-07-16 07:52 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-04-04 17:20 - 2016-04-23 17:13 - 00000000 ____D C:\Users\MJ\AppData\Local\Everything
2017-04-04 17:06 - 2015-07-17 17:04 - 00000000 ____D C:\Users\MJ\AppData\Roaming\TeraCopy
2017-04-04 17:02 - 2016-11-17 12:20 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-04-04 15:21 - 2015-08-09 16:48 - 00000000 ____D C:\Users\MJ\AppData\Local\Packages
2017-04-04 14:54 - 2016-07-16 13:59 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-04-04 14:54 - 2016-07-16 13:59 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-04-04 14:50 - 2015-07-01 12:56 - 00000000 ____D C:\Program Files\Microsoft Office
2017-04-04 14:20 - 2016-11-17 12:29 - 00000000 ____D C:\Users\MJ
2017-04-04 14:10 - 2015-07-04 10:54 - 00000000 ____D C:\Users\MJ\AppData\Roaming\Skype
2017-04-03 16:01 - 2017-01-11 15:56 - 00000000 ____D C:\Users\MJ\AppData\LocalLow\Mozilla
2017-04-03 15:58 - 2017-02-13 13:26 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-04-03 14:58 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-04-01 13:25 - 2016-07-16 13:58 - 00000000 ____D C:\WINDOWS\INF
2017-03-31 15:57 - 2016-03-16 23:05 - 00000000 ____D C:\Program Files\ABBYY FineReader 12
2017-03-31 13:42 - 2015-06-30 08:51 - 00431272 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-03-31 13:41 - 2016-07-16 07:52 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-31 13:05 - 2015-06-30 13:16 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-03-31 10:18 - 2017-02-15 15:43 - 00001071 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk
2017-03-31 10:18 - 2016-05-04 15:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-03-30 11:47 - 2016-05-30 11:47 - 00000000 ____D C:\Users\MJ\AppData\Roaming\WhatsApp
2017-03-29 11:29 - 2016-04-14 12:49 - 00000000 ____D C:\Program Files\Dropbox
2017-03-28 15:14 - 2016-12-16 17:01 - 00614144 _____ C:\Users\MJ\Desktop\Company Profile (HS1).pdf
2017-03-27 10:53 - 2015-07-01 11:18 - 00000000 ____D C:\ProgramData\Skype
2017-03-27 10:52 - 2016-01-23 19:36 - 00000000 ___RD C:\Program Files\Skype
2017-03-27 10:50 - 2015-06-30 12:29 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-21 15:24 - 2015-06-30 14:04 - 00000000 ____D C:\Users\MJ\AppData\Roaming\DMCache
2017-03-21 14:49 - 2015-07-18 12:19 - 00000000 ____D C:\Program Files\Google
2017-03-21 14:48 - 2015-10-05 22:16 - 00000000 ____D C:\Users\MJ\AppData\Local\CrashDumps
2017-03-21 14:41 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-03-20 07:45 - 2016-11-17 12:27 - 01134190 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-18 22:14 - 2017-02-06 11:37 - 00000000 ____D C:\Users\MJ\AppData\Roaming\Samsung
2017-03-18 22:12 - 2015-07-27 07:16 - 00000000 ____D C:\Program Files\SAMSUNG
2017-03-18 14:04 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\rescache
2017-03-17 16:34 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-03-17 16:34 - 2016-07-16 13:49 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-17 14:21 - 2016-05-30 11:47 - 00000000 ____D C:\Users\MJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2017-03-17 14:21 - 2016-05-30 11:46 - 00000000 ____D C:\Users\MJ\AppData\Local\WhatsApp
2017-03-17 14:18 - 2016-05-30 11:45 - 00000000 ____D C:\Users\MJ\AppData\Local\SquirrelTemp
2017-03-15 20:22 - 2015-08-09 16:50 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-03-15 20:18 - 2016-11-17 12:19 - 00536848 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-15 20:16 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\setup
2017-03-15 20:16 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-03-15 20:15 - 2016-07-16 13:59 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-03-15 20:15 - 2016-07-16 13:59 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-03-15 20:15 - 2016-07-16 13:59 - 00000000 ___RD C:\Program Files\Windows Defender
2017-03-15 20:15 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-03-15 20:15 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-03-15 20:15 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-03-15 20:15 - 2016-07-16 13:59 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-03-15 16:28 - 2015-07-01 00:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-03-15 16:20 - 2015-07-01 00:51 - 135706696 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-03-15 10:09 - 2015-06-30 08:15 - 00000000 ____D C:\Users\MJ\AppData\Local\ElevatedDiagnostics
2017-03-14 10:19 - 2016-04-20 11:00 - 00000000 ____D C:\Program Files\Beyond Compare 4
2017-03-13 20:30 - 2015-10-23 06:44 - 00000000 ____D C:\Users\MJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-03-13 20:30 - 2015-10-23 06:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-03-13 20:29 - 2015-10-23 06:44 - 00000000 ____D C:\Program Files\WinRAR
2017-03-13 19:43 - 2016-04-20 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Beyond Compare 4
2017-03-13 19:20 - 2015-10-23 06:34 - 00000000 ____D C:\Program Files\TeraCopy
2017-03-13 19:19 - 2017-02-25 19:17 - 00002112 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2017-03-13 19:19 - 2015-12-28 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2017-03-13 19:19 - 2015-12-28 11:18 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2017-03-13 13:50 - 2015-10-28 11:22 - 00000000 ____D C:\Program Files\Internet Download Manager
2017-03-12 20:45 - 2015-09-12 12:25 - 00000000 ____D C:\Users\MJ\Desktop\Shortcuts
2017-03-12 20:30 - 2015-10-28 11:22 - 00000000 ____D C:\Users\MJ\AppData\Roaming\IDM
2017-03-12 18:40 - 2015-07-18 12:21 - 00002294 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-12 18:10 - 2015-09-28 17:00 - 00000000 ____D C:\Program Files\Common Files\Apple
2017-03-12 18:09 - 2016-09-28 13:48 - 00000000 ____D C:\Program Files\iPod
2017-03-12 13:06 - 2016-12-06 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Apps Migration
2017-03-10 10:47 - 2016-07-16 14:01 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-03-10 10:47 - 2016-07-16 14:01 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2016-02-01 12:27 - 2016-02-01 12:27 - 0000006 ____S () C:\ProgramData\4ad31ab5f189ff4c9184cbc5cb3ef7bbc77e1818

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-03-31 14:04

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-03-2017
Ran by MJ (06-04-2017 10:38:37)
Running from E:\MJ1\Systems & Mobile Softwares\System Softwares
Microsoft Windows 10 Pro Version 1607 (X86) (2016-11-17 07:43:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2807340434-1949843575-1337704626-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2807340434-1949843575-1337704626-503 - Limited - Disabled)
Guest (S-1-5-21-2807340434-1949843575-1337704626-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2807340434-1949843575-1337704626-1002 - Limited - Enabled)
MJ (S-1-5-21-2807340434-1949843575-1337704626-1000 - Administrator - Enabled) => C:\Users\MJ

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 12 Corporate (HKLM\...\{F12000CE-0001-0000-0000-074957833700}) (Version: 12.1.439 - ABBYY Production LLC)
Adobe Flash Player 25 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 25.0.0.149 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 25.0.0.149 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.8.198 - Adobe Systems, Inc.)
airtel (HKLM\...\airtel) (Version: 23.015.02.02.284 - Huawei Technologies Co.,Ltd)
Apple Application Support (32-bit) (HKLM\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{15A0A9A6-6CF0-4EEE-8E12-096B33F92CA7}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM\...\{0b46d918-af4f-4612-8076-5c0ae67cb2aa}) (Version: 1.2.81.41506 - Avira Operations GmbH & Co. KG)
Avira Connect (Version: 1.2.81.41506 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM\...\Avira Phantom VPN) (Version: 2.7.1.26756 - Avira Operations GmbH & Co. KG)
BarTender 10.1 UltraLite (HKLM\...\BarTender UltraLite) (Version: 10.1.2934 - Seagull Scientific)
BarTender 10.1 UltraLite (Version: 10.1.2934 - Seagull Scientific) Hidden
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
Canon LBP3010/LBP3018/LBP3050 (HKLM\...\Canon LBP3010/LBP3018/LBP3050) (Version:  - )
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Dropbox (HKLM\...\Dropbox) (Version: 23.3.16 - Dropbox, Inc.)
Dropbox Update Helper (Version: 1.3.61.1 - Dropbox, Inc.) Hidden
Epson Connect Printer Setup (HKLM\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.81.0000 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM\...\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}) (Version: 2.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON L455 Series Printer Uninstall (HKLM\...\EPSON L455 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Manuals (HKLM\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.53.0.0 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM\...\{83475ED4-8CCD-4F42-B877-7E2CC2BBD97B}) (Version: 2.0.0.0 - Seiko Epson Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EpsonNet Config V4 (HKLM\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.7.0 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{15A0F113-BF2C-4C12-8AA8-42AE0D9AE1C9}) (Version: 3.1.2.0 - SEIKO EPSON Corporation)
EtNumToTextClient (HKLM\...\{EBD16DD5-EB80-454F-A52B-C97D14F54FC2}) (Version: 1.0.0.0 - Nextenders(I) Pvt. Ltd.)
Everything 1.4.0.713b (x86) (HKLM\...\Everything) (Version: 1.4.0.713b (x86) - David Carpenter)
FileHippo App Manager (HKLM\...\FileHippo.com) (Version:  - FileHippo.com)
FileZilla Client 3.25.0-rc1 (HKLM\...\FileZilla Client) (Version: 3.25.0-rc1 - Tim Kosse)
FoV Calculator (HKLM\...\FoV Calculator) (Version: 4.5.0 - HANWHA TECHWIN CO.,LTD.)
Foxit PhantomPDF (HKLM\...\{606F14DC-FD6A-11E6-855E-000C2992F709}) (Version: 8.2.1.6871 - Foxit Software Inc.)
Google Apps Migration For Microsoft Outlook® 4.0.30.10 (HKLM\...\{141D6939-CB21-419F-9FCC-506A2CD03110}) (Version: 4.0.30.10 - Google, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 57.0.2987.98 - Google Inc.)
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
iCloud (HKLM\...\{39C05E71-5881-4EE2-B00D-27AFA010CAA4}) (Version: 5.2.1.69 - Apple Inc.)
IDM Patch 6.25 build 01 (HKLM\...\IDM Patch 6.25 build 01) (Version: build 01 - SandySeedings Team)
Inkscape 0.91 (HKLM\...\Inkscape) (Version: 0.91 - )
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation)
Intel® Driver Update Utility (HKLM\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Internet Download Manager (HKLM\...\Internet Download Manager) (Version:  - Tonec Inc.)
Java 8 Update 121 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Metric Collection SDK 35 (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 Business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 16.0.7870.2031 - Microsoft Corporation)
Microsoft Support and Recovery Assistant for Office 365 (HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\4415f693b586d348) (Version: 16.0.1519.6 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 (HKLM\...\{1f407217-9aec-4146-8504-e64ac959c534}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Partner (HKLM\...\Mobile Partner) (Version: 23.015.02.00.03 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 53.0 (x86 en-US) (HKLM\...\Mozilla Firefox 53.0 (x86 en-US)) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.0.6295 - Mozilla)
MyEpson Portal (HKLM\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
NXPowerLite Desktop 6 (HKLM\...\{29EC0D32-8186-4FC5-9303-1E7ED65726AC}) (Version: 6.2.12 - Neuxpower Solutions Ltd)
NxtCryptoSetup (HKLM\...\{BB113591-6E67-4845-9D58-E0C81B7358C5}) (Version: 1.0.0 - NEXT TENDER)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Online Updater (HKLM\...\Online Updater) (Version: 1.4.0.0 - Samsung Techwin Co., Ltd.)
PatchCleaner (HKLM\...\{727DA176-50BB-452C-8DB5-96EE0A573ED4}) (Version: 1.4.20 - HomeDev)
PDF Password Remover (HKLM\...\{DB150C19-4A8F-4EF7-AC75-96098EACE179}) (Version: 1.0.6 - PDF Technologies)
QQ International (HKLM\...\{3CA54984-A14B-42FE-9FF1-7EA90151D725}) (Version: 1.91.1369.0 - Tencent Technology(Shenzhen) Company Limited)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.42.304.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Samsung Easy Document Creator (HKLM\...\Samsung Easy Document Creator) (Version: 1.06.46 (30-Oct-14) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (Version: 1.03.05.18 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Secunia PSI (3.0.0.11003) (HKLM\...\Secunia PSI) (Version: 3.0.0.11003 - Secunia)
SkyFonts™ (HKLM\...\{4924FFCD-1019-4E4E-B16A-1200A2ED47AF}) (Version: 5.9.0.0 - Monotype Imaging Inc.)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.33 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.5 - Sophos Limited)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated)
Tixati (HKLM\...\tixati) (Version:  - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WebCms 3.2.0.30 (HKLM\...\WebCms 3.2.0.30) (Version: 3.2.0.30 - WebCms)
WhatsApp (HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\WhatsApp) (Version: 0.2.3699 - WhatsApp)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wondershare MobileGo(Version 8.2.3) (HKLM\...\{1E04C795-7359-4E05-8A0E-5644F777AA09}_is1) (Version: 8.2.3 - Wondershare)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{4818B03A-31D0-1D22-F874-CA505AB2E342}\InprocServer32 -> C:\WINDOWS\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InprocServer32 -> 0x973B43899186D201B5644E899186D201010000000E00000000000000 => No File
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocServer32 -> no filepath

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05C23B1F-6EBD-4003-B577-21FE90E07AC1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {06350DAC-204A-4B2E-A686-BE9465A2F83C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {09BCC2E6-1EA0-422D-92FA-134C2E421476} - System32\Tasks\EPSON L455 Series Update {8077F65E-3061-478F-B193-B13D7EBB4DE1} => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_TTSNGE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {0CFFD70F-1474-4579-872B-C4292AB177C4} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {12D7E3C3-F0B0-43AA-AE6B-0BD1F986D7B4} - System32\Tasks\EPSON L455 Series Update {E0506314-471B-4B1A-9C4E-DDBEB0A6F646} => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_TTSNGE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {176DF5C3-3620-45A0-92E7-39E257713AFF} - System32\Tasks\{84CD70DD-E907-496F-B5F6-F4D5F5B62482} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.6.0.103/en/go/help.faq.installer?LastError=1618
Task: {1B63C456-9B59-4DF0-9CD6-740B4684EAAA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {2809EEEF-87A5-4ADF-BC51-7FAD6FD4E45A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {2CD3516C-5002-4E75-87E9-FE370568884B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe 
Task: {2FD837C1-C6C0-4F88-8967-D72F1FCBE987} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe 
Task: {3331BAE3-A1AC-4EB2-8F9B-A4229470FB06} - System32\Tasks\{A0ABF513-874D-443D-BDA9-1345D6529D8E} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.6.0.103/en/go/help.faq.installer?LastError=1618
Task: {34727FDE-03F1-4AFA-9E29-848B2ACDB206} - System32\Tasks\EPSON L455 Series Update {0337DDB0-DBDB-4D20-997B-2D153D6C8041} => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_TTSNGE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {39C1E52C-2B21-49A9-B4F3-1E748702675E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 35 => %ProgramFiles%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe 
Task: {3B25E2C5-5FBD-4869-BCFA-47A3863541BF} - System32\Tasks\Internet Download Manager module => C:\ProgramData\IDM\IDMGrHlp.exe 
Task: {3BF7172C-06FE-47D4-B1F6-5AABFAB1F52B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-07-18] (Google Inc.)
Task: {3CB55E12-DA52-4C18-91A9-66CF48277709} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe 
Task: {3E0F3B21-B27D-4628-875D-56E14F314D0E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe 
Task: {413D2A43-5990-4953-84C2-F711FA116CD4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {5A6D533B-D339-48C4-85CE-98EC8DDA113B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-04-14] (Dropbox, Inc.)
Task: {635D31F3-49A4-4FFC-A1BE-B12C735281F2} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {6E57F74C-7AC7-4BF4-A3F8-A3C8236A54F3} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {701B6BCD-757C-47BB-A2B4-A0F47C1E5FAE} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-03-27] (Microsoft Corporation)
Task: {8699F573-34E9-4F39-AAF8-CC027CD7D9AB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-07-18] (Google Inc.)
Task: {873119C0-68BF-47B5-ADE8-F9848E05E3C2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-04-14] (Dropbox, Inc.)
Task: {8C519A18-3E53-48D5-80C2-8F49AB48D81B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-03] (Adobe Systems Incorporated)
Task: {902FF1E1-83F3-4355-9E45-429601826B43} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-26] (Microsoft Corporation)
Task: {910BB25D-2D66-43DD-B3CE-E023EF786ADF} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {9198465E-8A91-424A-8EB7-857F683BAB3F} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {91A4486A-9814-44F9-9151-7B0680D85AC6} - System32\Tasks\{E75258F1-6257-4061-8FB8-34163EF1F044} => pcalua.exe -a C:\Users\MJ\Downloads\Drivers\sp53753.exe -d C:\Users\MJ\Downloads\Drivers
Task: {9E013671-A592-42A0-9D35-4441C64978A7} - System32\Tasks\EPSON L455 Series Update {8DD00055-E826-4A49-B09E-1B852A1A5AE6} => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_TTSNGE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {AA1F2214-0AAF-4FEA-AC08-1220EF5D0516} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {AB85BBDA-AA87-472A-86E0-2056D0388ADE} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {AE362DC6-CADD-44D5-9FA0-1D02238AD4A1} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {AF36C967-74C9-4044-9ED8-86716F60611D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {B48E413D-D9F8-4836-AA0E-F8CBDA1F3863} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {BE6193C9-F796-4322-AE1C-680EE00DCA80} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {C4DDDA2E-8048-484B-8338-907F7DA3823B} - System32\Tasks\{2B17CBF3-CDF2-4293-B8D1-F5D27D59C538} => pcalua.exe -a C:\Users\MJ\Downloads\Drivers\sp52196.exe -d C:\Users\MJ\Downloads\Drivers
Task: {CBEA2037-05C8-4EF5-B47E-163DF0F92592} - System32\Tasks\ThinPrint AutoConnect component for 32 bit applications => C:\Users\Public\Documents\Microsoft\Assistance\Tools\TPAutoConnect32.exe 
Task: {D1C5BDF0-133B-48A9-9DAE-1D170A9DB438} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {D7708149-456C-4AAC-A3F2-4A359FADD42C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {F4F9CA3F-C059-496D-B23A-D550F50103F1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-26] (Microsoft Corporation)
Task: {F6F84191-881F-4F4A-BB98-CA443ABE1006} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe 
Task: {F72CD9CC-2654-4580-BADB-21DA51DA563B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {FB986840-25CB-42B6-A614-6E3F065BB1E6} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {FE34CBCD-B9A9-4163-8684-AEBA3D37403A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON L455 Series Update {0337DDB0-DBDB-4D20-997B-2D153D6C8041}.job => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_TTSNGE.EXE :/EXE:{0337DDB0-DBDB-4D20-997B-2D153D6C8041} /F:Update  WORKGROUP\MJ-PC$ ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON L455 Series Update {8077F65E-3061-478F-B193-B13D7EBB4DE1}.job => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_TTSNGE.EXE :/EXE:{8077F65E-3061-478F-B193-B13D7EBB4DE1} /F:Update  WORKGROUP\MJ-PC$ ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON L455 Series Update {8DD00055-E826-4A49-B09E-1B852A1A5AE6}.job => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_TTSNGE.EXE :/EXE:{8DD00055-E826-4A49-B09E-1B852A1A5AE6} /F:Update  WORKGROUP\MJ-PC$ ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON L455 Series Update {E0506314-471B-4B1A-9C4E-DDBEB0A6F646}.job => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_TTSNGE.EXE :/EXE:{E0506314-471B-4B1A-9C4E-DDBEB0A6F646} /F:Update  WORKGROUP\MJ-PC$ ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\MJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e9cc420c2be074d9\Identity API Scope Approval UI.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ahjaciijnoiaklcomgnblndopackapon

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 13:55 - 2016-07-16 13:55 - 00190976 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-03-15 15:42 - 2017-03-04 12:34 - 02048496 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-06 07:46 - 2013-04-15 11:49 - 00176128 _____ () C:\WINDOWS\System32\HP1006LM.DLL
2016-03-21 10:09 - 2012-09-18 15:26 - 00169472 _____ () C:\WINDOWS\System32\zlhp1020.dll
2015-08-14 14:17 - 2015-08-14 14:17 - 00022723 _____ () C:\WINDOWS\System32\sss1ml3.dll
2016-02-15 21:02 - 2016-02-15 21:02 - 00027160 _____ () C:\WINDOWS\System32\us008lm.dll
2015-08-06 07:49 - 2013-04-15 11:49 - 00059904 _____ () C:\WINDOWS\system32\spool\PRTPROCS\W32X86\HP1006PP.dll
2016-03-21 11:04 - 2012-09-18 15:26 - 00059904 _____ () C:\WINDOWS\system32\spool\PRTPROCS\W32X86\pphp1020.dll
2016-04-23 13:57 - 2015-11-24 11:36 - 01390336 _____ () C:\Program Files\Everything\Everything.exe
2016-07-04 12:33 - 2015-12-23 18:31 - 00625440 _____ () C:\Program Files\IObit\LiveUpdate\ProductStatistics.dll
2016-06-04 12:07 - 2016-06-04 09:35 - 00619008 _____ () C:\Program Files\pSP2Clnt\service\pSP2Clnt.exe
2017-03-15 15:42 - 2017-03-04 12:34 - 02048496 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2017-03-04 19:43 - 2017-03-04 19:43 - 00048296 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2016-03-15 11:05 - 2017-02-26 23:28 - 08929984 _____ () C:\Program Files\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll
2015-10-23 06:34 - 2016-12-07 16:40 - 02237776 _____ () C:\Program Files\TeraCopy\TeraCopyExt.dll
2016-07-16 13:55 - 2016-07-16 13:55 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 15:45 - 2017-03-04 11:54 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 15:42 - 2017-03-04 11:34 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 15:42 - 2017-03-04 11:28 - 01150464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-18 01:25 - 2016-11-18 01:25 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-15 15:42 - 2017-03-04 11:28 - 00779776 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-03-15 15:42 - 2017-03-04 11:28 - 01724928 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-15 15:42 - 2017-03-04 11:30 - 03158528 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2012-11-26 23:54 - 2012-11-26 23:54 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\dgsnd.gov.in -> hxxp://dgsnd.gov.in
IE trusted site: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\eprocure.gov.in -> hxxp://eprocure.gov.in
IE trusted site: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\google.co.in -> hxxps://www.google.co.in
IE trusted site: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\icicibank.com -> hxxp://www.icicibank.com
IE trusted site: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\mcdetenders.com -> hxxp://mcdetenders.com
IE trusted site: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\mcdtenders.com -> hxxp://engineering.mcdtenders.com
IE trusted site: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\sharepoint.com -> hxxps://avsystems1.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 07:34 - 2017-02-14 14:53 - 00000854 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 magicalmailapp.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MJ\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: CNAP2 Launcher => C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAP2LAK.EXE
MSCONFIG\startupreg: GoogleChromeAutoLaunch_B2544431BFD6B2D61733FA5F91ED6200 => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: IDMan => C:\Program Files\Internet Download Manager\IDMan.exe /onboot
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
HKLM\...\StartupApproved\StartupFolder: => "MobileGo Service.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Secunia PSI Tray.lnk"
HKLM\...\StartupApproved\Run: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run: => "CNAP2 Launcher"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "EEventManager"
HKLM\...\StartupApproved\Run: => "Dropbox"
HKLM\...\StartupApproved\Run: => "Bonus.SSR.FR12"
HKLM\...\StartupApproved\Run: => "InstallerLauncher"
HKLM\...\StartupApproved\Run: => "Connectify Hotspot"
HKLM\...\StartupApproved\Run: => "SleekBillNot"
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\StartupApproved\Run: => "CallCenter JustPhone"
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\StartupApproved\Run: => "FileHippo.com"
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_B2544431BFD6B2D61733FA5F91ED6200"
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\StartupApproved\Run: => "QQ2009"
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\StartupApproved\Run: => "Advanced SystemCare Ultimate"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [ScanManagement-RCWS-Out-TCP] => (Allow) %SystemRoot%\System32\mmc.exe
FirewallRules: [ScanManagement-WSD-Out-TCP] => (Allow) %SystemRoot%\System32\mmc.exe
FirewallRules: [{BF0C5732-8921-4BBB-AE8C-A004A0CCF907}] => (Allow) LPort=6160
FirewallRules: [UDP Query User{3D32746E-60F7-48DA-A5DB-B340E12E7726}C:\sleek bill\libj\launch4j-tmp\sleek bill.exe] => (Allow) C:\sleek bill\libj\launch4j-tmp\sleek bill.exe
FirewallRules: [TCP Query User{DC4C6CBF-DC87-4ABB-B1EE-4DAAACC439F9}C:\sleek bill\libj\launch4j-tmp\sleek bill.exe] => (Allow) C:\sleek bill\libj\launch4j-tmp\sleek bill.exe
FirewallRules: [{5C440A1E-84C9-4DEB-B719-6BB983C0B21E}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{9CA2AAA8-FB31-41A6-A9FD-8ACCEAEDC087}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [UDP Query User{C719FA1B-7C94-4B02-B4E9-DD709A2CF9EF}C:\program files\connectify\connectify.exe] => (Allow) C:\program files\connectify\connectify.exe
FirewallRules: [TCP Query User{79E52ECA-0F4F-4AD3-AE0D-FA25D5375029}C:\program files\connectify\connectify.exe] => (Allow) C:\program files\connectify\connectify.exe
FirewallRules: [{E6A010AD-4E6B-413D-881A-6EF04BB78040}] => (Allow) C:\Sleek Bill\libj\launch4j-tmp\Sleek Bill.exe
FirewallRules: [{0C3F8872-8CBD-49A4-AA39-75C9E149BE55}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{FB137191-74C2-473D-8B56-33CAA7BD57C2}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{BCDAC286-4EED-4083-BAED-8F8B6235313F}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{90B1C7D3-0EEA-40FF-8A3E-D927D598357F}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{98223CC5-8A63-4B9A-8C4F-7B2491DE9EFB}] => (Allow) C:\Program Files\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe
FirewallRules: [{4F535D31-0A4A-4DF2-8BDD-7D7BF8E2E2C5}] => (Allow) C:\Program Files\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe
FirewallRules: [UDP Query User{C0F271AE-7D82-44A9-BC4E-623AC9A89C0F}C:\program files\tencent\qqintl\bin\qq.exe] => (Allow) C:\program files\tencent\qqintl\bin\qq.exe
FirewallRules: [TCP Query User{1D0304CA-616B-4FBF-A134-B851653CEBFE}C:\program files\tencent\qqintl\bin\qq.exe] => (Allow) C:\program files\tencent\qqintl\bin\qq.exe
FirewallRules: [{0720D1C5-B975-4CE4-9D41-07E43A2B9D74}] => (Allow) C:\Program Files\Common Files\Tencent\QQDownload\119\Tencentdl.exe
FirewallRules: [{08E9010C-F86D-43AA-9A29-9355EE8AE307}] => (Allow) C:\Program Files\Common Files\Tencent\QQDownload\119\Tencentdl.exe
FirewallRules: [{6EF40A6D-7114-4EB9-B76D-E4092F7504C8}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{29958CDE-889A-4C49-BCB7-5F700ABB6D46}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{28FA090E-A1E3-4B41-B9E9-B718AD10C79C}] => (Allow) C:\Program Files\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{B894C000-A397-4C0A-BF8B-7A0D0FD93DA6}] => (Allow) C:\Program Files\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{485E2369-CDD4-4968-A5A3-8BF42A2AEFFE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{9D1704ED-BE27-4D72-8C0E-7EFD2029B53A}] => (Allow) C:\Program Files\Epson Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{672B7E15-C1EE-486D-A18B-1D88C2470092}] => (Allow) C:\Program Files\Epson Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{7E509AD1-287C-4EA4-8E20-180944311CEB}] => (Allow) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{9D9DC8E6-AEEB-45AF-8FC5-3DFE180EA265}] => (Allow) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{1179E8AB-4165-4850-8340-361C8F652C27}] => (Allow) C:\Users\MJ\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\EpsonNetSetup\Data\ENEasyApp.exe
FirewallRules: [{DD3D9905-A4C1-4D34-95E1-8A6E48F7C480}] => (Allow) C:\Users\MJ\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\EpsonNetSetup\Data\ENEasyApp.exe
FirewallRules: [{4E25D963-A668-4519-ABB4-8C5C29081750}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [UDP Query User{0C2C5D70-AD8D-483D-B35D-3A0674BC210B}C:\program files\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [TCP Query User{EF6AE64A-D276-4520-84AF-8AFAAD251A7F}C:\program files\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [UDP Query User{BEDA9382-E27B-4CD1-8CFF-FC7606D4C9CF}C:\windows\system32\dwm.exe] => (Allow) C:\windows\system32\dwm.exe
FirewallRules: [TCP Query User{97D0EF9B-9E69-4439-916B-BCDAD41A459F}C:\windows\system32\dwm.exe] => (Allow) C:\windows\system32\dwm.exe
FirewallRules: [UDP Query User{8955A679-E9E6-4441-B1D3-10CDC779B372}C:\users\mj\desktop\locales\printer drivers\lbp3010_3018_3050_r150_v110_w32_uk_en_1\setup.exe] => (Allow) C:\users\mj\desktop\locales\printer drivers\lbp3010_3018_3050_r150_v110_w32_uk_en_1\setup.exe
FirewallRules: [TCP Query User{D51D925E-5889-4AFD-99A5-92DBFAEA40C0}C:\users\mj\desktop\locales\printer drivers\lbp3010_3018_3050_r150_v110_w32_uk_en_1\setup.exe] => (Allow) C:\users\mj\desktop\locales\printer drivers\lbp3010_3018_3050_r150_v110_w32_uk_en_1\setup.exe
FirewallRules: [{FFE0B238-9244-4963-85EB-4BDBB6A3B66A}] => (Allow) C:\Users\MJ\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{C3D98502-D7C9-472B-9412-62C1B79D36D0}] => (Allow) C:\Users\MJ\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{681C3CB7-AAEC-4A28-A853-644EE2823A31}] => (Allow) C:\Users\MJ\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{A76FF20F-A3C3-428E-A555-90C0D133811C}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{FE97ACA5-FD48-4D14-B28B-7BFF3CB93906}] => (Allow) C:\Users\MJ\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{88D407E3-020A-497D-9E9C-494A80C37679}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D7D52D97-3425-4C7E-A5DD-9E3668CC3698}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BB8B1FF6-CC6D-4F58-A9DA-BAED5ECF436A}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{81BCE683-3811-4DE5-A32E-30B9E0237B0C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{1CA11E59-BB81-476B-AF1E-D32C9DE108FC}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{500B720C-50FC-465B-A17D-D0DE7303ED91}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BF294677-BFC9-4D53-A948-F173A560DB85}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{65D0AAE3-52C1-4EE9-9AC6-9A1DB7F6C981}C:\program files\teamviewer\teamviewer.exe] => (Allow) C:\program files\teamviewer\teamviewer.exe
FirewallRules: [UDP Query User{FC479AC3-2439-4E42-956F-5C983F0D1191}C:\program files\teamviewer\teamviewer.exe] => (Allow) C:\program files\teamviewer\teamviewer.exe
FirewallRules: [{959B83BA-6AAC-4CE8-BDD5-A7E496B7FDC2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E903CCC4-D4D6-4C49-9C80-4314FF3D029F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C205D6A7-87C9-4CD8-8F63-EDE033542EF3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{73AB6923-E1BB-40FD-B307-A2EC977C5E34}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{657C45B2-3B50-461C-8BF6-2D444DFEEB10}C:\users\mj\appdata\local\temp\rarsfx1\x32\pcsftool.exe] => (Allow) C:\users\mj\appdata\local\temp\rarsfx1\x32\pcsftool.exe
FirewallRules: [UDP Query User{C441C698-E1AA-45E1-926A-36B067745BEB}C:\users\mj\appdata\local\temp\rarsfx1\x32\pcsftool.exe] => (Allow) C:\users\mj\appdata\local\temp\rarsfx1\x32\pcsftool.exe
FirewallRules: [{D0D68881-7B03-4895-8CAD-623C46B48D67}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{4CA6CF17-38FB-4BFD-B67B-E083078CF7BF}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{7CCF2C7B-9EFE-414A-A14F-E0891C8B25E0}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{C5312C88-8A78-4E3A-8841-5F568E25B7BC}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{015E98E9-28BA-4C3F-9025-EEBDF8EF4306}] => (Allow) C:\Sleek Bill\libj\launch4j-tmp\Sleek Bill.exe
FirewallRules: [{8FD2B791-7EE7-42BE-B896-FDD1F81B0790}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{C1FE3782-69BE-4BD1-8052-B3A43FF74BFA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{D0596D8A-B657-4985-9E4D-2BA75BDEBDAE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{EC69D9B4-46D2-4685-89F5-9DC6A2EE1684}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{539170BB-6FBD-46CB-8CB9-69DBD9466CE6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{A0FDA569-1E4D-4BF9-B051-8DA165D31590}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [UDP Query User{8CACEDC6-5C6E-4047-964E-0D662137E469}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [{B356BBA8-1A07-4D9F-8592-A84B7DA69127}] => (Allow) C:\Program Files\SAMSUNG\Easy Document Creator\EDC.exe
FirewallRules: [{F662E6F6-31EA-4324-916D-A3B25268F404}] => (Allow) C:\Program Files\SAMSUNG\Easy Document Creator\EDC.exe
FirewallRules: [{2B9216DF-708E-406C-AACE-50EDDC3A5FA8}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe
FirewallRules: [{C5C98BE0-858D-47EC-B09F-AFF1C7EF43A5}] => (Block) %ProgramFiles%\Wondershare\MobileGo\MobileGo.exe

