Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

can't remove AdChoices


  • This topic is locked This topic is locked
4 replies to this topic

#1 mjt27

mjt27

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:49 AM

Posted 30 December 2014 - 05:28 PM

Hi and thank you in advance for your assistance

 

I am unable to locate or remove AdChoices from my PC...I have it

on Chrome 40.0  Firefox 35.0 and IE 11

 

I am unable to post the DDS logs because my OS is windows 8.1

 

I have run scans with malwarebytes  SAS  JRT  and AdwCleaner

but none of them find/remove anything listed as AdChoices

 

 

 

Just found this by doing a search of the forum

 

http://www.bleepingcomputer.com/forums/t/561088/running-dds-complains-error-on-my-windows-81-machine/?hl=%2Bdds+%2Bcompatibility+%2Bmode

 

If you cannot get DDS to work, please try this instead.

Please download RSIT by random/random from the link provided for your operating system and save it to your desktop.

 

 

Important: Be sure to mention that you tried to follow the Prep Guide but were unable to get DDS to run.

 

 

 

 

 

 

 

Logfile of random's system information tool 1.10 (written by random/random)
Run by skeetz at 2014-12-31 07:38:19
Microsoft Windows 8.1 
System drive C: has 1838 GB (96%) free of 1907 GB
Total RAM: 16345 MB (81% free)
 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:38:20 AM, on 12/31/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_240.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_240.exe
C:\Program Files\trend micro\skeetz.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [DellSystemDetect] C:\Users\skeet_000\AppData\Local\Apps\2.0\AAGY6MRL.B42\BKQGK0K6.6OP\dell..tion_e30b47f5d4a30e9e_0005.000d_4ab2a66cfade09be\DellSystemDetect.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
 
--
End of file - 9668 bytes
 
======Listing Processes======
 
 
 
 
 
 
wininit.exe
winlogon.exe
 
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
taskhostex.exe 
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
 
"C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 7fde6212-6f27-44ee-9cc2-eb9a0446db5c 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3b6420c8-1831-4077-a926-4afb61bcc113 -SystemEventPortName:HostProcess-9f1099a2-740a-4785-b2fb-95e97c0e19b6 -IoCancelEventPortName:HostProcess-b778ef9e-8fa6-4bc9-8b63-8200cbbfebf3 -NonStateChangingEventPortName:HostProcess-f18f15a9-0abf-488a-8dc6-6d2f46964f44 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:39f40652-e3b1-4eaf-997e-60c6f880d52d -DeviceGroupId:WpdFsGroup
ClassicStartMenu.exe -startup
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\System32\skydrive.exe -Embedding
 
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"
dashost.exe {84a1f020-c845-4685-bffcfdd26d31c38b}
 
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" 
"C:\Program Files\Internet Explorer\iexplore.exe" 
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:19048 CREDAT:3872011 /prefetch:2
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:19048 CREDAT:3937791 /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="34284.0.1886123522\66684894" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,38,46 --gpu-vendor-id=0x10de --gpu-device-id=0x1049 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4411 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group3 dev:r1 prefetch_results:1 reuse_instant_search_base_page:1 prerender_instant_url_on_omnibox_focus:1/EnhancedBookmarks/Default/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Control/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/Beta_HQPDisabled_HUPScoringExperiment_A1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/beta=3:LocalPredictor=Disabled/QUIC/Enabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_79/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="34284.1.1158455669\1550806525" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group3 dev:r1 prefetch_results:1 reuse_instant_search_base_page:1 prerender_instant_url_on_omnibox_focus:1/EnhancedBookmarks/Default/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Control/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/Beta_HQPDisabled_HUPScoringExperiment_A1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/beta=3:LocalPredictor=Disabled/QUIC/Enabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_79/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="34284.2.1404689292\1571891117" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group3 dev:r1 prefetch_results:1 reuse_instant_search_base_page:1 prerender_instant_url_on_omnibox_focus:1/EnhancedBookmarks/Default/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Control/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/Beta_HQPDisabled_HUPScoringExperiment_A1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/beta=3:LocalPredictor=Disabled/QUIC/Enabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_79/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="34284.3.1192944122\1096265072" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="34284.7.751299253\707642405" --ppapi-flash-args=enable_hw_video_decode=1 --lang=en-US --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=27052.e2b3a00.1593438034 "C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_240.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 27052 "\\.\pipe\gecko-crash-server-pipe.27052" plugin
"C:\WINDOWS\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_16_0_0_240.exe" --proxy-stub-channel=Flash37776.651360B8.22162 --host-broker-channel=Flash37776.651360B8.17974 --host-pid=37776 --host-npapi-version=27 --plugin-path="C:\WINDOWS\SYSTEM32\Macromed\Flash\NPSWF32_16_0_0_240.dll"
"C:\WINDOWS\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_16_0_0_240.exe" --channel=35616.0018F360.1412011700 --proxy-stub-channel=Flash37776.651360B8.22162 --plugin-path="C:\WINDOWS\SYSTEM32\Macromed\Flash\NPSWF32_16_0_0_240.dll" --host-npapi-version=27 --type=renderer
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group3 dev:r1 prefetch_results:1 reuse_instant_search_base_page:1 prerender_instant_url_on_omnibox_focus:1/EnhancedBookmarks/Default/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Control/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/Beta_HQPDisabled_HUPScoringExperiment_A1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/beta=3:LocalPredictor=Disabled/QUIC/Enabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_79/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="34284.8.943091161\199855083" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group3 dev:r1 prefetch_results:1 reuse_instant_search_base_page:1 prerender_instant_url_on_omnibox_focus:1/EnhancedBookmarks/Default/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Control/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/Beta_HQPDisabled_HUPScoringExperiment_A1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/beta=3:LocalPredictor=Disabled/QUIC/Enabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_79/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="34284.9.1319959285\329051146" /prefetch:673131151
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe99_ Global\UsGthrCtrlFltPipeMssGthrPipe99 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 572 576 584 65536 580 
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\system32\NOTEPAD.EXE" C:\rsit\info.txt
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\skeet_000\Desktop\RSITx64.exe" 
 
======Scheduled tasks folder======
 
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c 
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 
C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 95f1b334-436c-4a43-a9c2-1d70303541ef.job - C:\Program Files\SUPERAntiSpyware\SASTask.exe  "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:95f1b334-436c-4a43-a9c2-1d70303541ef 
C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task b871150b-1b51-4aed-a313-f5406bf76f24.job - C:\Program Files\SUPERAntiSpyware\SASTask.exe  "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:b871150b-1b51-4aed-a313-f5406bf76f24 
 
=========Mozilla firefox=========
 
ProfilePath - C:\Users\skeet_000\AppData\Roaming\Mozilla\Firefox\Profiles\lbemok3i.default
 
prefs.js - "browser.search.suggest.enabled" -  false
prefs.js - "browser.startup.homepage" -  "https://www.pogo.com/action/pogo/lightreg2-signin.do"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.240 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_240.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1215155.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
 
 
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.240 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_240.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
 
 
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
 
C:\Users\skeet_000\AppData\Roaming\Mozilla\Firefox\Profiles\lbemok3i.default\searchplugins\
yahoo.xml
 
======Registry dump======
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-28 553896]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-28 211880]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20 483520]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-13 460712]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-13 172968]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20 440512]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 3933496]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-10-03 2462536]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-10-03 2800296]
"IAStorIcon"=C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-07 36352]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2009-09-04 767312]
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DellSystemDetect"=C:\Users\skeet_000\AppData\Local\Apps\2.0\AAGY6MRL.B42\BKQGK0K6.6OP\dell..tion_e30b47f5d4a30e9e_0005.000d_4ab2a66cfade09be\DellSystemDetect.exe [2014-12-12 276776]
 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-02 1021128]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"DisableTaskMgr"=0
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"DriveConfiguration"=0xCCC9BA9E7A3B2A3A230F81FBCE7E26794A6B7C601F8E6EB9C4D14B6B13FAD501F98B94AD72E6718DB5B57F2EAB891C4FA6C139E750AEF668E1F472469634E1B35EE8DFADD68E033B7708B8F4C60E4348C06D173AE3616EDE37E4A926B8933FB74662A740A78E790BCCD3D0D155DFF2D3560733265C3A164FAB33B60FCAF26480426C9261A282EFAFC630D4755907DFE499DDDDA65AC3EE704EC037E3D7839BEB642DE66FEAA69A3A17B3F5DD4A096C52A41055DF62E6E43D6AA758FA23EC761C8A91370783BCBEA16C1A8CB3F86CF7923B43D8000107854D643EFFC19E0B6C3E1BF5C722D2EAE2D66BD6845C1E288A90E9D0BACF072CC68E64879C9202EDEA639B3EE2FE88823ACAE17C78CDE6826C209D8BFEA0BD8A29E7CBFB487A83BB9144791CDF440039B4824B877E47D2AD198DF79696F5B5EAC43B78CAE7CA200DAE06F821DD7401539F5FE6F11E1E32AB5299C13F160A7456810129A873ABEB676E5365DBA8299D495E43DF1A6AE1F63918F5A2BD36E347C86A85E3AFC872425BA4809D75EFA58780AA1B68530F934EFC44A8341AB91CA8950927CE8C250EA78FAFF8930FA4FD15123E81D72B19C0EEAA94A95E107AF0E1C6E25FE40E536CD3392C11961A43D85BBCCD3597507E1947BF69F0C47C6C49DB164118BAD04F810B7DA89A989080145DE2E41EE2B0A886C8E3A222A195156E04D07076E19939F7132D44C1348A285FB531F3FA2E2B1D7BF24ABBF0E7B1F5319596BAC37C47B7B2FCAB6B75688E8BFA6C08D15229C10F96A3C2021E233FD8F3D9B3F187C632E3A4D9FBC0A3594D9BDE827D4867734464FB485D9531835013F7B088683F48AC73F6D72CB3365A1AC2BCEB3C20A29CA05F3233B0EE8B5ED7C369E9FC3C834B119202903C66CD96349D097CED6EE05877B98228239B6A0BE93FE3B206F7CA11E98B955A50D0942BAF7D7706D13B1103C1FB5BC1EB8CBCA27F6D88973816E0C6FA983F363C5D93925E92631543DFCA3A0446CCC6E64FEA088A62F46064741FFE6EE557EC1EA9D74F95A7F6EA195E44E3C5CED5CA7F96DDD72B5A7D731E67DDFAD69A7BC0E87DC352A739B4DFFE7198D095AD21BE6F74098CB0ED2EB0CA4F384243987D52B882217F23B382C55934D397D624062EBDAEF0201B38A8346CDD3075601E5785DFD4DD344A69D951044858C0319247CDBDC31393C0A0748EB261B2959FD9CEEFBB3AC7F90A4FC5802B06976F742B5FAA44768C3995C809A9D1B2B4AFE737120F9DD341BC28BB2E41FA67075FDB4EF4F83BF0022BC71A5FC13A66CDC87601AA517DD3B12B70B7160BE2662F82721C21B7F859345BB27D1FDF9E9485E42673BFF30204DC6E5BDEE6C62C1967EFEE602C117447498114DF5DEF078818E01207FA5F66D95DF0C5C6B5C6E7B817CD361CCEF86A32AD375A99165EF8C5BE25ABD45A38FF71F93B9BF8960A73DBEE453F448F0C2BFC3207D08B4AAA63A1DDB72CB493043AEB0C7E563B776E35CF61FBF1AECAF0BA987EC0C930A2C7DA96608ED34BFADAE3789BBC2F08D59168748DB94036A1A82D81CE3A6A2FD2473FFBCD7883F0ED595F214AAF549B0F0B8098DB9F1DF567514AE7680E0EE9B7619AF9AF44CE03D635FF9EC08DF895F6310E3E0982BB981746ECCF532CA1B3DF27175EF7CD99BD6CFD994B55C5FF200183C12B304AB4BC8287A1452FE49C61F96C91155FF0205614AAABCCAF21ADD6A44C4DCE73FA328E1F719A3395E256A6201FCDF84698E080A3E1259309149B3E21C7D6D9AF3B5CDF18D64EFC21D44B68F93991747A0A6562ACBCB57A8BEDFD5A0A52678E57F13661619064F2976D8A8AF32F012C381D476E78958EA488D8A00DAB972D48944DFB51607133FDA21E15DDB317E9654908394D4B0F3D38E47A9794D6D240C11219C3758551A95F343D340A8B6C5005F272C641A279B3BAB7F9385986C37419304495AF697708D8D2D17D32DABBFA4A2850FF2CE91ABED67128DBED266171AF9A175529F7DF9EAAA0A1657715EBC9C0178B36D30D5CE790A760AA1DC10FE4DA8AEFD498E5651C050FCB7D6B83C2E2959B1BCAA0237710FCC8A286ED30F33924DE32DF4A63FCB089D369784D77EBE94CC17A35C385EEDC0365ACC32D8D84873AA1DA103EF40469EDFBF4CF5E0117080F1C7CF5295F396B06510B3FF1959E3CA02D0DCAAA38B2C5375065F9F93772CDC634926B325A1B21630C730721C1CAE32D050949D4C00507C3BBF9BF1D6033D6CBC10D8D13DD1F6E6D1EB3EA92257940D5CA7CA0B65F5591B535959F906462ABFAC0C1742CC139D5E83043F9FAB9A6131C41855018799C0A2CB4C73FB2F5C441004D39AF8E64F9A35655832D81BFCB013F183E6CF745008DA06878C16EFA0E5FB21933A6FB23A295F38283E637C5CB1DA97103FBB885411244B57A500D0C98C96CD6CDB641BD26BE2C326375000F0623747AAAC61C0C965A983292570BD4F97CCF3510CB681B96D4B62F9D376EA69765CA21B4A69580D26C60F1E15796A40E45AFF2978B79035C9B6DF941D8356AD4A86B142FCAA4CC20E9ADB8887214BE01A3EA3CC4E5C8FAC95C105C2FBC75DDDF5EBEB86D93C6E83E38C853F08BD943F63CB6951583C7C035AA02454AC3F201AD10E3E520A0B816BD747F392CE148EE1935389AE59DD96A9C47B49528C322E1C4AF5F68B293E09C310AE789AA23545A2A06BE1F14DBC2CD18E79B865FF8F31B950804F9D0D80DB45F2D47973F347D55255CB1F6CB0B032BF18FD3DFA2572A0EB96356DAA3F9D5DC679A75B8E334B8F458997D0A2930DDBBDFEA54A77178211BC2BCEF2A6C7DB4FFBC5EDA71FD95119CD8FAC8B41FBEEC331B9E12B01B7A2BA4C13FFA1510B0CB72C56763BEEB1633F1AA13D09C6014A8CBF236ED2F6445D67DA8370711B4F94DD7D76F8F6B4DB5027F11AC9B7DF2B2CA6EE9B095651BAA5AE27279B2CA2B3FCE6AAADDDCCC28C063E60EB6CB10A10020BBE4A81361BA1442B84CDCB92BAAD9B88AB57EB6013C6CA74765407B174FB0E7E4F5D667C956CB84BED2785212D8A93E9515BE630615F078098D4D58C198CE2A8EAC691CB58435F7A85ECEF68867FBD8E8748E34D4F28C0D11208EA6A77B67979D7A0721047C9FBF36FF06FD60125C8D3E0DED98267F58524868F0D13495A9621F9CB8988E5C98DE4BB7094436E4FB43F1C949A33706A49B7035CD3B82700807E914CDE40AC5C039C4B3E34E491B0BF72C109077BA7B499F8E61B8366064819D1E8D21B33E48DCF752B099F7ECDD0D28C2659B4B32C98D56AAD5528FAA1417FD6EE58D1CCDD1ECD4611C38ACE89AC33BEAC4F3E09C0B45B3056C92BC5F459162C0679E26FA6CBA91BF4BD26A0929442DB8739FB97D29AA9549F87DA9A51D9CDB99DCCC47A701B7B8F959060799163298E47497273C9DCBC5FECA2D1DB4ACC1FC8B0A3B1107AB59F0F576765DA2D85CC84A665B14D3C4979CBBC5A6784FD35BFC1F92DC8295AEC0FB6A6E5FC35EEB1750DB46D6E4EDE5B9383A692F1041E05B12E43CBBD8240408442D4A5D1492DD9AB6D9BF0B5D3ADA4554A4EE519201CE0D8FBBCCCE577F724ADD4173B69180E02B35CB959F4EEC841A3094E43473553F81AF7A89B61380195E506DAECFB263B05D9075B8CDE7B9510C429F0021DD818361097B57E2D27C7C32E09D7C489BB2AABA921FA8311EED2C1A421E039FD63D5695D6E5382C3853723054C315B4C4B7A5F761F9DBA3B33AB09AABFAB8F295A7B13E48095C10A0DD8BBB2EC17C5E2D50651EB88D50B23B852925283016D7EB9906C51F3E8D0B02BAEFA726A17A80956AAC1AA7291627DCB1458154F7ADDFB988F26473C34C73264630C57CA62DB9246313EB1B1B5B072AFDC3E0AF8139BCA156FAF2CF9CFBB868548836C0152BDE5100CF0000F52599A207476CBF952E9B55963CFBD961131301DA140A69FDDA649410292782E1213C854FB819500B679D51A0223B41B18E5BF9826FFD87BA5FA08168C662994306687236F680B21C920558C7F0035048769C456A954BABB7800BA64D61BFC96CB00C710861AAC6BB78189C14148F9B31AD349E909A915A22D64640A103FCA424AF9B1EF1D7BD3192A9622A2B8EE54B0A682E2980182A53EF4478342557663BE8C9951B38D2A0150A5F37D777453EDB5B0402CE05BDEEFCDE4752094B8064E3D5E184F48756C59C984CA8DE4A0B2A5A1246027BF9F024F1425289624D5B325CBB376B8FD3224D39257F86E16D245C9548BAF9F09DCFC1C0F0C93770E9025DCABA36110352E4E140D3F7205847A639DC8E9944559B4DD7CCE0B91F9007322F33E38C97D6A68239A6545758A778BEF2B015F750B7DF3CDB4FAB5B316F9525A47875C105F26BF474D288A38D4FFADB7DF6E2C41E44A1D063745238F79697A921E1993AEB4A4AA28355EDA8E12CD9DAAAEE7A82554998D68C4BDC6FD57590FD7112A63884C6FC19776ADE954B9B17CCDC0F817E39E38726597D07F5383CF7E0875CB2A4A21A8F08C218B86274023A5C4A7258F8D01125D2C1FF52A57B764411B1AA699C60F3CDF6042DE8810B5FBA108A9C1AEF2F274C249576DAD1F520C983ABE122E1955A57A74F4680A143F8FAC2710555706C3E6D23A5E1D62EEC0F7EDC34818DBF9777904599F2D78CB1231B780623640276E42AD3DC68BB119331DC7936F8B3AEAA95A2E5D05F6FFB51D2750A04574D9377150CA88352745021F06C2D7F38AE5C54D7C09D702625B497AFD40E8FECE9A878519B2D5C8D6E5E070EA9B719C30B505925BA014C787CC9064E2971414E95606CAC337A028517BCAD6AF2D1C46D5E7756669D78598DDCDC0448B95D7941041BA7BCC2916F2778C805F3A6CA9AA3915A382345E2ED5ADBAD2B02F8566FB89681214F07C8BB6A36F82E4A31957E81E4E41CBC3727E004DCFC5707DF11FE9BCD8DF9A10E08083075DBB6EF169BD3C358E025AB4A4B5BE73BC74260840E3C44A96FEDF1A1CF371471EF691200ECB3A7260CDDCC06B739DF9EC495D7FE9CF6F7B373C7C4D7AF643FB085F8795DAF2D057476F0ADE9117564322D7C7CA8CDD21931541AE61CE0CD064CDA804D99CB66B1737215FBC8138DC22811769A28BFA9890474F2BA88DD14957630980E4F8EFE9D9FEC40023132B5053D0B723A9A441C832F74FAD6AAE24E4175A3E62BE603EEDCB726083FB5EF9EE7BC217751E2C58969F3CB0F4F1EF4DB5AEDEEEC5D7AC1432AE06BF35595F1C7783B27B44942DC72B061BD4FDAE47C842A69C55AD32F7491A690050128CB4B82E807650A1095EE153976754A841D2D5BE675E52DC3263A39BF140B31D0292DE79855606BF3D38274CCAD95030234829941B58735AFE3CC358135C1DB4313F8FEC0302CFF211A83FF590F104FC0139C28FD3FA69D2A5CA8CD33B19C5D7F18BF26D357952A73AE2DCD8AADA641CB48F243592DDA05E45542DC6B15DAAF792D08060CE9B696C9A8D75954CF4C77C26DFC0C501B272B5526F72375F1590118940A561AC9F53AC409BC90FCF2958CB8EC5773B80CD4A275386AD2558DD59A20FD4735B73DBB869504DE86592DB92FEC0D9180AEE4F4DD464D62D5D771B1F7837BB0E72E4B0BB0846F6F5C3D4FEEC29FA7A4A0453B9BEA20C5EC61BB332766C30FF511C63FFC7E3BEE0367C3CA57F8AE706DDEC19524C8A236C61D350501B6CB62C614ED87F9D8CAB36AE3CF7306BD77204E3363A90945AD92363F7A3D4525CE698754A4F8E2673FF5C958BBD56BE7E7FD2B40578551D8B43CFF9857EC663D16DF9539FF5EA162708208F5A85372629FF14EEEDAE0DE644A5F3A0771F599CCC64CCCC65B420BE2BD3EF4D41BC0D151AB3D1A7F4A293AAA62559638117BCCDF88173815B179BDC81419C250FB2A7A95A2D47269C6D858248BEA3F5879C2120D074A202C0E482B3F7E3EBB794F8EB8F6BBE23843ABCB96216FA8C486B1CAE2E5ACD60FAF996A7F1A6A03CD21BB1E93CC069D39B1166D0ABBBE668D2A95CA7212DB36F28BCA9E5D9DD5F62AF7C37BF1E384E9CD1ABAEF04DD79E0EA414BAB02CB780D673C84056AAEF8897DE065774FCFA7CE3986671ED936E33DFC89F23CC2344299FCCBE5B6D9DA0C958AC2311297827FBC1CAA23BF8B343E823D660D2665F976C3437BE0F59AF2489863C291CFC3D11C4B3BE899CA1E5C1DDD49EF74EF0EF1B88371AA22BD97FD21247B45A9A6E383CEDC92BB919095C09BFA7DC75E67551FF023098C533A4496418C383A13219EDFE1BCF88BEBB31A5737FDE8217C8D61803FDEDDFD3CD0928007B25D08F3A0BF9F330F268D3FA66FCD794FA8BD118F1A19261287952A2E8BB03B97BA1A4DAECE120CC1EEEF0180139708A9184505E51489D3ECE78F7DF013A5B139CDF8710C549E0CD282DA4D76A19BF20F7F455FBFC5B494DB847E5D4C1179C835137EDCD5DA6C9588AFF36FDAE9F98271F3AD32356849A5453912DC31082D356AD2B334F7D1078269A1683610A1C2546F9CCA93EEA94964CF4FB82F63ED0EE07E59D6A228C884EA95EE09B85765A519D353FDF195F2486DF718659F015AC35D82EC12A351D881F9ACF6DEFF7C18FF4ADA85606ED3A90D5C680AC3EFD97E52C1249B4543C870C50DCE72BB720AB935589F6D0B46C17BC2BFBF8CB0CF403761E3CC95753ADD8F565C685AF3CB89EBA4D0776E739CAD43D02D3D02857667BDEDBA6A8561399A2FF40EB35760586DA63F9851517F5ACAE210187F3BDF5BE0D80823FF544789A22FB0A396CEA1A846C395