==================== Restore Points =========================

27-03-2017 10:46:56 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/06/2017 10:32:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: avguard.exe, version: 15.0.25.170, time stamp: 0x58c8088c
Faulting module name: avipc.dll, version: 15.0.25.161, time stamp: 0x58b98873
Exception code: 0xc0000409
Fault offset: 0x0000bac0
Faulting process id: 0x2300
Faulting application start time: 0x01d2ae92f7dc2671
Faulting application path: C:\Program Files\Avira\Antivirus\avguard.exe
Faulting module path: c:\program files\avira\antivirus\avipc.dll
Report Id: 3900aac3-f87f-4a9b-a953-935485ff86c1
Faulting package full name: 
Faulting package-relative application ID:

Error: (04/06/2017 10:32:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: avguard.exe, version: 15.0.25.170, time stamp: 0x58c8088c
Faulting module name: avipc.dll, version: 15.0.25.161, time stamp: 0x58b98873
Exception code: 0xc0000409
Fault offset: 0x0000bac0
Faulting process id: 0x2440
Faulting application start time: 0x01d2ae92e788c44e
Faulting application path: C:\Program Files\Avira\Antivirus\avguard.exe
Faulting module path: c:\program files\avira\antivirus\avipc.dll
Report Id: f459bd0c-3337-426d-9eab-4de6c11d8fa8
Faulting package full name: 
Faulting package-relative application ID:

Error: (04/06/2017 10:31:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: sched.exe, version: 15.0.24.143, time stamp: 0x58385be1
Faulting module name: KERNELBASE.dll, version: 10.0.14393.953, time stamp: 0x58ba586d
Exception code: 0xc06d007f
Fault offset: 0x000c24f2
Faulting process id: 0x1c04
Faulting application start time: 0x01d2ae92ea089907
Faulting application path: C:\Program Files\Avira\Antivirus\sched.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 2b5e7cc5-621f-4230-b537-fd4343a35c1c
Faulting package full name: 
Faulting package-relative application ID:

Error: (04/06/2017 10:31:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: sched.exe, version: 15.0.24.143, time stamp: 0x58385be1
Faulting module name: KERNELBASE.dll, version: 10.0.14393.953, time stamp: 0x58ba586d
Exception code: 0xc06d007f
Fault offset: 0x000c24f2
Faulting process id: 0x2438
Faulting application start time: 0x01d2ae92e788c487
Faulting application path: C:\Program Files\Avira\Antivirus\sched.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 70731e2a-a2c3-4ab0-9b85-8763714a7d05
Faulting package full name: 
Faulting package-relative application ID:

Error: (04/06/2017 10:29:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: avguard.exe, version: 15.0.25.170, time stamp: 0x58c8088c
Faulting module name: ntdll.dll, version: 10.0.14393.479, time stamp: 0x58256cad
Exception code: 0xc0000005
Fault offset: 0x00045dd1
Faulting process id: 0x970
Faulting application start time: 0x01d2ae923c3a6384
Faulting application path: C:\Program Files\Avira\Antivirus\avguard.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 67ea9972-f084-419f-8a15-7431c6f68a2b
Faulting package full name: 
Faulting package-relative application ID:

Error: (04/06/2017 10:27:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: sched.exe, version: 15.0.24.143, time stamp: 0x58385be1
Faulting module name: KERNELBASE.dll, version: 10.0.14393.953, time stamp: 0x58ba586d
Exception code: 0xc06d007f
Fault offset: 0x000c24f2
Faulting process id: 0x890
Faulting application start time: 0x01d2ae923c012889
Faulting application path: C:\Program Files\Avira\Antivirus\sched.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: b46b3767-bb0c-4faf-aeee-41a7faf87a28
Faulting package full name: 
Faulting package-relative application ID:

Error: (04/04/2017 03:04:28 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\EPSON Software\Download Navigator\EPSDNLMW64.EXE".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/04/2017 02:51:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: avguard.exe, version: 15.0.25.170, time stamp: 0x58c8088c
Faulting module name: avipc.dll, version: 15.0.25.161, time stamp: 0x58b98873
Exception code: 0xc0000409
Fault offset: 0x0000bac0
Faulting process id: 0x1cb0
Faulting application start time: 0x01d2ad24c526eccf
Faulting application path: C:\Program Files\Avira\Antivirus\avguard.exe
Faulting module path: c:\program files\avira\antivirus\avipc.dll
Report Id: 28526e13-aba8-4f25-9e71-35917382eb8b
Faulting package full name: 
Faulting package-relative application ID:

Error: (04/04/2017 02:50:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: avguard.exe, version: 15.0.25.170, time stamp: 0x58c8088c
Faulting module name: ntdll.dll, version: 10.0.14393.479, time stamp: 0x58256cad
Exception code: 0xc0000005
Fault offset: 0x00045dd1
Faulting process id: 0x22e8
Faulting application start time: 0x01d2ad249454e7d7
Faulting application path: C:\Program Files\Avira\Antivirus\avguard.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 21a8d37a-8cd7-4b46-a088-433044ff2f4f
Faulting package full name: 
Faulting package-relative application ID:

Error: (04/04/2017 02:50:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: sched.exe, version: 15.0.24.143, time stamp: 0x58385be1
Faulting module name: KERNELBASE.dll, version: 10.0.14393.953, time stamp: 0x58ba586d
Exception code: 0xc06d007f
Fault offset: 0x000c24f2
Faulting process id: 0x250c
Faulting application start time: 0x01d2ad24a6308a7b
Faulting application path: C:\Program Files\Avira\Antivirus\sched.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: a20c5460-36b9-488a-be71-0228d8b4be28
Faulting package full name: 
Faulting package-relative application ID:


System errors:
=============
Error: (04/06/2017 10:32:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Avira Real-Time Protection service terminated unexpectedly.  It has done this 3 time(s).

Error: (04/06/2017 10:32:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avira Real-Time Protection service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (04/06/2017 10:31:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Avira Scheduler service terminated unexpectedly.  It has done this 3 time(s).

Error: (04/06/2017 10:31:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avira Scheduler service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (04/06/2017 10:31:53 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/06/2017 10:31:51 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avira Real-Time Protection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (04/06/2017 10:31:51 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avira Scheduler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (04/06/2017 10:31:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Avira Web Protection service depends on the Avira Real-Time Protection service which failed to start because of the following error: 
The operation completed successfully.

Error: (04/06/2017 10:31:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Avira Mail Protection service depends on the Avira Real-Time Protection service which failed to start because of the following error: 
The operation completed successfully.

Error: (04/06/2017 10:29:00 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Avira Scheduler service hung on starting.


CodeIntegrity:
===================================
  Date: 2017-04-01 11:24:10.080
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-01 11:24:10.020
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-25 11:06:56.247
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-01-25 11:06:56.069
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 80%
Total physical RAM: 2997.85 MB
Available physical RAM: 585.85 MB
Total Virtual: 6289.85 MB
Available Virtual: 3190.14 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.17 GB) (Free:20.9 GB) NTFS
Drive e: () (Fixed) (Total:223.01 GB) (Free:178.2 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 000D4BD7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=74.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=829 MB) - (Type=27)
Partition 4: (Not Active) - (Size=223 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

 

 

Share this post


Link to post
Share on other sites

Post #: 2   Posted

Please, observe following rules:

  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

 

=====================================

What are the issues?

 

user posted image Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Double click on downloaded setup.exe file to install the program.
  • Click on Start Scan button.
  • Click on another Start Scan button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
user posted image Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
user posted image Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.


user posted image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Share this post


Link to post
Share on other sites

Post #: 3   Posted

System seems to be running slow,consuming more memory.

Would share the logs soon.

Thank You.

 

 

Share this post


Link to post
Share on other sites

Post #: 4   Posted

Share this post


Link to post
Share on other sites

Post #: 5   Posted

# AdwCleaner v6.045 - Logfile created 11/04/2017 at 17:20:13
# Updated on 28/03/2017 by Malwarebytes
# Database : 2017-04-10.2 [Server]
# Operating System : Windows 10 Pro  (X86)
# Username : MJ - MJ-PC
# Running from : E:\MJ1\Systems & Mobile Softwares\System Softwares\AV Tools\AdwCleaner.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder deleted: C:\Users\MJ\AppData\Local\VirtualStore\Program Files\Tencent
[-] Folder deleted: C:\Users\MJ\AppData\Roaming\Tencent
[-] Folder deleted: C:\Users\Public\Documents\Tencent
[-] Folder deleted: C:\Program Files\Common Files\Tencent


***** [ Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

[-] Key deleted: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\Software\Classes\Tencent
[#] Key deleted on reboot: HKCU\Software\Classes\Tencent
[-] Key deleted: HKLM\SOFTWARE\Classes\metnsd
[-] Key deleted: HKLM\SOFTWARE\Classes\Tencent
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\qq.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\wx.qq.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\en.mail.qq.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\qq.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\en.mail.qq.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\qq.com
[-] Value deleted: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\Software\Microsoft\Windows\CurrentVersion\Run [QQ2009]
[-] Value deleted: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [QQ2009]
[-] Value deleted: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04112017170111982\Software\Microsoft\Windows\CurrentVersion\Run [QQ2009]
[-] Value deleted: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04112017170111982\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [QQ2009]
[#] Value deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [QQ2009]
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Key deleted: HKLM\SOFTWARE\MozillaPlugins\@qq.com/TXSSO
[-] Key deleted: HKLM\SOFTWARE\MozillaPlugins\@qq.com/npqscall
[-] Key deleted: HKLM\SOFTWARE\MozillaPlugins\@qq.com/npchrome


***** [ Web browsers ] *****

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [5241 Bytes] - [19/01/2016 13:05:28]
C:\AdwCleaner\AdwCleaner[C2].txt - [3190 Bytes] - [23/01/2016 16:05:15]
C:\AdwCleaner\AdwCleaner[C3].txt - [3786 Bytes] - [11/04/2017 17:20:13]
C:\AdwCleaner\AdwCleaner[S1].txt - [4939 Bytes] - [19/01/2016 13:01:40]
C:\AdwCleaner\AdwCleaner[S2].txt - [2943 Bytes] - [23/01/2016 16:00:14]
C:\AdwCleaner\AdwCleaner[S3].txt - [4102 Bytes] - [11/04/2017 17:15:10]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [4078 Bytes] ##########
 

Share this post


Link to post
Share on other sites

Post #: 6   Posted

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 10 Pro x86 
Ran by MJ (Administrator) on 14-Apr-17 at 13:45:16.14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 3 

Failed to delete: C:\ProgramData\576475 (Folder) 
Successfully deleted: C:\Program Files\mozilla firefox\defaults\pref\itms.js (File) 
Successfully deleted: C:\Users\MJ\AppData\Roaming\productdata (Folder) 

Registry: 3 

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{BFD9D8A8-57FF-488A-B919-065EC77CF82F} (Registry Value) 
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{BFD9D8A8-57FF-488A-B919-065EC77CF82F} (Registry Value) 


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14-Apr-17 at 13:49:08.57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Share this post


Link to post
Share on other sites

Post #: 7   Posted

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 4/11/17
Scan Time: 4:28 PM
Logfile: MBAM Report.txt
Administrator: Yes

-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.96
Update Package Version: 1.0.1704
License: Premium

-System Information-
OS: Windows 10
CPU: x86
File System: NTFS
User: MJ-PC\MJ

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 405113
Time Elapsed: 25 min, 45 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 1
PUP.Optional.Privoxy, C:\PROGRAM FILES\PSP2CLNT\SERVICE\PSP2CLNT.EXE, Quarantined, [319], [352443],1.0.1704

Module: 1
PUP.Optional.Privoxy, C:\PROGRAM FILES\PSP2CLNT\SERVICE\PSP2CLNT.EXE, Quarantined, [319], [352443],1.0.1704

Registry Key: 5
PUP.Optional.Privoxy, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\pSP2clnt, Quarantined, [319], [352443],1.0.1704
PUP.Optional.Privoxy, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Quarantined, [319], [-1],0.0.0
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\IOBIT\Advanced SystemCare, Quarantined, [1412], [380349],1.0.1704
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\IOBIT\ASC, Quarantined, [1412], [380350],1.0.1704
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\IOBIT\ASCU, Quarantined, [1412], [380350],1.0.1704

Registry Value: 5
PUP.Optional.Privoxy, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Removal Failed, [319], [-1],0.0.0
PUP.Optional.Privoxy, HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [319], [-1],0.0.0
PUP.Optional.Privoxy, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Removal Failed, [319], [-1],0.0.0
PUP.Optional.Privoxy, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [319], [-1],0.0.0
PUP.Optional.Privoxy, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PSP2CLNT|IMAGEPATH, Quarantined, [319], [352448],1.0.1704

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 22
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\Advanced SystemCare\Homepage Protection, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\Advanced SystemCare\Startup Manager, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\Advanced SystemCare\smBootTime, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\Advanced SystemCare\Log, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\PROGRAMDATA\IObit\Advanced SystemCare, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\PROGRAMDATA\IObit\ASCDownloader, Quarantined, [1412], [380336],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Users\MJ\AppData\Roaming\IObit\Advanced SystemCare\Startup Manager\ShortcutPublic, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Users\MJ\AppData\Roaming\IObit\Advanced SystemCare\Startup Manager\Shortcut, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Users\MJ\AppData\Roaming\IObit\Advanced SystemCare\Homepage Protection, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Users\MJ\AppData\Roaming\IObit\Advanced SystemCare\ProgramDeactivator, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Users\MJ\AppData\Roaming\IObit\Advanced SystemCare\LogBackupboottime, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Users\MJ\AppData\Roaming\IObit\Advanced SystemCare\Startup Manager, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Users\MJ\AppData\Roaming\IObit\Advanced SystemCare\LogBackup, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Users\MJ\AppData\Roaming\IObit\Advanced SystemCare\Backup, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Users\MJ\AppData\Roaming\IObit\Advanced SystemCare\Log, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\USERS\MJ\APPDATA\ROAMING\IObit\Advanced SystemCare, Quarantined, [1412], [380335],1.0.1704
Trojan.Boaxxe, C:\USERS\MJ\APPDATA\LOCAL\UVmedia, Quarantined, [50], [313871],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\COMMON FILES\IOBIT\ADVANCED SYSTEMCARE, Quarantined, [1412], [380333],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Program Files\IObit\Advanced SystemCare\Update, Quarantined, [1412], [380334],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\Advanced SystemCare, Quarantined, [1412], [380334],1.0.1704
PUP.Optional.Privoxy, C:\Program Files\pSP2Clnt\service, Quarantined, [319], [352443],1.0.1704
PUP.Optional.Privoxy, C:\PROGRAM FILES\PSP2CLNT, Quarantined, [319], [352443],1.0.1704

File: 46
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\Advanced SystemCare\Homepage Protection\ASCService.log, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\Advanced SystemCare\Homepage Protection\homepage.log, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\Advanced SystemCare\smBootTime\smBootTime.ini, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\Advanced SystemCare\Startup Manager\boottime.dat, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\Advanced SystemCare\Startup Manager\disableRate.db, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\Advanced SystemCare\Startup Manager\discription.db, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\Advanced SystemCare\Startup Manager\mainData.dat, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\Advanced SystemCare\AntivirusConfig.ini, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\Advanced SystemCare\AscService.ini, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\Advanced SystemCare\HealthLevel.ini, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\Advanced SystemCare\ReinforceData.ini, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\Advanced SystemCare\Startup.ini, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\ASCDownloader\ASCU_Setup.exe, Quarantined, [1412], [380336],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\ASCDownloader\ASCU_Setup.exe.dat, Quarantined, [1412], [380336],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\ASCDownloader\Downloader.log, Quarantined, [1412], [380336],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\ASCDownloader\Update.upt, Quarantined, [1412], [380336],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\ASCDownloader\Update.upt.dat, Quarantined, [1412], [380336],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Users\MJ\AppData\Roaming\IObit\Advanced SystemCare\Homepage Protection\prefs.js.2016-07-04(12-33-52-741).old, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Users\MJ\AppData\Roaming\IObit\Advanced SystemCare\Homepage Protection\prefs.js.2016-07-04(12-33-52-747).new, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Users\MJ\AppData\Roaming\IObit\Advanced SystemCare\Log\ASCLog-2016-07-04(15-21-07).txt, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Users\MJ\AppData\Roaming\IObit\Advanced SystemCare\Log\ASCLog-2016-07-05(17-35-09).txt, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Users\MJ\AppData\Roaming\IObit\Advanced SystemCare\Log\ASCLog-2016-07-06(13-51-04).txt, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Users\MJ\AppData\Roaming\IObit\Advanced SystemCare\Log\ASCLog-2016-07-06(17-10-47).txt, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Users\MJ\AppData\Roaming\IObit\Advanced SystemCare\Log\ASCLog-2016-07-07(15-02-25).txt, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Users\MJ\AppData\Roaming\IObit\Advanced SystemCare\ProgramDeactivator\myAutoDisable.ini, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Users\MJ\AppData\Roaming\IObit\Advanced SystemCare\Startup Manager\config.ini, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Users\MJ\AppData\Roaming\IObit\Advanced SystemCare\Startup Manager\delayEx.ini, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Users\MJ\AppData\Roaming\IObit\Advanced SystemCare\Startup Manager\delStartups.ini, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Users\MJ\AppData\Roaming\IObit\Advanced SystemCare\Startup Manager\main.ini, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Users\MJ\AppData\Roaming\IObit\Advanced SystemCare\Startup Manager\SMLog.txt, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Users\MJ\AppData\Roaming\IObit\Advanced SystemCare\ASCTray.log, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Users\MJ\AppData\Roaming\IObit\Advanced SystemCare\Ignore.ini, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Users\MJ\AppData\Roaming\IObit\Advanced SystemCare\Main.ini, Quarantined, [1412], [380335],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Users\MJ\AppData\Roaming\IObit\Advanced SystemCare\PFilterkey.dbd, Quarantined, [1412], [380335],1.0.1704
Trojan.Boaxxe, C:\Users\MJ\AppData\Local\UVmedia\strong.dll.idx, Quarantined, [50], [313871],1.0.1704
Trojan.Boaxxe, C:\Users\MJ\AppData\Local\UVmedia\strong.idx, Quarantined, [50], [313871],1.0.1704
Trojan.Boaxxe, C:\Users\MJ\AppData\Local\UVmedia\{2D8121FA-4D22-16C1-480E-1B642BBDACD5}, Quarantined, [50], [313871],1.0.1704
Trojan.Boaxxe, C:\Users\MJ\AppData\Local\UVmedia\{4E1BBB6C-5CCE-7D6F-C3D5-F1583CAB3A3A}, Quarantined, [50], [313871],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Program Files\Common Files\IObit\Advanced SystemCare\AppAV.bk, Quarantined, [1412], [380333],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Program Files\Common Files\IObit\Advanced SystemCare\EApp-AV.bk, Quarantined, [1412], [380333],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Program Files\Common Files\IObit\Advanced SystemCare\Ext-AV.dat, Quarantined, [1412], [380333],1.0.1704
PUP.Optional.AdvancedSystemCare, C:\Program Files\Common Files\IObit\Advanced SystemCare\License-AV.dat, Quarantined, [1412], [380333],1.0.1704
RiskWare.Tool.CK, C:\PROGRAM FILES\BEYOND COMPARE 4\KEYGEN.EXE, Quarantined, [248], [33379],1.0.1704
Adware.ICLoader, C:\$RECYCLE.BIN\S-1-5-21-2807340434-1949843575-1337704626-1000\$RWTWXFR.RAR, Quarantined, [598], [380316],1.0.1704
RiskWare.DontStealOurSoftware, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Replaced, [644], [353143],1.0.1704
PUP.Optional.Privoxy, C:\PROGRAM FILES\PSP2CLNT\SERVICE\PSP2CLNT.EXE, Quarantined, [319], [352443],1.0.1704

Physical Sector: 0
(No malicious items detected)


(end)