F4548B4F798EC625A3492D7181A86219F0654A4310731C17F4E2B8C69E033BCB2ACED0704980C895F188EEAD53A414090E48F259A23F31702794C2473EB3744549CCC6BDD778F9B8629F6AF6953D991F2FC893A09EE63508C0B1815B5A6CFF1AB9B817153D0BBE81195F544A5427CDAA138710FB1BC49CCA92FA712C050D2E55AFE17766F9CE99873D4E7136CFF989DE3EB485ACD725BE9E6B95692CDD520A894CB02BB361F7065333AE99BCD5709B15E337B5BB5ADAEFE1ADD5687915494B582843FE95AD419D32AFF3A6FED03EF6B9E086F47AAE2D0C4E1E575F227CF1B8E310F1C2E3F3DF95797F2094DFFECE41F0BDFEB4D78950D7624D1A7AB4EDBB5239712D41DF66DAD78481B119AA86788272686448C8B2E7E0DB25C9C4D0A37A74B74BA7BBBEE60B33A482880B715C760865043ACA952EBB1B515D2052BF1B0C606018BAA5E7C52B2DFBC3C8CDF29B496FDCAFD7AAC3706D9631D284DEF3FDEF161D46044F4E5DFCE935C89CA95490150B043A2ADABAF890FD88219A94E7DF1544B3952771CE77EF22E7EB9B4643BBB888F48AEC44F2372DECFB5F32AA9D232747902BA54B4AEAE166CE24240EC5AE7B6ACF75AF6F1BC2774835BDEDFC202F3F4BA58CA7D8EA309D8E46E94A3C54B695418247CE6AF17DE43E6E56AA3AD746948DE929DE1462D7D08962F941F8171B5A7299019C04133F24EA24042E018537D97BEBC529D62F39520FAC8D3413E83F227677A8E7671D890BE433E752952A4C1A8670172076D487373F9632AACA84F7EB96B5E4E2B87A5785209263A91D9D751723D337E3CCF6B4F91E85BDF90C338C453F97A85716250859EB5D7BEF98424757390E11B53424FDA877954615210108EF75A4858AB109507A2DF4AD4564C9020C024F886E3FB546A96CD34002CBB1EC67A44DE5549599E3F32AC4EB87ADBAC30A40EEA915285744016CB8DB4C9F25C53EFAC321CCADCF95C6BC77E27D0A75736E8B379DD9D01922074DD1B17FBA44647CBA9E8D9FBBA1B2E21D3DD6CD9662FAECD512E48065BA1F75D5C24394166376FA24B933C9E8194A1D5DA42942F31C592430F74B95069DB25577E068F88226A36426C4723E051DBCA060C6D36243E84C98FDE60F5BD340AACDF6B7EA57B1B3AD35E7E1F235BD2032BB949EF3093A3E9ABD613E819B5016498DD8A372E88A8428F19527C460A058BA24A49F2E2BA68EBDADD2377F7594E3E6389F06EA25347363BDA1CDB6E5083EB33A616BBEA4C2A72D2EDE66F215CCF57A1E0A69D42DC2D516144CC1FDA9F3D7D31BFCDE9686E495ED56C4EAD8DF86CDEF98A4D7E8ABB21A1966D4FAEAE1D3EC8BE2707CE2FDF895C80018FD748EF31F3709720D6AB5DBC5A51BA6B332AC8B78C2A7E0EA5E3D225CA0F2D21F2246824837952FB495D93CD14AE3FD318080A4FB21E4EB144D3A9C2DC1DDF59958CA505BD2550384D51C86BC313AD31E68BD13496E5976B3AD5D63414CE7D115B154F4A745FB1D18771BDBC20311671474CF3F9DE79589106613B1D98586264EEF31A97A8E2790A994A2BE850E47D27FBCAB9F712015DC81D5851D4822F60233CFE1AF2A37027C709F5EEDCBC685E4E4BD1515F0F97FBB90A70E89F63F25E44A5CC7954F4CCB5D273AE2B490F41346AF5EC0BA190651AE8C0785B3DD2C059932593FED712771C1F9CF04AB8F491C109BB56DA394F95028B9AC167E02329CDC56291F5BFE0452B55AF6AE4CD2120A6E9510B06BD76C121D77A8480376DE502B76B682A518DC2B96C1B279889E419704E57618635E8B99E122C3A2F3A35ACEDAEDBC2C792CF5E4646D691E39A9C51F33FF35B5FC41D7D6C3B270848F0E955FF3D3CBCFEE429F3077E442E7AE6A7544F3BE43B54FDF873A10ECAE19B47EBED3093B975691A979742B3FC794F0C20BA85CCF395FAEB3389B91839E25FB69BB9F563DDABBDE55C3AB4A9D8595D8AEEA72D7A08B6A9999215DE29FB10BFC21F80EAC23FF1B659AEE85BC1A25021CAE89B2BB071C5DCCDAD1FCF6839E7C06EED2BEE1B7A9E2BC901EC58FE400C8C6B948D43ADBAA9A61376A2095C1857179AB2AA0D3255C64B828878B8D0CEF565F4097CFDE3E625CAABE7995CE2AEC538A539C0956625858231146DDE41B854E4DF010C5DBAEE65B144D68F91019026B38660DB64E7FF4ACAD95DF96BDD3A4EC101C40ECD2D072ADCE6074CB3FED760DE20A4C454FC3647888DEFA3FD3608F6DC55397F2A0C772FFDE179D6B0E6E2A56DF896D0C7BBEF92C163DCA09C696C450957B5CEBD4C7959526B3C02F110F991B258B3B312AE24525577B52B8BC3F7A2BDDA71BF9A019D9C56974E39283E97832C20EAA01662D63D343E2A52A1FE516AC5C24BBD5D61504EA0F4A092E8A451357748F5E954389041DE83671BF89FB6171301433E458587050EA615CB96BEDCB70738436DE615B0E7D4D7950273E185A939D4EFD1CEAEDD3C5AEA7D37BB17622996C3A2CB2C1A4F48AEA54A865B03E798595DD52A9EEF35CE66C1E29D6D768EBF3962CDE9962CD2C5D4CA70EA1024635654ED66860DFDB6E504C222E8E56F815E56D99B8A476EBBBF2CC6DF162856AC4C7F672D84A790AEBBA6DA300227F95C9BCA1289D10767785185B112243147683B5478698E98E43E99BCBD887E5BBDA43A8CFCF1F2D37ED020C3F23B04DDE5EF8CE8C052FE455C5DE452C94B82681F0CFA0156807580E5ECA5F460B95FD57E9C333D83F7B2111C68852B384A91C0A9B48D36D1EFD3CD9235445D91AD0F3A95D309B9A07F055B80A13AEAB7C209DDB326BB8D79095A8F89F56DB41607A788A612A98DE8D6DB32148EE9558F6BC0022DF6DDFE7A6143932FDAAEDF461C31276441D3B926A79F92394A9A2BA5CEB519260752EC7A251F0C22F6B9FF8FFE99FD41DBAEAF107729D8D5855B63BA4B11CD7A471DFBF93F0C29540D70BF74FE47A297A5E60BF1D7D2060D9B673B24298B768D8F48A7B394098B7943DB17A61D81FB9504E36437F942C4AEFF62B1F39FEA53D7D97E8899C72F2D8A7A986B296A37F553E3765FDF17D143E63B860A784879F23A3AED7B29150F1A62C5F63B226570C44082C5F147680C4FDB41A3B0C699443D7A353FA111CBC855BBBA5B25C5E0ADC13D7020F6C34F16D1244FED18556C8B16C44C354492CB14AF6B98E62E0ACE319DB97CCA88F95C136D7251B4D6838D48BB3888F9A0C2CD8610B69AC7C33CC3CEAD175EE0627B6A5B9CADD42ED494D6A450FD48A0B8B3819698D131DDDF4E1F1E9E7865845041FF766E00EE2C0C8BCEDA15E8EF73F900D79FDCB455EEA6B6A168B77C2E6DA8BBE828E156ADD9DC40840003EF899B612DC160BEDF8F31A10DF9091014CC7B4814E7CA5BFA876E2C6CB776D0F4D1564F6773E38CC38717AB5B3997A8BEFEDA4DBD0151031468E5496C44F9D56F4ADFE07A87C07C614779AC43BE1FA01A86D25585E5C64BC11E520C197D9F75E99870FF18EDDAA83F2EAD1FB4E92FF387C9494F132156AA0CD8A74816B2B5DA4AEA56C40BC10AB4A8B2048465B9F3B5E841B29B171DC89EDED1805209D6A23CBCE81243871152C0E6420A423F44ADD919FA5F60C1EEE9AFF73A2235EA45F3B7295479377A01887AA1F9850AD391F7B2CFB579AC1AB40391559771448B6B7869429A0452D20B74D6BA4AF1A2A31E61A71C433625335DFA013C7F1518BFEAF34CFB161E9FE0D5F584FB8C62FE5E5B2510FF514BB65745303B741E79A43EF234E2B6C521326E0060275D8ADA218A4656743FD11780CEBADB566E6DEF9523CCE9C54B2363D246EBCBEA715808F1D30F2309C9CD4E6F1BD82EAFC954CD796E739A6A297EB8567627F2A93CDB5687F5B5100B403C1B9AEE1FFB3E12CB9F8FA68AF5467DD5D661947DBF889CF018CF93ACE37FC610BB338E12BAF6B137669ACC33F677FF30C5202DC3B49CDA8954115852271400F9CFBFB1623CE87A232CB5334D226D04F0E108137A69351F907BD2AAB7B00C3F59ED9BAD011B0E28E72FFDE1B8BB7EF82C9DF0AB3F07F2E83CC0EBCF4F4AD4467B74DED17EF12986938B95C31E8D0E183942709C5D682D6094E90889AE72105D55C937E3BFA8D50C3A7F02875230B6B348E0ED5DC2BC25F8D637767450D3D0BB5EC57D54D79B1EC9E9AE300ACD155A31EAC77688A743719E45FC9A9A21DEC6A1DAE70803B76F5964B93F5CF306E0500C2905700
"LegacyDrive"=0xC78E9597BE76BBD2476B6866FF2AB80B8C4D2F4A26BF598E5673AD7EFE56B78A9A8277C4C5B404F2FF0074E1ADC300FC61DA641C5C1185A251DE56C36C50FC24934230A7ECD4E6849F1B2C9BDBDD18540821E755F9B6396FBC79040E1CE079F1EE3B378BE73ABEAAB1B026563D9611FC5A53DECB873A1F5F05554E9D3161BBDE1119C94F2DB85A97A0B988BB6EE1963F187F268E6EF2AC9CA5D26D22CAA9F7FD0AB4B66143206C91F77942A923D7C58F676B2E276657E6C670C349EA5E2DAA28BE009865316960491066D3F1561F4AE4BA7AE6491BEA1D572187720C22648322421D493FDFAFEC9C6B2C8DF5C81BF0787D816E32F474CE9F45F81B6FF2DBF789D4DE325155159B26E091162F963BEF5843036E97903BAC74793DA4C802548DC526DA6736119DD5088F872A0AC37FC6F11C8AA3ED9F85362BA5DC384D06A654CF3D017DE682D93E044A5F58F10DB7AC1D4BF15C34D13B2EF43855313BB045A265FB4B10D4BC17BFD0F23A4A92C0DB8D9B6FABC24AB51AEAAE38CB6F994E4607F6DF07EEDB5C6D32E9E20A07A736AB95E9E96430040DD48B3402AA283B8D68134B2A67D026A41C9284E299ADB504574E87AE326A6AA4B5F4D2989853DD3F871336AA25DB39D4519F5878A816BD25ED4B6F3093E23F3C38E1BF8D1709349DD932AE8F1E49F55B1595C12C4A3E2906C00F5EAC407B99C1F0DE522D2706B3C280F24C202ED908D68F6E60C90363CEDAFE2C85C35C055F42F536177A72C296B8965E4E55AF80DFFBF06967E4F8491FED7F07294A3D908979076E70743C9DC12B5F9BCE3105BF62B6F2CB05B57FC47B6E3E028E17E1830DCF588415D33A538FF4665FFA49EA916B2124DFAED23B261E7E3A5F17E45378DE9C497D5FAC9B3D3A09FBF3D15B03269E0124CDCA55DFB7FC31372A6FB166CA483BCFBD26BD340DFA36294E1978C8808F2CA736B71607F8099A4EE73280B79F6AC5F4496202D105723C1F64BE60D901C10CF492A8CC9E1CB3EAC367DD88D6B0BFEBCE9FB21A6F7834A8CA958CCE0714B1BC62CD69317487AE4AB46B55973DB8F274D2B9F6971FF41AE541A5018AE3896B18487D40C10F20AEB2CF7440978A3C37FFAD067F75A069E2ED9C8C7A63BDE76CBE584ED3FA8E2BFB86210AD0EB875C96AF3D74DA795ED6A87574B1FEFA8EAA816B92DB6F5BD51CD5F4E99A810299B6233BCACD24B048F8EDAF7A16BA1810265911E6A12EFA2B0D7BA3C2CFDEBDE8411B8F18041CEA2B97365FC429AEAFEBAC7C83F82B4F5EB35DD1CFB97A2BEB224DCCFA608B66716A63F83A201A5696ADD4499C4169D944813BEEA4C0A19370738D05BDE56C090A2C4D83805B464579F9132540B20152174D0AE87FDE42C1B33D718E76B602270E021C2091760E9D5F7BF067F03E873FF9D0A86A72E79163ADFE3118137FD7EB8D7CDD1E61F3DB3B07511BB337344DC547757CA1B46641CEFE5837C9BA61AEEFE25BA49C6F30F0952A55C1A3BF9547811310B0F8D78356495DCA37CBABDDA3A5D5CFB43EDE71D01FE3AF765509249A94844AA82CB703C7389D725A19670FCD2367FB8E952C9059CFEF3DB9BF2D91CC9D969546D8265FB85092E412C5E50E678F6B0EF190CEF455687F7DA428E7572CB1C87E9CF19C8D14E004EF5CFA238DCFFA53AAB2E6170BC44B515C16CAB6CF1DD37E0606B1603349C7BD7E81191CA67B0DD6EC8D73122D29C4F44EB1A712DC8DBA28F47C8E0C612795F3E405FC77967A392980F847A3697A4A47B81CF6C8E4C8A4EC2C11A591885FD6EEDF4D741C7A4F32D5B998897B053B505C05908C3415D989F3F4252AC1BC757D40181E9211B16E8E99E992FB9505CCB7628B43701CF38B586557E6F8B22791EB446FF53FFE5D211F74FD78AF4448A738A95DDA854D0E308D5F9E6C51E6C9ED085505E07A5F08B4AA0C8ACEB70D4C7F044C593397C88CEBBFA09552EDFA6DB1B915D58A40955D1B51567FC75472FD1A3A647408B46E3475A3374FFAD0B9F0E7DE5AEF847C59A29DDF6CF53D70A8BDB9C2A049F0C6D13AD2423E951F7F571771421FC97DFE8ED39596483495728B20F431FD00F29BD28982AAAF1A9A48619C8959CFAC8BFC2DFC9B0E73F688F00EA34B8BD5CC98913E5FB305D21385FDDE4FEFA76C485E8A716AA00E48FAF63F5FF96ACE314B62BF58741876EB93737FC75E3AF061003D6AAE32A28A9DAF8705E5E8EAF802F8C6797ADA7F7265DA80AF2C4923359175D1D6F0D86A02C490E7E06C0F3E9D2F1485047FDA5B507A8F843EB607D366953EB24DCAD8CC8BB08AD360AD5C3EBC035E6CD02CEDDB73B7339AC553ED01122A719FF970EF74CD3BF7603B953BDC2DCF97E8EF194E44905096E38C17589DA72931241CEDBC39F74B1320C0BF95935159ACE07029F2297F7AC2AE5320B17F445C0C8629FF6CC783D38AE7F93654EB05084043ECC8E007F3F9B680D0CB4AEA5FF77B7896EB1399BB279E7AD4E77BCC600233C744120A6F08D5D4951643D30A2254411D1053260AB947BC2FD49A195DBDCA0E2E74605099E926D5C377958118AE8D029B5548F87AAF915AE6FE31152146ABF6D95329C9B4FDB5C32CABAC1D9D1670029C505EAB8BD10400C86AFF8323F0EF6B80DB6B85C784341D65B6BB72EFC0E36708C9077B86643FFBD064DF768AF2417275DCC55D903015C6830AAECD3EAA9CD9DECA8489D02EE8EC387CA7F4944EC3289C8695679A6DE12919E7CF8CA75483C92D4A46CF6ED210883AC9595EE4872DFEF5BF7F5B22A6BFF67C58AE5DE77772F2CD15E5EE14D433A64D4BA40C2EACB67842A46FA9DF83F106589D4F2A75F09FABA0200751EB611DBECA8D8604B9B94B12BB7514FF57B74CA0E1167F59FA3907335A8EE72FCD3FF7DA7C6242226E6FAC684FF8D7D66F9448F30D1CC675D61B0356A97F7F2A9D95A8AF453446A695333716E1BA31B59EF85DC01314D43A4AC5032E2F145B95E7624A7964AC6B5B370EF9D3A5868A76FCFBFAFC277EA5A281CFD9CEE7238AF2112448B2223A6F497D099E29DB3A6AE19A7F534458C2D1F6C8C1FC852CA55E755E4EEC769B1075A8D8212B0C61AB5F38C0208C50E0CE973172B355EF90924E82A046C1BC7C57E77ECFCB7C2CC23F7C5ED9362AD917B057BD69FEE1FF41D67A1A82A395AB029C1E185AF82205E696BC1943F48262D633279A02754CA99E89986AA6CA0AB230448E8FA219CFCD23234DBF4FDBAF3B2F7A5AE7685D42B3B2AE00A78C4125DF2EBCCFD4C0FB7ADCC9B318FBF4EA5563BECC3572C657EB8A0925F937B836AF9C39E54C086F1A66C93BC28C45437C2946F295AB96BF37E5CCB3DDB265250ADC17C83B3C61E91A2267F1F4F6FD316D2002DF7326EF5B7014AF95B7C421B277728F3D9519D304C827F6FA06493B684825023C8D4CECA4216A40DC1FC08E4435D592B6A7685A1697A8AB2B83A7A2AD0F0D979F050946DE9A8E31FBF3BB4046E79AAB2B070E19C295DB0709A16FF872F40E8BA6D04E937CC54C42AEB3399C80DE162BA344BBF5582D1EABD805D223F467CE08F97A70D0D680C1EF81ACFB4B963449EF41A8CD035F82E7FCE0FEB510702CD6ED56439574AA9C3881FE708F40B0CA71084E4F00442275E7BF62E9351FA72D6BAEA086D36108151412D5440411B363BDDBB093F32939E4842D45BA5118D0754DDF8B51D33FD28A3DFEDEC4B2753CAB3F954B7DD72A832FF283B90D1CFBA8738EF9F0157EEB16EF43DACD7FBA427433E820DF1DE14C5AEEE809EB22D7DBD878C19869A5D7C2EF4988140522EC5B1680638720F97902B75D0E414CECB398AAAFC75652D3A52201D1C7A113302E24A6640B649D947769F4A164AB5063D478DB3548954EB57C284FC551D5FED50B28CB65BC338AC50078C920EB0861B840ED4B73E4C6B59792B155D2CF6EFE957D21C071217C17753BFD6D2A3CDA6E9AD499DB91708130AE014F85BB0029B23AAFD8B640A1315A877CD411BEFE1A23233E480A5435091C627C1B6B285748EADBF398D1E1ECC542E712EF2C2ED76D916F257EB4423DC862D2F98F5E2C44E0125D08D1C9D8FC0A1E18BD85B4862191289CC81D444BF433769A9AC38090B8A27055EAD2D39438042623335B8DE64073C7F133A262EC207E2BBC6D9C9FE95F2CA54B18A87D1ECD3EE1C3AD6F1EE115321A57B58F9575EF69AF6B7F9CAB016147F289EF6B5B124AB6A9DFFC995517DCA08EBE31037FE41A78D01D2D4C6F315EB29014225BF218D547EC656159DA89990132D8E6ADB8E71936F5E8280CA774DF1D1587D2F99FCD9634991C310C5A41CE4C8FFFB570D5557B0A88007665D541746717E0ADBC6071F53055D6375D40051E87600B15C48395517260D71FEE7FFE5E590460A28BB2C5689E91239B5A94B45DF1784C05EDEFEA6466FE8D4D78A44954F4BC99D55624F739F81FAA7485F8E0D2AFE9FCF4253A3115BFAD5092FC1ADEAAAF576A9582F55A1D6C6AA293689DD2E9EBC1A018E0A5ED81EDE535C8F7622AE6E8F19C7AB0509C60895EE185808B6AFA318D6547D254500173415E9F83931C8997215472674F32E8193BA529C3370839CF2B7C0231D01CABDA2F39F07A3F7538EE3EA947F9AFDA63DCA469B6273989F4CE61F63D7FE5E44533A936B20431F1C63E65F03DB891D97965B04FDC26EA6A75E25B64E0D9169567356AA16DE2FF63F00DA0945EFE571434BAAAC757DFCEDFC0D59DA22CB1E66D155908F9E0E9BFDD58563D545B517D41D36FD470E886C81F745A26BDB8794FF14D63D3DE5DEE41A512E93C2C4F00D21E9FDF0A95346A9ABCB26F4DA6346EFFBBAA25CDBEA27E4410C5070EC7A5A2D1FFB67E54759946E451A198F64490B80DD3A186DEF3CCADB2D5451E0D0345BD8DAC0E59143C29E22930F3D69C2957FD693F95DD56DF97E45102382B3E2D1A9706FC80301968886CA73401B013887C14A5DCA6667E18D572D2FAE08151B73420E6E52423A49881E9FDCC6BE03603664C172EB045E7D1D2FF9863764F3EF378956AC51140EFE4EC4E284DB8168C27530F89BD2707817852B9120A04A19BED290FFC0C497B9DBFAC18B1FDC1ABBCCDC09E52FE8F502218E2B03492A70A6F46A1205E21537D331F1F060D77AFD2BB7612943C30422D3631B1CBDFEC971258D231A2D4196EF7EFBCEB8E41C3214A32C4DD1510AAF1CA5EB52A5370C2820E34CD967653B45AFF793D0B41F05B655974AD178D4348742E73B66BC388953EB96346665D63C4B74C31C2C067803C5DAAA63F3AA642FC9231211B3D5C6352E9A5D935A76EB250AAAE57734CE7934D5258F73C71737D6411916BFE50E57AF34AAE38AA98B1AB1E16E73733F3EA73C14AC2D615135C6685A24CFCD3C6FAEE5296EA3D474C400F9557835F9AABA1F3545C338EC86B0367A4DFCBDB2318405F31614FB8CFC4A76EBA22777E4782794F92AA2FE7D7EC6C5F2043CC1794219F2C20607C038998B9D5B760A87CAC08617A6FC45D3D490C40A13442F5B7919600C51927108E166AD4D3D3D0101951A3F0AD3B319CE61C2D0CAAD0521E333849E61332CD4576C90DBD95A8A85283D7D5E1D6199C2390B0C803FB8D1998E514F304F71F549C424508481B5C202D293CA08ABCC678E06025B656B254F95B73E1298DDBF065DA30823DE596F822AB29D21A6649BDB8B135D7CD4CEEDC0757E5EF2242AD3B8E4FD036B6CFAAD8829512AC21AC3C260545DE372FF3921FAC1B7C8260A52CBF02F8C67D682660860563ABD9B0BCD6FAA605AF8DD3140C234D2C695421BCD20E95534A032C20AACF4B8673BED907B3FA6EA9E26C6041152291F174F48CF0EE67D1892BD16C67C3BECD0FAD93D3AEFA712A15C35CD702609D11A1DA645352A3B2AFAD857665C3D9F6B4A7F971F0B72EF703D5F290C81B9D5B444A644603D0D1437C51C63F3B3EBF5440A9573FA2580D1477184930F8539A70E1E542A0172CF4378D5EDC416820E09C625426676C32D6B8979A218D34A882063A89C243D1E98E43E5AD7FF8734532B019245C1C5918A60E4B2904828EC442DB8419DF70BFC11F47B6A45C20BD1A9DB634506941FEEDDE3F34F6FD741BEF483054448FD053E7078712399C5F072E88957A53AC259E3C35FFF0DDC62E001CFFE306DD83406B75A26D8C6236E8BA39CA1C85DF02363AFC3634AAAD613E2D793A3AE787A09B4A0E3B79DC0C61E73B3B36815E4118441D273AA2F40C8ED6BF041BE9765ABA61477404FA54017A8242E9F5BADE8DDFB6F850A387745662179E8BE853BEE8DE90ECF1412726831263A0CC509E5B9B23A6F9DA5A65D05817C23DCCC9C23B175BF334CAAB0A16F3E83ECBAAED3229210F74AFF0C3321EDF8394585CCFA77C14729953C5062CEB4DBA6581075384A458713998851415F9C85E3FA0A29A68CA727E017747ADAB11F380EF4E60062F57284ADC2A5F95D4EA3DB3728164B837F6F47DC5F92963C810C52FC343FA5D0F198AB720C42D270B9933CA45C36A45AE37425CCEEA2FC05E424F290ACB4DA5752C85307E596984C10A2332616B7BF20515FC38E3213D5208772BF70ADDEE0FE1404F8FB9E903A51FFF2454164EE25F674676693847585AE01BB205FAC41407B87969F27AEB2AABA0CCD1109C9291DE4B7944D285C7A50FF253BFC02048A5FED3952764F49D0B3641AE31F99DECB7DFC046A4667F46298B39E6263A71A5F00ABCDA5227DE47D28F30F13582442F4533CC02D1C4B8A4F6719F649D0C60B045A90974029AF8A2C69E3F12E0554D8D95C2F7CB240746C5C7B5C10A13BF1BD56ACEEBAD4940A589D671C938B93A5A002DB89286574FD4EDD6EEE2429B945018FB13386F021330DB0B5B79E18D4C79A538AE6CC241B0567AFA293C0FA5952493708A9CF91847842334680A1704371D9B83D52DED4A8A32B4B25AEF3739D978CD273FF29470BF9A66DD150809675FB5A6E32DBC7DE5DBDDD6DE1FC73B87DE97E483449C733F135DE11E3BB5DDB9D3AB1D840D68E3845ADCBAA545703AB0C25D89C2CDBE22FC4DEAD57D3E020F8D0FC65C1B49AD2A6A7234D0073176CFFEB2FD574D4CD80D9962ED0B20879128EFE5567A55DF241A97F58C9527E5E8580E8D1F67086F4AB8E3B145C406B43F11B0461B04801916F63A73AB8BC828B33F7FC5D142A40F0D862FACBF16CE1FAFA92DFA7A77754E384B12675BDABAB6DA53AB0F8F373414DE6B9576F1988B6C4B1F822972CA5861DE8B4A2BD9CF200579A5BB19D123EEBE68058E42EA98CDE71ED6C32B18D34E4DB0581C0C33CD06B2575CA05175530E4DF2CA191AFE868147821E95BC535C029540ACE6E93DDB1E34C83A4629DC61E83FE69A753187952C52955E3D20638B2F1B42BA7FD8473B8A514F09AC7F41FFAA2B93484D00101850E6D8997C8BA82812425BC26911B1B9D80550ACD6C9AE08B560775BE49BAE3DEDBBE5181D23FF1393CE1F94ACEDBD03BFD2FAD10B0C30BAEDD4CE4756A763967D35F85DD17AA32D322B59F4605304C6B43ED5DD0E96DCDE0ECCD65D87B946A43086C7FAB09DC9A07D6EF09983C7E30D81FFE541799DBBF4FC801137A75D197FEE6F75F91869571D8BB0E7864AC7E501BC0A8FE4AFA0C5A19CAB6B9A2DC10F37FCA0CB369E1D6D43E05ED6C95049A007DF003C036686FFFA0A47F7A1A7F69CE296572C502849A1533A03E186099E365D48D3FD0B7007A2A35884CC7D050AD4DBC3867CCC7421DE51297CA2BFEF3A7464EBC0B56DAA387107B2DC92C55D95715342E711F707C52EBAAF38D40848232EEDFD194CCCF2BB23557041D6B1425633FF5F298104C8C1791EB490927AEB4C828770FA01AB624BD034242CFA91BC9959C279B25D0DD91009F3A959953E626E123C2C04B566B8850445F76C9CD09AFBCDEB83D9A92D79005BE61FD6BA61279A1E66C30273035C238C8C8790B9E135C69BEF29C8377AB0064A198C83DC823137180734B25B6100038B95ADCAD8AAB4C8E6AB6F9E8C84CA19B384A920F8E729E80DA828665C96070AEEAAAEAA8C98D1BC24A472C96DB7A81ECEB29EC57C02DEB4E374D043484B7DE4AC90990EF3AAC17A462E0192B5F8E19926217B016259552AFD832707B2BEA34CF405E775DE56090B6914F323E1AA71279A7288D9DED509942BB367D59B05C6FBA4C1544B01FDDC37F05898E09E9647D9E08A802E233946A5A63CDC9543E666DB125AA7812261304CCE79D8C840B1BFA53761310C0818CD33E3D6E630587C290A1A80801602E53781576B5D294C036EB1CA852ED470A5D8F9D82378081D43967D9A7D14BAF47559A2A15A2DAF630B7AEA9319B54B7F6DB2A4C00CF6BC0F9824F4591AB92B16FEF9E0D75F29961F86FF7D74AD574EB6082777AF06B578EAD3088DC9229C8DD22B59124AEFC6DA05C37B6D7C0CD40020FE48ED9AEE4ECA7544D6D5A7F33B8E0195807E3820916C42BCCCD403D2C095296635EA55A66C9B7BC3A7758BFFECF75107074E9984CE8398EDA9F4879F5101912FD707EFFFE892520F50CE811695BE3F43D2C7B27F9C2D74A23F60C1410A457FFF24372CB2204B16C1D1D9CAD06038CEA09BC893309036A5295BFB25783C26793DEC5C42E4321D8E91B1484FC204E20C2F0D13D7F589717FF4E8F78106765C7B5611314E2FCE5CE4648A56A7479D2B4462BACDAF6816AF676ACD8FFB4E8193CD7E449816DDB8C72AFF7469FD99AAFCE7360786A42CDB299FCF7AF870E4E209A3589ECBBB32E99A9576C71791532D31A052F2E0DEFB0D8C20A114C4CAE8B0E1E5854EE6724518ABFE51243B77B0EB7A3E0DFC0B7DBBF170BBF6A373AE6C9AC550FBC7E634BD76441B427EA7C21CBBCCFFA1BE500C95ECC2D02325E24F4B028AD8718E2C64BA2A34FD18D13D241BA085710B959E79339667F47FB63B1F4AB5686071C5E329AC94391E1E86C97A2A4231AF8971064C99C2C824F83215AD528A1CA677952955FDB1036FEF54EA8A71960CA7CFA1BE5D93E778CDA8B620D7BF0C8B8EF2AC41EAA77180BDB8E384E9D00806CF187C020B14C4BE5EC7E008EB1E1FBFA78C37950BF195120BC0F2DC4C6127953792D442C87798D99E63CB9E72B892342E4DBB42AD1EA1C5C24250AA7B1DEA9CA7D6491B950BE6CE1FC4FA1AE7A6E3F3E169C8F2128C80A89748B033E8C2340E5E84C12DF32EC84A49699D79E8EE1DD803DFE4FB714BBE56E7990628B4ABA50726658582A3694804F5253BFBE610853A0D30A49CE7E01BEB29D06400554D2C2B8CC3BFD4A380C26378BA205E87D446D1B8DD93F37B590A0617AC454B7F3F55C167E7801C0155BE02AD7B11010C84C2C965ADED9848563FF57159FFA1EE9A4BCB84DFA58350E3AE71AAA530C74E066274BE93689AE2A01A43F296064F958DB8B14B1E38DC0872A0D577219F21586C353DB0A31357830A80705C5277633EBC4123DD8149440E722DBD7DDC11EC9EAE38DAE6DED5C13A081ECBA858A31D55ABDE14B6F10BCE03D639EDE9A1A2977F5C38C17C3580BDAEA724A3B28ECEC23C7BA98B13A4620AE0A27CC1ED2539FA2CE5BD5C7BDC71BD26B2A637AE797A7EC99A0070A90F9BEE81D3ABEB46976CC2B2B71ACD8F6C5A333243D50146CE267DCA99F6B6D05D5F6560BA7EACDF7FA901A232DDBBB28596B78BD942FA2A02F698674A60D485B8FC8808928BC8C620C2C241B33FE834E6C0526C24975DD96A5999E54ED7E204414FCC8D11E344C8B1497548EC3DC5E97B3954F17F192A4637075FF09FE0E6675C80BEF9973F6C6B0CBBA8E35ED85705AE06B95D6BC3E4FD6C6071673C0775ADB5FDB2D6D0250F84BBC646D42C8DDD86F5D6575ED927ABC99F9AFDF5C464CC6CFA3541942CDECAB4D6FC588B105A633FB27A2F96BB714F68F4F86755D0C135B39707D3CAC3693644AAF8FBDF5E8F6365D2629CDE3EDA4204C4A125F753F84D32CC513BBE631AF272A548D736AA877394372DD8A297ADBD086582BFBF4515B419D1E03C02D6D49885C1F8C0915454AFFE9E0D02CB29D1C1AA75757DBEA5DD9BA3791DEFAF7CDD8C777F02DB95458AEBA980B808DA9EFC728F2F1BE700A9817455F210C993CA17489E51C6AD51C9E6F4CE9EC67713A37958CE9F3E1E730840A38B0E802D4FDB0FDB751A80434AB69D5901E459924B63064A2702C863FC644A30E5D500AF914C6BCC5FBADA940AEDE2D3802C831F51D7650C114261A0FEC34307E30ACF873CB101B59B1499EA4B63D7F132F58402FCE031F475C6C3AE37F130DF86A383EE78A72634592C606A4DD3E01D5D3707EEE9DA8D50243E5C31DA56AEB03ADF5725CE8B5661B05FAA36FC5A663A815708C9BC3407490634ABB20CA2214D80B8CFBB0EBEE53A9276352488B844B8C35AA11D625275A4011F5CEF4E2C64738E19D7B25096597D3940667531F6B0941F8D0779F3C57C00EA7CC6160D22E5CCFB6D04A9E94EA445E723F713652E8A7FF546273952CCFAD0A2E1F282F8D66A521DE4095C901EE76697CBA3F1B7C8188E2CC4568288435F130C54976B4716313E307BE7AD724CEE69076E291B08639C04C41324E00FCD6611DC8906F90F7019A88C9EDCB79426A67351561B3EAF3DA3336E6B1A0975DEF8C93A6AC796647F0C77EF8F0C2DF069242E4D6B0DE322545E136453539FC463CC71D7DB99AF7341F4345C604F40209A516E3F7F1BE78F9DCFD6DF9A531BDB8152442F5A84B9F0FD30363727BDEF7F0FCEB24F91B206914D3597D2EC6CF3F71476912B8C0D121CA15AC667C80E725084AE51B78A2E584723C2BEF1D3F1BC9938EB910F341CCA404E01C0AE563B621D48E2358F731B9873DBEDCA4D1ADB50356A0F875BD670B0348DC19A25F22BD6464D241166C094A04F7C3B5D4B344DB2E7D260F3F66A88F1D96CC1CCFE1D8D08A748DDE3ED3035E604CA0CBBC029713E583AF5D66AB1C406CF4043153F5216C5F90C763E01D1C99E153FC515AEB5E08F1D120894D9C0956C18F27C869C29C51AD0FD3F0E1300
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
 