Share this post


Link to post
Share on other sites

Post #: 8   Posted

RogueKiller V12.10.3.0 [Apr  3 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.14393) 32 bits version
Started in : Normal mode
User : MJ [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller.exe
Mode : Delete -- Date : 04/10/2017 17:27:06 (Duration : 19:36:58)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 12 ¤¤¤
[PUP.Gen1] HKEY_CLASSES_ROOT\CLSID\{03766B5E-BD09-44db-8F92-510517AC2155} (C:\Program Files\Tencent\QQIntl\Bin\AppCom.dll) -> Deleted
[PUP.Gen1] HKEY_CLASSES_ROOT\CLSID\{192751BF-2639-487D-B97E-67EFFFC62822} (C:\Program Files\Tencent\QQIntl\Bin\TXPFProxy.dll) -> Deleted
[PUP.Gen1] HKEY_CLASSES_ROOT\CLSID\{1B7F37B4-2CBC-4548-AE26-1B3916F9F607} (C:\Program Files\Tencent\QQIntl\Bin\AppCom.dll) -> Deleted
[PUP.Gen1] HKEY_CLASSES_ROOT\CLSID\{23752AA7-CAD7-40C2-99EE-7A9CD3C20C6D} (C:\PROGRA~1\Tencent\QQIntl\Bin\CPHelper.dll) -> Deleted
[PUP.Gen1] HKEY_CLASSES_ROOT\CLSID\{2B647183-37B6-4EFE-9128-B4D30AD06C44} (C:\Program Files\Tencent\QQIntl\Bin\AppCom.dll) -> Deleted
[PUP.Gen1] HKEY_CLASSES_ROOT\CLSID\{37086F34-1C2B-4282-A09E-8E0A7EF2A8F0} (C:\Program Files\Tencent\QQIntl\Bin\AppCom.dll) -> Deleted
[PUP.Gen0] HKEY_CLASSES_ROOT\CLSID\{A43DE495-3D00-47d4-9D2C-303115707939} ("C:\Program Files\Wondershare\MobileGo\URLReqService.exe") -> Deleted
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{4ea0dcdf-94ff-4c78-80bf-0851ac42ef7d} | DhcpNameServer : 59.179.243.70 203.54.243.70 ([-][Australia])  -> Replaced ()
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {1179E8AB-4165-4850-8340-361C8F652C27} : v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\MJ\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\EpsonNetSetup\Data\ENEasyApp.exe|Name=EpsonNet Setup| [x] -> Deleted
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {DD3D9905-A4C1-4D34-95E1-8A6E48F7C480} : v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\MJ\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\EpsonNetSetup\Data\ENEasyApp.exe|Name=EpsonNet Setup| [x] -> Deleted
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{657C45B2-3B50-461C-8BF6-2D444DFEEB10}C:\users\mj\appdata\local\temp\rarsfx1\x32\pcsftool.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\users\mj\appdata\local\temp\rarsfx1\x32\pcsftool.exe|Name=pcsftool.exe|Desc=pcsftool.exe|Defer=User| [x] -> Deleted
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{C441C698-E1AA-45E1-926A-36B067745BEB}C:\users\mj\appdata\local\temp\rarsfx1\x32\pcsftool.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\users\mj\appdata\local\temp\rarsfx1\x32\pcsftool.exe|Name=pcsftool.exe|Desc=pcsftool.exe|Defer=User| [x] -> Deleted

¤¤¤ Tasks : 1 ¤¤¤
[Suspicious.Path] \Internet Download Manager module -- C:\ProgramData\IDM\IDMGrHlp.exe -> Deleted

¤¤¤ Files : 4 ¤¤¤
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Tencent QQ.lnk [LNK@] C:\PROGRA~1\Tencent\QQIntl\Bin\QQ.exe -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Tencent QQ.lnk [LNK@] C:\PROGRA~1\Tencent\QQIntl\Bin\QQ.exe -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent -> Removed at reboot [91]
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\IM\1033 -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\IM -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\Logs\QQ.tlg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\Logs\QQ.tlg.1 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\Logs\QQ.tlg.2 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\Logs\QQExternal.tlg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\Logs\QQSetupEx.tlg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\Logs\qq_setup.log -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\Logs\regsvr32.tlg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\Logs\Timwp.tlg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\Logs\txupd.tlg -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\Logs -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\AuTemp\3320844760\cfg.db -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\AuTemp\3320844760\dr.db -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\AuTemp\3320844760\drtemp.db -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\AuTemp\3320844760\NewUpd -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\AuTemp\3320844760 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\AuTemp\TJNQXMD27%${{%FG2F_B_0K\AUStat.ini -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\AuTemp\TJNQXMD27%${{%FG2F_B_0K -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\AuTemp -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\commonf_inst\TXSSOSetup.exe -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\commonf_inst -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\2574629567 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ActiveXWhiteList -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\3GMobileQQ10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\3GMobileQQ14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\3GMobileQQ20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\3GMobileQQAway10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\3GMobileQQAway20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\android40.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\BMW10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\BMW12.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\BMW14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\BMW20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\ClientType.zip -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\Default40.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\HRTX10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\HRTX14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\HRTX20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\HRTXAway10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\HRTXAway20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\HRTXBusy10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\HRTXBusy20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\ipad12.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\ipad14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\ipad20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\ipad40.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\ipadPush12.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\ipadPush20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\iPadQQ10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\iPadQQ14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\iPadQQ20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\iPadQQOffline10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\iPadQQOffline14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\iPadQQOffline20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\iphone40.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\iPhoneHRTX10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\iPhoneHRTX14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\iPhoneHRTX20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\iPhoneHRTXPush10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\iPhoneHRTXPush20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\iPhoneQQ10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\iPhoneQQ14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\iPhoneQQ20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\iPhoneQQPush10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\iPhoneQQPush20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\MacQQ10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\MacQQ12.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\MacQQ14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\MacQQ20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\MacQQPush12.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\MacQQPush20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\mac_normal.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\MobileQQ.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\MobileQQ10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\MobileQQ13.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\MobileQQ14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\MobileQQ20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\MobileQQAway20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\MobileQQBusy20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\MobileQQOffline10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\MobileQQOffline20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\MobileQQPush10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\MobileQQPush13.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\MobileQQPush20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\MQQ10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\MQQ12.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\MQQ14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\MQQ20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\pad40.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PadQQ10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PadQQ14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PadQQ20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PadQQAway10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PadQQAway20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PadQQOffline10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PadQQOffline14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PadQQOffline20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\pc40.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PCQQ.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PCQQaway10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PCQQAway20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PCQQBusy10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PCQQBusy20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PCQQInvisible10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PCQQInvisible20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PCQQMute10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PCQQMute20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PCQQQme10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PCQQQme20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\Phone10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\Phone12.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\Phone14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\Phone20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PhoneAway10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PhoneAway10ForDaren.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PhoneAway20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PhoneAway20ForDaren.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PhoneBusy10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PhoneBusy10ForDaren.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PhoneBusy20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PhoneBusy20ForDaren.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PhoneForDaren10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PhoneForDaren14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PhoneForDaren20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PhonePush10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PhonePush12.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\PhonePush20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\qqcam10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\qqcam14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\qqcam20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\tim12.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\tim14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\tim20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\timPush12.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\timPush20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\TIMQQ10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\TIMQQ14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\TIMQQ20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\TIMQQPush10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\TIMQQPush14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\TIMQQPush20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\tv40.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\TVQQ10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\TVQQ14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\TVQQ20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\WapMobileQQ10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\WapMobileQQ20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\Watch10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\Watch12.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\Watch14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\Watch20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\WebQQ10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\WebQQ14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\WebQQ20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\WebQQAway10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\WebQQAway20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\WebQQBusy20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\WebQQMute20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\WebQQQme20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\WeiXin10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\WeiXin14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\WeiXin20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\WeiXinPush10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\WeiXinPush20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\win840.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\Win8QQ10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\Win8QQ20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType\winphone40.png -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\ClientType -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\blog\blank.htm -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\blog\css\qzBlank.css -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\blog\css -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\blog\icon.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\blog\index.htm -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\blog\script\editor.js -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\blog\script\portal_editor.js -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\blog\script -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\blog -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\bg.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\bg_current.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\bg_pop.jpg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\border_l.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\border_r.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\delete_hover.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\delete_normal.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\editor\editor_icon_v2.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\editor\expression_bg.jpg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\editor\expression_layer.jpg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\editor\expression_menu_page.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\editor\gb_editor.css -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\editor\icon.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\editor\qzfl.css -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\editor\qzfl_client_tip.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\editor\tips.png -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\editor -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\css\default.css -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\css\default.gif -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\css -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e100.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e101.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e102.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e103.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e104.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e105.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e106.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e107.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e108.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e109.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e110.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e111.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e112.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e113.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e114.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e115.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e116.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e117.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e118.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e119.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e120.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e121.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e122.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e123.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e124.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e125.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e126.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e127.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e128.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e129.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e130.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e131.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e132.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e133.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e134.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e135.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e136.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e137.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e138.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e139.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e140.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e141.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e142.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e143.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e144.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e145.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e146.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e147.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e148.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e149.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e150.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e151.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e152.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e153.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e154.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e155.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e156.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e157.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e158.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e159.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e160.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e161.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e162.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e163.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e164.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e165.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e166.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e167.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e168.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e169.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e170.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e171.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e172.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e173.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e174.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e175.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e176.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e177.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e178.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e179.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e180.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e181.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e182.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e183.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e184.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e185.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e186.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e187.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e188.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e189.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e190.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e191.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e192.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e193.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e194.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e195.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e196.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e197.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e198.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e199.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e200.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e201.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e202.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e203.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\e204.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\theme\default.css -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\theme\default.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\theme\default.js -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em\theme -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\em -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\global_mini_portal.css -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\loading.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\miniportal_hint.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\mini_portal.css -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\mode_bg.jpg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\mode_edit_blog.jpg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\mod_notepad.jpg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\mod_notepad_op.jpg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\notepad.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\notepad_bg.jpg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\notepad_tools.jpg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\photo_default.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\qzone.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\qzone_img.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css\vip_icon_2.png -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\css -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\icon.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\script\common.js -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\script\qzfl.js -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common\script -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\common -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\notepad\blank.htm -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\notepad\css\qzBlank.css -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\notepad\css -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\notepad\icon.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\notepad\index.htm -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\notepad\right.htm -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\notepad\script\main.js -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\notepad\script\portal_editor.js -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\notepad\script -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\notepad -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\photo\icon.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\photo\index.htm -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\photo\mini_insert.html -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\photo\script\mini_select_photo.js -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\photo\script\photo_logic.js -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\photo\script\swfobject.js -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\photo\script\upload.js -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\photo\script -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\photo\swf\playerProductInstall.swf -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\photo\swf\QzoneUploader.swf -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\photo\swf -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage\photo -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone\qzonepackage -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.qzone -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.weather\CityInfo\CityList.xml -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.weather\CityInfo -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.weather -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\FileIcons\FileIcons.zip -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\FileIcons\icon_excel.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\FileIcons\icon_excel_small.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\FileIcons\icon_Image.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\FileIcons\icon_InputText.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\FileIcons\icon_InputText_small.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\FileIcons\icon_music.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\FileIcons\icon_music_small.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\FileIcons\icon_PPT.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\FileIcons\icon_PPT_small.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\FileIcons\icon_rar.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\FileIcons\icon_rar_small.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\FileIcons\icon_txt_raw.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\FileIcons\icon_txt_small.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\FileIcons\icon_video.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\FileIcons\icon_video_small.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\FileIcons\icon_word.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\FileIcons\icon_word_small.png -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\FileIcons -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\Frame\1\FrameIcon.zip -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\Frame\1\highlightFrame.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\Frame\1\qqappcenterlicense -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\Frame\1 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\Frame\4\FrameIcon.zip -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\Frame\4\highlightFrame.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\Frame\4\QQPhoneMgrLicense -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\Frame\4 -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\Frame -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\SDK\20\AdbTools.dll -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\SDK\20\AndroidAssist.dll -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\SDK\20\SDK.zip -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\SDK\20 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\SDK\3\AndroidAssist.dll -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\SDK\3\SDK.zip -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\SDK\3 -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless\SDK -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\com.tencent.wireless -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\CSC\1033\13\1 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\CSC\1033\13\10 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\CSC\1033\13\4 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\CSC\1033\13\5 -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\CSC\1033\13 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\CSC\1033\14\3 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\CSC\1033\14\6 -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\CSC\1033\14 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\CSC\1033\2\2 -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\CSC\1033\2 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\CSC\1033\7\11 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\CSC\1033\7\4 -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\CSC\1033\7 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\CSC\1033\9\10 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\CSC\1033\9\13 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\CSC\1033\9\17 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\CSC\1033\9\18 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\CSC\1033\9\9 -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\CSC\1033\9 -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\CSC\1033 -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\CSC -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1002.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1034.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1035.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1036.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1037.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1038.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1039.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1040.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1041.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1042.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1043.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1044.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1045.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1046.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1047.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1048.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1049.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1050.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1051.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1053.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1054.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1055.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1057.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1058.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1059.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1060.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1061.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1062.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\1063.pic -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN\Storage.lnn -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LNN -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LoginTemp\EB2CA77E8DA4DB0A49550F5DF62ED5CB -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\LoginTemp -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\10_color.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\10_gray.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\11_color.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\11_gray.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\12_color.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\12_gray.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\13_color.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\13_gray.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\14_color.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\14_gray.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\15_color.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\15_gray.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\16_color.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\16_gray.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\17_color.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\17_gray.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\18_color.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\18_gray.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\19_color.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\19_gray.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\1_color.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\1_gray.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\2_color.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\2_gray.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\3_color.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\3_gray.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\4_color.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\4_gray.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\5_color.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\5_gray.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\6_color.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\6_gray.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\7_color.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\7_gray.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\8_color.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\8_gray.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\9_color.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\9_gray.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\StoreFace\10278_gray.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\StoreFace\10548_gray.png -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\StoreFace -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig\tabiconconfig.json -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc\QQFaceConfig -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Misc -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\QQFace\OperationPath\1000.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\QQFace\OperationPath\1001.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\QQFace\OperationPath\1002.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\QQFace\OperationPath\1014.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\QQFace\OperationPath\1017.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\QQFace\OperationPath\1022.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\QQFace\OperationPath\1024.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\QQFace\OperationPath\1027.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\QQFace\OperationPath\1028.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\QQFace\OperationPath\1029.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\QQFace\OperationPath\1030.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\QQFace\OperationPath\1034.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\QQFace\OperationPath\1040.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\QQFace\OperationPath\1042.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\QQFace\OperationPath\1070.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\QQFace\OperationPath\1071.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\QQFace\OperationPath\1072.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\QQFace\OperationPath\1073.gif -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\QQFace\OperationPath\1074.gif -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\QQFace\OperationPath -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\QQFace -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\rdo.cache -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\SafeBase\qqsafeud.exe -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\SafeBase\tseh.dat -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\SafeBase\tssafeedit.dat -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\SafeBase -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\STemp\BackupDLTmp\Download\MiniQTUpdate.exe -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\STemp\BackupDLTmp\Download\P2PSetup.exe -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\STemp\BackupDLTmp\Download\QQPhotoDrawExSetupForQQ.exe -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\STemp\BackupDLTmp\Download\QzoneMusicInstall.exe -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\STemp\BackupDLTmp\Download\VideoMsgInstall.exe -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\STemp\BackupDLTmp\Download\VideoShowPlayerInstall.exe -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\STemp\BackupDLTmp\Download -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\STemp\BackupDLTmp -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\STemp\SetupEx~0\QQSetupEx.exe -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\STemp\SetupEx~0\vqqsdl.dll -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\STemp\SetupEx~0 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\STemp\Uninstall\47.83.0.4819.0\QQ.msi -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\STemp\Uninstall\47.83.0.4819.0\Uninstall.xml -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\STemp\Uninstall\47.83.0.4819.0 -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\STemp\Uninstall -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\STemp -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Temp\Mso\)OV34`SCP{7~WR1}(2(D_ST.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Temp\Mso\291ON)R}3OY4LHCCC_$7X]J.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Temp\Mso\6VAP[52I]K}{~3[68@2PIXM.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Temp\Mso\O_AF{PJAA[UELI$MA~@Z]D1.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Temp\Mso\T[OMJ)V~_DA]NMS[F2ZKSTB.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Temp\Mso\XGS~T_IXFVHLF4K{CX[F99O.png -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Temp\Mso -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\Temp -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\webkit_cache\2574629567\_QQ\data_0 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\webkit_cache\2574629567\_QQ\data_1 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\webkit_cache\2574629567\_QQ\data_2 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\webkit_cache\2574629567\_QQ\data_3 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\webkit_cache\2574629567\_QQ\f_000001 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\webkit_cache\2574629567\_QQ\index -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\webkit_cache\2574629567\_QQ -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\webkit_cache\2574629567 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ\webkit_cache\Cookies -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ\webkit_cache -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\3GMobileQQ10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\3GMobileQQ14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\3GMobileQQ20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\3GMobileQQAway10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\3GMobileQQAway20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\iPhoneQQ10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\iPhoneQQ14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\iPhoneQQ20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\iPhoneQQPush10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\iPhoneQQPush20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\MobileQQ10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\MobileQQ13.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\MobileQQ14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\MobileQQ20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\MobileQQAway20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\MobileQQBusy20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\MobileQQPush10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\MobileQQPush13.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\MobileQQPush20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\MQQ10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\MQQ14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\MQQ20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\PadQQ10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\PadQQ14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\PadQQ20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\PadQQAway10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\PadQQAway20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\PCQQaway10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\PCQQAway20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\PCQQBusy10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\PCQQBusy20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\PCQQInvisible10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\PCQQInvisible20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\PCQQMute10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\PCQQMute20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\PCQQQme10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\PCQQQme20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\TVQQ10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\TVQQ14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\TVQQ20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\WapMobileQQ10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\WapMobileQQ20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\WebQQ10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\WebQQ14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\WebQQ20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\WebQQAway10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\WebQQAway20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\WebQQBusy20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\WebQQMute20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\WebQQQme20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\WeiXin10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\WeiXin14.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\WeiXin20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\WeiXinPush10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\WeiXinPush20.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\Win8QQ10.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType\Win8QQ20.png -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc\ClientType -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Misc -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_16\main.jpg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_16\preview.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_16\themeconfig.xml -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_16 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_17\main.jpg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_17\preview.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_17\themeconfig.xml -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_17 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_18\main.jpg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_18\preview.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_18\themeconfig.xml -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_18 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_19\main.jpg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_19\preview.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_19\themeconfig.xml -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_19 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_20\main.jpg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_20\preview.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_20\themeconfig.xml -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_20 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_21\main.jpg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_21\preview.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_21\themeconfig.xml -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_21 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_22\main.jpg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_22\preview.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_22\themeconfig.xml -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_22 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_23\main.jpg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_23\preview.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_23\themeconfig.xml -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_23 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_24\main.jpg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_24\preview.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_24\themeconfig.xml -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_24 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_25\main.jpg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_25\preview.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_25\themeconfig.xml -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_25 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_26\main.jpg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_26\preview.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_26\themeconfig.xml -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_26 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_27\main.jpg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_27\preview.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_27\themeconfig.xml -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_27 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_28\main.jpg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_28\preview.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_28\themeconfig.xml -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_28 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_29\main.jpg -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_29\preview.png -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_29\themeconfig.xml -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system\1.45_29 -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins\system -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009\Skins -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\QQ2009 -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\TXSSO\SetupLogs\nsis.log -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\TXSSO\SetupLogs\setuplog.log -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\TXSSO\SetupLogs -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\TXSSO\SSOConfig\AppDB\_TSA_QQ\_SID_1\_UIN_0\txssoappcf.db -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\TXSSO\SSOConfig\AppDB\_TSA_QQ\_SID_1\_UIN_0 -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\TXSSO\SSOConfig\AppDB\_TSA_QQ\_SID_1 -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\TXSSO\SSOConfig\AppDB\_TSA_QQ -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\TXSSO\SSOConfig\AppDB -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\TXSSO\SSOConfig\GlobleDB\_SID_0\_UIN_0\txssogbcf.db -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\TXSSO\SSOConfig\GlobleDB\_SID_0\_UIN_0\txssogbcf2.db -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\TXSSO\SSOConfig\GlobleDB\_SID_0\_UIN_0\txssogbcfgt.db -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\TXSSO\SSOConfig\GlobleDB\_SID_0\_UIN_0 -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\TXSSO\SSOConfig\GlobleDB\_SID_0 -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\TXSSO\SSOConfig\GlobleDB -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\TXSSO\SSOConfig -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\TXSSO\SSOTemp -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\TXSSO -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\Users\2574629567\IM\CustomFaceCache\hash_1.dat -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\Users\2574629567\IM\CustomFaceCache -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\Users\2574629567\IM -> Deleted
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\Users\2574629567\QQ\Cache.db -> Removed at reboot [20]
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\Users\2574629567\QQ\Misc.db -> Removed at reboot [20]
[PUP.Gen1][File] C:\Users\MJ\AppData\Roaming\Tencent\Users\2574629567\QQ\WinTemp\)[7A47ZEFAHY8KT8`{22R$P.tmp -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\Users\2574629567\QQ\WinTemp\com.tencent.filetransfer -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\Users\2574629567\QQ\WinTemp -> Deleted
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\Users\2574629567\QQ -> Removed at reboot [91]
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\Users\2574629567 -> Removed at reboot [91]
[PUP.Gen1][Folder] C:\Users\MJ\AppData\Roaming\Tencent\Users -> Removed at reboot [91]
[PUP.Gen1][Folder] C:\Program Files\Tencent -> Removed at reboot [91]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\af.xml.txd -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\app.xml.txd -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\ABL.sys -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\AddEmotion.htm -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\AddrSearch.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\AdvVideoDev.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\AFBase.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\AFCtrl.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\AFUtil.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\AppCom.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\AppFramework.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\Applaunch.prf -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\AppMisc.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\AppUtil.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\arkEngine.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\arkFS.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\arkGraphic.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\arkHTTP.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\arkImage.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\arkIOStub.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\arkIPC.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\arkModule.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\arkScript.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\arkShell.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\arkXML.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\Auvqqsdl.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\avcodec-53.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\avformat-53.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\avutil-51.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\bugreport.exe -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\Camera.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\ChatFrameApp.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\Common.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\ConfigCenter.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\ContactInfoFrame.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\ContactMgr.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\CPHelper.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\CustomFace.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\Extract.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\FacePackageDll.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\FlashService.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\GF.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\GroupApp.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\HummerEngine.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\icudt.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\IM.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\InformationBox.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\iobitdownloader.exe -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\IPC.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\jgImage.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\jsonc.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\KernelMisc.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\KernelUtil.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\libcef.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\libcurl.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\libexpat.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\libexpatw.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\libjpegturbo.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\libpng.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\LICENSE\bsdiff -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\LICENSE\chromium -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\LICENSE\dmg_fp -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\LICENSE\dynamic_annotations -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\LICENSE\google-url -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\LICENSE\icu -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\LICENSE\libvpx -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\LICENSE\lzma -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\LICENSE\modp_b64 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\LICENSE\nspr -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\LICENSE\protobuf-lite -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\LICENSE\speex -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\LICENSE\xdg_user_dirs -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Bin\LICENSE -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\locales\zh-CN.pak -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Bin\locales -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\LoginPanel.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\LongCnn.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\lua.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\MainFrame.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\MsgMgr.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\msvcp60.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\OPIEModule.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\OPWebKitClient.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\OPWebKitClientProxyPS.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\OPWebKitCtrl.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\PBL.sys -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\PluginCommon.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\plugins\NP_GFControl.dll -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Bin\plugins -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\PreloginLogic.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\ProcessSession.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\QInterLive.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\QQ.exe -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\QQApp.exe -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\QQExternal.exe -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\QQPI.exe -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\QQService.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\RequestHost.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\RHComm.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\RICHED20.DLL -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\SCCore.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\SetupEx\QQSetupEx.exe -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\SetupEx\vqqsdl.dll -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Bin\SetupEx -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\SkinMgr.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\sqlite.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\StorageTool.exe -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\SystemMsg.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\TaskTray.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\TcVpxDec.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\TcVpxEnc.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\Tencentdl.exe -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\Timwp.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\Timwp.exe -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\tinyxml.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\TNProxy.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\TSEH.DAT -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\TSIP.DAT -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\TSSafeEdit.dat -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\TXPFProxy.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\TXPlatform.exe -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\TXSSO\bin\npSSOAxCtrlForPTLogin.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\TXSSO\bin\SSOCommon.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\TXSSO\bin\SSOLUIControl.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\TXSSO\bin\SSOPlatform.dll -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Bin\TXSSO\bin -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\TXSSO\I18N\2052\PGFStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\TXSSO\I18N\2052\SSOStringBundle.xml -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Bin\TXSSO\I18N\2052 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\TXSSO\I18N\SSOConfig.xml -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Bin\TXSSO\I18N -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Bin\TXSSO -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\UtilGif.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\vi.dat -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\VQQProto.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\vqqsdl.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\VQQTrace.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\WebKitCtrl.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\XFQueryResource.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\xGraphic32.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\xImage.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\xplatformex.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\XVEngine.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Bin\zlib.dll -> Removed at reboot [5]
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Bin -> Removed at reboot [20]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\common.xml.txd -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\gf-config-postlogin.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\gf-config.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1028\AFPreLoadStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1028\AFStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1028\BaseStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1028\BaseUrlBundle.xml.enc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1028\CommonString.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1028\CommonUrlBundle.xml.enc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1028\CustomFaceShortcut.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1028\DGM.dat -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1028\FingerStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1028\FontList.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1028\GFStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1028\GroupLayer.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1028\I18NBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1028\I18NUrlBundle.xml.enc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1028\LangList.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1028\LocList.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1028\PGFStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1028\PreLoadStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1028\StringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1028\tradelist.dat -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1028\UrlBundle.xml.enc -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\I18N\1028 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1031\AFPreLoadStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1031\AFStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1031\BaseStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1031\BaseUrlBundle.xml.enc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1031\CommonString.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1031\CommonUrlBundle.xml.enc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1031\CustomFaceShortcut.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1031\DGM.dat -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1031\FingerStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1031\FontList.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1031\GFStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1031\GroupLayer.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1031\I18NBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1031\I18NUrlBundle.xml.enc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1031\LangList.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1031\LocList.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1031\PGFStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1031\PreLoadStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1031\StringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1031\tradelist.dat -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1031\UrlBundle.xml.enc -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\I18N\1031 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1033\AFPreLoadStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1033\AFStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1033\BaseStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1033\BaseUrlBundle.xml.enc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1033\CommonString.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1033\CommonUrlBundle.xml.enc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1033\CustomFaceShortcut.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1033\DGM.dat -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1033\FingerStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1033\FontList.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1033\GFStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1033\GroupLayer.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1033\I18NBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1033\I18NUrlBundle.xml.enc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1033\LangList.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1033\LocList.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1033\PGFStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1033\PreLoadStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1033\StringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1033\tradelist.dat -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1033\UrlBundle.xml.enc -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\I18N\1033 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1036\AFPreLoadStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1036\AFStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1036\BaseStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1036\BaseUrlBundle.xml.enc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1036\CommonString.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1036\CommonUrlBundle.xml.enc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1036\CustomFaceShortcut.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1036\DGM.dat -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1036\FingerStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1036\FontList.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1036\GFStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1036\GroupLayer.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1036\I18NBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1036\I18NUrlBundle.xml.enc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1036\LangList.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1036\LocList.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1036\PGFStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1036\PreLoadStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1036\StringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1036\tradelist.dat -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1036\UrlBundle.xml.enc -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\I18N\1036 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1041\AFPreLoadStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1041\AFStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1041\BaseStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1041\BaseUrlBundle.xml.enc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1041\CommonString.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1041\CommonUrlBundle.xml.enc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1041\CustomFaceShortcut.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1041\DGM.dat -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1041\FingerStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1041\FontList.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1041\GFStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1041\GroupLayer.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1041\I18NBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1041\I18NUrlBundle.xml.enc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1041\LangList.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1041\LocList.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1041\PGFStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1041\PreLoadStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1041\StringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1041\tradelist.dat -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1041\UrlBundle.xml.enc -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\I18N\1041 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1042\AFPreLoadStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1042\AFStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1042\BaseStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1042\BaseUrlBundle.xml.enc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1042\CommonString.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1042\CommonUrlBundle.xml.enc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1042\CustomFaceShortcut.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1042\DGM.dat -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1042\FingerStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1042\FontList.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1042\GFStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1042\GroupLayer.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1042\I18NBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1042\I18NUrlBundle.xml.enc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1042\LangList.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1042\LocList.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1042\PGFStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1042\PreLoadStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1042\StringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1042\tradelist.dat -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\1042\UrlBundle.xml.enc -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\I18N\1042 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\3082\AFPreLoadStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\3082\AFStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\3082\BaseStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\3082\BaseUrlBundle.xml.enc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\3082\CommonString.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\3082\CommonUrlBundle.xml.enc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\3082\CustomFaceShortcut.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\3082\DGM.dat -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\3082\FingerStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\3082\FontList.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\3082\GFStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\3082\GroupLayer.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\3082\I18NBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\3082\I18NUrlBundle.xml.enc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\3082\LangList.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\3082\LocList.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\3082\PGFStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\3082\PreLoadStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\3082\StringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\3082\tradelist.dat -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\3082\UrlBundle.xml.enc -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\I18N\3082 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\config1028.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\config1031.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\config1033.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\config1036.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\config1041.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\config1042.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\I18N\config3082.xml -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\I18N -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\kernel.xml.txd -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\1\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\1\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\1\7 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\10\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\11\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\11 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\13\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\13\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\13\2 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\13\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\13\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\13\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\13\7 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\13\8 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\13 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\14\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\14\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\14\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\14\6 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\14 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\2\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\2\2 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\2 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\3\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\4\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\5\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\5\2 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\7\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\7\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\7\11 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\7\13 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\7\14 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\7\15 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\7\16 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\7\17 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\7\18 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\7\2 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\7\20 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\7\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\7\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\7\6 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\7 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\8\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\8\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\8\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\8\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\8\6 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\8 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\9\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\9\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\9\12 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\9\13 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\9\15 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\9\17 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\9\18 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\9\19 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\9\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\9\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\9\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\9\6 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\9\7 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\9\8 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\9\9 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028\9 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1028 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\1\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\1\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\1\7 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\10\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\11\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\11 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\13\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\13\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\13\2 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\13\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\13\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\13\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\13\7 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\13\8 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\13 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\14\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\14\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\14\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\14\6 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\14 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\2\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\2\2 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\2 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\3\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\4\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\5\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\5\2 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\7\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\7\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\7\11 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\7\13 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\7\14 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\7\15 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\7\16 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\7\17 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\7\18 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\7\2 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\7\20 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\7\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\7\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\7\6 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\7 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\8\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\8\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\8\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\8\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\8\6 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\8 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\9\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\9\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\9\12 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\9\13 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\9\15 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\9\17 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\9\18 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\9\19 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\9\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\9\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\9\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\9\6 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\9\7 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\9\8 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\9\9 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031\9 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1031 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\1\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\1\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\1\7 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\10\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\11\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\11 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\13\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\13\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\13\2 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\13\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\13\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\13\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\13\7 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\13\8 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\13 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\14\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\14\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\14\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\14\6 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\14 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\2\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\2\2 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\2 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\3\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\4\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\5\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\5\2 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\11 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\13 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\14 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\15 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\16 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\17 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\18 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\2 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\20 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\6 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\8\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\8\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\8\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\8\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\8\6 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\8 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\12 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\13 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\15 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\17 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\18 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\19 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\6 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\7 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\8 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\9 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1033 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\1\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\1\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\1\7 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\10\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\11\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\11 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\13\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\13\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\13\2 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\13\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\13\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\13\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\13\7 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\13\8 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\13 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\14\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\14\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\14\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\14\6 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\14 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\2\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\2\2 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\2 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\3\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\4\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\5\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\5\2 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\7\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\7\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\7\11 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\7\13 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\7\14 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\7\15 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\7\16 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\7\17 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\7\18 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\7\2 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\7\20 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\7\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\7\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\7\6 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\7 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\8\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\8\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\8\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\8\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\8\6 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\8 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\9\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\9\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\9\12 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\9\13 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\9\15 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\9\17 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\9\18 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\9\19 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\9\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\9\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\9\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\9\6 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\9\7 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\9\8 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\9\9 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\9 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1036 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\1\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\1\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\1\7 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\10\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\11\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\11 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\13\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\13\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\13\2 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\13\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\13\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\13\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\13\7 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\13\8 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\13 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\14\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\14\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\14\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\14\6 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\14 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\2\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\2\2 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\2 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\3\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\4\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\5\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\5\2 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\7\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\7\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\7\11 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\7\13 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\7\14 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\7\15 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\7\16 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\7\17 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\7\18 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\7\2 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\7\20 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\7\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\7\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\7\6 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\7 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\8\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\8\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\8\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\8\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\8\6 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\8 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\9\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\9\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\9\12 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\9\13 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\9\15 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\9\17 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\9\18 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\9\19 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\9\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\9\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\9\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\9\6 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\9\7 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\9\8 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\9\9 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041\9 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1041 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\1\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\1\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\1\7 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\10\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\11\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\11 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\13\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\13\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\13\2 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\13\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\13\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\13\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\13\7 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\13\8 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\13 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\14\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\14\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\14\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\14\6 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\14 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\2\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\2\2 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\2 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\3\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\4\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\5\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\5\2 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\7\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\7\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\7\11 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\7\13 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\7\14 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\7\15 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\7\16 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\7\17 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\7\18 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\7\2 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\7\20 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\7\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\7\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\7\6 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\7 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\8\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\8\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\8\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\8\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\8\6 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\8 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\9\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\9\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\9\12 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\9\13 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\9\15 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\9\17 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\9\18 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\9\19 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\9\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\9\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\9\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\9\6 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\9\7 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\9\8 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\9\9 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042\9 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\1042 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\1\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\1\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\1\7 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\10\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\11\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\11 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\13\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\13\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\13\2 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\13\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\13\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\13\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\13\7 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\13\8 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\13 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\14\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\14\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\14\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\14\6 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\14 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\2\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\2\2 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\2 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\3\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\4\1 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\5\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\5\2 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\7\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\7\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\7\11 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\7\13 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\7\14 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\7\15 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\7\16 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\7\17 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\7\18 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\7\2 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\7\20 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\7\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\7\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\7\6 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\7 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\8\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\8\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\8\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\8\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\8\6 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\8 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\9\1 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\9\10 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\9\12 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\9\13 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\9\15 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\9\17 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\9\18 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\9\19 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\9\3 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\9\4 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\9\5 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\9\6 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\9\7 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\9\8 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\9\9 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082\9 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC\3082 -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\CSC -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\LNNEsc\defaultTips\tips.html -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\LNNEsc\defaultTips\Tips_I_back2.bmp -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\LNNEsc\defaultTips -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\LNNEsc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\Sound\Classic\Audio.wav -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\Sound\Classic\Global.wav -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\Sound\Classic\msg.wav -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\Sound\Classic\shake.wav -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\Sound\Classic\system.wav -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Misc\Sound\Classic\tweet.wav -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\Sound\Classic -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc\Sound -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Misc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\platform1028.tpc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\platform1031.tpc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\platform1033.tpc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\platform1036.tpc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\platform1041.tpc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\platform1042.tpc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\platform3082.tpc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\bin\anyvision.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\bin\audioengine.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\bin\audioengine32.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\bin\AudioVideo.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\bin\fm.dat -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\bin\GIPSVoiceEngineDLL.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\bin\GIPSVoiceEngineDLL_MD.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\bin\haar_face_1.dat -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\bin\IntelDec.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\bin\IntelEnc.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\bin\MediaEngine.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\bin\Qpl.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\bin\RoomEngine.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\bin\SessionLogic.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\bin\TRAE.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\bin\VCodec.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\bin\VideoDevice.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\bin\VP8.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\bin\VQQ2.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\bin\VqqAllInOne.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\bin\VQQConv2.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\bin\VQQGroup.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\bin\VQQTrace2.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\bin\xplatform.dll -> Removed at reboot [5]
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\bin -> Removed at reboot [91]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\Bundle.rdb -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\Misc\GAudio_Call.wav -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\Misc\GAudio_Receive.wav -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\Misc\SoundTest.wav -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\Misc\VideoShow_Countdown.wav -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\Misc\VideoShow_TakePic.wav -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo\Misc -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.AudioVideo -> Removed at reboot [91]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.FileTransfer\Bin\FileTransfer.dll -> Removed at reboot [5]
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.FileTransfer\Bin -> Removed at reboot [91]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.FileTransfer\Bundle.rdb -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.FileTransfer -> Removed at reboot [91]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Graffito\Bin\Graffito.dll -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Graffito\Bin -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Graffito\Bundle.rdb -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Graffito -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Mail\Bin\Mail.dll -> Removed at reboot [5]
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Mail\Bin -> Removed at reboot [91]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Mail\Bundle.rdb -> Removed at reboot [20]
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Mail -> Removed at reboot [91]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Memo\Bin\Memo.dll -> Removed at reboot [5]
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Memo\Bin -> Removed at reboot [91]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Memo\Bundle.rdb -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Memo -> Removed at reboot [91]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.NetDisk\Bin\DiskLite.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.NetDisk\Bin\NetDisk.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.NetDisk\Bin\TXFTNActiveX.dll -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.NetDisk\Bin -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.NetDisk\Bundle.rdb -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.NetDisk\gf-config.xml -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.NetDisk -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\Bin\FlashPlayer.exe -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\Bin\Qzone.dll -> Removed at reboot [5]
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\Bin -> Removed at reboot [91]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\Bundle.rdb -> Removed at reboot [20]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer\common.xml.txd -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer\FlashPlayer.tpc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer\gf-config.xml.txd -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer\I18N\1028\GFStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer\I18N\1028\StringBundle.xml -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer\I18N\1028 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer\I18N\1033\GFStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer\I18N\1033\StringBundle.xml -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer\I18N\1033 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer\I18N\2052\GFStringBundle.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer\I18N\2052\StringBundle.xml -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer\I18N\2052 -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer\I18N\config.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer\I18N\StringState.xml -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer\I18N -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer\Res.rdb -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer\Xtml\flashplayerwnd.xml.gmd -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer\Xtml -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\Misc\qzonepackage\blog -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\Misc\qzonepackage\common -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\Misc\qzonepackage\notepad -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\Misc\qzonepackage\photo -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\Misc\qzonepackage -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\Misc -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone -> Removed at reboot [91]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.RemoteControl\Bin\Base.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.RemoteControl\Bin\Capture.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.RemoteControl\Bin\CaptureHelper.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.RemoteControl\Bin\Media.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.RemoteControl\Bin\Net.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.RemoteControl\Bin\RemoteControl.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.RemoteControl\Bin\RemoteProxy.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.RemoteControl\Bin\Remoting.dll -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.RemoteControl\Bin -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.RemoteControl\Bundle.rdb -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.RemoteControl -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.RemoteHelp\Bin\RemoteHelp.dll -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.RemoteHelp\Bin\RHCommV.dll -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.RemoteHelp\Bin -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.RemoteHelp\Bundle.rdb -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.RemoteHelp\Misc\desktop_view.cur -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.RemoteHelp\Misc -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.RemoteHelp -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.SNSApp\Bin\SNSApp.dll -> Removed at reboot [5]
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.SNSApp\Bin -> Removed at reboot [91]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.SNSApp\Bundle.rdb -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.SNSApp -> Removed at reboot [91]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.VAS\bin\TRCloudInputLib.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.VAS\bin\VAS.dll -> Removed at reboot [5]
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.VAS\bin -> Removed at reboot [91]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.VAS\Bundle.rdb -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.VAS -> Removed at reboot [91]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.WBlog\Bin\WBKernel.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.WBlog\Bin\WBlog.dll -> Removed at reboot [5]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.WBlog\Bin\WBMisc.dll -> Removed at reboot [5]
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.WBlog\Bin -> Removed at reboot [91]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.WBlog\Bundle.rdb -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.WBlog -> Removed at reboot [91]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Weather\Bin\Weather.dll -> Removed at reboot [5]
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Weather\Bin -> Removed at reboot [91]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Weather\Bundle.rdb -> Removed at reboot [20]
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Weather -> Removed at reboot [91]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Winks\bin\Winks.dll -> Removed at reboot [5]
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Winks\bin -> Removed at reboot [91]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Winks\Bundle.rdb -> Removed at reboot [20]
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Winks -> Removed at reboot [91]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Wireless\Bin\Wireless.dll -> Removed at reboot [5]
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Wireless\Bin -> Removed at reboot [91]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Wireless\Bundle.rdb -> Removed at reboot [20]
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Wireless -> Removed at reboot [91]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\pluginList.db -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Plugin\pluginlist.tpc.txd -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Plugin -> Removed at reboot [91]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\QQLicense.txt -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\QQUninst.exe -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\QQWhatsnew.txt -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Resource.1.91.1369\Data.rdb -> Removed at reboot [20]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Resource.1.91.1369\Res.rdb -> Removed at reboot [20]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Resource.1.91.1369\Themes\Default.rdb -> Removed at reboot [20]
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Resource.1.91.1369\Themes -> Removed at reboot [91]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Resource.1.91.1369\Xtml1028.rdb -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Resource.1.91.1369\Xtml1031.rdb -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Resource.1.91.1369\Xtml1033.rdb -> Removed at reboot [20]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Resource.1.91.1369\Xtml1036.rdb -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Resource.1.91.1369\Xtml1041.rdb -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Resource.1.91.1369\Xtml1042.rdb -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Resource.1.91.1369\Xtml3082.rdb -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl\Resource.1.91.1369 -> Removed at reboot [91]
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Timwp.xml.txd -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Timwp_gf.tpc -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\txupd.exe -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\Uninstall.xml -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\xgui.xml.txd -> Deleted
[PUP.Gen1][File] C:\Program Files\Tencent\QQIntl\???QQ???.txt -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Tencent\QQIntl -> Removed at reboot [91]

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 3 ¤¤¤
[PUM.Proxy][Firefox:Config] vgs1o0m9.default : user_pref("network.proxy.http", "115.113.174.21"); -> Deleted
[PUM.Proxy][Firefox:Config] vgs1o0m9.default : user_pref("network.proxy.http_port", 80); -> Deleted
[PUM.Proxy][Firefox:Config] vgs1o0m9.default : user_pref("network.proxy.type", 4); -> Replaced (0)

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS543232A7A384 +++++
--- User ---
[MBR] 2a175174618f49d9556c2b7c2814db67
[BSP] 707cb0c4b0505c793e56e8f9fe5eaac5 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 75949 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 155752448 | Size: 829 MB
3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 157451304 | Size: 228363 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

Share this post


Link to post
Share on other sites

Post #: 9   Posted

Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

  • Double click to run it.
  • Make sure you checkmark Addition.txt box.
  • Press Scan button.
  • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.

Share this post


Link to post
Share on other sites

Post #: 10   Posted

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-04-2017
Ran by MJ (administrator) on MJ-PC (20-04-2017 10:21:44)
Running from E:\MJ1\Systems & Mobile Softwares\System Softwares
Loaded Profiles: MJ (Available Profiles: MJ & .NET v4.5 & DefaultAppPool & .NET v4.5 Classic)
Platform: Microsoft Windows 10 Pro Version 1607 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Code Sector) C:\Program Files\TeraCopy\TeraCopyService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\VPN\Avira.VpnService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
() C:\Program Files\Everything\Everything.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc.exe
(Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe
(Hewlett-Packard Company) C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Lenovo) C:\Program Files\Common Files\LENOVO\easyplussdk\bin\EPHotspot.exe
(IObit) C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SEIKO EPSON CORPORATION) C:\Program Files\epson\MyEpson Portal\mepService.exe
(Monotype Imaging Inc.) C:\Program Files\Monotype\SkyFonts\Monotype.SkyFonts.Service.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\wermgr.exe
(SEIKO EPSON CORPORATION) C:\Program Files\epson\MyEpson Portal\mep.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
() C:\Program Files\Everything\Everything.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
(Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
(Microsoft Corporation) C:\Windows\System32\MusNotification.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Apple Inc.) C:\Program Files\Apple Software Update\SoftwareUpdate.exe
(Secunia) C:\Program Files\Secunia\PSI\psia.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1051_none_230d5c666974907c\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [7545088 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1024256 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [CNAP2 Launcher] => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\CNAP2LAK.EXE [226784 2015-06-02] (CANON INC.)
HKLM\...\Run: [Bonus.SSR.FR12] => C:\Program Files\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1517088 2017-03-31] (ABBYY Production LLC.)
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [28336664 2017-04-06] (Dropbox, Inc.)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1390336 2015-11-24] ()
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [63432 2017-03-09] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [909744 2017-03-21] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Seagull Drivers] => ssdal_nc.exe startup
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3536064 2016-04-28] (Synaptics Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [483840 2017-03-28] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\Run: [Monotype SkyFonts System Extension] => C:\Program Files\Monotype\SkyFonts\SkyFonts.exe [2282448 2017-02-16] (Monotype Imaging Inc.)
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\Run: [Monotype SkyFonts Rack Up] => C:\Program Files\Monotype\SkyFonts\SFC.exe [26064 2017-02-16] (Monotype Imaging Inc.)
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\MountPoints2: {54762659-7f04-11e6-9500-9cb70dbb8b7e} - "F:\AutoRun.exe" 
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\MountPoints2: {5a4a1736-15a4-11e6-9499-9cb70dbb8b7e} - "F:\AutoRun.exe" 
HKU\S-1-5-18\...\Run: [Monotype SkyFonts System Extension] => C:\Program Files\Monotype\SkyFonts\SkyFonts.exe [2282448 2017-02-16] (Monotype Imaging Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2017-04-01]
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files\Wondershare\MobileGo\MobileGoService.exe (Wondershare)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2016-01-23]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
GroupPolicy: Restriction ? <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{91dcd243-38a7-49ed-8331-d8ba492bee96}: [DhcpNameServer] 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000 -> DefaultScope {442F256B-1A39-4415-B538-F81CA422699F} URL = hxxp://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000 -> {442F256B-1A39-4415-B538-F81CA422699F} URL = hxxp://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000 -> {A97D9458-8D22-4184-A0A0-CD79EEC909C9} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2016-12-11] (Internet Download Manager, Tonec Inc.)
BHO: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-23] (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll => No File
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-23] (Oracle Corporation)
Toolbar: HKLM - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll No File
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: vgs1o0m9.default
FF ProfilePath: C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\vgs1o0m9.default [2017-04-14]
FF NetworkProxy: Mozilla\Firefox\Profiles\vgs1o0m9.default -> ftp", "115.113.174.21"
FF NetworkProxy: Mozilla\Firefox\Profiles\vgs1o0m9.default -> ftp_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\vgs1o0m9.default -> socks", "115.113.174.21"
FF NetworkProxy: Mozilla\Firefox\Profiles\vgs1o0m9.default -> socks_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\vgs1o0m9.default -> ssl", "115.113.174.21"
FF NetworkProxy: Mozilla\Firefox\Profiles\vgs1o0m9.default -> ssl_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\vgs1o0m9.default -> type", 0
FF Extension: (Avira Browser Safety) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\vgs1o0m9.default\Extensions\abs@avira.com.xpi [2017-04-06]
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\vgs1o0m9.default\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-29]
FF Extension: (Self-Destructing Cookies) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\vgs1o0m9.default\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2017-03-29]
FF Extension: (One Click Proxy) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\vgs1o0m9.default\Extensions\jid0-zXo3XFGyiDalgkeEO4UYJTUwo2I@jetpack.xpi [2015-08-29]
FF Extension: (Adblock Plus) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\vgs1o0m9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-02-08]
FF Extension: (Site Deployment Checker) - C:\Program Files\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-04-07] [not signed]
FF HKLM\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2016-04-02] [not signed]
FF HKLM\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2017-01-13]
FF HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2017-01-26]
FF HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\MJ\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\MJ\AppData\Roaming\IDM\idmmzcc5 [2017-03-21] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_25_0_0_156.dll [2017-04-14] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1228198.dll [2017-02-27] (Adobe Systems, Inc.)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-01-19] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-01-19] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-01-19] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-01-19] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-23] (Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-03-06] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)