======File associations======
 
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
 
======List of files/folders created in the last 1 month======
 
2014-12-31 07:37:47 ----D---- C:\rsit
2014-12-31 07:37:47 ----D---- C:\Program Files\trend micro
2014-12-30 18:47:54 ----D---- C:\WINDOWS\SoftwareDistribution
2014-12-30 18:44:02 ----D---- C:\WINDOWS\system32\catroot2
2014-12-30 18:07:42 ----A---- C:\WINDOWS\tweaking.com-regbackup-PAS-Microsoft-Windows-8.1-(64-bit).dat
2014-12-30 18:07:40 ----D---- C:\RegBackup
2014-12-30 15:12:31 ----D---- C:\Program Files (x86)\Tweaking.com
2014-12-30 15:12:22 ----A---- C:\WINDOWS\Tweaking.com - Windows Repair (All in One) Setup Log.txt
2014-12-22 19:59:26 ----D---- C:\Program Files\Canon
2014-12-21 20:50:39 ----A---- C:\Program Files\Scheduled_Instant_Restore_Point.vbs
2014-12-20 07:00:35 ----D---- C:\WINDOWS\LastGood.Tmp
2014-12-19 23:27:25 ----A---- C:\WINDOWS\system32\drivers\iqvw64e.sys
2014-12-19 22:52:23 ----D---- C:\WINDOWS\ERUNT
2014-12-19 21:05:22 ----A---- C:\WINDOWS\system32\drivers\TrueSight.sys
2014-12-19 00:30:24 ----D---- C:\FLAC To MP3
2014-12-18 13:18:12 ----D---- C:\Program Files (x86)\MP3 Cutter
2014-12-18 13:08:21 ----D---- C:\ProgramData\NCH Swift Sound
2014-12-18 06:15:28 ----A---- C:\WINDOWS\SYSWOW64\w3url.dll
2014-12-18 06:15:28 ----A---- C:\WINDOWS\SYSWOW64\AudDevicePlugin.dll
2014-12-18 06:15:28 ----A---- C:\WINDOWS\SYSWOW64\AReadyLB.dll
2014-12-18 06:15:28 ----A---- C:\WINDOWS\system32\AudDevicePlugin.dll
2014-12-18 06:15:28 ----A---- C:\WINDOWS\system32\AReadyLB.dll
2014-12-18 06:15:15 ----D---- C:\Users\skeet_000\AppData\Roaming\J River
2014-12-18 06:06:46 ----A---- C:\WINDOWS\SYSWOW64\drivers\MxlW2k.sys
2014-12-18 06:06:20 ----D---- C:\Program Files (x86)\MUSICMATCH
2014-12-17 08:42:51 ----D---- C:\Program Files\BadgeHelp
2014-12-17 08:34:42 ----D---- C:\ProgramData\Logs
2014-12-14 17:43:01 ----D---- C:\Program Files\SUPERAntiSpyware
2014-12-14 17:18:10 ----D---- C:\ProgramData\IsolatedStorage
2014-12-10 22:31:55 ----A---- C:\autoexec.bat
2014-12-10 08:42:10 ----A---- C:\WINDOWS\system32\drivers\btfilter.sys
2014-12-09 11:26:23 ----A---- C:\WINDOWS\system32\shell32.dll
2014-12-09 11:26:22 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-12-09 11:26:20 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-12-09 11:26:20 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2014-12-09 11:26:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2014-12-09 11:26:19 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-12-09 11:26:18 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2014-12-09 11:26:18 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2014-12-09 11:26:18 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-12-09 11:26:18 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2014-12-09 11:26:18 ----A---- C:\WINDOWS\system32\msctf.dll
2014-12-09 11:26:18 ----A---- C:\WINDOWS\system32\mfplat.dll
2014-12-09 11:26:18 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-12-09 11:26:18 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys
2014-12-09 11:26:18 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2014-12-09 11:26:18 ----A---- C:\WINDOWS\system32\crypt32.dll
2014-12-09 11:26:17 ----AC---- C:\WINDOWS\system32\drivers\vhdmp.sys
2014-12-09 11:26:17 ----AC---- C:\WINDOWS\system32\drivers\sdbus.sys
2014-12-09 11:26:17 ----AC---- C:\WINDOWS\system32\drivers\mouclass.sys
2014-12-09 11:26:17 ----AC---- C:\WINDOWS\system32\drivers\kbdclass.sys
2014-12-09 11:26:17 ----AC---- C:\WINDOWS\system32\drivers\i8042prt.sys
2014-12-09 11:26:17 ----AC---- C:\WINDOWS\system32\drivers\dumpsd.sys
2014-12-09 11:26:17 ----A---- C:\WINDOWS\SYSWOW64\WSDApi.dll
2014-12-09 11:26:17 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll
2014-12-09 11:26:17 ----A---- C:\WINDOWS\SYSWOW64\QSVRMGMT.DLL
2014-12-09 11:26:17 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2014-12-09 11:26:17 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2014-12-09 11:26:17 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2014-12-09 11:26:17 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2014-12-09 11:26:17 ----A---- C:\WINDOWS\system32\WSDMon.dll
2014-12-09 11:26:17 ----A---- C:\WINDOWS\system32\WSDApi.dll
2014-12-09 11:26:17 ----A---- C:\WINDOWS\system32\WinSCard.dll
2014-12-09 11:26:17 ----A---- C:\WINDOWS\system32\vpnike.dll
2014-12-09 11:26:17 ----A---- C:\WINDOWS\system32\untfs.dll
2014-12-09 11:26:17 ----A---- C:\WINDOWS\system32\spoolsv.exe
2014-12-09 11:26:17 ----A---- C:\WINDOWS\system32\QSVRMGMT.DLL
2014-12-09 11:26:17 ----A---- C:\WINDOWS\system32\ntdll.dll
2014-12-09 11:26:17 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-12-09 11:26:17 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2014-12-09 11:26:17 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2014-12-09 11:26:17 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2014-12-09 11:26:17 ----A---- C:\WINDOWS\system32\drivers\dam.sys
2014-12-09 11:26:17 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2014-12-09 11:26:17 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2014-12-09 11:26:16 ----AC---- C:\WINDOWS\system32\drivers\sermouse.sys
2014-12-09 11:26:16 ----AC---- C:\WINDOWS\system32\drivers\mouhid.sys
2014-12-09 11:26:16 ----AC---- C:\WINDOWS\system32\drivers\kbdhid.sys
2014-12-09 11:26:16 ----AC---- C:\WINDOWS\system32\drivers\intelpep.sys
2014-12-09 11:26:16 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\SYSWOW64\WinSCard.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\SYSWOW64\vsstrace.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\SYSWOW64\vssapi.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\SYSWOW64\rasdiag.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\SYSWOW64\rascfg.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\SYSWOW64\QSHVHOST.DLL
2014-12-09 11:26:16 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\SYSWOW64\FWPUCLNT.DLL
2014-12-09 11:26:16 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\SYSWOW64\DevicePairing.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\wow64.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\VSSVC.exe
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\vsstrace.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\vssapi.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\rasser.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\rasmxs.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\rasdiag.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\rascfg.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\rasapi32.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\QSHVHOST.DLL
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\nshwfp.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\drivers\ndistapi.sys
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\drivers\agilevpn.sys
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\dnsapi.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\DevicePairing.dll
2014-12-09 11:26:16 ----A---- C:\WINDOWS\system32\BFE.DLL
2014-12-09 11:26:16 ----A---- C:\WINDOWS\splwow64.exe
2014-12-09 11:26:15 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-12-09 11:26:15 ----A---- C:\WINDOWS\SYSWOW64\wow32.dll
2014-12-09 11:26:15 ----A---- C:\WINDOWS\SYSWOW64\user.exe
2014-12-09 11:26:15 ----A---- C:\WINDOWS\SYSWOW64\setup16.exe
2014-12-09 11:26:15 ----A---- C:\WINDOWS\SYSWOW64\rasser.dll
2014-12-09 11:26:15 ----A---- C:\WINDOWS\SYSWOW64\rasmxs.dll
2014-12-09 11:26:15 ----A---- C:\WINDOWS\SYSWOW64\ntvdm64.dll
2014-12-09 11:26:15 ----A---- C:\WINDOWS\SYSWOW64\instnm.exe
2014-12-09 11:26:15 ----A---- C:\WINDOWS\SYSWOW64\eventcls.dll
2014-12-09 11:26:15 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-12-09 11:26:15 ----A---- C:\WINDOWS\system32\wow64cpu.dll
2014-12-09 11:26:15 ----A---- C:\WINDOWS\system32\ntvdm64.dll
2014-12-09 11:26:15 ----A---- C:\WINDOWS\system32\eventcls.dll
2014-12-09 11:26:02 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2014-12-09 11:26:02 ----A---- C:\WINDOWS\system32\SystemSettingsDatabase.dll
2014-12-09 11:26:02 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-12-09 11:26:02 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-12-09 11:26:02 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2014-12-09 11:26:02 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-12-09 11:26:02 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2014-12-09 11:26:02 ----A---- C:\WINDOWS\system32\MDMAgent.exe
2014-12-09 11:25:24 ----A---- C:\WINDOWS\SYSWOW64\DeviceSetupStatusProvider.dll
2014-12-09 11:25:24 ----A---- C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-09 11:20:12 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2014-12-09 11:20:12 ----A---- C:\WINDOWS\system32\poqexec.exe
2014-12-09 11:07:51 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-12-09 11:07:51 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-12-09 11:07:48 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-12-09 11:07:48 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-12-09 11:07:47 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-12-09 11:07:47 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-12-09 11:07:47 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-12-09 11:07:47 ----A---- C:\WINDOWS\system32\wininet.dll
2014-12-09 11:07:47 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-12-09 11:07:47 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-12-09 11:07:47 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-12-09 11:07:46 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2014-12-09 11:07:46 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-12-09 11:07:46 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-12-09 11:07:46 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2014-12-09 11:07:46 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-12-09 11:07:46 ----A---- C:\WINDOWS\system32\vbscript.dll
2014-12-09 11:07:46 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-12-09 11:07:46 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-12-09 11:07:46 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-12-09 11:07:46 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-12-09 11:07:45 ----A---- C:\WINDOWS\system32\iepeers.dll
2014-12-09 11:07:44 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-12-09 11:07:44 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2014-12-09 11:07:43 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2014-12-09 11:07:43 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-12-09 11:07:43 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2014-12-09 11:07:43 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2014-12-09 11:07:43 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2014-12-09 11:07:43 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2014-12-09 11:07:43 ----A---- C:\WINDOWS\system32\webcheck.dll
2014-12-09 11:07:43 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-12-09 11:07:43 ----A---- C:\WINDOWS\system32\jscript.dll
2014-12-09 11:07:43 ----A---- C:\WINDOWS\system32\inetcomm.dll
2014-12-09 11:07:43 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-12-09 11:03:03 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2014-12-09 11:03:03 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-08 19:56:14 ----D---- C:\Program Files (x86)\Garmin
2014-12-01 15:54:04 ----D---- C:\Users\skeet_000\AppData\Roaming\Garmin
2014-12-01 15:54:00 ----D---- C:\ProgramData\Garmin
2014-12-01 15:33:58 ----D---- C:\Users\skeet_000\AppData\Roaming\TeamViewer
 