Chrome: 
=======
CHR Profile: C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default [2017-04-20]
CHR Extension: (Google Slides) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-18]
CHR Extension: (FlipShope) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\adikhbfjdbjkhelbdnffogkobkekkkej [2017-04-20]
CHR Extension: (Google Docs) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-18]
CHR Extension: (Google Drive) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]
CHR Extension: (YouTube) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Adblock Plus) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-27]
CHR Extension: (Foxit PDF Creator) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifnddnffldieaamihfkhkdgnbhfmaci [2017-03-12]
CHR Extension: (uBlock Origin) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-04-20]
CHR Extension: (FullContact for Gmail™) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnaibnehbbinoohhjafknihmlopdhhip [2017-04-03]
CHR Extension: (Google Search) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Find Big Mail) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlhfndmknegaiibciljinpmkhiakhhmp [2015-09-12]
CHR Extension: (Google Sheets) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-18]
CHR Extension: (Avira Browser Safety) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-03-12]
CHR Extension: (Google Docs Offline) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Inbox by Gmail) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkljgfmjocfalijkgoogmfffkhmkbgol [2016-06-30]
CHR Extension: (Save to Google Drive) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2015-07-19]
CHR Extension: (Skype) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-03-12]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-01-23]
CHR Extension: (Mailtrack for Gmail & Inbox: Email tracking) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2017-04-07]
CHR Extension: (IDM Integration Module) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-04-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-12]
CHR Extension: (Mixmax: Email Tracking, Templates, Mail Merge) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocpljaamllnldhepankaeljmeeeghnid [2017-04-20]
CHR Extension: (Gmail) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-18]
CHR Extension: (Chrome Media Router) - C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-13]
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2017-01-13]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2016-12-11]
CHR HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 ABBYY.Licensing.FineReader.Corporate.12.0; C:\Program Files\Common Files\ABBYY\FineReader\12.00\Licensing\CE\NetworkLicenseServer.exe [961744 2014-07-17] (ABBYY Production LLC)
S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [1115552 2017-03-21] (Avira Operations GmbH & Co. KG)
S2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [476736 2016-12-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [487432 2017-03-21] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1519136 2017-03-21] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [349560 2017-03-09] (Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files\Avira\VPN\Avira.VpnService.exe [316976 2017-03-20] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2560192 2017-03-26] (Microsoft Corporation)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-14] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-14] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42288 2017-04-06] (Dropbox, Inc.)
S4 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [595968 2016-08-02] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc.exe [126128 2012-05-17] (Seiko Epson Corporation)
R2 Everything; C:\Program Files\Everything\Everything.exe [1390336 2015-11-24] ()
R2 FoxitPhantomService; C:\Program Files\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe [1659080 2017-02-24] (Foxit Software Inc.)
R2 ftpsvc; C:\WINDOWS\system32\inetsrv\ftpsvc.dll [344576 2016-11-18] (Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
R2 Lenovo EasyPlus Hotspot; C:\Program Files\Common Files\LENOVO\easyplussdk\bin\EPHotspot.exe [509424 2015-06-08] (Lenovo)
R2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-12] (IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3303888 2017-01-20] (Malwarebytes)
R2 MyEpson Portal Service; C:\Program Files\EPSON\MyEpson Portal\mepService.exe [703696 2016-08-08] (SEIKO EPSON CORPORATION)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [263936 2015-06-24] (Realtek Semiconductor)
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1572056 2015-12-01] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [839384 2015-12-01] (Secunia)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [1887272 2016-11-18] (Microsoft Corporation)
S3 ShareItSvc; C:\Program Files\Lenovo\SHAREit\Shareit.Service.exe [33224 2016-04-15] (SHAREit Technologies Co.Ltd)
R2 SkyFontsService; C:\Program Files\Monotype\SkyFonts\Monotype.SkyFonts.Service.exe [59856 2017-02-16] (Monotype Imaging Inc.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [227504 2016-04-28] (Synaptics Incorporated)
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [72016 2017-01-31] (Code Sector)
S3 uSHAREitSvc; C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2016-09-23] (SHAREit Technologies Co.Ltd)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2017-03-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84928 2017-03-28] (Microsoft Corporation)
S2 WsAppService; C:\Program Files\Wondershare\WAF\2.2.0.5\WsAppService.exe [411648 2016-03-31] (Wondershare) [File not signed]
S3 WsDrvInst; C:\Program Files\Wondershare\MobileGo\DriverInstall.exe [116368 2016-05-26] (Wondershare)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\System32\drivers\athwn.sys [3228672 2016-07-16] (Qualcomm Atheros Communications, Inc.)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [124552 2016-12-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [152816 2016-12-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44208 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [66872 2016-04-04] (Avira Operations GmbH & Co. KG)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [521248 2016-06-26] (Qualcomm Atheros)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [109184 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [59904 2017-03-24] ()
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [108032 2013-12-10] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [316544 2013-12-10] (Huawei Technologies Co., Ltd.)
R1 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [161216 2017-04-11] (Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [96704 2017-04-11] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [39360 2017-04-11] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [220088 2017-04-20] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [73664 2017-04-11] (Malwarebytes)
R1 MpKsl1f66d340; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{15B44DF1-081C-490E-93DE-EE1FE24AE8FC}\MpKsl1f66d340.sys [39168 2017-04-20] (Microsoft Corporation)
R1 MpKsl7631fa9a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{15B44DF1-081C-490E-93DE-EE1FE24AE8FC}\MpKsl7631fa9a.sys [39168 2017-04-14] (Microsoft Corporation)
R1 MpKsle5170a4b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BBC017FB-CD90-46D3-B67F-3BEA6A09BF2E}\MpKsle5170a4b.sys [39168 2017-04-14] (Microsoft Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
R3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_x86.sys [16024 2015-12-01] (Secunia)
R3 RSPCIESTOR; C:\WINDOWS\system32\DRIVERS\RtsPStor.sys [256616 2012-03-29] (Realtek Semiconductor Corp.)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [494080 2016-07-16] (Realtek                                            )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [44216 2016-04-28] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [147072 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [161280 2016-07-16] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-14 15:00 - 2017-04-14 15:00 - 00000000 ____D C:\Users\MJ\AppData\Roaming\ProductData
2017-04-14 13:49 - 2017-04-14 13:49 - 00001181 _____ C:\Users\MJ\Desktop\JRT.txt
2017-04-12 17:29 - 2017-04-12 17:29 - 00017067 _____ C:\Users\MJ\Desktop\contacts sj.csv
2017-04-12 14:17 - 2017-03-28 11:37 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-04-12 14:17 - 2017-03-28 11:35 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-12 14:17 - 2017-03-28 11:34 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-04-12 14:17 - 2017-03-28 11:34 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-04-12 14:17 - 2017-03-28 11:34 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-04-12 14:17 - 2017-03-28 11:29 - 06667520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-12 14:17 - 2017-03-28 11:28 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-04-12 14:17 - 2017-03-28 11:22 - 01966944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-04-12 14:17 - 2017-03-28 11:16 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2017-04-12 14:17 - 2017-03-28 11:15 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2017-04-12 14:17 - 2017-03-28 11:12 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-12 14:17 - 2017-03-28 11:12 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-04-12 14:17 - 2017-03-28 11:10 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-04-12 14:17 - 2017-03-28 11:10 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-04-12 14:17 - 2017-03-28 11:09 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-04-12 14:17 - 2017-03-28 11:09 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-04-12 14:17 - 2017-03-28 11:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-04-12 14:17 - 2017-03-28 11:08 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-04-12 14:17 - 2017-03-28 11:08 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-04-12 14:17 - 2017-03-28 11:07 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-04-12 14:17 - 2017-03-28 11:07 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-04-12 14:17 - 2017-03-28 11:06 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-04-12 14:17 - 2017-03-28 11:06 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-04-12 14:17 - 2017-03-28 11:06 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-04-12 14:17 - 2017-03-28 11:05 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-04-12 14:17 - 2017-03-28 11:05 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-04-12 14:17 - 2017-03-28 11:05 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-04-12 14:17 - 2017-03-28 11:05 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2017-04-12 14:17 - 2017-03-28 11:05 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-04-12 14:17 - 2017-03-28 11:04 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-04-12 14:17 - 2017-03-28 11:04 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2017-04-12 14:17 - 2017-03-28 11:04 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-04-12 14:17 - 2017-03-28 11:04 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-04-12 14:17 - 2017-03-28 11:03 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-04-12 14:17 - 2017-03-28 11:02 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-04-12 14:17 - 2017-03-28 11:02 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-04-12 14:17 - 2017-03-28 11:02 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-04-12 14:17 - 2017-03-28 11:02 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-04-12 14:17 - 2017-03-28 11:01 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-04-12 14:17 - 2017-03-28 11:00 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-04-12 14:17 - 2017-03-28 11:00 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-04-12 14:17 - 2017-03-28 11:00 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-04-12 14:17 - 2017-03-28 10:59 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-04-12 14:17 - 2017-03-28 10:59 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-04-12 14:17 - 2017-03-28 10:59 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-04-12 14:17 - 2017-03-28 10:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-04-12 14:17 - 2017-03-28 10:58 - 01110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-04-12 14:17 - 2017-03-28 10:58 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-04-12 14:17 - 2017-03-28 10:55 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-04-12 14:17 - 2017-03-28 10:54 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-04-12 14:17 - 2017-03-28 10:45 - 01700864 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-04-12 14:17 - 2017-03-28 10:44 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-04-12 14:17 - 2017-03-28 10:43 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-04-12 14:17 - 2017-03-28 10:43 - 01486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-04-12 14:17 - 2017-03-28 10:43 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-04-12 14:17 - 2017-03-28 10:43 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-04-12 14:17 - 2017-03-28 10:42 - 01235968 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-04-12 14:17 - 2017-03-28 10:42 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-04-12 14:17 - 2017-03-28 10:42 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-04-12 14:17 - 2017-03-28 10:42 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-04-12 14:17 - 2017-03-28 10:42 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-04-12 14:17 - 2017-03-28 10:42 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-04-12 14:17 - 2017-03-28 10:41 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-12 14:17 - 2017-03-28 10:41 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-04-12 14:17 - 2017-03-28 10:41 - 01887232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-04-12 14:17 - 2017-03-28 10:41 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-04-12 14:17 - 2017-03-28 10:39 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-04-12 14:17 - 2017-03-28 10:38 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-04-12 14:17 - 2017-03-28 10:38 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2017-04-12 14:16 - 2017-03-28 11:51 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-04-12 14:16 - 2017-03-28 11:50 - 01725136 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-04-12 14:16 - 2017-03-28 11:49 - 05999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-04-12 14:16 - 2017-03-28 11:49 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-04-12 14:16 - 2017-03-28 11:43 - 00950624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-04-12 14:16 - 2017-03-28 11:35 - 01896800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-12 14:16 - 2017-03-28 11:35 - 00342880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-12 14:16 - 2017-03-28 11:34 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-04-12 14:16 - 2017-03-28 11:34 - 02262776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-04-12 14:16 - 2017-03-28 11:32 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-04-12 14:16 - 2017-03-28 11:29 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-04-12 14:16 - 2017-03-28 11:29 - 00080224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-04-12 14:16 - 2017-03-28 11:28 - 01851688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-04-12 14:16 - 2017-03-28 11:28 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-04-12 14:16 - 2017-03-28 11:28 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-04-12 14:16 - 2017-03-28 11:28 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-04-12 14:16 - 2017-03-28 11:28 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-04-12 14:16 - 2017-03-28 11:28 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-04-12 14:16 - 2017-03-28 11:15 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-04-12 14:16 - 2017-03-28 11:11 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-04-12 14:16 - 2017-03-28 11:09 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2017-04-12 14:16 - 2017-03-28 11:09 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-04-12 14:16 - 2017-03-28 11:08 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-04-12 14:16 - 2017-03-28 11:07 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-04-12 14:16 - 2017-03-28 11:06 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-04-12 14:16 - 2017-03-28 11:06 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-12 14:16 - 2017-03-28 11:05 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-04-12 14:16 - 2017-03-28 11:05 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-04-12 14:16 - 2017-03-28 11:05 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-04-12 14:16 - 2017-03-28 11:04 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-04-12 14:16 - 2017-03-28 11:04 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-04-12 14:16 - 2017-03-28 11:04 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-04-12 14:16 - 2017-03-28 11:03 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-04-12 14:16 - 2017-03-28 11:03 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-04-12 14:16 - 2017-03-28 11:02 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-04-12 14:16 - 2017-03-28 11:02 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-04-12 14:16 - 2017-03-28 11:02 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-04-12 14:16 - 2017-03-28 11:02 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-04-12 14:16 - 2017-03-28 11:02 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-04-12 14:16 - 2017-03-28 11:01 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2017-04-12 14:16 - 2017-03-28 11:01 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-04-12 14:16 - 2017-03-28 11:01 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-04-12 14:16 - 2017-03-28 11:01 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-04-12 14:16 - 2017-03-28 11:01 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-04-12 14:16 - 2017-03-28 11:01 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-04-12 14:16 - 2017-03-28 11:00 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-04-12 14:16 - 2017-03-28 11:00 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-04-12 14:16 - 2017-03-28 10:59 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-04-12 14:16 - 2017-03-28 10:58 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-04-12 14:16 - 2017-03-28 10:58 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-12 14:16 - 2017-03-28 10:58 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-04-12 14:16 - 2017-03-28 10:58 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-04-12 14:16 - 2017-03-28 10:56 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-04-12 14:16 - 2017-03-28 10:55 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-12 14:16 - 2017-03-28 10:55 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-04-12 14:16 - 2017-03-28 10:54 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-12 14:16 - 2017-03-28 10:54 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-04-12 14:16 - 2017-03-28 10:54 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-04-12 14:16 - 2017-03-28 10:54 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-04-12 14:16 - 2017-03-28 10:53 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-04-12 14:16 - 2017-03-28 10:53 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-04-12 14:16 - 2017-03-28 10:53 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-04-12 14:16 - 2017-03-28 10:51 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-04-12 14:16 - 2017-03-28 10:50 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-04-12 14:16 - 2017-03-28 10:50 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-04-12 14:16 - 2017-03-28 10:50 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-12 14:16 - 2017-03-28 10:49 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-04-12 14:16 - 2017-03-28 10:49 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-04-12 14:16 - 2017-03-28 10:48 - 12181504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-12 14:16 - 2017-03-28 10:48 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-12 14:16 - 2017-03-28 10:47 - 06109696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-04-12 14:16 - 2017-03-28 10:47 - 03774464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-04-12 14:16 - 2017-03-28 10:47 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-04-12 14:16 - 2017-03-28 10:47 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2017-04-12 14:16 - 2017-03-28 10:46 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-04-12 14:16 - 2017-03-28 10:44 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-04-12 14:16 - 2017-03-28 10:44 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-04-12 14:16 - 2017-03-28 10:44 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-04-12 14:16 - 2017-03-28 10:43 - 06045184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-12 14:16 - 2017-03-28 10:43 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-04-12 14:16 - 2017-03-28 10:43 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-12 14:16 - 2017-03-28 10:42 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-04-12 14:16 - 2017-03-28 10:42 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-04-12 14:16 - 2017-03-28 10:42 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-04-12 14:16 - 2017-03-28 10:42 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-04-12 14:16 - 2017-03-28 10:42 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-04-12 14:16 - 2017-03-28 10:42 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-04-12 14:16 - 2017-03-28 10:42 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-04-12 14:16 - 2017-03-28 10:41 - 03596288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-04-12 14:16 - 2017-03-28 10:41 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-04-12 14:16 - 2017-03-28 10:40 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-04-12 14:16 - 2017-03-18 22:58 - 01384704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-04-12 14:15 - 2017-03-28 12:40 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-04-12 14:15 - 2017-03-28 12:40 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-12 14:15 - 2017-03-28 12:29 - 00448864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-04-12 14:15 - 2017-03-28 12:27 - 00551264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-04-12 14:15 - 2017-03-28 12:27 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-04-12 14:15 - 2017-03-28 11:51 - 00890984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-04-12 14:15 - 2017-03-28 11:45 - 02048496 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-12 14:15 - 2017-03-28 11:44 - 00583136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-04-12 14:15 - 2017-03-28 11:34 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-04-12 14:15 - 2017-03-28 11:32 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-04-12 14:15 - 2017-03-28 11:32 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-04-12 14:15 - 2017-03-28 11:28 - 00961192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-12 14:15 - 2017-03-28 11:28 - 00240992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-04-12 14:15 - 2017-03-28 11:28 - 00198496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-04-12 14:15 - 2017-03-28 11:28 - 00125792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-04-12 14:15 - 2017-03-28 11:23 - 01412128 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-04-12 14:15 - 2017-03-28 11:23 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-12 14:15 - 2017-03-28 11:22 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-04-12 14:15 - 2017-03-28 11:18 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-04-12 14:15 - 2017-03-28 11:11 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-12 14:15 - 2017-03-28 11:10 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicDisplay.sys
2017-04-12 14:15 - 2017-03-28 11:10 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-12 14:15 - 2017-03-28 11:09 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2017-04-12 14:15 - 2017-03-28 11:09 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-04-12 14:15 - 2017-03-28 11:09 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-04-12 14:15 - 2017-03-28 11:07 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\apds.dll
2017-04-12 14:15 - 2017-03-28 11:07 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-04-12 14:15 - 2017-03-28 11:06 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-04-12 14:15 - 2017-03-28 11:05 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-04-12 14:15 - 2017-03-28 11:05 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-04-12 14:15 - 2017-03-28 11:05 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dxpserver.exe
2017-04-12 14:15 - 2017-03-28 11:05 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-04-12 14:15 - 2017-03-28 11:05 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-04-12 14:15 - 2017-03-28 11:05 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-04-12 14:15 - 2017-03-28 11:05 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-04-12 14:15 - 2017-03-28 11:05 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-04-12 14:15 - 2017-03-28 11:04 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-04-12 14:15 - 2017-03-28 11:03 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-04-12 14:15 - 2017-03-28 11:03 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-04-12 14:15 - 2017-03-28 11:02 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-04-12 14:15 - 2017-03-28 11:02 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-04-12 14:15 - 2017-03-28 11:02 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-04-12 14:15 - 2017-03-28 11:02 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-04-12 14:15 - 2017-03-28 11:02 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-04-12 14:15 - 2017-03-28 11:02 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-04-12 14:15 - 2017-03-28 11:02 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-04-12 14:15 - 2017-03-28 11:02 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-04-12 14:15 - 2017-03-28 11:01 - 00728064 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-04-12 14:15 - 2017-03-28 11:01 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2017-04-12 14:15 - 2017-03-28 11:01 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2017-04-12 14:15 - 2017-03-28 11:00 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-04-12 14:15 - 2017-03-28 11:00 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-04-12 14:15 - 2017-03-28 10:59 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-04-12 14:15 - 2017-03-28 10:57 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-04-12 14:15 - 2017-03-28 10:56 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-04-12 14:15 - 2017-03-28 10:55 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-04-12 14:15 - 2017-03-28 10:54 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-04-12 14:15 - 2017-03-28 10:54 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-04-12 14:15 - 2017-03-28 10:53 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-12 14:15 - 2017-03-28 10:53 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-04-12 14:15 - 2017-03-28 10:52 - 01284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-04-12 14:15 - 2017-03-28 10:52 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-04-12 14:15 - 2017-03-28 10:49 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2017-04-12 14:15 - 2017-03-28 10:49 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-04-12 14:15 - 2017-03-28 10:49 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2017-04-12 14:15 - 2017-03-28 10:49 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-04-12 14:15 - 2017-03-28 10:48 - 01406976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-04-12 14:15 - 2017-03-28 10:46 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-04-12 14:15 - 2017-03-28 10:46 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-04-12 14:15 - 2017-03-28 10:45 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-04-12 14:15 - 2017-03-28 10:44 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-04-12 14:15 - 2017-03-28 10:42 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-04-12 14:15 - 2017-03-28 10:42 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-04-12 14:15 - 2017-03-28 10:42 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-04-12 14:15 - 2017-03-28 10:42 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-04-12 14:15 - 2017-03-28 10:41 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-04-12 14:15 - 2017-03-28 10:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2017-04-12 14:15 - 2017-03-28 10:38 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-12 14:15 - 2017-03-18 22:32 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-04-12 14:15 - 2017-03-18 22:29 - 01378304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-04-12 14:15 - 2017-03-18 22:15 - 01949696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-04-12 14:15 - 2017-03-16 10:08 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-04-11 16:09 - 2017-04-20 10:12 - 00220088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-04-11 16:09 - 2017-04-11 16:22 - 00096704 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-04-11 16:09 - 2017-04-11 16:22 - 00073664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-04-11 16:09 - 2017-04-11 16:22 - 00039360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-04-11 16:09 - 2017-04-11 16:09 - 00161216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-04-11 16:09 - 2017-04-11 16:09 - 00002097 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-04-11 16:09 - 2017-04-11 16:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-04-11 16:09 - 2017-04-11 16:09 - 00000000 ____D C:\Program Files\Malwarebytes
2017-04-11 16:09 - 2017-03-24 04:10 - 00059904 _____ C:\WINDOWS\system32\Drivers\mbae.sys
2017-04-10 17:26 - 2017-04-10 17:26 - 00001074 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2017-04-10 17:26 - 2017-04-10 17:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-04-10 17:26 - 2017-04-10 17:26 - 00000000 ____D C:\Program Files\RogueKiller
2017-04-10 11:28 - 2017-04-10 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-04-08 13:38 - 2017-04-08 13:38 - 00002190 _____ C:\Users\Public\Desktop\Epson Easy Photo Print.lnk
2017-04-08 13:38 - 2017-04-08 13:38 - 00000000 ____D C:\ProgramData\Sony Corporation
2017-04-06 13:51 - 2017-04-06 13:51 - 00042288 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-04-04 14:54 - 2017-04-04 14:54 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-04-01 12:54 - 2017-04-01 12:54 - 00001194 _____ C:\Users\Public\Desktop\Wondershare MobileGo.lnk
2017-03-29 11:34 - 2017-03-29 11:34 - 02673080 _____ C:\Users\MJ\Desktop\131334286570378175.PDF
2017-03-27 10:52 - 2017-03-27 10:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-03-27 10:52 - 2017-03-27 10:52 - 00000000 ____D C:\Program Files\Common Files\Skype
2017-03-22 09:27 - 2017-03-22 09:27 - 00035432 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-03-22 09:27 - 2017-03-22 09:27 - 00035432 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-03-22 09:27 - 2017-03-22 09:27 - 00035432 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-20 10:27 - 2015-07-04 10:54 - 00000000 ____D C:\Users\MJ\AppData\Roaming\Skype
2017-04-20 10:25 - 2016-11-17 12:20 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-04-20 10:21 - 2016-01-21 15:12 - 00000000 ____D C:\FRST
2017-04-20 10:20 - 2016-11-17 12:27 - 01161466 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-20 10:15 - 2016-09-20 16:33 - 00000000 ____D C:\Users\MJ\AppData\Roaming\Monotype
2017-04-20 10:13 - 2016-11-17 12:29 - 00000000 ____D C:\Users\MJ
2017-04-20 10:10 - 2016-11-17 13:03 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-18 08:41 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-14 16:49 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\rescache
2017-04-14 16:14 - 2016-07-16 07:52 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-04-14 15:23 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-04-14 14:59 - 2015-08-09 16:50 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-14 14:57 - 2016-07-16 13:58 - 00000000 ____D C:\WINDOWS\INF
2017-04-14 14:55 - 2016-11-17 12:19 - 00536848 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-14 14:53 - 2016-11-18 01:11 - 00000000 ____D C:\Program Files\Hyper-V
2017-04-14 14:53 - 2016-07-16 13:59 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-04-14 14:53 - 2016-07-16 13:59 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-04-14 14:53 - 2016-07-16 13:59 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-14 14:53 - 2016-07-16 13:59 - 00000000 ___RD C:\Program Files\Windows Defender
2017-04-14 14:53 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\setup
2017-04-14 14:53 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-04-14 14:53 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-04-14 14:53 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\Provisioning
2017-04-14 14:53 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-04-14 14:53 - 2016-07-16 13:59 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-14 12:34 - 2017-01-11 15:56 - 00000000 ____D C:\Users\MJ\AppData\LocalLow\Mozilla
2017-04-14 11:44 - 2017-02-13 13:26 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-04-14 11:43 - 2017-03-14 17:11 - 00000000 ____D C:\Users\MJ\AppData\Roaming\Everything
2017-04-14 11:41 - 2016-07-16 13:59 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-12 17:36 - 2016-04-23 17:13 - 00000000 ____D C:\Users\MJ\AppData\Local\Everything
2017-04-12 17:36 - 2015-10-05 22:16 - 00000000 ____D C:\Users\MJ\AppData\Local\CrashDumps
2017-04-12 16:51 - 2015-08-09 16:48 - 00000000 ____D C:\Users\MJ\AppData\Local\Packages
2017-04-12 14:40 - 2016-07-16 13:49 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-12 14:30 - 2015-07-01 00:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-12 14:22 - 2015-07-01 00:51 - 145733648 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-12 12:46 - 2015-07-17 17:04 - 00000000 ____D C:\Users\MJ\AppData\Roaming\TeraCopy
2017-04-11 17:20 - 2016-01-19 13:01 - 00000000 ____D C:\AdwCleaner
2017-04-11 16:58 - 2016-07-04 12:33 - 00000000 ____D C:\Users\MJ\AppData\Roaming\IObit
2017-04-11 16:58 - 2016-07-04 12:33 - 00000000 ____D C:\Program Files\Common Files\IObit
2017-04-11 16:58 - 2016-07-04 12:12 - 00000000 ____D C:\ProgramData\IObit
2017-04-11 16:58 - 2016-07-04 12:12 - 00000000 ____D C:\Program Files\IObit
2017-04-11 16:58 - 2016-04-20 11:00 - 00000000 ____D C:\Program Files\Beyond Compare 4
2017-04-11 16:09 - 2015-07-01 15:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-04-11 16:00 - 2017-03-13 19:21 - 00000000 ___HD C:\Users\MJ\AppData\Roaming\Obsidium
2017-04-10 17:27 - 2015-10-05 20:32 - 00024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-04-10 11:29 - 2016-04-14 12:49 - 00000000 ____D C:\Program Files\Dropbox
2017-04-10 10:48 - 2015-06-30 11:13 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2017-04-08 13:38 - 2016-04-02 16:11 - 00000000 ____D C:\ProgramData\UDL
2017-04-08 13:38 - 2016-04-02 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2017-04-08 10:41 - 2015-06-30 08:51 - 00430248 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-04-08 10:26 - 2015-06-30 13:16 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-04-06 16:36 - 2016-05-30 11:47 - 00000000 ____D C:\Users\MJ\AppData\Roaming\WhatsApp
2017-04-06 15:33 - 2015-07-18 12:21 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-04 14:54 - 2016-07-16 13:59 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-04-04 14:54 - 2016-07-16 13:59 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-04-04 14:50 - 2015-07-01 12:56 - 00000000 ____D C:\Program Files\Microsoft Office
2017-04-02 00:22 - 2016-07-16 14:01 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-04-02 00:22 - 2016-07-16 14:01 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2017-03-31 15:57 - 2016-03-16 23:05 - 00000000 ____D C:\Program Files\ABBYY FineReader 12
2017-03-31 13:41 - 2016-07-16 07:52 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-31 10:18 - 2017-02-15 15:43 - 00001071 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk
2017-03-31 10:18 - 2016-05-04 15:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-03-28 15:14 - 2016-12-16 17:01 - 00614144 _____ C:\Users\MJ\Desktop\Company Profile (HS1).pdf
2017-03-27 10:53 - 2015-07-01 11:18 - 00000000 ____D C:\ProgramData\Skype
2017-03-27 10:52 - 2016-01-23 19:36 - 00000000 ___RD C:\Program Files\Skype
2017-03-27 10:50 - 2015-06-30 12:29 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-21 15:24 - 2015-06-30 14:04 - 00000000 ____D C:\Users\MJ\AppData\Roaming\DMCache
2017-03-21 14:49 - 2015-07-18 12:19 - 00000000 ____D C:\Program Files\Google
2017-03-21 14:41 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\NDF

==================== Files in the root of some directories =======

2016-02-01 12:27 - 2016-02-01 12:27 - 0000006 ____S () C:\ProgramData\4ad31ab5f189ff4c9184cbc5cb3ef7bbc77e1818

Some files in TEMP:
====================
2017-04-10 17:26 - 2016-11-11 13:29 - 1586736 _____ (Microsoft Corporation) C:\Users\MJ\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-04-10 12:27

==================== End of FRST.txt ============================

Share this post


Link to post
Share on other sites

Post #: 11   Posted

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 19-04-2017
Ran by MJ (20-04-2017 10:29:34)
Running from E:\MJ1\Systems & Mobile Softwares\System Softwares
Microsoft Windows 10 Pro Version 1607 (X86) (2016-11-17 07:43:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2807340434-1949843575-1337704626-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2807340434-1949843575-1337704626-503 - Limited - Disabled)
Guest (S-1-5-21-2807340434-1949843575-1337704626-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2807340434-1949843575-1337704626-1002 - Limited - Enabled)
MJ (S-1-5-21-2807340434-1949843575-1337704626-1000 - Administrator - Enabled) => C:\Users\MJ

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 12 Corporate (HKLM\...\{F12000CE-0001-0000-0000-074957833700}) (Version: 12.1.439 - ABBYY Production LLC)
Adobe Flash Player 25 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 25.0.0.156 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 25.0.0.156 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.8.198 - Adobe Systems, Inc.)
airtel (HKLM\...\airtel) (Version: 23.015.02.02.284 - Huawei Technologies Co.,Ltd)
Apple Application Support (32-bit) (HKLM\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{15A0A9A6-6CF0-4EEE-8E12-096B33F92CA7}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM\...\{0b46d918-af4f-4612-8076-5c0ae67cb2aa}) (Version: 1.2.81.41506 - Avira Operations GmbH & Co. KG)
Avira Connect (Version: 1.2.81.41506 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM\...\Avira Phantom VPN) (Version: 2.7.1.26756 - Avira Operations GmbH & Co. KG)
BarTender 10.1 UltraLite (HKLM\...\BarTender UltraLite) (Version: 10.1.2934 - Seagull Scientific)
BarTender 10.1 UltraLite (Version: 10.1.2934 - Seagull Scientific) Hidden
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
Canon LBP3010/LBP3018/LBP3050 (HKLM\...\Canon LBP3010/LBP3018/LBP3050) (Version:  - )
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Dropbox (HKLM\...\Dropbox) (Version: 24.3.14 - Dropbox, Inc.)
Dropbox Update Helper (Version: 1.3.61.1 - Dropbox, Inc.) Hidden
Epson Connect Printer Setup (HKLM\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.81.0000 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM\...\{F05A434E-D3CF-4B44-9D3E-779D42090781}) (Version: 2.8.0.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON L455 Series Printer Uninstall (HKLM\...\EPSON L455 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Manuals (HKLM\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.53.0.0 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM\...\{83475ED4-8CCD-4F42-B877-7E2CC2BBD97B}) (Version: 2.0.0.0 - Seiko Epson Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EpsonNet Config V4 (HKLM\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.7.0 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{15A0F113-BF2C-4C12-8AA8-42AE0D9AE1C9}) (Version: 3.1.2.0 - SEIKO EPSON Corporation)
EtNumToTextClient (HKLM\...\{EBD16DD5-EB80-454F-A52B-C97D14F54FC2}) (Version: 1.0.0.0 - Nextenders(I) Pvt. Ltd.)
Everything 1.4.0.713b (x86) (HKLM\...\Everything) (Version: 1.4.0.713b (x86) - David Carpenter)
FileHippo App Manager (HKLM\...\FileHippo.com) (Version:  - FileHippo.com)
FileZilla Client 3.25.0-rc1 (HKLM\...\FileZilla Client) (Version: 3.25.0-rc1 - Tim Kosse)
FoV Calculator (HKLM\...\FoV Calculator) (Version: 4.5.0 - HANWHA TECHWIN CO.,LTD.)
Foxit PhantomPDF (HKLM\...\{606F14DC-FD6A-11E6-855E-000C2992F709}) (Version: 8.2.1.6871 - Foxit Software Inc.)
Google Apps Migration For Microsoft Outlook® 4.0.30.10 (HKLM\...\{141D6939-CB21-419F-9FCC-506A2CD03110}) (Version: 4.0.30.10 - Google, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (Version: 1.3.33.3 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
iCloud (HKLM\...\{39C05E71-5881-4EE2-B00D-27AFA010CAA4}) (Version: 5.2.1.69 - Apple Inc.)
IDM Patch 6.25 build 01 (HKLM\...\IDM Patch 6.25 build 01) (Version: build 01 - SandySeedings Team)
Inkscape 0.91 (HKLM\...\Inkscape) (Version: 0.91 - )
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation)
Intel® Driver Update Utility (HKLM\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Internet Download Manager (HKLM\...\Internet Download Manager) (Version:  - Tonec Inc.)
Java 8 Update 121 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Malwarebytes Anti-Malware versione 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Metric Collection SDK 35 (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 Business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 16.0.7870.2031 - Microsoft Corporation)
Microsoft Support and Recovery Assistant for Office 365 (HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\4415f693b586d348) (Version: 16.0.1519.6 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 (HKLM\...\{1f407217-9aec-4146-8504-e64ac959c534}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Partner (HKLM\...\Mobile Partner) (Version: 23.015.02.00.03 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 53.0 (x86 en-US) (HKLM\...\Mozilla Firefox 53.0 (x86 en-US)) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.0.6302 - Mozilla)
MyEpson Portal (HKLM\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
NXPowerLite Desktop 6 (HKLM\...\{29EC0D32-8186-4FC5-9303-1E7ED65726AC}) (Version: 6.2.12 - Neuxpower Solutions Ltd)
NxtCryptoSetup (HKLM\...\{BB113591-6E67-4845-9D58-E0C81B7358C5}) (Version: 1.0.0 - NEXT TENDER)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Online Updater (HKLM\...\Online Updater) (Version: 1.4.0.0 - Samsung Techwin Co., Ltd.)
PatchCleaner (HKLM\...\{727DA176-50BB-452C-8DB5-96EE0A573ED4}) (Version: 1.4.20 - HomeDev)
PDF Password Remover (HKLM\...\{DB150C19-4A8F-4EF7-AC75-96098EACE179}) (Version: 1.0.6 - PDF Technologies)
QQ International (HKLM\...\{3CA54984-A14B-42FE-9FF1-7EA90151D725}) (Version: 1.91.1369.0 - Tencent Technology(Shenzhen) Company Limited)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.42.304.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
RogueKiller version 12.10.3.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.10.3.0 - Adlice Software)
Samsung Easy Document Creator (HKLM\...\Samsung Easy Document Creator) (Version: 1.06.46 (30-Oct-14) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (Version: 1.03.05.18 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Secunia PSI (3.0.0.11003) (HKLM\...\Secunia PSI) (Version: 3.0.0.11003 - Secunia)
SkyFonts™ (HKLM\...\{4924FFCD-1019-4E4E-B16A-1200A2ED47AF}) (Version: 5.9.0.0 - Monotype Imaging Inc.)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.33 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.5 - Sophos Limited)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated)
Tixati (HKLM\...\tixati) (Version:  - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WebCms 3.2.0.30 (HKLM\...\WebCms 3.2.0.30) (Version: 3.2.0.30 - WebCms)
WhatsApp (HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\WhatsApp) (Version: 0.2.3699 - WhatsApp)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wondershare MobileGo(Version 8.2.3) (HKLM\...\{1E04C795-7359-4E05-8A0E-5644F777AA09}_is1) (Version: 8.2.3 - Wondershare)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{4818B03A-31D0-1D22-F874-CA505AB2E342}\InprocServer32 -> C:\WINDOWS\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InprocServer32 -> 0x973B43899186D201B5644E899186D201010000000E00000000000000 => No File
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocServer32 -> no filepath

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05C23B1F-6EBD-4003-B577-21FE90E07AC1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {06350DAC-204A-4B2E-A686-BE9465A2F83C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {09BCC2E6-1EA0-422D-92FA-134C2E421476} - System32\Tasks\EPSON L455 Series Update {8077F65E-3061-478F-B193-B13D7EBB4DE1} => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_TTSNGE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {0CFFD70F-1474-4579-872B-C4292AB177C4} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {12D7E3C3-F0B0-43AA-AE6B-0BD1F986D7B4} - System32\Tasks\EPSON L455 Series Update {E0506314-471B-4B1A-9C4E-DDBEB0A6F646} => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_TTSNGE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {176DF5C3-3620-45A0-92E7-39E257713AFF} - System32\Tasks\{84CD70DD-E907-496F-B5F6-F4D5F5B62482} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.6.0.103/en/go/help.faq.installer?LastError=1618
Task: {1B63C456-9B59-4DF0-9CD6-740B4684EAAA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {2809EEEF-87A5-4ADF-BC51-7FAD6FD4E45A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {2CD3516C-5002-4E75-87E9-FE370568884B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe 
Task: {2FD837C1-C6C0-4F88-8967-D72F1FCBE987} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe 
Task: {3331BAE3-A1AC-4EB2-8F9B-A4229470FB06} - System32\Tasks\{A0ABF513-874D-443D-BDA9-1345D6529D8E} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.6.0.103/en/go/help.faq.installer?LastError=1618
Task: {34727FDE-03F1-4AFA-9E29-848B2ACDB206} - System32\Tasks\EPSON L455 Series Update {0337DDB0-DBDB-4D20-997B-2D153D6C8041} => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_TTSNGE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {39C1E52C-2B21-49A9-B4F3-1E748702675E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 35 => %ProgramFiles%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe 
Task: {3BF7172C-06FE-47D4-B1F6-5AABFAB1F52B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-07-18] (Google Inc.)
Task: {3CB55E12-DA52-4C18-91A9-66CF48277709} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe 
Task: {3E0F3B21-B27D-4628-875D-56E14F314D0E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe 
Task: {413D2A43-5990-4953-84C2-F711FA116CD4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {5A6D533B-D339-48C4-85CE-98EC8DDA113B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-04-14] (Dropbox, Inc.)
Task: {635D31F3-49A4-4FFC-A1BE-B12C735281F2} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {6E57F74C-7AC7-4BF4-A3F8-A3C8236A54F3} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {701B6BCD-757C-47BB-A2B4-A0F47C1E5FAE} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-03-27] (Microsoft Corporation)
Task: {8699F573-34E9-4F39-AAF8-CC027CD7D9AB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-07-18] (Google Inc.)
Task: {873119C0-68BF-47B5-ADE8-F9848E05E3C2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-04-14] (Dropbox, Inc.)
Task: {8C519A18-3E53-48D5-80C2-8F49AB48D81B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-14] (Adobe Systems Incorporated)
Task: {902FF1E1-83F3-4355-9E45-429601826B43} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-26] (Microsoft Corporation)
Task: {910BB25D-2D66-43DD-B3CE-E023EF786ADF} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {9198465E-8A91-424A-8EB7-857F683BAB3F} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {91A4486A-9814-44F9-9151-7B0680D85AC6} - System32\Tasks\{E75258F1-6257-4061-8FB8-34163EF1F044} => pcalua.exe -a C:\Users\MJ\Downloads\Drivers\sp53753.exe -d C:\Users\MJ\Downloads\Drivers
Task: {9E013671-A592-42A0-9D35-4441C64978A7} - System32\Tasks\EPSON L455 Series Update {8DD00055-E826-4A49-B09E-1B852A1A5AE6} => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_TTSNGE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {AA1F2214-0AAF-4FEA-AC08-1220EF5D0516} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {AB85BBDA-AA87-472A-86E0-2056D0388ADE} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {AE362DC6-CADD-44D5-9FA0-1D02238AD4A1} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {AF36C967-74C9-4044-9ED8-86716F60611D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {B48E413D-D9F8-4836-AA0E-F8CBDA1F3863} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {BE6193C9-F796-4322-AE1C-680EE00DCA80} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {C4DDDA2E-8048-484B-8338-907F7DA3823B} - System32\Tasks\{2B17CBF3-CDF2-4293-B8D1-F5D27D59C538} => pcalua.exe -a C:\Users\MJ\Downloads\Drivers\sp52196.exe -d C:\Users\MJ\Downloads\Drivers
Task: {CBEA2037-05C8-4EF5-B47E-163DF0F92592} - System32\Tasks\ThinPrint AutoConnect component for 32 bit applications => C:\Users\Public\Documents\Microsoft\Assistance\Tools\TPAutoConnect32.exe 
Task: {D1C5BDF0-133B-48A9-9DAE-1D170A9DB438} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {D7708149-456C-4AAC-A3F2-4A359FADD42C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {F4F9CA3F-C059-496D-B23A-D550F50103F1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-26] (Microsoft Corporation)
Task: {F6F84191-881F-4F4A-BB98-CA443ABE1006} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe 
Task: {F72CD9CC-2654-4580-BADB-21DA51DA563B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {FB986840-25CB-42B6-A614-6E3F065BB1E6} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {FE34CBCD-B9A9-4163-8684-AEBA3D37403A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON L455 Series Update {0337DDB0-DBDB-4D20-997B-2D153D6C8041}.job => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_TTSNGE.EXE :/EXE:{0337DDB0-DBDB-4D20-997B-2D153D6C8041} /F:Update  WORKGROUP\MJ-PC$ ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON L455 Series Update {8077F65E-3061-478F-B193-B13D7EBB4DE1}.job => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_TTSNGE.EXE :/EXE:{8077F65E-3061-478F-B193-B13D7EBB4DE1} /F:Update  WORKGROUP\MJ-PC$ ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON L455 Series Update {8DD00055-E826-4A49-B09E-1B852A1A5AE6}.job => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_TTSNGE.EXE :/EXE:{8DD00055-E826-4A49-B09E-1B852A1A5AE6} /F:Update  WORKGROUP\MJ-PC$ ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON L455 Series Update {E0506314-471B-4B1A-9C4E-DDBEB0A6F646}.job => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_TTSNGE.EXE :/EXE:{E0506314-471B-4B1A-9C4E-DDBEB0A6F646} /F:Update  WORKGROUP\MJ-PC$ ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\MJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e9cc420c2be074d9\Identity API Scope Approval UI.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ahjaciijnoiaklcomgnblndopackapon

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 13:55 - 2016-07-16 13:55 - 00190976 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-12 14:15 - 2017-03-28 11:45 - 02048496 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-06 07:46 - 2013-04-15 11:49 - 00176128 _____ () C:\WINDOWS\System32\HP1006LM.DLL
2016-03-21 10:09 - 2012-09-18 15:26 - 00169472 _____ () C:\WINDOWS\System32\zlhp1020.dll
2015-08-14 14:17 - 2015-08-14 14:17 - 00022723 _____ () C:\WINDOWS\System32\sss1ml3.dll
2016-02-15 21:02 - 2016-02-15 21:02 - 00027160 _____ () C:\WINDOWS\System32\us008lm.dll
2015-08-06 07:49 - 2013-04-15 11:49 - 00059904 _____ () C:\WINDOWS\system32\spool\PRTPROCS\W32X86\HP1006PP.dll
2016-03-21 11:04 - 2012-09-18 15:26 - 00059904 _____ () C:\WINDOWS\system32\spool\PRTPROCS\W32X86\pphp1020.dll
2016-04-23 13:57 - 2015-11-24 11:36 - 01390336 _____ () C:\Program Files\Everything\Everything.exe
2016-07-04 12:33 - 2015-12-23 18:31 - 00625440 _____ () C:\Program Files\IObit\LiveUpdate\ProductStatistics.dll
2017-04-11 16:09 - 2017-04-14 11:19 - 01736992 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-04-12 14:15 - 2017-03-28 11:45 - 02048496 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2017-03-04 19:43 - 2017-03-04 19:43 - 00048296 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2015-10-23 06:34 - 2016-12-07 16:40 - 02237776 _____ () C:\Program Files\TeraCopy\TeraCopyExt.dll
2016-07-16 13:55 - 2016-07-16 13:55 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 15:45 - 2017-03-04 11:54 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 15:42 - 2017-03-04 11:34 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 15:42 - 2017-03-04 11:28 - 01150464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-18 01:25 - 2016-11-18 01:25 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-12 14:15 - 2017-03-28 10:39 - 00779776 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-04-12 14:15 - 2017-03-28 10:40 - 01724928 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-12 14:15 - 2017-03-28 10:41 - 03158016 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2012-11-26 23:54 - 2012-11-26 23:54 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2017-01-30 12:52 - 2017-01-30 12:52 - 01926632 ____R () C:\Program Files\Skype\Phone\roottools.dll
2017-04-06 15:33 - 2017-03-29 07:34 - 02187096 _____ () C:\Program Files\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
2017-04-06 15:33 - 2017-03-29 07:34 - 00086360 _____ () C:\Program Files\Google\Chrome\Application\57.0.2987.133\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\dgsnd.gov.in -> hxxp://dgsnd.gov.in
IE trusted site: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\eprocure.gov.in -> hxxp://eprocure.gov.in
IE trusted site: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\google.co.in -> hxxps://www.google.co.in
IE trusted site: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\icicibank.com -> hxxp://www.icicibank.com
IE trusted site: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\mcdetenders.com -> hxxp://mcdetenders.com
IE trusted site: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\mcdtenders.com -> hxxp://engineering.mcdtenders.com
IE trusted site: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\sharepoint.com -> hxxps://avsystems1.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 07:34 - 2017-04-11 16:58 - 00000828 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MJ\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: CNAP2 Launcher => C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAP2LAK.EXE
MSCONFIG\startupreg: GoogleChromeAutoLaunch_B2544431BFD6B2D61733FA5F91ED6200 => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: IDMan => C:\Program Files\Internet Download Manager\IDMan.exe /onboot
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
HKLM\...\StartupApproved\StartupFolder: => "MobileGo Service.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Secunia PSI Tray.lnk"
HKLM\...\StartupApproved\Run: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run: => "CNAP2 Launcher"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "EEventManager"
HKLM\...\StartupApproved\Run: => "Dropbox"
HKLM\...\StartupApproved\Run: => "Bonus.SSR.FR12"
HKLM\...\StartupApproved\Run: => "InstallerLauncher"
HKLM\...\StartupApproved\Run: => "Connectify Hotspot"
HKLM\...\StartupApproved\Run: => "SleekBillNot"
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\StartupApproved\Run: => "CallCenter JustPhone"
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\StartupApproved\Run: => "FileHippo.com"
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_B2544431BFD6B2D61733FA5F91ED6200"
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\StartupApproved\Run: => "Advanced SystemCare Ultimate"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [ScanManagement-RCWS-Out-TCP] => (Allow) %SystemRoot%\System32\mmc.exe
FirewallRules: [ScanManagement-WSD-Out-TCP] => (Allow) %SystemRoot%\System32\mmc.exe
FirewallRules: [{BF0C5732-8921-4BBB-AE8C-A004A0CCF907}] => (Allow) LPort=6160
FirewallRules: [UDP Query User{3D32746E-60F7-48DA-A5DB-B340E12E7726}C:\sleek bill\libj\launch4j-tmp\sleek bill.exe] => (Allow) C:\sleek bill\libj\launch4j-tmp\sleek bill.exe
FirewallRules: [TCP Query User{DC4C6CBF-DC87-4ABB-B1EE-4DAAACC439F9}C:\sleek bill\libj\launch4j-tmp\sleek bill.exe] => (Allow) C:\sleek bill\libj\launch4j-tmp\sleek bill.exe
FirewallRules: [{5C440A1E-84C9-4DEB-B719-6BB983C0B21E}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{9CA2AAA8-FB31-41A6-A9FD-8ACCEAEDC087}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [UDP Query User{C719FA1B-7C94-4B02-B4E9-DD709A2CF9EF}C:\program files\connectify\connectify.exe] => (Allow) C:\program files\connectify\connectify.exe
FirewallRules: [TCP Query User{79E52ECA-0F4F-4AD3-AE0D-FA25D5375029}C:\program files\connectify\connectify.exe] => (Allow) C:\program files\connectify\connectify.exe
FirewallRules: [{E6A010AD-4E6B-413D-881A-6EF04BB78040}] => (Allow) C:\Sleek Bill\libj\launch4j-tmp\Sleek Bill.exe
FirewallRules: [{0C3F8872-8CBD-49A4-AA39-75C9E149BE55}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{FB137191-74C2-473D-8B56-33CAA7BD57C2}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{BCDAC286-4EED-4083-BAED-8F8B6235313F}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{90B1C7D3-0EEA-40FF-8A3E-D927D598357F}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{98223CC5-8A63-4B9A-8C4F-7B2491DE9EFB}] => (Allow) C:\Program Files\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe
FirewallRules: [{4F535D31-0A4A-4DF2-8BDD-7D7BF8E2E2C5}] => (Allow) C:\Program Files\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe
FirewallRules: [UDP Query User{C0F271AE-7D82-44A9-BC4E-623AC9A89C0F}C:\program files\tencent\qqintl\bin\qq.exe] => (Allow) C:\program files\tencent\qqintl\bin\qq.exe
FirewallRules: [TCP Query User{1D0304CA-616B-4FBF-A134-B851653CEBFE}C:\program files\tencent\qqintl\bin\qq.exe] => (Allow) C:\program files\tencent\qqintl\bin\qq.exe
FirewallRules: [{0720D1C5-B975-4CE4-9D41-07E43A2B9D74}] => (Allow) C:\Program Files\Common Files\Tencent\QQDownload\119\Tencentdl.exe
FirewallRules: [{08E9010C-F86D-43AA-9A29-9355EE8AE307}] => (Allow) C:\Program Files\Common Files\Tencent\QQDownload\119\Tencentdl.exe
FirewallRules: [{6EF40A6D-7114-4EB9-B76D-E4092F7504C8}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{29958CDE-889A-4C49-BCB7-5F700ABB6D46}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{28FA090E-A1E3-4B41-B9E9-B718AD10C79C}] => (Allow) C:\Program Files\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{B894C000-A397-4C0A-BF8B-7A0D0FD93DA6}] => (Allow) C:\Program Files\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{485E2369-CDD4-4968-A5A3-8BF42A2AEFFE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{9D1704ED-BE27-4D72-8C0E-7EFD2029B53A}] => (Allow) C:\Program Files\Epson Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{672B7E15-C1EE-486D-A18B-1D88C2470092}] => (Allow) C:\Program Files\Epson Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{7E509AD1-287C-4EA4-8E20-180944311CEB}] => (Allow) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{9D9DC8E6-AEEB-45AF-8FC5-3DFE180EA265}] => (Allow) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{4E25D963-A668-4519-ABB4-8C5C29081750}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [UDP Query User{0C2C5D70-AD8D-483D-B35D-3A0674BC210B}C:\program files\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [TCP Query User{EF6AE64A-D276-4520-84AF-8AFAAD251A7F}C:\program files\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [UDP Query User{BEDA9382-E27B-4CD1-8CFF-FC7606D4C9CF}C:\windows\system32\dwm.exe] => (Allow) C:\windows\system32\dwm.exe
FirewallRules: [TCP Query User{97D0EF9B-9E69-4439-916B-BCDAD41A459F}C:\windows\system32\dwm.exe] => (Allow) C:\windows\system32\dwm.exe
FirewallRules: [UDP Query User{8955A679-E9E6-4441-B1D3-10CDC779B372}C:\users\mj\desktop\locales\printer drivers\lbp3010_3018_3050_r150_v110_w32_uk_en_1\setup.exe] => (Allow) C:\users\mj\desktop\locales\printer drivers\lbp3010_3018_3050_r150_v110_w32_uk_en_1\setup.exe
FirewallRules: [TCP Query User{D51D925E-5889-4AFD-99A5-92DBFAEA40C0}C:\users\mj\desktop\locales\printer drivers\lbp3010_3018_3050_r150_v110_w32_uk_en_1\setup.exe] => (Allow) C:\users\mj\desktop\locales\printer drivers\lbp3010_3018_3050_r150_v110_w32_uk_en_1\setup.exe
FirewallRules: [{FFE0B238-9244-4963-85EB-4BDBB6A3B66A}] => (Allow) C:\Users\MJ\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{C3D98502-D7C9-472B-9412-62C1B79D36D0}] => (Allow) C:\Users\MJ\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{681C3CB7-AAEC-4A28-A853-644EE2823A31}] => (Allow) C:\Users\MJ\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{A76FF20F-A3C3-428E-A555-90C0D133811C}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{FE97ACA5-FD48-4D14-B28B-7BFF3CB93906}] => (Allow) C:\Users\MJ\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{88D407E3-020A-497D-9E9C-494A80C37679}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D7D52D97-3425-4C7E-A5DD-9E3668CC3698}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BB8B1FF6-CC6D-4F58-A9DA-BAED5ECF436A}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{81BCE683-3811-4DE5-A32E-30B9E0237B0C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{1CA11E59-BB81-476B-AF1E-D32C9DE108FC}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{500B720C-50FC-465B-A17D-D0DE7303ED91}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BF294677-BFC9-4D53-A948-F173A560DB85}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{65D0AAE3-52C1-4EE9-9AC6-9A1DB7F6C981}C:\program files\teamviewer\teamviewer.exe] => (Allow) C:\program files\teamviewer\teamviewer.exe
FirewallRules: [UDP Query User{FC479AC3-2439-4E42-956F-5C983F0D1191}C:\program files\teamviewer\teamviewer.exe] => (Allow) C:\program files\teamviewer\teamviewer.exe
FirewallRules: [{959B83BA-6AAC-4CE8-BDD5-A7E496B7FDC2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E903CCC4-D4D6-4C49-9C80-4314FF3D029F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C205D6A7-87C9-4CD8-8F63-EDE033542EF3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{73AB6923-E1BB-40FD-B307-A2EC977C5E34}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D0D68881-7B03-4895-8CAD-623C46B48D67}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{4CA6CF17-38FB-4BFD-B67B-E083078CF7BF}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{7CCF2C7B-9EFE-414A-A14F-E0891C8B25E0}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{C5312C88-8A78-4E3A-8841-5F568E25B7BC}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{015E98E9-28BA-4C3F-9025-EEBDF8EF4306}] => (Allow) C:\Sleek Bill\libj\launch4j-tmp\Sleek Bill.exe
FirewallRules: [{8FD2B791-7EE7-42BE-B896-FDD1F81B0790}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{C1FE3782-69BE-4BD1-8052-B3A43FF74BFA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{D0596D8A-B657-4985-9E4D-2BA75BDEBDAE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{EC69D9B4-46D2-4685-89F5-9DC6A2EE1684}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{A0FDA569-1E4D-4BF9-B051-8DA165D31590}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [UDP Query User{8CACEDC6-5C6E-4047-964E-0D662137E469}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [{B356BBA8-1A07-4D9F-8592-A84B7DA69127}] => (Allow) C:\Program Files\SAMSUNG\Easy Document Creator\EDC.exe
FirewallRules: [{F662E6F6-31EA-4324-916D-A3B25268F404}] => (Allow) C:\Program Files\SAMSUNG\Easy Document Creator\EDC.exe
FirewallRules: [{C5C98BE0-858D-47EC-B09F-AFF1C7EF43A5}] => (Block) %ProgramFiles%\Wondershare\MobileGo\MobileGo.exe
FirewallRules: [{7A597F2B-30F1-4BAE-84E2-022D0273A9B4}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{D9BF4532-A31B-429D-A157-78A10504605F}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================

07-04-2017 14:14:37 Scheduled Checkpoint
12-04-2017 14:19:50 Windows Update
14-04-2017 13:45:17 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/20/2017 10:27:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MJ-PC)
Description: Activation of app Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (04/20/2017 10:26:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MJ-PC)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (04/20/2017 10:19:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: sched.exe, version: 15.0.24.143, time stamp: 0x58385be1
Faulting module name: KERNELBASE.dll, version: 10.0.14393.1066, time stamp: 0x58d9f083
Exception code: 0xc06d007f
Fault offset: 0x000c2482
Faulting process id: 0x2a40
Faulting application start time: 0x01d2b991792b4580
Faulting application path: C:\Program Files\Avira\Antivirus\sched.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 4a7374f6-41af-4fac-8948-695893d6abc9
Faulting package full name: 
Faulting package-relative application ID:

Error: (04/20/2017 10:19:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: sched.exe, version: 15.0.24.143, time stamp: 0x58385be1
Faulting module name: KERNELBASE.dll, version: 10.0.14393.1066, time stamp: 0x58d9f083
Exception code: 0xc06d007f
Fault offset: 0x000c2482
Faulting process id: 0x2944
Faulting application start time: 0x01d2b991775aca26
Faulting application path: C:\Program Files\Avira\Antivirus\sched.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: e791b5ad-9149-46f1-9435-bcf285203f77
Faulting package full name: 
Faulting package-relative application ID:

Error: (04/20/2017 10:17:45 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MJ-PC)
Description: Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (04/20/2017 10:15:27 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MJ-PC)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (04/20/2017 10:15:27 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MJ-PC)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (04/20/2017 10:15:27 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MJ-PC)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (04/20/2017 10:13:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: avguard.exe, version: 15.0.25.170, time stamp: 0x58c8088c
Faulting module name: avipc.dll, version: 15.0.25.161, time stamp: 0x58b98873
Exception code: 0xc0000409
Fault offset: 0x0000bac0
Faulting process id: 0x3c8
Faulting application start time: 0x01d2b990932e1215
Faulting application path: C:\Program Files\Avira\Antivirus\avguard.exe
Faulting module path: c:\program files\avira\antivirus\avipc.dll
Report Id: b3fa7a60-b893-46a5-8e1b-3e8bf1b018ec
Faulting package full name: 
Faulting package-relative application ID:

Error: (04/20/2017 10:12:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: avguard.exe, version: 15.0.25.170, time stamp: 0x58c8088c
Faulting module name: avipc.dll, version: 15.0.25.161, time stamp: 0x58b98873
Exception code: 0xc0000409
Fault offset: 0x0000bac0
Faulting process id: 0x1310
Faulting application start time: 0x01d2b990877bc24c
Faulting application path: C:\Program Files\Avira\Antivirus\avguard.exe
Faulting module path: c:\program files\avira\antivirus\avipc.dll
Report Id: 3595f7cd-318d-4787-aaf0-858307aa0c0c
Faulting package full name: 
Faulting package-relative application ID:


System errors:
=============
Error: (04/20/2017 10:27:33 AM) (Source: DCOM) (EventID: 10010) (User: MJ-PC)
Description: The server Microsoft.MicrosoftOfficeHub.AppXrqs94aemecwbtd1veqtvyn34m9ks80g7.mca did not register with DCOM within the required timeout.

Error: (04/20/2017 10:27:17 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {B91D5831-B1BD-4608-8198-D72E155020F7} did not register with DCOM within the required timeout.

Error: (04/20/2017 10:25:17 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {B91D5831-B1BD-4608-8198-D72E155020F7} did not register with DCOM within the required timeout.

Error: (04/20/2017 10:23:17 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {B91D5831-B1BD-4608-8198-D72E155020F7} did not register with DCOM within the required timeout.

Error: (04/20/2017 10:21:17 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {B91D5831-B1BD-4608-8198-D72E155020F7} did not register with DCOM within the required timeout.

Error: (04/20/2017 10:19:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Avira Scheduler service terminated unexpectedly.  It has done this 3 time(s).

Error: (04/20/2017 10:19:20 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avira Scheduler service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (04/20/2017 10:19:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avira Scheduler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (04/20/2017 10:18:07 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.

Error: (04/20/2017 10:18:04 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {3185A766-B338-11E4-A71E-12E3F512A338} did not register with DCOM within the required timeout.