======List of files/folders modified in the last 1 month======
 
2014-12-31 07:37:55 ----D---- C:\WINDOWS\Prefetch
2014-12-31 07:37:47 ----RD---- C:\Program Files
2014-12-31 07:00:00 ----D---- C:\WINDOWS\system32\sru
2014-12-31 04:01:57 ----D---- C:\Users\skeet_000\AppData\Roaming\ClassicShell
2014-12-31 03:32:54 ----D---- C:\WINDOWS\Temp
2014-12-31 00:28:43 ----SHD---- C:\System Volume Information
2014-12-30 19:04:31 ----D---- C:\WINDOWS\Microsoft.NET
2014-12-30 18:56:12 ----RD---- C:\WINDOWS\System32
2014-12-30 18:56:12 ----D---- C:\WINDOWS\Inf
2014-12-30 18:56:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-30 18:49:12 ----D---- C:\WINDOWS\debug
2014-12-30 18:49:06 ----D---- C:\ProgramData\NVIDIA
2014-12-30 18:47:54 ----D---- C:\Windows
2014-12-30 15:54:53 ----D---- C:\WINDOWS\system32\config
2014-12-30 15:12:31 ----RD---- C:\Program Files (x86)
2014-12-30 15:04:33 ----HD---- C:\ProgramData
2014-12-29 06:15:28 ----D---- C:\ProgramData\Licenses
2014-12-26 21:55:56 ----D---- C:\WINDOWS\AppReadiness
2014-12-22 19:59:33 ----D---- C:\Program Files (x86)\Canon
2014-12-22 19:57:24 ----D---- C:\WINDOWS\SysWOW64
2014-12-22 19:53:40 ----D---- C:\Users\skeet_000\AppData\Roaming\Canon
2014-12-22 19:44:28 ----D---- C:\WINDOWS\system32\DriverStore
2014-12-21 21:03:43 ----D---- C:\WINDOWS\system32\Tasks
2014-12-21 05:25:00 ----D---- C:\WINDOWS\system32\NDF
2014-12-20 07:00:28 ----D---- C:\Program Files (x86)\Realtek
2014-12-20 06:59:53 ----SHD---- C:\WINDOWS\Installer
2014-12-20 06:59:53 ----SHD---- C:\Config.Msi
2014-12-20 06:18:52 ----D---- C:\WINDOWS\system32\drivers
2014-12-20 00:46:38 ----D---- C:\Program Files (x86)\Loader
2014-12-19 23:26:57 ----RSD---- C:\WINDOWS\assembly
2014-12-19 23:03:07 ----D---- C:\WINDOWS\Logs
2014-12-19 22:52:30 ----D---- C:\WINDOWS\Tasks
2014-12-19 18:48:54 ----D---- C:\ProgramData\AllMyMovies
2014-12-18 06:06:46 ----D---- C:\WINDOWS\SYSWOW64\drivers
2014-12-18 06:06:32 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-12-18 05:10:50 ----D---- C:\WINDOWS\CbsTemp
2014-12-18 04:35:47 ----SD---- C:\WINDOWS\Downloaded Program Files
2014-12-18 04:10:50 ----RD---- C:\Users
2014-12-18 01:47:37 ----HD---- C:\Program Files\WindowsApps
2014-12-17 20:33:06 ----D---- C:\WINDOWS\WinSxS
2014-12-17 09:13:51 ----AD---- C:\ProgramData\TEMP
2014-12-14 17:47:26 ----D---- C:\Program Files\WinRAR
2014-12-14 16:45:07 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-14 16:40:37 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-12-14 15:19:22 ----D---- C:\Program Files (x86)\Google
2014-12-14 15:04:12 ----D---- C:\Program Files\Common Files
2014-12-14 15:04:11 ----DC---- C:\WINDOWS\system32\DRVSTORE
2014-12-12 21:26:30 ----SD---- C:\Users\skeet_000\AppData\Roaming\Microsoft
2014-12-12 21:09:08 ----D---- C:\Users\skeet_000\AppData\Roaming\Windows Live Writer
2014-12-10 16:31:31 ----D---- C:\Users\skeet_000\AppData\Roaming\Ahead
2014-12-09 15:02:37 ----D---- C:\WINDOWS\rescache
2014-12-09 11:28:09 ----RD---- C:\WINDOWS\ToastData
2014-12-09 11:28:08 ----D---- C:\WINDOWS\SYSWOW64\setup
2014-12-09 11:28:08 ----D---- C:\WINDOWS\system32\setup
2014-12-09 11:28:07 ----D---- C:\WINDOWS\system32\en-US
2014-12-09 11:28:07 ----D---- C:\WINDOWS\apppatch
2014-12-09 11:28:06 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-12-09 11:28:06 ----D---- C:\WINDOWS\SYSWOW64\en-US
2014-12-09 11:28:06 ----D---- C:\WINDOWS\system32\wbem
2014-12-09 11:25:39 ----A---- C:\WINDOWS\system32\wups.dll
2014-12-09 11:25:39 ----A---- C:\WINDOWS\system32\wuaext.dll
2014-12-09 11:25:38 ----A---- C:\WINDOWS\system32\wups2.dll
2014-12-09 11:25:33 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2014-12-09 11:15:39 ----D---- C:\WINDOWS\PolicyDefinitions
2014-12-09 11:15:39 ----D---- C:\Program Files\Internet Explorer
2014-12-09 11:15:39 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-09 11:15:09 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2014-12-09 11:15:09 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2014-12-09 11:14:17 ----D---- C:\ProgramData\Microsoft Help
2014-12-09 11:12:55 ----D---- C:\WINDOWS\system32\MRT
2014-12-09 11:11:49 ----A---- C:\WINDOWS\system32\MRT.exe
2014-12-02 23:12:34 ----D---- C:\Program Files (x86)\AllMyMovies
2014-12-02 12:06:02 ----D---- C:\WINDOWS\system32\catroot
2014-12-02 09:56:21 ----D---- C:\ProgramData\Apple
2014-12-02 09:56:21 ----D---- C:\Program Files (x86)\Common Files
 
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-07 644968]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2014-09-13 32576]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-09-23 157016]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-29 71680]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-12-10 599240]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-28 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-09-23 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2014-09-23 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-28 81920]
R3 dc3d;@oem4.inf,%dc3d.SvcDesc%;MS Hardware Device Detection Driver (USB); C:\WINDOWS\System32\drivers\dc3d.sys [2014-03-19 76496]
R3 MEIx64;@oem6.inf,%TEE_SvcDesc%;Intel® Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-08-09 99288]
R3 NVHDA;@oem11.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2014-09-16 197408]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-09-13 13157696]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-10-03 19272]
R3 nvvad_WaveExtensible;@oem8.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2014-09-04 38048]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2014-09-23 167424]
R3 RTL8168;@oem29.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-21 816344]
R3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-28 44544]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-29 38912]
S3 AthBTPort;@oem20.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys []
S3 BTATH_BUS;@oem16.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys []
S3 BTATH_LWFLT;@oem31.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-28 1198080]
S3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2014-11-21 25816]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2014-11-21 64216]
S3 MxlW2k;MxlW2k; C:\WINDOWS\system32\drivers\MxlW2k.sys []
S3 pmxdrv;pmxdrv; \??\C:\WINDOWS\system32\drivers\pmxdrv.sys [2014-11-21 31152]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 TrueSight;TrueSight; \??\C:\Windows\System32\drivers\TrueSight.sys [2014-12-20 35064]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\WINDOWS\system32\DRIVERS\WinUsb.sys [2013-08-22 78848]
 
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-02 81088]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-10-03 1148744]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-07 15720]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-11 733696]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2013-08-09 169432]
R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2013-08-09 390616]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-10-03 1795912]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-10-03 19439944]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-09-13 934216]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-09-13 411968]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-14 107912]
S3 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-07-22 172344]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-28 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-02 43696]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-14 107912]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-11 822232]
S3 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160]
S3 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-21 969016]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S3 ose;Office  Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
 
-----------------EOF-----------------

 


Edited by mjt27, 31 December 2014 - 10:41 AM.


BC AdBot (Login to Remove)

 


m

#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,571 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:49 AM

Posted 04 January 2015 - 04:45 PM

Greetings mjt27 and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. While I review our situation please run the below for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop <<< Important
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 mjt27