CodeIntegrity:
===================================
  Date: 2017-04-14 13:46:51.669
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-14 13:46:51.667
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-14 13:46:51.386
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-14 13:46:51.358
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-01 11:24:10.080
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-01 11:24:10.020
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-25 11:06:56.247
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-01-25 11:06:56.069
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 78%
Total physical RAM: 2997.85 MB
Available physical RAM: 634.35 MB
Total Virtual: 6161.85 MB
Available Virtual: 3001.97 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.17 GB) (Free:22.42 GB) NTFS
Drive e: () (Fixed) (Total:223.01 GB) (Free:177.82 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 000D4BD7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=74.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=829 MB) - (Type=27)
Partition 4: (Not Active) - (Size=223 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Share this post


Link to post
Share on other sites

Post #: 12   Posted

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

fixlist.txt

Share this post


Link to post
Share on other sites

Post #: 13   Posted

Fix result of Farbar Recovery Scan Tool (x86) Version: 23-04-2017 01
Ran by MJ (24-04-2017 10:48:57) Run:2
Running from E:\MJ1\Systems & Mobile Softwares\System Softwares\AV Tools\AV Tools
Loaded Profiles: MJ (Available Profiles: MJ & .NET v4.5 & DefaultAppPool & .NET v4.5 Classic)
Boot Mode: Normal

==============================================

fixlist content:
*****************
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\MountPoints2: {54762659-7f04-11e6-9500-9cb70dbb8b7e} - "F:\AutoRun.exe" 
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\...\MountPoints2: {5a4a1736-15a4-11e6-9499-9cb70dbb8b7e} - "F:\AutoRun.exe" 
GroupPolicy: Restriction ? <======= ATTENTION
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll => No File
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll No File
S3 dbx; system32\DRIVERS\dbx.sys [X] 
2016-02-01 12:27 - 2016-02-01 12:27 - 0000006 ____S () C:\ProgramData\4ad31ab5f189ff4c9184cbc5cb3ef7bbc77e1818 
2017-04-10 17:26 - 2016-11-11 13:29 - 1586736 _____ (Microsoft Corporation) C:\Users\MJ\AppData\Local\Temp\dllnt_dump.dll 
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InprocServer32 -> 0x973B43899186D201B5644E899186D201010000000E00000000000000 => No File
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocServer32 -> no filepath 
Task: {FB986840-25CB-42B6-A614-6E3F065BB1E6} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION

*****************

HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{54762659-7f04-11e6-9500-9cb70dbb8b7e} => key removed successfully.
HKCR\CLSID\{54762659-7f04-11e6-9500-9cb70dbb8b7e} => key not found. 
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a4a1736-15a4-11e6-9499-9cb70dbb8b7e} => key removed successfully.
HKCR\CLSID\{5a4a1736-15a4-11e6-9499-9cb70dbb8b7e} => key not found. 
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} => key removed successfully.
HKCR\CLSID\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} => key not found. 
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} => value removed successfully.
HKCR\CLSID\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} => key not found. 
HKLM\System\CurrentControlSet\Services\dbx => key removed successfully.
dbx => service removed successfully.
C:\ProgramData\4ad31ab5f189ff4c9184cbc5cb3ef7bbc77e1818 => moved successfully
C:\Users\MJ\AppData\Local\Temp\dllnt_dump.dll => moved successfully
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{0000002F-0000-0000-C000-000000000046} => key removed successfully.
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046} => key removed successfully.
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046} => key removed successfully.
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046} => key removed successfully.
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046} => key removed successfully.
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046} => key removed successfully.
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046} => key removed successfully.
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{0002E005-0000-0000-C000-000000000046} => key removed successfully.
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851} => key removed successfully.
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851} => key removed successfully.
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4} => key removed successfully.
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817} => key removed successfully.
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07} => key removed successfully.
HKU\S-1-5-21-2807340434-1949843575-1337704626-1000_Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FB986840-25CB-42B6-A614-6E3F065BB1E6} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB986840-25CB-42B6-A614-6E3F065BB1E6} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => key removed successfully.


The system needed a reboot.

==== End of Fixlog 10:49:03 ====

Share this post


Link to post
Share on other sites

Post #: 14   Posted

Don't know whether it's connected or not but of late I had been facing issues with AVIRA AV also. Its real time protection service isn't working and when I try to restart the same manually, I get this error (Pls refer to the image attached)

Secondly it would be nice if somehow I can avoid detection and classification of Tencent QQ International software as PUP.

 

Avira Error.jpg

Share this post


Link to post
Share on other sites

Post #: 15   Posted

I suggest you reinstall Avira.

As for Tencent every AV program should allow putting it into exceptions. Just Google how to do it.

Last scans...

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
Make sure the following options are checked:

  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
  • Other Services



Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.


p22002970.gif Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.




p22002970.gif Download Sophos Free Virus Removal Tool and save it to your desktop.

  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program

 

Share this post


Link to post
Share on other sites

Post #: 16   Posted

 Results of screen317's Security Check version 1.014 --- 12/23/15  
   x86 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Secunia PSI (3.0.0.11003)   
 PatchCleaner     
 Java 8 Update 131  
 Java version 32-bit out of Date! 
 Adobe Flash Player     25.0.0.156  
 Mozilla Firefox (53.0) 
 Google Chrome (58.0.3029.81) 
 Google Chrome (SetupMetrics...) 
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Avira Antivir avgnt.exe 
 Malwarebytes Anti-Malware mbamtray.exe  
 Windows Defender MSASCuiL.exe   
 Windows Defender MpCmdRun.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C::  
````````````````````End of Log`````````````````````` 
 

Share this post


Link to post
Share on other sites

Post #: 17   Posted

Farbar Service Scanner Version: 27-01-2016
Ran by MJ (administrator) on 28-04-2017 at 10:59:16
Running from "E:\Software\Systems & Mobile Softwares\System Softwares\AV Tools\AV Tools"
Microsoft Windows 10 Pro  (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Policy: 
========================


Security Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\WINDOWS\system32\nsisvc.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\nsiproxy.sys => File is digitally signed
C:\WINDOWS\system32\Drivers\afd.sys => File is digitally signed
C:\WINDOWS\system32\Drivers\tdx.sys => File is digitally signed
C:\WINDOWS\system32\Drivers\tcpip.sys => File is digitally signed
C:\WINDOWS\system32\dnsrslvr.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\mpssvc.dll => File is digitally signed
C:\WINDOWS\system32\bfe.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\mpsdrv.sys => File is digitally signed
C:\WINDOWS\system32\SDRSVC.dll => File is digitally signed
C:\WINDOWS\system32\vssvc.exe => File is digitally signed
C:\WINDOWS\system32\wscsvc.dll => File is digitally signed
C:\WINDOWS\system32\wbem\WMIsvc.dll => File is digitally signed
C:\WINDOWS\system32\wuaueng.dll => File is digitally signed
C:\WINDOWS\system32\qmgr.dll => File is digitally signed
C:\WINDOWS\system32\es.dll => File is digitally signed
C:\WINDOWS\system32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\WINDOWS\system32\ipnathlp.dll => File is digitally signed
C:\WINDOWS\system32\iphlpsvc.dll => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed


**** End of log ****

Share this post


Link to post
Share on other sites

Post #: 18   Posted

2015-10-19 11:40:16.592    Sophos Virus Removal Tool version 2.5.4
2015-10-19 11:40:16.592    Copyright (c) 2009-2014 Sophos Limited. All rights reserved.

2015-10-19 11:40:16.592    This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2015-10-19 11:40:16.592    Windows version 6.2 SP 0.0  build 9200 SM=0x100 PT=0x1 Win32
2015-10-19 11:40:16.592    Checking for updates...
2015-10-19 11:40:16.670    Update progress: proxy server not available
2015-10-19 11:40:36.095    Option all = no
2015-10-19 11:40:36.095    Option recurse = yes
2015-10-19 11:40:36.095    Option archive = no
2015-10-19 11:40:36.095    Option service = yes
2015-10-19 11:40:36.095    Option confirm = yes
2015-10-19 11:40:36.095    Option sxl = yes
2015-10-19 11:40:36.095    Option max-data-age = 35
2015-10-19 11:40:36.095    Option EnableSafeClean = yes
2015-10-19 11:40:39.252    Option vdl-logging = yes
2015-10-19 11:40:39.720    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2015-10-19 11:40:39.720    Machine ID:    66ae1ac8ee034ddca6bb1da2c5bd4e66
2015-10-19 11:40:39.767    Component SVRTcli.exe version 2.5.4
2015-10-19 11:40:39.767    Component control.dll version 2.5.4
2015-10-19 11:40:39.767    Component SVRTservice.exe version 2.5.4
2015-10-19 11:40:39.767    Component engine\osdp.dll version 1.44.1.2230
2015-10-19 11:40:39.767    Component engine\veex.dll version 3.63.0.2230
2015-10-19 11:40:39.767    Component engine\savi.dll version 9.0.0.2230
2015-10-19 11:40:39.767    Component rkdisk.dll version 1.5.30.0
2015-10-19 11:40:39.783    Version info:    Product version    2.5.4
2015-10-19 11:40:39.783    Version info:    Detection engine    3.63.0
2015-10-19 11:40:39.783    Version info:    Detection data    5.20
2015-10-19 11:40:39.783    Version info:    Build date    10/13/2015
2015-10-19 11:40:39.783    Version info:    Data files added    164
2015-10-19 11:40:39.783    Version info:    Last successful update    (not yet updated)
2015-10-19 11:44:05.807    Downloading updates...
2015-10-19 11:44:06.057    Update progress: [I96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0 
2015-10-19 11:44:06.057    Update progress: [E59264] Cannot locate server for http://dci.sophosupd.com/update/c/c3/cc32112845c9c4674772491f0fd2eb0b.xml
2015-10-19 11:44:06.057    Update progress: [I96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0 
2015-10-19 11:44:06.057    Update progress: [I49502] Found supplement SAVIW32 LATEST 
2015-10-19 11:44:06.057    Update progress: [I49502] Found supplement IDE521 LATEST 
2015-10-19 11:44:06.057    Update progress: [I49502] Found supplement IDE522 LATEST 
2015-10-19 11:44:06.057    Update progress: [I49502] Found supplement IDE523 LATEST 
2015-10-19 11:44:06.057    Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 1
2015-10-19 11:44:06.057    Update progress: [I19463] Syncing product SAVIW32 61
2015-10-19 11:44:16.903    Update progress: [I19463] Syncing product IDE521 142
2015-10-19 11:44:17.982    Update progress: [I19463] Syncing product IDE522 25
2015-10-19 11:44:18.607    Installing updates...
2015-10-19 11:44:20.660    Error level 1
2015-10-19 11:44:20.816    Update progress: [I19463] Syncing product IDE523 1
2015-10-19 11:44:33.897    Update successful
2015-10-19 11:45:03.472    Option all = no
2015-10-19 11:45:03.472    Option recurse = yes
2015-10-19 11:45:03.472    Option archive = no
2015-10-19 11:45:03.472    Option service = yes
2015-10-19 11:45:03.472    Option confirm = yes
2015-10-19 11:45:03.472    Option sxl = yes
2015-10-19 11:45:03.472    Option max-data-age = 35
2015-10-19 11:45:03.472    Option EnableSafeClean = yes
2015-10-19 11:45:04.393    Option vdl-logging = yes
2015-10-19 11:45:04.409    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2015-10-19 11:45:04.409    Machine ID:    66ae1ac8ee034ddca6bb1da2c5bd4e66
2015-10-19 11:45:04.409    Component SVRTcli.exe version 2.5.4
2015-10-19 11:45:04.409    Component control.dll version 2.5.4
2015-10-19 11:45:04.409    Component SVRTservice.exe version 2.5.4
2015-10-19 11:45:04.409    Component engine\osdp.dll version 1.44.1.2230
2015-10-19 11:45:04.409    Component engine\veex.dll version 3.63.0.2230
2015-10-19 11:45:04.409    Component engine\savi.dll version 9.0.0.2230
2015-10-19 11:45:04.409    Component rkdisk.dll version 1.5.30.0
2015-10-19 11:45:04.409    Version info:    Product version    2.5.4
2015-10-19 11:45:04.409    Version info:    Detection engine    3.63.0
2015-10-19 11:45:04.409    Version info:    Detection data    5.20
2015-10-19 11:45:04.409    Version info:    Build date    10/13/2015
2015-10-19 11:45:04.409    Version info:    Data files added    165
2015-10-19 11:45:04.409    Version info:    Last successful update    10/19/2015 5:14:33 PM

2015-10-19 11:47:59.035    >>> Virus 'Troj/Agent-WFN' found in file E:\MJ\MJ1\Systems & Mobile Softwares\Wondershare MobileGo (For Android-iOS) 8.0.0.5 Final Incl. Patch-MPT [ATOM]\Patch-MPT1\wondershare.mobilego-MPT.exe
2015-10-19 11:48:13.939    >>> Virus 'Troj/Agent-WFN' found in file E:\MJ\MJ1\Systems & Mobile Softwares\Wondershare MobileGo (For Android-iOS) 8.0.0.5 Final Incl. Patch-MPT [ATOM]\wondershare.mobilego-MPT.exe
2015-10-19 11:54:21.767    SafeClean bin directory is empty.
2015-10-19 11:54:21.767    Error level 0

2015-10-19 11:54:25.330    Scan cancelled by user.
2015-10-19 11:54:25.330    

------------------------------------------------------------

2015-10-20 05:34:29.714    Sophos Virus Removal Tool version 2.5.4
2015-10-20 05:34:29.714    Copyright (c) 2009-2014 Sophos Limited. All rights reserved.

2015-10-20 05:34:29.714    This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2015-10-20 05:34:29.714    Windows version 6.2 SP 0.0  build 9200 SM=0x100 PT=0x1 Win32
2015-10-20 05:34:29.715    Checking for updates...
2015-10-20 05:34:29.822    Update progress: proxy server not available
2015-10-20 05:34:56.745    Update error: failed to read remote metadata (error 4)
Cannot locate server for http://dci.sophosupd.com/update/c/c3/cc32112845c9c4674772491f0fd2eb0b.xml
2015-10-20 05:35:08.193    Option all = no
2015-10-20 05:35:08.211    Option recurse = yes
2015-10-20 05:35:08.211    Option archive = no
2015-10-20 05:35:08.211    Option service = yes
2015-10-20 05:35:08.211    Option confirm = yes
2015-10-20 05:35:08.211    Option sxl = yes
2015-10-20 05:35:08.282    Option max-data-age = 35
2015-10-20 05:35:08.282    Option EnableSafeClean = yes
2015-10-20 05:35:14.234    Option vdl-logging = yes
2015-10-20 05:35:18.360    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2015-10-20 05:35:18.360    Machine ID:    66ae1ac8ee034ddca6bb1da2c5bd4e66
2015-10-20 05:35:18.597    Component SVRTcli.exe version 2.5.4
2015-10-20 05:35:18.597    Component control.dll version 2.5.4
2015-10-20 05:35:18.645    Component SVRTservice.exe version 2.5.4
2015-10-20 05:35:18.666    Component engine\osdp.dll version 1.44.1.2230
2015-10-20 05:35:18.704    Component engine\veex.dll version 3.63.0.2230
2015-10-20 05:35:18.724    Component engine\savi.dll version 9.0.0.2230
2015-10-20 05:35:18.806    Component rkdisk.dll version 1.5.30.0
2015-10-20 05:35:18.826    Version info:    Product version    2.5.4
2015-10-20 05:35:18.847    Version info:    Detection engine    3.63.0
2015-10-20 05:35:18.847    Version info:    Detection data    5.20
2015-10-20 05:35:18.847    Version info:    Build date    10/13/2015
2015-10-20 05:35:18.847    Version info:    Data files added    165
2015-10-20 05:35:18.847    Version info:    Last successful update    10/19/2015 5:14:33 PM
2015-10-20 05:35:34.308    Error level 1

2015-10-20 05:35:34.353    Scan completed.
2015-10-20 05:35:34.353    

------------------------------------------------------------

2015-10-20 05:36:31.753    Sophos Virus Removal Tool version 2.5.4
2015-10-20 05:36:31.753    Copyright (c) 2009-2014 Sophos Limited. All rights reserved.

2015-10-20 05:36:31.753    This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2015-10-20 05:36:31.753    Windows version 6.2 SP 0.0  build 9200 SM=0x100 PT=0x1 Win32
2015-10-20 05:36:31.763    Checking for updates...
2015-10-20 05:36:31.787    Update progress: proxy server not available
2015-10-20 05:37:17.466    Option all = no
2015-10-20 05:37:17.466    Option recurse = yes
2015-10-20 05:37:17.466    Option archive = no
2015-10-20 05:37:17.467    Option service = yes
2015-10-20 05:37:17.467    Option confirm = yes
2015-10-20 05:37:17.467    Option sxl = yes
2015-10-20 05:37:17.470    Option max-data-age = 35
2015-10-20 05:37:17.470    Option EnableSafeClean = yes
2015-10-20 05:37:22.651    Option vdl-logging = yes
2015-10-20 05:37:25.107    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2015-10-20 05:37:25.107    Machine ID:    66ae1ac8ee034ddca6bb1da2c5bd4e66
2015-10-20 05:37:25.258    Component SVRTcli.exe version 2.5.4
2015-10-20 05:37:25.258    Component control.dll version 2.5.4
2015-10-20 05:37:25.284    Component SVRTservice.exe version 2.5.4
2015-10-20 05:37:25.360    Component engine\osdp.dll version 1.44.1.2230
2015-10-20 05:37:25.465    Component engine\veex.dll version 3.63.0.2230
2015-10-20 05:37:25.552    Component engine\savi.dll version 9.0.0.2230
2015-10-20 05:37:25.642    Component rkdisk.dll version 1.5.30.0
2015-10-20 05:37:25.676    Version info:    Product version    2.5.4
2015-10-20 05:37:25.676    Version info:    Detection engine    3.63.0
2015-10-20 05:37:25.676    Version info:    Detection data    5.20
2015-10-20 05:37:25.676    Version info:    Build date    10/13/2015
2015-10-20 05:37:25.676    Version info:    Data files added    165
2015-10-20 05:37:25.676    Version info:    Last successful update    10/19/2015 5:14:33 PM
2015-10-20 05:37:46.749    Downloading updates...
2015-10-20 05:37:46.847    Update progress: [I96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0 
2015-10-20 05:37:46.847    Update progress: [I49502] Found supplement SAVIW32 LATEST 
2015-10-20 05:37:46.847    Update progress: [I49502] Found supplement IDE521 LATEST 
2015-10-20 05:37:46.847    Update progress: [I49502] Found supplement IDE522 LATEST 
2015-10-20 05:37:46.847    Update progress: [I49502] Found supplement IDE523 LATEST 
2015-10-20 05:37:46.847    Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 1
2015-10-20 05:37:46.847    Update progress: [I19463] Syncing product SAVIW32 61
2015-10-20 05:37:46.847    Update progress: [I19463] Syncing product IDE521 142
2015-10-20 05:37:52.450    Update progress: [I19463] Syncing product IDE522 30
2015-10-20 05:38:10.313    Installing updates...
2015-10-20 05:38:25.148    Error level 1
2015-10-20 05:38:41.646    Update progress: [I19463] Syncing product IDE523 1
2015-10-20 05:38:42.126    Update successful
2015-10-20 05:39:30.794    Option all = no
2015-10-20 05:39:30.795    Option recurse = yes
2015-10-20 05:39:30.795    Option archive = no
2015-10-20 05:39:30.795    Option service = yes
2015-10-20 05:39:30.795    Option confirm = yes
2015-10-20 05:39:30.795    Option sxl = yes
2015-10-20 05:39:30.799    Option max-data-age = 35
2015-10-20 05:39:30.799    Option EnableSafeClean = yes
2015-10-20 05:39:32.973    Option vdl-logging = yes
2015-10-20 05:39:34.394    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2015-10-20 05:39:34.395    Machine ID:    66ae1ac8ee034ddca6bb1da2c5bd4e66
2015-10-20 05:39:34.542    Component SVRTcli.exe version 2.5.4
2015-10-20 05:39:34.542    Component control.dll version 2.5.4
2015-10-20 05:39:34.542    Component SVRTservice.exe version 2.5.4
2015-10-20 05:39:34.543    Component engine\osdp.dll version 1.44.1.2230
2015-10-20 05:39:34.543    Component engine\veex.dll version 3.63.0.2230
2015-10-20 05:39:34.543    Component engine\savi.dll version 9.0.0.2230
2015-10-20 05:39:34.623    Component rkdisk.dll version 1.5.30.0
2015-10-20 05:39:34.623    Version info:    Product version    2.5.4
2015-10-20 05:39:34.624    Version info:    Detection engine    3.63.0
2015-10-20 05:39:34.624    Version info:    Detection data    5.20
2015-10-20 05:39:34.624    Version info:    Build date    10/13/2015
2015-10-20 05:39:34.624    Version info:    Data files added    170
2015-10-20 05:39:34.624    Version info:    Last successful update    10/20/2015 11:08:42 AM

2015-10-20 07:28:41.456    Could not open C:\hiberfil.sys
2015-10-20 07:28:47.682    Could not open C:\pagefile.sys
2015-10-20 07:57:52.578    Could not check C:\ProgramData\Microsoft\MapData\diskcache\BundleStore\lockfile (virus scan failed)
2015-10-20 07:59:08.893    Could not open C:\swapfile.sys
2015-10-20 08:00:31.560    Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-10-20 08:00:31.607    Could not open C:\System Volume Information\{5fe8c6aa-731f-11e5-93f9-9cb70dbb8b7e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-10-20 08:00:31.607    Could not open C:\System Volume Information\{a4428b5d-73ba-11e5-93f9-9cb70dbb8b7e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-10-20 08:06:54.720    Could not open C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Current Session
2015-10-20 08:06:54.720    Could not open C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
2015-10-20 08:06:55.126    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOCK (virus scan failed)
2015-10-20 08:06:55.595    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOCK (virus scan failed)
2015-10-20 08:07:18.209    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\GCM Store\LOCK (virus scan failed)
2015-10-20 08:07:25.165    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_web.whatsapp.com_0.indexeddb.leveldb\LOCK (virus scan failed)
2015-10-20 08:07:25.915    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cfhdojbkjhnklbpkdaibdccddilifddb\LOCK (virus scan failed)
2015-10-20 08:07:26.212    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnaibnehbbinoohhjafknihmlopdhhip\LOCK (virus scan failed)
2015-10-20 08:07:26.525    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ocpljaamllnldhepankaeljmeeeghnid\LOCK (virus scan failed)
2015-10-20 08:07:26.571    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pafkbggdmjlpgkdkcbjmhmfcdpncadgh\LOCK (virus scan failed)
2015-10-20 08:07:28.744    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Managed Extension Settings\cfhdojbkjhnklbpkdaibdccddilifddb\LOCK (virus scan failed)
2015-10-20 08:07:32.463    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOCK (virus scan failed)
2015-10-20 08:07:32.682    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOCK (virus scan failed)
2015-10-20 08:07:33.073    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\cnaibnehbbinoohhjafknihmlopdhhip\LOCK (virus scan failed)
2015-10-20 08:07:33.135    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\gmbmikajjgmnabiglmofipeabaddhgne\LOCK (virus scan failed)
2015-10-20 08:07:33.213    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ndnaehgpjlnokgebbaldlmgkapkpjkkb\LOCK (virus scan failed)
2015-10-20 09:04:27.552    Could not check C:\Users\MJ\OneDrive\AV SYSTEMS\Daily Working Files\Company Profile\AV SYSTEMS COMPANY PROFILE.pps (corrupt)
2015-10-20 09:04:27.568    Could not check C:\Users\MJ\OneDrive\AV SYSTEMS\Daily Working Files\Company Profile\AV SYSTEMS COMPANY PROFILE.pps (corrupt)
2015-10-20 09:04:34.937    Could not check C:\Users\MJ\OneDrive\AV SYSTEMS\Daily Working Files\Company Profile\EPIL_25_06_15.ppt (corrupt)
2015-10-20 09:04:34.937    Could not check C:\Users\MJ\OneDrive\AV SYSTEMS\Daily Working Files\Company Profile\EPIL_25_06_15.ppt (corrupt)
2015-10-20 09:04:36.846    Could not check C:\Users\MJ\OneDrive\AV SYSTEMS\Daily Working Files\Company Profile\Profile\EPIL_25_06_15.ppt (corrupt)
2015-10-20 09:04:36.846    Could not check C:\Users\MJ\OneDrive\AV SYSTEMS\Daily Working Files\Company Profile\Profile\EPIL_25_06_15.ppt (corrupt)
2015-10-20 09:05:55.034    Could not check C:\Users\MJ\OneDrive\MJ Personal\mj\11\1\Excel Backup\01-04-2015\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2015-10-20 09:06:24.336    Could not check C:\Users\MJ\OneDrive\MJ Personal\mj\11\1\Excel Backup\01.06.15\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2015-10-20 09:06:45.388    Could not check C:\Users\MJ\OneDrive\MJ Personal\mj\11\1\Excel Backup\09.05.15\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2015-10-20 09:07:25.628    Could not check C:\Users\MJ\OneDrive\MJ Personal\mj\11\1\Excel Backup\10.01.15\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2015-10-20 09:07:57.849    Could not check C:\Users\MJ\OneDrive\MJ Personal\mj\11\1\Excel Backup\10.02.15\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2015-10-20 09:09:31.218    Could not check C:\Users\MJ\OneDrive\MJ Personal\mj\11\1\Excel Backup\10.04.15\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2015-10-20 09:09:58.085    Could not check C:\Users\MJ\OneDrive\MJ Personal\mj\11\1\Excel Backup\12.05.15\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2015-10-20 09:11:09.532    Could not check C:\Users\MJ\OneDrive\MJ Personal\mj\11\Excel Backup\15.01.15\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2015-10-20 09:14:37.629    Could not check C:\Users\MJ\OneDrive\MJ Personal\mj\Excel Backup\15.01.15\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2015-10-20 10:01:27.182    Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2015-10-20 10:01:27.208    Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2015-10-20 10:01:56.269    Could not open C:\Windows\System32\config\BBI
2015-10-20 10:01:58.745    Could not open C:\Windows\System32\config\RegBack\DEFAULT
2015-10-20 10:01:58.812    Could not open C:\Windows\System32\config\RegBack\SAM
2015-10-20 10:01:58.838    Could not open C:\Windows\System32\config\RegBack\SECURITY
2015-10-20 10:01:58.860    Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2015-10-20 10:01:58.881    Could not open C:\Windows\System32\config\RegBack\SYSTEM
2015-10-20 11:23:22.107    Could not open E:\System Volume Information\{2ec535fd-6278-11e5-93de-9cb70dbb8b7e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-10-20 11:23:22.131    Could not open E:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-10-20 11:23:22.131    Could not open E:\System Volume Information\{47c5d23d-61cf-11e5-93dd-9cb70dbb8b7e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-10-20 11:23:22.131    Could not open E:\System Volume Information\{5fe8c6a9-731f-11e5-93f9-9cb70dbb8b7e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-10-20 11:23:22.131    Could not open E:\System Volume Information\{857dc88c-69a1-11e5-93ee-9cb70dbb8b7e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-10-20 11:23:22.132    Could not open E:\System Volume Information\{898fe2b0-72fb-11e5-93f7-9cb70dbb8b7e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-10-20 11:23:22.132    Could not open E:\System Volume Information\{a4428b5c-73ba-11e5-93f9-9cb70dbb8b7e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-10-20 11:23:25.899    SafeClean bin directory is empty.
2015-10-20 11:23:51.710    Error level 0

2015-10-20 12:01:47.159    Scan completed.
2015-10-20 12:01:47.159    

------------------------------------------------------------

2016-01-26 15:23:43.095    Sophos Virus Removal Tool version 2.5.4
2016-01-26 15:23:43.095    Copyright (c) 2009-2014 Sophos Limited. All rights reserved.

2016-01-26 15:23:43.111    This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2016-01-26 15:23:43.111    Windows version 6.2 SP 0.0  build 9200 SM=0x100 PT=0x1 Win32
2016-01-26 15:23:56.877    Removed SafeClean bin directory.


2016-01-26 15:23:56.877    Scan completed.
2016-01-26 15:23:56.877    

------------------------------------------------------------

2016-01-30 08:01:25.029    Sophos Virus Removal Tool version 2.5.5
2016-01-30 08:01:25.029    Copyright (c) 2009-2014 Sophos Limited. All rights reserved.

2016-01-30 08:01:25.029    This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2016-01-30 08:01:25.029    Windows version 6.2 SP 0.0  build 9200 SM=0x100 PT=0x1 Win32
2016-01-30 08:01:25.030    Checking for updates...
2016-01-30 08:01:26.175    Update progress: proxy server not available
2016-01-30 08:01:51.742    Update error: failed to read remote metadata (error 4)
Cannot locate server for http://dci.sophosupd.com/update/0/cd/0cd24a0509317a7cfc42a2dae160e136.xml
2016-01-30 08:08:34.477    Option all = no
2016-01-30 08:08:34.559    Option recurse = yes
2016-01-30 08:08:34.559    Option archive = no
2016-01-30 08:08:34.559    Option service = yes
2016-01-30 08:08:34.559    Option confirm = yes
2016-01-30 08:08:34.559    Option sxl = yes
2016-01-30 08:08:34.570    Option max-data-age = 35
2016-01-30 08:08:34.570    Option EnableSafeClean = yes
2016-01-30 08:09:06.341    Option vdl-logging = yes
2016-01-30 08:09:10.051    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2016-01-30 08:09:10.051    Machine ID:    225b5d34ef444a8e88d57c0ce1b0e47e
2016-01-30 08:09:15.885    Component SVRTcli.exe version 2.5.5
2016-01-30 08:09:15.886    Component control.dll version 2.5.5
2016-01-30 08:09:15.916    Component SVRTservice.exe version 2.5.5
2016-01-30 08:09:15.955    Component engine\osdp.dll version 1.44.1.2230
2016-01-30 08:09:16.024    Component engine\veex.dll version 3.63.0.2230
2016-01-30 08:09:16.069    Component engine\savi.dll version 9.0.0.2230
2016-01-30 08:09:16.887    Component rkdisk.dll version 1.5.30.0
2016-01-30 08:09:16.888    Version info:    Product version    2.5.5
2016-01-30 08:09:16.890    Version info:    Detection engine    3.63.0
2016-01-30 08:09:16.890    Version info:    Detection data    5.22
2016-01-30 08:09:16.890    Version info:    Build date    12/8/2015
2016-01-30 08:09:16.890    Version info:    Data files added    367
2016-01-30 08:09:16.890    Version info:    Last successful update    (not yet updated)

2016-02-01 06:12:07.132    Could not open C:\hiberfil.sys
2016-02-01 06:12:11.235    Could not open C:\pagefile.sys
2016-02-01 06:55:26.933    Could not open C:\swapfile.sys
2016-02-01 07:00:34.898    Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2016-02-01 07:00:34.919    Could not open C:\System Volume Information\{c783e4c5-c4b8-11e5-9428-9cb70dbb8b7e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2016-02-01 07:13:09.680    Could not open C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Current Session
2016-02-01 07:13:12.498    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOCK (virus scan failed)
2016-02-01 07:13:19.610    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOCK (virus scan failed)
2016-02-01 07:17:12.866    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\File System\005\t\Paths\LOCK (virus scan failed)
2016-02-01 07:17:17.260    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOCK (virus scan failed)
2016-02-01 07:17:18.561    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\GCM Store\LOCK (virus scan failed)
2016-02-01 07:18:13.724    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cfhdojbkjhnklbpkdaibdccddilifddb\LOCK (virus scan failed)
2016-02-01 07:18:19.748    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ngpampappnmepgilojfohadhhmbhlaek\LOCK (virus scan failed)
2016-02-01 07:18:20.323    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ocpljaamllnldhepankaeljmeeeghnid\LOCK (virus scan failed)
2016-02-01 07:18:45.460    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Managed Extension Settings\cfhdojbkjhnklbpkdaibdccddilifddb\LOCK (virus scan failed)
2016-02-01 07:19:49.429    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOCK (virus scan failed)
2016-02-01 07:19:50.519    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOCK (virus scan failed)
2016-02-01 07:19:52.044    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\cnaibnehbbinoohhjafknihmlopdhhip\LOCK (virus scan failed)
2016-02-01 07:19:52.202    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\gmbmikajjgmnabiglmofipeabaddhgne\LOCK (virus scan failed)
2016-02-01 07:19:52.303    Could not check C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ndnaehgpjlnokgebbaldlmgkapkpjkkb\LOCK (virus scan failed)
2016-02-01 08:37:30.291    Could not check C:\Users\MJ\OneDrive\AV SYSTEMS\Daily Working Files\Company Profile\AV SYSTEMS COMPANY PROFILE.pps (corrupt)
2016-02-01 08:37:30.389    Could not check C:\Users\MJ\OneDrive\AV SYSTEMS\Daily Working Files\Company Profile\AV SYSTEMS COMPANY PROFILE.pps (corrupt)
2016-02-01 08:37:46.721    Could not check C:\Users\MJ\OneDrive\AV SYSTEMS\Daily Working Files\Company Profile\EPIL_25_06_15.ppt (corrupt)
2016-02-01 08:37:46.721    Could not check C:\Users\MJ\OneDrive\AV SYSTEMS\Daily Working Files\Company Profile\EPIL_25_06_15.ppt (corrupt)
2016-02-01 08:37:51.870    Could not check C:\Users\MJ\OneDrive\AV SYSTEMS\Daily Working Files\Company Profile\Profile\EPIL_25_06_15.ppt (corrupt)
2016-02-01 08:37:51.870    Could not check C:\Users\MJ\OneDrive\AV SYSTEMS\Daily Working Files\Company Profile\Profile\EPIL_25_06_15.ppt (corrupt)
2016-02-01 08:40:46.109    Could not check C:\Users\MJ\OneDrive\MJ Personal\mj\11\1\Excel Backup\01-04-2015\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2016-02-01 08:42:32.244    Could not check C:\Users\MJ\OneDrive\MJ Personal\mj\11\1\Excel Backup\01.06.15\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2016-02-01 08:43:43.403    Could not check C:\Users\MJ\OneDrive\MJ Personal\mj\11\1\Excel Backup\09.05.15\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2016-02-01 08:44:37.417    Could not check C:\Users\MJ\OneDrive\MJ Personal\mj\11\1\Excel Backup\10.01.15\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2016-02-01 08:45:52.133    Could not check C:\Users\MJ\OneDrive\MJ Personal\mj\11\1\Excel Backup\12.05.15\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2016-02-01 08:46:48.010    Could not check C:\Users\MJ\OneDrive\MJ Personal\mj\11\Excel Backup\15.01.15\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2016-02-01 09:15:14.556    Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2016-02-01 09:15:14.585    Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2016-02-01 09:15:27.338    Could not open C:\Windows\System32\config\BBI
2016-02-01 09:15:29.311    Could not open C:\Windows\System32\config\RegBack\DEFAULT
2016-02-01 09:15:29.368    Could not open C:\Windows\System32\config\RegBack\SAM
2016-02-01 09:15:29.381    Could not open C:\Windows\System32\config\RegBack\SECURITY
2016-02-01 09:15:29.408    Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2016-02-01 09:15:29.497    Could not open C:\Windows\System32\config\RegBack\SYSTEM
2016-02-02 06:04:45.185    Could not check E:\16.11.15\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2016-02-02 06:49:40.932    Could not open E:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2016-02-02 06:49:40.986    Could not open E:\System Volume Information\{c783e4c4-c4b8-11e5-9428-9cb70dbb8b7e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2016-02-02 06:49:40.986    Could not open E:\System Volume Information\{d2e6bac9-c1db-11e5-9426-ac162d53e3fc}{3808876b-c176-4e48-b7ae-04046e6cc752}
2016-02-02 06:49:48.931    SafeClean bin directory is empty.
2016-02-02 06:50:54.701    Error level 0

2016-02-02 07:06:34.116    Scan completed.
2016-02-02 07:06:34.116    

------------------------------------------------------------

2017-03-12 12:27:54.810    Sophos Virus Removal Tool version 2.5.5
2017-03-12 12:27:54.811    Copyright (c) 2009-2014 Sophos Limited. All rights reserved.

2017-03-12 12:27:54.811    This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-03-12 12:27:54.811    Windows version 6.2 SP 0.0  build 9200 SM=0x100 PT=0x1 Win32
2017-03-12 12:27:54.812    Checking for updates...
2017-03-12 12:27:54.993    Update progress: proxy server not available
2017-03-12 12:27:55.987    Update error: invalid login credentials (error 5)
Couldn't authenticate user for resource with host server. URL was: http://dci.sophosupd.com/update
2017-03-12 12:28:18.769    Option all = no
2017-03-12 12:28:18.769    Option recurse = yes
2017-03-12 12:28:18.769    Option archive = no
2017-03-12 12:28:18.769    Option service = yes
2017-03-12 12:28:18.769    Option confirm = yes
2017-03-12 12:28:18.769    Option sxl = yes
2017-03-12 12:28:18.770    Option max-data-age = 35
2017-03-12 12:28:18.771    Option EnableSafeClean = yes
2017-03-12 12:28:21.295    Option vdl-logging = yes
2017-03-12 12:28:21.366    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2017-03-12 12:28:21.366    Machine ID:    225b5d34ef444a8e88d57c0ce1b0e47e
2017-03-12 12:28:21.393    Component SVRTcli.exe version 2.5.5
2017-03-12 12:28:21.393    Component control.dll version 2.5.5
2017-03-12 12:28:21.394    Component SVRTservice.exe version 2.5.5
2017-03-12 12:28:21.394    Component engine\osdp.dll version 1.44.1.2230
2017-03-12 12:28:21.394    Component engine\veex.dll version 3.63.0.2230
2017-03-12 12:28:21.395    Component engine\savi.dll version 9.0.0.2230
2017-03-12 12:28:21.414    Component rkdisk.dll version 1.5.30.0
2017-03-12 12:28:21.414    Version info:    Product version    2.5.5
2017-03-12 12:28:21.415    Version info:    Detection engine    3.63.0
2017-03-12 12:28:21.415    Version info:    Detection data    5.22
2017-03-12 12:28:21.415    Version info:    Build date    08-12-2015
2017-03-12 12:28:21.415    Version info:    Data files added    367
2017-03-12 12:28:21.415    Version info:    Last successful update    (not yet updated)
2017-03-12 12:34:39.055    Error level 1

2017-03-12 12:34:39.080    Scan completed.
2017-03-12 12:34:39.080    

------------------------------------------------------------

2017-03-12 12:42:40.401    Sophos Virus Removal Tool version 2.5.5
2017-03-12 12:42:40.513    Copyright (c) 2009-2014 Sophos Limited. All rights reserved.

2017-03-12 12:42:40.513    This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-03-12 12:42:40.513    Windows version 6.2 SP 0.0  build 9200 SM=0x100 PT=0x1 Win32
2017-03-12 12:42:40.513    Log file path: C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs\SophosVirusRemovalTool.log

2017-03-12 12:42:40.732    Downloading updates...
2017-03-12 12:42:40.732    Update progress: proxy server not available
2017-03-12 12:42:40.748    Checking for updates...
2017-03-12 12:42:42.117    Update error: invalid login credentials (error 5)
Couldn't authenticate user for resource with host server. URL was: http://dci.sophosupd.com/update
2017-03-12 12:43:00.757    Sophos Virus Removal Tool version 2.5.5
2017-03-12 12:43:00.757    Copyright (c) 2009-2014 Sophos Limited. All rights reserved.

2017-03-12 12:43:00.757    This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-03-12 12:43:00.757    Windows version 6.2 SP 0.0  build 9200 SM=0x100 PT=0x1 Win32
2017-03-12 12:43:00.758    Checking for updates...
2017-03-12 12:43:00.781    Update progress: proxy server not available
2017-03-12 12:43:01.438    Update error: invalid login credentials (error 5)
Couldn't authenticate user for resource with host server. URL was: http://dci.sophosupd.com/update
2017-03-12 12:43:45.176    Option all = no
2017-03-12 12:43:45.176    Option recurse = yes
2017-03-12 12:43:45.176    Option archive = no
2017-03-12 12:43:45.176    Option service = yes
2017-03-12 12:43:45.176    Option confirm = yes
2017-03-12 12:43:45.176    Option sxl = yes
2017-03-12 12:43:45.178    Option max-data-age = 35
2017-03-12 12:43:45.178    Option EnableSafeClean = yes
2017-03-12 12:43:46.310    Option vdl-logging = yes
2017-03-12 12:43:46.316    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2017-03-12 12:43:46.316    Machine ID:    225b5d34ef444a8e88d57c0ce1b0e47e
2017-03-12 12:43:46.318    Component SVRTcli.exe version 2.5.5
2017-03-12 12:43:46.318    Component control.dll version 2.5.5
2017-03-12 12:43:46.318    Component SVRTservice.exe version 2.5.5
2017-03-12 12:43:46.319    Component engine\osdp.dll version 1.44.1.2230
2017-03-12 12:43:46.319    Component engine\veex.dll version 3.63.0.2230
2017-03-12 12:43:46.319    Component engine\savi.dll version 9.0.0.2230
2017-03-12 12:43:46.321    Component rkdisk.dll version 1.5.30.0
2017-03-12 12:43:46.321    Version info:    Product version    2.5.5
2017-03-12 12:43:46.322    Version info:    Detection engine    3.63.0
2017-03-12 12:43:46.322    Version info:    Detection data    5.22
2017-03-12 12:43:46.322    Version info:    Build date    08-12-2015
2017-03-12 12:43:46.322    Version info:    Data files added    367
2017-03-12 12:43:46.322    Version info:    Last successful update    (not yet updated)
2017-03-12 12:44:04.699    Error level 1

2017-03-12 12:44:04.701    Scan completed.
2017-03-12 12:44:04.701    

------------------------------------------------------------

2017-04-28 05:34:34.913    Sophos Virus Removal Tool version 2.5.5
2017-04-28 05:34:34.925    Copyright (c) 2009-2014 Sophos Limited. All rights reserved.

2017-04-28 05:34:34.925    This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-04-28 05:34:34.925    Windows version 6.2 SP 0.0  build 9200 SM=0x100 PT=0x1 Win32
2017-04-28 05:34:39.075    Removed SafeClean bin directory.


2017-04-28 05:34:39.076    Scan completed.
2017-04-28 05:34:39.076    

------------------------------------------------------------

2017-04-28 05:45:55.185    Sophos Virus Removal Tool version 2.5.6
2017-04-28 05:45:55.185    Copyright (c) 2009-2016 Sophos Limited. All rights reserved.

2017-04-28 05:45:55.185    This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-04-28 05:45:55.185    Windows version 6.2 SP 0.0  build 9200 SM=0x100 PT=0x1 Win32
2017-04-28 05:45:55.185    Checking for updates...
2017-04-28 05:45:55.396    Update progress: proxy server not available
2017-04-28 05:46:22.212    Option all = no
2017-04-28 05:46:22.212    Option recurse = yes
2017-04-28 05:46:22.212    Option archive = no
2017-04-28 05:46:22.212    Option service = yes
2017-04-28 05:46:22.212    Option confirm = yes
2017-04-28 05:46:22.212    Option sxl = yes
2017-04-28 05:46:22.214    Option max-data-age = 35
2017-04-28 05:46:22.214    Option vdl-logging = yes
2017-04-28 05:46:22.260    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2017-04-28 05:46:22.260    Machine ID:    83cb6a389c9444babc8016d2b1831898
2017-04-28 05:46:22.355    Component SVRTcli.exe version 2.5.6
2017-04-28 05:46:22.355    Component control.dll version 2.5.6
2017-04-28 05:46:22.356    Component SVRTservice.exe version 2.5.6
2017-04-28 05:46:22.356    Component engine\osdp.dll version 1.44.1.2281
2017-04-28 05:46:22.356    Component engine\veex.dll version 3.68.1.2281
2017-04-28 05:46:22.356    Component engine\savi.dll version 9.0.7.2281
2017-04-28 05:46:22.449    Component rkdisk.dll version 1.5.31.1
2017-04-28 05:46:22.449    Version info:    Product version    2.5.6
2017-04-28 05:46:22.449    Version info:    Detection engine    3.68.1
2017-04-28 05:46:22.449    Version info:    Detection data    5.38
2017-04-28 05:46:22.449    Version info:    Build date    04-04-2017
2017-04-28 05:46:22.449    Version info:    Data files added    261
2017-04-28 05:46:22.449    Version info:    Last successful update    (not yet updated)
2017-04-28 05:46:44.670    Downloading updates...
2017-04-28 05:46:44.673    Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2017-04-28 05:46:44.673    Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-04-28 05:46:44.673    Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-04-28 05:46:44.673    Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2017-04-28 05:46:44.673    Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2017-04-28 05:46:44.673    Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2017-04-28 05:46:44.673    Update progress: [I49502] sdds.data0910.xml: found supplement IDE539 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2017-04-28 05:46:44.673    Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE539 LATEST path=
2017-04-28 05:46:44.673    Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE539 LATEST path=
2017-04-28 05:46:44.673    Update progress: [I49502] sdds.data0910.xml: found supplement IDE540 LATEST path= baseVersion= [included from product IDE539 LATEST path=]
2017-04-28 05:46:44.673    Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE540 LATEST path=
2017-04-28 05:46:44.674    Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE540 LATEST path=
2017-04-28 05:46:44.674    Update progress: [I49502] sdds.data0910.xml: found supplement IDE541 LATEST path= baseVersion= [included from product IDE540 LATEST path=]
2017-04-28 05:46:44.674    Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE541 LATEST path=
2017-04-28 05:46:44.674    Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE541 LATEST path=
2017-04-28 05:46:44.674    Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-04-28 05:46:44.946    Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2017-04-28 05:46:44.946    Update progress: [I19463] Product download size 162626989 bytes
2017-04-28 05:47:15.584    Update progress: [I19463] Syncing product IDE539 LATEST path=
2017-04-28 05:47:15.584    Update progress: [I19463] Product download size 2453408 bytes
2017-04-28 05:47:17.875    Update progress: [I19463] Syncing product IDE540 LATEST path=
2017-04-28 05:47:17.875    Update progress: [I19463] Product download size 1532517 bytes
2017-04-28 05:47:19.595    Update progress: [I19463] Syncing product IDE541 LATEST path=
2017-04-28 05:47:19.718    Installing updates...
2017-04-28 05:47:21.122    Error level 1
2017-04-28 05:47:47.245    Update successful
2017-04-28 05:48:03.703    Option all = no
2017-04-28 05:48:03.715    Option recurse = yes
2017-04-28 05:48:03.715    Option archive = no
2017-04-28 05:48:03.715    Option service = yes
2017-04-28 05:48:03.715    Option confirm = yes
2017-04-28 05:48:03.715    Option sxl = yes
2017-04-28 05:48:03.715    Option max-data-age = 35
2017-04-28 05:48:03.715    Option vdl-logging = yes
2017-04-28 05:48:03.751    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2017-04-28 05:48:03.751    Machine ID:    83cb6a389c9444babc8016d2b1831898
2017-04-28 05:48:03.752    Component SVRTcli.exe version 2.5.6
2017-04-28 05:48:03.752    Component control.dll version 2.5.6
2017-04-28 05:48:03.752    Component SVRTservice.exe version 2.5.6
2017-04-28 05:48:03.752    Component engine\osdp.dll version 1.44.1.2281
2017-04-28 05:48:03.752    Component engine\veex.dll version 3.68.1.2281
2017-04-28 05:48:03.753    Component engine\savi.dll version 9.0.7.2281
2017-04-28 05:48:03.753    Component rkdisk.dll version 1.5.31.1
2017-04-28 05:48:03.753    Version info:    Product version    2.5.6
2017-04-28 05:48:03.753    Version info:    Detection engine    3.68.1
2017-04-28 05:48:03.753    Version info:    Detection data    5.38
2017-04-28 05:48:03.754    Version info:    Build date    04-04-2017
2017-04-28 05:48:03.754    Version info:    Data files added    261
2017-04-28 05:48:03.754    Version info:    Last successful update    28-04-2017 11:17:47

2017-04-28 09:10:44.489    Could not open C:\swapfile.sys
2017-04-28 09:12:20.998    Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-04-28 09:12:20.999    Could not open C:\System Volume Information\{72f589ba-2bcf-11e7-95d0-9cb70dbb8b7e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-04-28 09:12:20.999    Could not open C:\System Volume Information\{72f58a10-2bcf-11e7-95d0-9cb70dbb8b7e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-04-28 09:12:21.000    Could not open C:\System Volume Information\{c608ca9b-28ad-11e7-95ce-9cb70dbb8b7e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-04-28 09:15:02.251    Could not open C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Current Session
2017-04-28 09:15:02.252    Could not open C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
2017-04-28 09:54:56.611    Could not check C:\Users\MJ\OneDrive\AV SYSTEMS\Daily Working Files\Company Profile\AV SYSTEMS COMPANY PROFILE.pps (corrupt)
2017-04-28 09:54:56.650    Could not check C:\Users\MJ\OneDrive\AV SYSTEMS\Daily Working Files\Company Profile\AV SYSTEMS COMPANY PROFILE.pps (corrupt)
2017-04-28 09:55:03.928    Could not check C:\Users\MJ\OneDrive\AV SYSTEMS\Daily Working Files\Company Profile\EPIL_25_06_15.ppt (corrupt)
2017-04-28 09:55:03.928    Could not check C:\Users\MJ\OneDrive\AV SYSTEMS\Daily Working Files\Company Profile\EPIL_25_06_15.ppt (corrupt)
2017-04-28 09:55:07.767    Could not check C:\Users\MJ\OneDrive\AV SYSTEMS\Daily Working Files\Company Profile\Profile\EPIL_25_06_15.ppt (corrupt)
2017-04-28 09:55:07.767    Could not check C:\Users\MJ\OneDrive\AV SYSTEMS\Daily Working Files\Company Profile\Profile\EPIL_25_06_15.ppt (corrupt)
2017-04-28 10:00:52.313    Could not check C:\Users\MJ\OneDrive\MJ Personal\mj\11\1\Excel Backup\01-04-2015\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2017-04-28 10:01:57.743    Could not check C:\Users\MJ\OneDrive\MJ Personal\mj\11\1\Excel Backup\01.06.15\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2017-04-28 10:03:04.227    Could not check C:\Users\MJ\OneDrive\MJ Personal\mj\11\1\Excel Backup\09.05.15\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2017-04-28 10:04:07.081    Could not check C:\Users\MJ\OneDrive\MJ Personal\mj\11\1\Excel Backup\10.01.15\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2017-04-28 10:05:10.105    Could not check C:\Users\MJ\OneDrive\MJ Personal\mj\11\1\Excel Backup\12.05.15\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2017-04-28 10:06:04.741    Could not check C:\Users\MJ\OneDrive\MJ Personal\mj\11\Excel Backup\15.01.15\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2017-04-28 10:26:48.227    Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2017-04-28 10:26:57.649    Could not open C:\Windows\System32\config\BBI
2017-04-28 10:26:58.526    Could not open C:\Windows\System32\config\RegBack\DEFAULT
2017-04-28 10:26:58.569    Could not open C:\Windows\System32\config\RegBack\SAM
2017-04-28 10:26:58.592    Could not open C:\Windows\System32\config\RegBack\SECURITY
2017-04-28 10:26:58.599    Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2017-04-28 10:26:58.606    Could not open C:\Windows\System32\config\RegBack\SYSTEM
2017-04-28 11:07:40.635    Could not open LOGICAL:0003:00000000
2017-04-28 11:07:40.658    Could not open D:\
2017-04-28 11:14:16.190    Password protected file E:\AV Systems\Tenders\Feb 2017\Uttar Pradesh\Power Grid Corporation of India\9407\BIIDING DOCUMENT CCTV - pdf\Vol-IB\First Envelope-Proposal & Other Schedules-Vol-IB.xlsx
2017-04-28 11:14:28.743    Password protected file E:\AV Systems\Tenders\Jan 2017\Sharanpur\Powergrid corporation of India 9407\BIIDING DOCUMENT CCTV - pdf\Vol-IB\First Envelope-Proposal & Other Schedules-Vol-IB.xlsx
2017-04-28 11:18:51.014    Could not check E:\MJ\MJ Personal\mj\11\1\Excel Backup\01-04-2015\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2017-04-28 11:19:35.201    Could not check E:\MJ\MJ Personal\mj\11\1\Excel Backup\01.06.15\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2017-04-28 11:20:19.473    Could not check E:\MJ\MJ Personal\mj\11\1\Excel Backup\09.05.15\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2017-04-28 11:20:58.111    Could not check E:\MJ\MJ Personal\mj\11\1\Excel Backup\10.01.15\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2017-04-28 11:21:42.148    Could not check E:\MJ\MJ Personal\mj\11\1\Excel Backup\12.05.15\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2017-04-28 11:22:18.356    Could not check E:\MJ\MJ Personal\mj\11\Excel Backup\15.01.15\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2017-04-28 11:23:16.793    Could not check E:\My11\16.11.15\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2017-04-28 11:24:08.577    Could not check E:\My11\28.01.16\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2017-04-28 11:24:57.491    Could not check E:\My11\30.04.16\30.04.16\A V SYSTEMS LEAGER\THAKRAL SERVICES.xlsx (corrupt)
2017-04-28 11:32:16.052    >>> Virus 'Mal/EncPk-ANL' found in file E:\Software\Systems & Mobile Softwares\System Softwares\AV Tools\AV Tools\Mbam\cpycf\Malwarebytes.Premium.3.0.6.1469.DC.29.03.2017\macd.exe
2017-04-28 11:32:16.052    >>> Virus 'Mal/EncPk-ANL' found in file HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2017-04-28 11:32:34.459    >>> Virus 'Mal/EncPk-ANL' found in file E:\Software\Systems & Mobile Softwares\System Softwares\AV Tools\AV Tools\Mbam\cpycf\Malwarebytes.Premium.3.0.6.1469.DC.29.03.2017\MalwareBytes_Anti-Malware_Keygen_v1.5_URET.exe
2017-04-28 11:32:34.460    >>> Virus 'Mal/EncPk-ANL' found in file HKU\S-1-5-21-2807340434-1949843575-1337704626-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2017-04-28 11:35:45.853    Could not open E:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-04-28 11:35:45.853    Could not open E:\System Volume Information\{72f589b9-2bcf-11e7-95d0-9cb70dbb8b7e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-04-28 11:35:45.854    Could not open E:\System Volume Information\{72f58a0f-2bcf-11e7-95d0-9cb70dbb8b7e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-04-28 11:35:45.855    Could not open E:\System Volume Information\{72f590ce-2bcf-11e7-95d0-9cb70dbb8b7e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-04-28 11:35:45.855    Could not open E:\System Volume Information\{8654f490-1f45-11e7-95c8-9cb70dbb8b7e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-04-28 11:35:45.856    Could not open E:\System Volume Information\{8655046b-1f45-11e7-95c8-9cb70dbb8b7e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-04-28 11:35:45.856    Could not open E:\System Volume Information\{c608ca9a-28ad-11e7-95ce-9cb70dbb8b7e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-04-28 11:35:59.281    The following items will be cleaned up:
2017-04-28 11:35:59.281    Mal/EncPk-ANL

Share this post


Link to post
Share on other sites

Post #: 19   Posted

Your computer is clean p3879546.jpg

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download 51a5ce45263de-delfix.pngDelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

  • Activate UAC (optional; some users prefer to keep it off)
  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore
  • Reset system settings


Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).

8. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry3187642

12. Please, let me know, how your computer is doing.

Share this post


Link to post
Share on other sites

Post #: 20   Posted

Noted Boss.Thanks. Would update you in case of any further problem.

 

Thanks again

Share this post


Link to post
Share on other sites

Post #: 21   Posted

Way to go!! p4193510.gif
Good luck and stay safe :)

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.