mjt27
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:49 AM

Posted 04 January 2015 - 08:30 PM

Hi Oh My,
 
Thank you for your assistance...here are the requested logs

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2015
Ran by skeetz (administrator) on PAS on 04-01-2015 17:29:03
Running from C:\Users\skeet_000\Desktop\TOOLS
Loaded Profile: skeetz (Available profiles: skeetz)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\msinfo32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2462536 2014-10-03] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-02] (Adobe Systems Incorporated)
HKU\S-1-5-21-1098560578-3003778375-3873536982-1001\...\Run: [DellSystemDetect] => C:\Users\skeet_000\AppData\Local\Apps\2.0\AAGY6MRL.B42\BKQGK0K6.6OP\dell..tion_e30b47f5d4a30e9e_0005.000d_4ab2a66cfade09be\DellSystemDetect.exe [276776 2014-12-12] (Dell)
HKU\S-1-5-21-1098560578-3003778375-3873536982-1001\...\Policies\Explorer: [DriveConfiguration] 0xCCC9BA9E7A3B2A3A230F81FBCE7E26794A6B7C601F8E6EB9C4D14B6B13FAD501F98B94AD72E6718DB5B57F2EAB891C4FA6C139E750AEF668E1F472469634E1B35EE8DFADD68E033B7708B8F4C60E4348C06D173AE3616EDE37E4A926B8933FB74662A740A78E790BCCD3D0D155DFF2D3560733265C3A164FAB33B60FCAF26480426C9261A282EFAFC630D4755907DFE499DDDDA65AC3EE704EC037E3D7839BEB642DE66FEAA69A3A17B3F5DD4A096C52A41055DF62E6E43D6AA758FA23EC761C8A91370783BCBEA16C1A8CB3F86CF7923B43D8000107854D643EFFC19E0B6C3E1BF5C722D2EAE2D66BD6845C1E288A90E9D0BACF072CC68E64879C9202EDEA639B3EE2FE88823ACAE17C78CDE6826C209D8BFEA0BD8A29E7CBFB487A83BB9144791CDF440039B4824B877E47D2AD198DF79696F5B5EAC43B78CAE7CA200DAE06F821DD7401539F5FE6F11E1E32AB5299C13F160A7456810129A873ABEB676E5365DBA8299D495E43DF1A6AE1F63918F5A2BD36E347C86A85E3AFC872425BA4809D75EFA58780AA1B68530F934EFC44A8341AB91CA8950927CE8C250EA78FAFF8930FA4FD15123E81D72B19C0EEAA94A95E107AF0E1C6E25FE40E536CD3392C11961A43D85BBCCD3597507E1947BF69F0C47C6C49DB164118BAD04F810B7DA89A989080145DE2E41EE2B0A886C8E3A222A195156E04D07076E19939F7132D44C1348A285FB531F3FA2E2B1D7BF24ABBF0E7B1F5319596BAC37C47B7B2FCAB6B75688E8BFA6C08D15229C10F96A3C2021E233FD8F3D9B3F187C632E3A4D9FBC0A3594D9BDE827D4867734464FB485D9531835013F7B088683F48AC73F6D72CB3365A1AC2BCEB3C20A29CA05F3233B0EE8B5ED7C369E9FC3C834B119202903C66CD96349D097CED6EE05877B98228239B6A0BE93FE3B206F7CA11E98B955A50D0942BAF7D7706D13B1103C1FB5BC1EB8CBCA27F6D88973816E0C6FA983F363C5D93925E92631543DFCA3A0446CCC6E64FEA088A62F46064741FFE6EE557EC1EA9D74F95A7F6EA195E44E3C5CED5CA7F96DDD72B5A7D731E67DDFAD69A7BC0E87DC352A739B4DFFE7198D095AD21BE6F74098CB0ED2EB0CA4F384243987D52B882217F23B382C55934D397D624062EBDAEF0201B38A8346CDD3075601E5785DFD4DD344A69D951044858C0319247CDBDC31393C0A0748EB261B2959FD9CEEFBB3AC7F90A4FC5802B06976F742B5FAA44768C3995C809A9D1B2B4AFE737120F9DD341BC28BB2E41FA67075FDB4EF4F83BF0022BC71A5FC13A66CDC87601AA517DD3B12B70B7160BE2662F82721C21B7F859345BB27D1FDF9E9485E42673BFF30204DC6E5BDEE6C62C1967EFEE602C117447498114DF5DEF078818E01207FA5F66D95DF0C5C6B5C6E7B817CD361CCEF86A32AD375A99165EF8C5BE25ABD45A38FF71F93B9BF8960A73DBEE453F448F0C2BFC3207D08B4AAA63A1DDB72CB493043AEB0C7E563B776E35CF61FBF1AECAF0BA987EC0C930A2C7DA96608ED34BFADAE3789BBC2F08D59168748DB94036A1A82D81CE3A6A2FD2473FFBCD7883F0ED595F214AAF549B0F0B8098DB9F1DF567514AE7680E0EE9B7619AF9AF44CE03D635FF9EC08DF895F6310E3E0982BB981746ECCF532CA1B3DF27175EF7CD99BD6CFD994B55C5FF200183C12B304AB4BC8287A1452FE49C61F96C91155FF0205614AAABCCAF21ADD6A44C4DCE73FA328E1F719A3395E256A6201FCDF84698E080A3E1259309149B3E21C7D6D9AF3B5CDF18D64EFC21D44B68F93991747A0A6562ACBCB57A8BEDFD5A0A52678E57F13661619064F2976D8A8AF32F012C381D476E78958EA488D8A00DAB972D48944DFB51607133FDA21E15DDB317E9654908394D4B0F3D38E47A9794D6D240C11219C3758551A95F343D340A8B6C5005F272C641A279B3BAB7F9385986C37419304495AF697708D8D2D17D32DABBFA4A2850FF2CE91ABED67128DBED266171AF9A175529F7DF9EAAA0A1657715EBC9C0178B36D30D5CE790A760AA1DC10FE4DA8AEFD498E5651C050FCB7D6B83C2E2959B1BCAA0237710FCC8A286ED30F33924DE32DF4A63FCB089D369784D77EBE94CC17A35C385EEDC0365ACC32D8D84873AA1DA103EF40469EDFBF4CF5E0117080F1C7CF5295F396B06510B3FF1959E3CA02D0DCAAA38B2C5375065F9F93772CDC634926B325A1B21630C730721C1CAE32D050949D4C00507C3BBF9BF1D6033D6CBC10D8D13DD1F6E6D1EB3EA92257940D5CA7CA0B65F5591B535959F906462ABFAC0C1742CC139D5E83043F9FAB9A6131C41855018799C0A2CB4C73FB2F5C441004D39AF8E64F9A35655832D81BFCB013F183E6CF745008DA06878C16EFA0E5FB21933A6FB23A295F38283E637C5CB1DA97103FBB885411244B57A500D0C98C96CD6CDB641BD26BE2C326375000F0623747AAAC61C0C965A983292570BD4F97CCF3510CB681B96D4B62F9D376EA69765CA21B4A69580D26C60F1E15796A40E45AFF2978B79035C9B6DF941D8356AD4A86B142FCAA4CC20E9ADB8887214BE01A3EA3CC4E5C8FAC95C105C2FBC75DDDF5EBEB86D93C6E83E38C853F08BD943F63CB6951583C7C035AA02454AC3F201AD10E3E520A0B816BD747F392CE148EE1935389AE59DD96A9C47B49528C322E1C4AF5F68B293E09C310AE789AA23545A2A06BE1F14DBC2CD18E79B865FF8F31B950804F9D0D80DB45F2D47973F347D55255CB1F6CB0B032BF18FD3DFA2572A0EB96356DAA3F9D5DC679A75B8E334B8F458997D0A2930DDBBDFEA54A77178211BC2BCEF2A6C7DB4FFBC5EDA71FD95119CD8FAC8B41FBEEC331B9E12B01B7A2BA4C13FFA1510B0CB72C56763BEEB1633F1AA13D09C6014A8CBF236ED2F6445D67DA8370711B4F94DD7D76F8F6B4DB5027F11AC9B7DF2B2CA6EE9B095651BAA5AE27279B2CA2B3FCE6AAADDDCCC28C063E60EB6CB10A10020BBE4A81361BA1442B84CDCB92BAAD9B88AB57EB6013C6CA74765407B174FB0E7E4F5D667C956CB84BED2785212D8A93E9515BE630615F078098D4D58C198CE2A8EAC691CB58435F7A85ECEF68867FBD8E8748E34D4F28C0D11208EA6A77B67979D7A0721047C9FBF36FF06FD60125C8D3E0DED98267F58524868F0D13495A9621F9CB8988E5C98DE4BB7094436E4FB43F1C949A33706A49B7035CD3B82700807E914CDE40AC5C039C4B3E34E491B0BF72C109077BA7B499F8E61B8366064819D1E8D21B33E48DCF752B099F7ECDD0D28C2659B4B32C98D56AAD5528FAA1417FD6EE58D1CCDD1ECD4611C38ACE89AC33BEAC4F3E09C0B45B3056C92BC5F459162C0679E26FA6CBA91BF4BD26A0929442DB8739FB97D29AA9549F87DA9A51D9CDB99DCCC47A701B7B8F959060799163298E47497273C9DCBC5FECA2D1DB4ACC1FC8B0A3B1107AB59F0F576765DA2D85CC84A665B14D3C4979CBBC5A6784FD35BFC1F92DC8295AEC0FB6A6E5FC35EEB1750DB46D6E4EDE5B9383A692F1041E05B12E43CBBD8240408442D4A5D1492DD9AB6D9BF0B5D3ADA4554A4EE519201CE0D8FBBCCCE577F724ADD4173B69180E02B35CB959F4EEC841A3094E43473553F81AF7A89B61380195E506DAECFB263B05D9075B8CDE7B9510C429F0021DD818361097B57E2D27C7C32E09D7C489BB2AABA921FA8311EED2C1A421E039FD63D5695D6E5382C3853723054C315B4C4B7A5F761F9DBA3B33AB09AABFAB8F295A7B13E48095C10A0DD8BBB2EC17C5E2D50651EB88D50B23B852925283016D7EB9906C51F3E8D0B02BAEFA726A17A80956AAC1AA7291627DCB1458154F7ADDFB988F26473C34C73264630C57CA62DB9246313EB1B1B5B072AFDC3E0AF8139BCA156FAF2CF9CFBB868548836C0152BDE5100CF0000F52599A207476CBF952E9B55963CFBD961131301DA140A69FDDA649410292782E1213C854FB819500B679D51A0223B41B18E5BF9826FFD87BA5FA08168C662994306687236F680B21C920558C7F0035048769C456A954BABB7800BA64D61BFC96CB00C710861AAC6BB78189C14148F9B31AD349E909A915A22D64640A103FCA424AF9B1EF1D7BD3192A9622A2B8EE54B0A682E2980182A53EF4478342557663BE8C9951B38D2A0150A5F37D777453EDB5B0402CE05BDEEFCDE4752094B8064E3D5E184F48756C59C984CA8DE4A0B2A5A1246027BF9F024F1425289624D5B325CBB376B8FD3224D39257F86E16D245C9548BAF9F09DCFC1C0F0C93770E9025DCABA36110352E4E140D3F7205847A639DC8E9944559B4DD7CCE0B91F9007322F33E38C97D6A68239A6545758A778BEF2B015F750B7DF3CDB4FAB5B316F9525A47875C105F26BF474D288A38D4FFADB7DF6E2C41E44A1D063745238F79697A921E1993AEB4A4AA28355EDA8E12CD9DAAAEE7A82554998D68C4BDC6FD57590FD7112A63884C6FC19776ADE954B9B17CCDC0F817E39E38726597D07F5383CF7E0875CB2A4A21A8F08C218B86274023A5C4A7258F8D01125D2C1FF52A57B764411B1AA699C60F3CDF6042DE8810B5FBA108A9C1AEF2F274C249576DAD1F520C983ABE122E1955A57A74F4680A143F8FAC2710555706C3E6D23A5E1D62EEC0F7EDC34818DBF9777904599F2D78CB1231B780623640276E42AD3DC68BB119331DC7936F8B3AEAA95A2E5D05F6FFB51D2750A04574D9377150CA88352745021F06C2D7F38AE5C54D7C09D702625B497AFD40E8FECE9A878519B2D5C8D6E5E070EA9B719C30B505925BA014C787CC9064E2971414E95606CAC337A028517BCAD6AF2D1C46D5E7756669D78598DDCDC0448B95D7941041BA7BCC2916F2778C805F3A6CA9AA3915A382345E2ED5ADBAD2B02F8566FB89681214F07C8BB6A36F82E4A31957E81E4E41CBC3727E004DCFC5707DF11FE9BCD8DF9A10E08083075DBB6EF169BD3C358E025AB4A4B5BE73BC74260840E3C44A96FEDF1A1CF371471EF691200ECB3A7260CDDCC06B739DF9EC495D7FE9CF6F7B373C7C4D7AF643FB085F8795DAF2D057476F0ADE9117564322D7C7CA8CDD21931541AE61CE0CD064CDA804D99CB66B1737215FBC8138DC22811769A28BFA9890474F2BA88DD14957630980E4F8EFE9D9FEC40023132B5053D0B723A9A441C832F74FAD6AAE24E4175A3E62BE603EEDCB726083FB5EF9EE7BC217751E2C58969F3CB0F4F1EF4DB5AEDEEEC5D7AC1432AE06BF35595F1C7783B27B44942DC72B061BD4FDAE47C842A69C55AD32F7491A690050128CB4B82E807650A1095EE153976754A841D2D5BE675E52DC3263A39BF140B31D0292DE79855606BF3D38274CCAD95030234829941B58735AFE3CC358135C1DB4313F8FEC0302CFF211A83FF590F104FC0139C28FD3FA69D2A5CA8CD33B19C5D7F18BF26D357952A73AE2DCD8AADA641CB48F243592DDA05E45542DC6B15DAAF792D08060CE9B696C9A8D75954CF4C77C26DFC0C501B272B5526F72375F1590118940A561AC9F53AC409BC90FCF2958CB8EC5773B80CD4A275386AD2558DD59A20FD4735B73DBB869504DE86592DB92FEC0D9180AEE4F4DD464D62D5D771B1F7837BB0E72E4B0BB0846F6F5C3D4FEEC29FA7A4A0453B9BEA20C5EC61BB332766C30FF511C63FFC7E3BEE0367C3CA57F8AE706DDEC19524C8A236C61D350501B6CB62C614ED87F9D8CAB36AE3CF7306BD77204E3363A90945AD92363F7A3D4525CE698754A4F8E2673FF5C958BBD56BE7E7FD2B40578551D8B43CFF9857EC663D16DF9539FF5EA162708208F5A85372629FF14EEEDAE0DE644A5F3A0771F599CCC64CCCC65B420BE2BD3EF4D41BC0D151AB3D1A7F4A293AAA62559638117BCCDF88173815B179BDC81419C250FB2A7A95A2D47269C6D858248BEA3F5879C2120D074A202C0E482B3F7E3EBB794F8EB8F6BBE23843ABCB96216FA8C486B1CAE2E5ACD60FAF996A7F1A6A03CD21BB1E93CC069D39B1166D0ABBBE668D2A95CA7212DB36F28BCA9E5D9DD5F62AF7C37BF1E384E9CD1ABAEF04DD79E0EA414BAB02CB780D673C84056AAEF8897DE065774FCFA7CE3986671ED936E33DFC89F23CC2344299FCCBE5B6D9DA0C958AC2311297827FBC1CAA23BF8B343E823D660D2665F976C3437BE0F59AF2489863C291CFC3D11C4B3BE899CA1E5C1DDD49EF74EF0EF1B88371AA22BD97FD21247B45A9A6E383CEDC92BB919095C09BFA7DC75E67551FF023098C533A4496418C383A13219EDFE1BCF88BEBB31A5737FDE8217C8D61803FDEDDFD3CD0928007B25D08F3A0BF9F330F268D3FA66FCD794FA8BD118F1A19261287952A2E8BB03B97BA1A4DAECE120CC1EEEF0180139708A9184505E51489D3ECE78F7DF013A5B139CDF8710C549E0CD282DA4D76A19BF20F7F455FBFC5B494DB847E5D4C1179C835137EDCD5DA6C9588AFF36FDAE9F98271F3AD32356849A5453912DC31082D356AD2B334F7D1078269A1683610A1C2546F9CCA93EEA94964CF4FB82F63ED0EE07E59D6A228C884EA95EE09B85765A519D353FDF195F2486DF718659F015AC35D82EC12A351D881F9ACF6DEFF7C18FF4ADA85606ED3A90D5C680AC3EFD97E52C1249B4543C870C50DCE72BB720AB935589F6D0B46C17BC2BFBF8CB0CF403761E3CC95753ADD8F565C685AF3CB89EBA4D0776E739CAD43D02D3D02857667BDEDBA6A8561399A2FF40EB35760586DA63F9851517F5ACAE210187F3BDF5BE0D80823FF544789A22FB0A396CEA1A846C395F4548B4F798EC625A3492D7181A86219F0654A4310731C17F4E2B8C69E033BCB2ACED0704980C895F188EEAD53A414090E48F259A23F31702794C2473EB3744549CCC6BDD778F9B8629F6AF6953D991F2FC893A09EE63508C0B1815B5A6CFF1AB9B817153D0BBE81195F544A5427CDAA138710FB1BC49CCA92FA712C050D2E55AFE17766F9CE99873D4E7136CFF989DE3EB485ACD725BE9E6B95692CDD520A894CB02BB361F7065333AE99BCD5709B15E337B5BB5ADAEFE1ADD5687915494B582843FE95AD419D32AFF3A6FED03EF6B9E086F47AAE2D0C4E1E575F227CF1B8E310F1C2E3F3DF95797F2094DFFECE41F0BDFEB4D78950D7624D1A7AB4EDBB5239712D41DF66DAD78481B119AA86788272686448C8B2E7E0DB25C9C4D0A37A74B74BA7BBBEE60B33A482880B715C760865043ACA952EBB1B515D2052BF1B0C606018BAA5E7C52B2DFBC3C8CDF29B496FDCAFD7AAC3706D9631D284DEF3FDEF161D46044F4E5DFCE935C89CA95490150B043A2ADABAF890FD88219A94E7DF1544B3952771CE77EF22E7EB9B4643BBB888F48AEC44F2372DECFB5F32AA9D232747902BA54B4AEAE166CE24240EC5AE7B6ACF75AF6F1BC2774835BDEDFC202F3F4BA58CA7D8EA309D8E46E94A3C54B695418247CE6AF17DE43E6E56AA3AD746948DE929DE1462D7D08962F941F8171B5A7299019C04133F24EA24042E018537D97BEBC529D62F39520FAC8D3413E83F227677A8E7671D890BE433E752952A4C1A8670172076D487373F9632AACA84F7EB96B5E4E2B87A5785209263A91D9D751723D337E3CCF6B4F91E85BDF90C338C453F97A85716250859EB5D7BEF98424757390E11B53424FDA877954615210108EF75A4858AB109507A2DF4AD4564C9020C024F886E3FB546A96CD34002CBB1EC67A44DE5549599E3F32AC4EB87ADBAC30A40EEA915285744016CB8DB4C9F25C53EFAC321CCADCF95C6BC77E27D0A75736E8B379DD9D01922074DD1B17FBA44647CBA9E8D9FBBA1B2E21D3DD6CD9662FAECD512E48065BA1F75D5C24394166376FA24B933C9E8194A1D5DA42942F31C592430F74B95069DB25577E068F88226A36426C4723E051DBCA060C6D36243E84C98FDE60F5BD340AACDF6B7EA57B1B3AD35E7E1F235BD2032BB949EF3093A3E9ABD613E819B5016498DD8A372E88A8428F19527C460A058BA24A49F2E2BA68EBDADD2377F7594E3E6389F06EA25347363BDA1CDB6E5083EB33A616BBEA4C2A72D2EDE66F215CCF57A1E0A69D42DC2D516144CC1FDA9F3D7D31BFCDE9686E495ED56C4EAD8DF86CDEF98A4D7E8ABB21A1966D4FAEAE1D3EC8BE2707CE2FDF895C80018FD748EF31F3709720D6AB5DBC5A51BA6B332AC8B78C2A7E0EA5E3D225CA0F2D21F2246824837952FB495D93CD14AE3FD318080A4FB21E4EB144D3A9C2DC1DDF59958CA505BD2550384D51C86BC313AD31E68BD13496E5976B3AD5D63414CE7D115B154F4A745FB1D18771BDBC20311671474CF3F9DE79589106613B1D98586264EEF31A97A8E2790A994A2BE850E47D27FBCAB9F712015DC81D5851D4822F60233CFE1AF2A37027C709F5EEDCBC685E4E4BD1515F0F97FBB90A70E89F63F25E44A5CC7954F4CCB5D273AE2B490F41346AF5EC0BA190651AE8C0785B3DD2C059932593FED712771C1F9CF04AB8F491C109BB56DA394F95028B9AC167E02329CDC56291F5BFE0452B55AF6AE4CD2120A6E9510B06BD76C121D77A8480376DE502B76B682A518DC2B96C1B279889E419704E57618635E8B99E122C3A2F3A35ACEDAEDBC2C792CF5E4646D691E39A9C51F33FF35B5FC41D7D6C3B270848F0E955FF3D3CBCFEE429F3077E442E7AE6A7544F3BE43B54FDF873A10ECAE19B47EBED3093B975691A979742B3FC794F0C20BA85CCF395FAEB3389B91839E25FB69BB9F563DDABBDE55C3AB4A9D8595D8AEEA72D7A08B6A9999215DE29FB10BFC21F80EAC23FF1B659AEE85BC1A25021CAE89B2BB071C5DCCDAD1FCF6839E7C06EED2BEE1B7A9E2BC901EC58FE400C8C6B948D43ADBAA9A61376A2095C1857179AB2AA0D3255C64B828878B8D0CEF565F4097CFDE3E625CAABE7995CE2AEC538A539C0956625858231146DDE41B854E4DF010C5DBAEE65B144D68F91019026B38660DB64E7FF4ACAD95DF96BDD3A4EC101C40ECD2D072ADCE6074CB3FED760DE20A4C454FC3647888DEFA3FD3608F6DC55397F2A0C772FFDE179D6B0E6E2A56DF896D0C7BBEF92C163DCA09C696C450957B5CEBD4C7959526B3C02F110F991B258B3B312AE24525577B52B8BC3F7A2BDDA71BF9A019D9C56974E39283E97832C20EAA01662D63D343E2A52A1FE516AC5C24BBD5D61504EA0F4A092E8A451357748F5E954389041DE83671BF89FB6171301433E458587050EA615CB96BEDCB70738436DE615B0E7D4D7950273E185A939D4EFD1CEAEDD3C5AEA7D37BB17622996C3A2CB2C1A4F48AEA54A865B03E798595DD52A9EEF35CE66C1E29D6D768EBF3962CDE9962CD2C5D4CA70EA1024635654ED66860DFDB6E504C222E8E56F815E56D99B8A476EBBBF2CC6DF162856AC4C7F672D84A790AEBBA6DA300227F95C9BCA1289D10767785185B112243147683B5478698E98E43E99BCBD887E5BBDA43A8CFCF1F2D37ED020C3F23B04DDE5EF8CE8C052FE455C5DE452C94B82681F0CFA0156807580E5ECA5F460B95FD57E9C333D83F7B2111C68852B384A91C0A9B48D36D1EFD3CD9235445D91AD0F3A95D309B9A07F055B80A13AEAB7C209DDB326BB8D79095A8F89F56DB41607A788A612A98DE8D6DB32148EE9558F6BC0022DF6DDFE7A6143932FDAAEDF461C31276441D3B926A79F92394A9A2BA5CEB519260752EC7A251F0C22F6B9FF8FFE99FD41DBAEAF107729D8D5855B63BA4B11CD7A471DFBF93F0C29540D70BF74FE47A297A5E60BF1D7D2060D9B673B24298B768D8F48A7B394098B7943DB17A61D81FB9504E36437F942C4AEFF62B1F39FEA53D7D97E8899C72F2D8A7A986B296A37F553E3765FDF17D143E63B860A784879F23A3AED7B29150F1A62C5F63B226570C44082C5F147680C4FDB41A3B0C699443D7A353FA111CBC855BBBA5B25C5E0ADC13D7020F6C34F16D1244FED18556C8B16C44C354492CB14AF6B98E62E0ACE319DB97CCA88F95C136D7251B4D6838D48BB3888F9A0C2CD8610B69AC7C33CC3CEAD175EE0627B6A5B9CADD42ED494D6A450FD48A0B8B3819698D131DDDF4E1F1E9E7865845041FF766E00EE2C0C8BCEDA15E8EF73F900D79FDCB455EEA6B6A168B77C2E6DA8BBE828E156ADD9DC40840003EF899B612DC160BEDF8F31A10DF9091014CC7B4814E7CA5BFA876E2C6CB776D0F4D1564F6773E38CC38717AB5B3997A8BEFEDA4DBD0151031468E5496C44F9D56F4ADFE07A87C07C614779AC43BE1FA01A86D25585E5C64BC11E520C197D9F75E99870FF18EDDAA83F2EAD1FB4E92FF387C9494F132156AA0CD8A74816B2B5DA4AEA56C40BC10AB4A8B2048465B9F3B5E841B29B171DC89EDED1805209D6A23CBCE81243871152C0E6420A423F44ADD919FA5F60C1EEE9AFF73A2235EA45F3B7295479377A01887AA1F9850AD391F7B2CFB579AC1AB40391559771448B6B7869429A0452D20B74D6BA4AF1A2A31E61A71C433625335DFA013C7F1518BFEAF34CFB161E9FE0D5F584FB8C62FE5E5B2510FF514BB65745303B741E79A43EF234E2B6C521326E0060275D8ADA218A4656743FD11780CEBADB566E6DEF9523CCE9C54B2363D246EBCBEA715808F1D30F2309C9CD4E6F1BD82EAFC954CD796E739A6A297EB8567627F2A93CDB5687F5B5100B403C1B9AEE1FFB3E12CB9F8FA68AF5467DD5D661947DBF889CF018CF93ACE37FC610BB338E12BAF6B137669ACC33F677FF30C5202DC3B49CDA8954115852271400F9CFBFB1623CE87A232CB5334D226D04F0E108137A69351F907BD2AAB7B00C3F59ED9BAD011B0E28E72FFDE1B8BB7EF82C9DF0AB3F07F2E83CC0EBCF4F4AD4467B74DED17EF12986938B95C31E8D0E183942709C5D682D6094E90889AE72105D55C937E3BFA8D50C3A7F02875230B6B348E0ED5DC2BC25F8D637767450D3D0BB5EC57D54D79B1EC9E9AE300ACD155A31EAC77688A743719E45FC9A9A21DEC6A1DAE70803B76F5964B93F5CF306E0500C2905700
HKU\S-1-5-21-1098560578-3003778375-3873536982-1001\...\Policies\Explorer: [LegacyDrive] 0xC78E9597BE76BBD2476B6866FF2AB80B8C4D2F4A26BF598E5673AD7EFE56B78A9A8277C4C5B404F2FF0074E1ADC300FC61DA641C5C1185A251DE56C36C50FC24934230A7ECD4E6849F1B2C9BDBDD18540821E755F9B6396FBC79040E1CE079F1EE3B378BE73ABEAAB1B026563D9611FC5A53DECB873A1F5F05554E9D3161BBDE1119C94F2DB85A97A0B988BB6EE1963F187F268E6EF2AC9CA5D26D22CAA9F7FD0AB4B66143206C91F77942A923D7C58F676B2E276657E6C670C349EA5E2DAA28BE009865316960491066D3F1561F4AE4BA7AE6491BEA1D572187720C22648322421D493FDFAFEC9C6B2C8DF5C81BF0787D816E32F474CE9F45F81B6FF2DBF789D4DE325155159B26E091162F963BEF5843036E97903BAC74793DA4C802548DC526DA6736119DD5088F872A0AC37FC6F11C8AA3ED9F85362BA5DC384D06A654CF3D017DE682D93E044A5F58F10DB7AC1D4BF15C34D13B2EF43855313BB045A265FB4B10D4BC17BFD0F23A4A92C0DB8D9B6FABC24AB51AEAAE38CB6F994E4607F6DF07EEDB5C6D32E9E20A07A736AB95E9E96430040DD48B3402AA283B8D68134B2A67D026A41C9284E299ADB504574E87AE326A6AA4B5F4D2989853DD3F871336AA25DB39D4519F5878A816BD25ED4B6F3093E23F3C38E1BF8D1709349DD932AE8F1E49F55B1595C12C4A3E2906C00F5EAC407B99C1F0DE522D2706B3C280F24C202ED908D68F6E60C90363CEDAFE2C85C35C055F42F536177A72C296B8965E4E55AF80DFFBF06967E4F8491FED7F07294A3D908979076E70743C9DC12B5F9BCE3105BF62B6F2CB05B57FC47B6E3E028E17E1830DCF588415D33A538FF4665FFA49EA916B2124DFAED23B261E7E3A5F17E45378DE9C497D5FAC9B3D3A09FBF3D15B03269E0124CDCA55DFB7FC31372A6FB166CA483BCFBD26BD340DFA36294E1978C8808F2CA736B71607F8099A4EE73280B79F6AC5F4496202D105723C1F64BE60D901C10CF492A8CC9E1CB3EAC367DD88D6B0BFEBCE9FB21A6F7834A8CA958CCE0714B1BC62CD69317487AE4AB46B55973DB8F274D2B9F6971FF41AE541A5018AE3896B18487D40C10F20AEB2CF7440978A3C37FFAD067F75A069E2ED9C8C7A63BDE76CBE584ED3FA8E2BFB86210AD0EB875C96AF3D74DA795ED6A87574B1FEFA8EAA816B92DB6F5BD51CD5F4E99A810299B6233BCACD24B048F8EDAF7A16BA1810265911E6A12EFA2B0D7BA3C2CFDEBDE8411B8F18041CEA2B97365FC429AEAFEBAC7C83F82B4F5EB35DD1CFB97A2BEB224DCCFA608B66716A63F83A201A5696ADD4499C4169D944813BEEA4C0A19370738D05BDE56C090A2C4D83805B464579F9132540B20152174D0AE87FDE42C1B33D718E76B602270E021C2091760E9D5F7BF067F03E873FF9D0A86A72E79163ADFE3118137FD7EB8D7CDD1E61F3DB3B07511BB337344DC547757CA1B46641CEFE5837C9BA61AEEFE25BA49C6F30F0952A55C1A3BF9547811310B0F8D78356495DCA37CBABDDA3A5D5CFB43EDE71D01FE3AF765509249A94844AA82CB703C7389D725A19670FCD2367FB8E952C9059CFEF3DB9BF2D91CC9D969546D8265FB85092E412C5E50E678F6B0EF190CEF455687F7DA428E7572CB1C87E9CF19C8D14E004EF5CFA238DCFFA53AAB2E6170BC44B515C16CAB6CF1DD37E0606B1603349C7BD7E81191CA67B0DD6EC8D73122D29C4F44EB1A712DC8DBA28F47C8E0C612795F3E405FC77967A392980F847A3697A4A47B81CF6C8E4C8A4EC2C11A591885FD6EEDF4D741C7A4F32D5B998897B053B505C05908C3415D989F3F4252AC1BC757D40181E9211B16E8E99E992FB9505CCB7628B43701CF38B586557E6F8B22791EB446FF53FFE5D211F74FD78AF4448A738A95DDA854D0E308D5F9E6C51E6C9ED085505E07A5F08B4AA0C8ACEB70D4C7F044C593397C88CEBBFA09552EDFA6DB1B915D58A40955D1B51567FC75472FD1A3A647408B46E3475A3374FFAD0B9F0E7DE5AEF847C59A29DDF6CF53D70A8BDB9C2A049F0C6D13AD2423E951F7F571771421FC97DFE8ED39596483495728B20F431FD00F29BD28982AAAF1A9A48619C8959CFAC8BFC2DFC9B0E73F688F00EA34B8BD5CC98913E5FB305D21385FDDE4FEFA76C485E8A716AA00E48FAF63F5FF96ACE314B62BF58741876EB93737FC75E3AF061003D6AAE32A28A9DAF8705E5E8EAF802F8C6797ADA7F7265DA80AF2C4923359175D1D6F0D86A02C490E7E06C0F3E9D2F1485047FDA5B507A8F843EB607D366953EB24DCAD8CC8BB08AD360AD5C3EBC035E6CD02CEDDB73B7339AC553ED01122A719FF970EF74CD3BF7603B953BDC2DCF97E8EF194E44905096E38C17589DA72931241CEDBC39F74B1320C0BF95935159ACE07029F2297F7AC2AE5320B17F445C0C8629FF6CC783D38AE7F93654EB05084043ECC8E007F3F9B680D0CB4AEA5FF77B7896EB1399BB279E7AD4E77BCC600233C744120A6F08D5D4951643D30A2254411D1053260AB947BC2FD49A195DBDCA0E2E74605099E926D5C377958118AE8D029B5548F87AAF915AE6FE31152146ABF6D95329C9B4FDB5C32CABAC1D9D1670029C505EAB8BD10400C86AFF8323F0EF6B80DB6B85C784341D65B6BB72EFC0E36708C9077B86643FFBD064DF768AF2417275DCC55D903015C6830AAECD3EAA9CD9DECA8489D02EE8EC387CA7F4944EC3289C8695679A6DE12919E7CF8CA75483C92D4A46CF6ED210883AC9595EE4872DFEF5BF7F5B22A6BFF67C58AE5DE77772F2CD15E5EE14D433A64D4BA40C2EACB67842A46FA9DF83F106589D4F2A75F09FABA0200751EB611DBECA8D8604B9B94B12BB7514FF57B74CA0E1167F59FA3907335A8EE72FCD3FF7DA7C6242226E6FAC684FF8D7D66F9448F30D1CC675D61B0356A97F7F2A9D95A8AF453446A695333716E1BA31B59EF85DC01314D43A4AC5032E2F145B95E7624A7964AC6B5B370EF9D3A5868A76FCFBFAFC277EA5A281CFD9CEE7238AF2112448B2223A6F497D099E29DB3A6AE19A7F534458C2D1F6C8C1FC852CA55E755E4EEC769B1075A8D8212B0C61AB5F38C0208C50E0CE973172B355EF90924E82A046C1BC7C57E77ECFCB7C2CC23F7C5ED9362AD917B057BD69FEE1FF41D67A1A82A395AB029C1E185AF82205E696BC1943F48262D633279A02754CA99E89986AA6CA0AB230448E8FA219CFCD23234DBF4FDBAF3B2F7A5AE7685D42B3B2AE00A78C4125DF2EBCCFD4C0FB7ADCC9B318FBF4EA5563BECC3572C657EB8A0925F937B836AF9C39E54C086F1A66C93BC28C45437C2946F295AB96BF37E5CCB3DDB265250ADC17C83B3C61E91A2267F1F4F6FD316D2002DF7326EF5B7014AF95B7C421B277728F3D9519D304C827F6FA06493B684825023C8D4CECA4216A40DC1FC08E4435D592B6A7685A1697A8AB2B83A7A2AD0F0D979F050946DE9A8E31FBF3BB4046E79AAB2B070E19C295DB0709A16FF872F40E8BA6D04E937CC54C42AEB3399C80DE162BA344BBF5582D1EABD805D223F467CE08F97A70D0D680C1EF81ACFB4B963449EF41A8CD035F82E7FCE0FEB510702CD6ED56439574AA9C3881FE708F40B0CA71084E4F00442275E7BF62E9351FA72D6BAEA086D36108151412D5440411B363BDDBB093F32939E4842D45BA5118D0754DDF8B51D33FD28A3DFEDEC4B2753CAB3F954B7DD72A832FF283B90D1CFBA8738EF9F0157EEB16EF43DACD7FBA427433E820DF1DE14C5AEEE809EB22D7DBD878C19869A5D7C2EF4988140522EC5B1680638720F97902B75D0E414CECB398AAAFC75652D3A52201D1C7A113302E24A6640B649D947769F4A164AB5063D478DB3548954EB57C284FC551D5FED50B28CB65BC338AC50078C920EB0861B840ED4B73E4C6B59792B155D2CF6EFE957D21C071217C17753BFD6D2A3CDA6E9AD499DB91708130AE014F85BB0029B23AAFD8B640A1315A877CD411BEFE1A23233E480A5435091C627C1B6B285748EADBF398D1E1ECC542E712EF2C2ED76D916F257EB4423DC862D2F98F5E2C44E0125D08D1C9D8FC0A1E18BD85B4862191289CC81D444BF433769A9AC38090B8A27055EAD2D39438042623335B8DE64073C7F133A262EC207E2BBC6D9C9FE95F2CA54B18A87D1ECD3EE1C3AD6F1EE115321A57B58F9575EF69AF6B7F9CAB016147F289EF6B5B124AB6A9DFFC995517DCA08EBE31037FE41A78D01D2D4C6F315EB29014225BF218D547EC656159DA89990132D8E6ADB8E71936F5E8280CA774DF1D1587D2F99FCD9634991C310C5A41CE4C8FFFB570D5557B0A88007665D541746717E0ADBC6071F53055D6375D40051E87600B15C48395517260D71FEE7FFE5E590460A28BB2C5689E91239B5A94B45DF1784C05EDEFEA6466FE8D4D78A44954F4BC99D55624F739F81FAA7485F8E0D2AFE9FCF4253A3115BFAD5092FC1ADEAAAF576A9582F55A1D6C6AA293689DD2E9EBC1A018E0A5ED81EDE535C8F7622AE6E8F19C7AB0509C60895EE185808B6AFA318D6547D254500173415E9F83931C8997215472674F32E8193BA529C3370839CF2B7C0231D01CABDA2F39F07A3F7538EE3EA947F9AFDA63DCA469B6273989F4CE61F63D7FE5E44533A936B20431F1C63E65F03DB891D97965B04FDC26EA6A75E25B64E0D9169567356AA16DE2FF63F00DA0945EFE571434BAAAC757DFCEDFC0D59DA22CB1E66D155908F9E0E9BFDD58563D545B517D41D36FD470E886C81F745A26BDB8794FF14D63D3DE5DEE41A512E93C2C4F00D21E9FDF0A95346A9ABCB26F4DA6346EFFBBAA25CDBEA27E4410C5070EC7A5A2D1FFB67E54759946E451A198F64490B80DD3A186DEF3CCADB2D5451E0D0345BD8DAC0E59143C29E22930F3D69C2957FD693F95DD56DF97E45102382B3E2D1A9706FC80301968886CA73401B013887C14A5DCA6667E18D572D2FAE08151B73420E6E52423A49881E9FDCC6BE03603664C172EB045E7D1D2FF9863764F3EF378956AC51140EFE4EC4E284DB8168C27530F89BD2707817852B9120A04A19BED290FFC0C497B9DBFAC18B1FDC1ABBCCDC09E52FE8F502218E2B03492A70A6F46A1205E21537D331F1F060D77AFD2BB7612943C30422D3631B1CBDFEC971258D231A2D4196EF7EFBCEB8E41C3214A32C4DD1510AAF1CA5EB52A5370C2820E34CD967653B45AFF793D0B41F05B655974AD178D4348742E73B66BC388953EB96346665D63C4B74C31C2C067803C5DAAA63F3AA642FC9231211B3D5C6352E9A5D935A76EB250AAAE57734CE7934D5258F73C71737D6411916BFE50E57AF34AAE38AA98B1AB1E16E73733F3EA73C14AC2D615135C6685A24CFCD3C6FAEE5296EA3D474C400F9557835F9AABA1F3545C338EC86B0367A4DFCBDB2318405F31614FB8CFC4A76EBA22777E4782794F92AA2FE7D7EC6C5F2043CC1794219F2C20607C038998B9D5B760A87CAC08617A6FC45D3D490C40A13442F5B7919600C51927108E166AD4D3D3D0101951A3F0AD3B319CE61C2D0CAAD0521E333849E61332CD4576C90DBD95A8A85283D7D5E1D6199C2390B0C803FB8D1998E514F304F71F549C424508481B5C202D293CA08ABCC678E06025B656B254F95B73E1298DDBF065DA30823DE596F822AB29D21A6649BDB8B135D7CD4CEEDC0757E5EF2242AD3B8E4FD036B6CFAAD8829512AC21AC3C260545DE372FF3921FAC1B7C8260A52CBF02F8C67D682660860563ABD9B0BCD6FAA605AF8DD3140C234D2C695421BCD20E95534A032C20AACF4B8673BED907B3FA6EA9E26C6041152291F174F48CF0EE67D1892BD16C67C3BECD0FAD93D3AEFA712A15C35CD702609D11A1DA645352A3B2AFAD857665C3D9F6B4A7F971F0B72EF703D5F290C81B9D5B444A644603D0D1437C51C63F3B3EBF5440A9573FA2580D1477184930F8539A70E1E542A0172CF4378D5EDC416820E09C625426676C32D6B8979A218D34A882063A89C243D1E98E43E5AD7FF8734532B019245C1C5918A60E4B2904828EC442DB8419DF70BFC11F47B6A45C20BD1A9DB634506941FEEDDE3F34F6FD741BEF483054448FD053E7078712399C5F072E88957A53AC259E3C35FFF0DDC62E001CFFE306DD83406B75A26D8C6236E8BA39CA1C85DF02363AFC3634AAAD613E2D793A3AE787A09B4A0E3B79DC0C61E73B3B36815E4118441D273AA2F40C8ED6BF041BE9765ABA61477404FA54017A8242E9F5BADE8DDFB6F850A387745662179E8BE853BEE8DE90ECF1412726831263A0CC509E5B9B23A6F9DA5A65D05817C23DCCC9C23B175BF334CAAB0A16F3E83ECBAAED3229210F74AFF0C3321EDF8394585CCFA77C14729953C5062CEB4DBA6581075384A458713998851415F9C85E3FA0A29A68CA727E017747ADAB11F380EF4E60062F57284ADC2A5F95D4EA3DB3728164B837F6F47DC5F92963C810C52FC343FA5D0F198AB720C42D270B9933CA45C36A45AE37425CCEEA2FC05E424F290ACB4DA5752C85307E596984C10A2332616B7BF20515FC38E3213D5208772BF70ADDEE0FE1404F8FB9E903A51FFF2454164EE25F674676693847585AE01BB205FAC41407B87969F27AEB2AABA0CCD1109C9291DE4B7944D285C7A50FF253BFC02048A5FED3952764F49D0B3641AE31F99DECB7DFC046A4667F46298B39E6263A71A5F00ABCDA5227DE47D28F30F13582442F4533CC02D1C4B8A4F6719F649D0C60B045A90974029AF8A2C69E3F12E0554D8D95C2F7CB240746C5C7B5C10A13BF1BD56ACEEBAD4940A589D671C938B93A5A002DB89286574FD4EDD6EEE2429B945018FB13386F021330DB0B5B79E18D4C79A538AE6CC241B0567AFA293C0FA5952493708A9CF91847842334680A1704371D9B83D52DED4A8A32B4B25AEF3739D978CD273FF29470BF9A66DD150809675FB5A6E32DBC7DE5DBDDD6DE1FC73B87DE97E483449C733F135DE11E3BB5DDB9D3AB1D840D68E3845ADCBAA545703AB0C25D89C2CDBE22FC4DEAD57D3E020F8D0FC65C1B49AD2A6A7234D0073176CFFEB2FD574D4CD80D9962ED0B20879128EFE5567A55DF241A97F58C9527E5E8580E8D1F67086F4AB8E3B145C406B43F11B0461B04801916F63A73AB8BC828B33F7FC5D142A40F0D862FACBF16CE1FAFA92DFA7A77754E384B12675BDABAB6DA53AB0F8F373414DE6B9576F1988B6C4B1F822972CA5861DE8B4A2BD9CF200579A5BB19D123EEBE68058E42EA98CDE71ED6C32B18D34E4DB0581C0C33CD06B2575CA05175530E4DF2CA191AFE868147821E95BC535C029540ACE6E93DDB1E34C83A4629DC61E83FE69A753187952C52955E3D20638B2F1B42BA7FD8473B8A514F09AC7F41FFAA2B93484D00101850E6D8997C8BA82812425BC26911B1B9D80550ACD6C9AE08B560775BE49BAE3DEDBBE5181D23FF1393CE1F94ACEDBD03BFD2FAD10B0C30BAEDD4CE4756A763967D35F85DD17AA32D322B59F4605304C6B43ED5DD0E96DCDE0ECCD65D87B946A43086C7FAB09DC9A07D6EF09983C7E30D81FFE541799DBBF4FC801137A75D197FEE6F75F91869571D8BB0E7864AC7E501BC0A8FE4AFA0C5A19CAB6B9A2DC10F37FCA0CB369E1D6D43E05ED6C95049A007DF003C036686FFFA0A47F7A1A7F69CE296572C502849A1533A03E186099E365D48D3FD0B7007A2A35884CC7D050AD4DBC3867CCC7421DE51297CA2BFEF3A7464EBC0B56DAA387107B2DC92C55D95715342E711F707C52EBAAF38D40848232EEDFD194CCCF2BB23557041D6B1425633FF5F298104C8C1791EB490927AEB4C828770FA01AB624BD034242CFA91BC9959C279B25D0DD91009F3A959953E626E123C2C04B566B8850445F76C9CD09AFBCDEB83D9A92D79005BE61FD6BA61279A1E66C30273035C238C8C8790B9E135C69BEF29C8377AB0064A198C83DC823137180734B25B6100038B95ADCAD8AAB4C8E6AB6F9E8C84CA19B384A920F8E729E80DA828665C96070AEEAAAEAA8C98D1BC24A472C96DB7A81ECEB29EC57C02DEB4E374D043484B7DE4AC90990EF3AAC17A462E0192B5F8E19926217B016259552AFD832707B2BEA34CF405E775DE56090B6914F323E1AA71279A7288D9DED509942BB367D59B05C6FBA4C1544B01FDDC37F05898E09E9647D9E08A802E233946A5A63CDC9543E666DB125AA7812261304CCE79D8C840B1BFA53761310C0818CD33E3D6E630587C290A1A80801602E53781576B5D294C036EB1CA852ED470A5D8F9D82378081D43967D9A7D14BAF47559A2A15A2DAF630B7AEA9319B54B7F6DB2A4C00CF6BC0F9824F4591AB92B16FEF9E0D75F29961F86FF7D74AD574EB6082777AF06B578EAD3088DC9229C8DD22B59124AEFC6DA05C37B6D7C0CD40020FE48ED9AEE4ECA7544D6D5A7F33B8E0195807E3820916C42BCCCD403D2C095296635EA55A66C9B7BC3A7758BFFECF75107074E9984CE8398EDA9F4879F5101912FD707EFFFE892520F50CE811695BE3F43D2C7B27F9C2D74A23F60C1410A457FFF24372CB2204B16C1D1D9CAD06038CEA09BC893309036A5295BFB25783C26793DEC5C42E4321D8E91B1484FC204E20C2F0D13D7F589717FF4E8F78106765C7B5611314E2FCE5CE4648A56A7479D2B4462BACDAF6816AF676ACD8FFB4E8193CD7E449816DDB8C72AFF7469FD99AAFCE7360786A42CDB299FCF7AF870E4E209A3589ECBBB32E99A9576C71791532D31A052F2E0DEFB0D8C20A114C4CAE8B0E1E5854EE6724518ABFE51243B77B0EB7A3E0DFC0B7DBBF170BBF6A373AE6C9AC550FBC7E634BD76441B427EA7C21CBBCCFFA1BE500C95ECC2D02325E24F4B028AD8718E2C64BA2A34FD18D13D241BA085710B959E79339667F47FB63B1F4AB5686071C5E329AC94391E1E86C97A2A4231AF8971064C99C2C824F83215AD528A1CA677952955FDB1036FEF54EA8A71960CA7CFA1BE5D93E778CDA8B620D7BF0C8B8EF2AC41EAA77180BDB8E384E9D00806CF187C020B14C4BE5EC7E008EB1E1FBFA78C37950BF195120BC0F2DC4C6127953792D442C87798D99E63CB9E72B892342E4DBB42AD1EA1C5C24250AA7B1DEA9CA7D6491B950BE6CE1FC4FA1AE7A6E3F3E169C8F2128C80A89748B033E8C2340E5E84C12DF32EC84A49699D79E8EE1DD803DFE4FB714BBE56E7990628B4ABA50726658582A3694804F5253BFBE610853A0D30A49CE7E01BEB29D06400554D2C2B8CC3BFD4A380C26378BA205E87D446D1B8DD93F37B590A0617AC454B7F3F55C167E7801C0155BE02AD7B11010C84C2C965ADED9848563FF57159FFA1EE9A4BCB84DFA58350E3AE71AAA530C74E066274BE93689AE2A01A43F296064F958DB8B14B1E38DC0872A0D577219F21586C353DB0A31357830A80705C5277633EBC4123DD8149440E722DBD7DDC11EC9EAE38DAE6DED5C13A081ECBA858A31D55ABDE14B6F10BCE03D639EDE9A1A2977F5C38C17C3580BDAEA724A3B28ECEC23C7BA98B13A4620AE0A27CC1ED2539FA2CE5BD5C7BDC71BD26B2A637AE797A7EC99A0070A90F9BEE81D3ABEB46976CC2B2B71ACD8F6C5A333243D50146CE267DCA99F6B6D05D5F6560BA7EACDF7FA901A232DDBBB28596B78BD942FA2A02F698674A60D485B8FC8808928BC8C620C2C241B33FE834E6C0526C24975DD96A5999E54ED7E204414FCC8D11E344C8B1497548EC3DC5E97B3954F17F192A4637075FF09FE0E6675C80BEF9973F6C6B0CBBA8E35ED85705AE06B95D6BC3E4FD6C6071673C0775ADB5FDB2D6D0250F84BBC646D42C8DDD86F5D6575ED927ABC99F9AFDF5C464CC6CFA3541942CDECAB4D6FC588B105A633FB27A2F96BB714F68F4F86755D0C135B39707D3CAC3693644AAF8FBDF5E8F6365D2629CDE3EDA4204C4A125F753F84D32CC513BBE631AF272A548D736AA877394372DD8A297ADBD086582BFBF4515B419D1E03C02D6D49885C1F8C0915454AFFE9E0D02CB29D1C1AA75757DBEA5DD9BA3791DEFAF7CDD8C777F02DB95458AEBA980B808DA9EFC728F2F1BE700A9817455F210C993CA17489E51C6AD51C9E6F4CE9EC67713A37958CE9F3E1E730840A38B0E802D4FDB0FDB751A80434AB69D5901E459924B63064A2702C863FC644A30E5D500AF914C6BCC5FBADA940AEDE2D3802C831F51D7650C114261A0FEC34307E30ACF873CB101B59B1499EA4B63D7F132F58402FCE031F475C6C3AE37F130DF86A383EE78A72634592C606A4DD3E01D5D3707EEE9DA8D50243E5C31DA56AEB03ADF5725CE8B5661B05FAA36FC5A663A815708C9BC3407490634ABB20CA2214D80B8CFBB0EBEE53A9276352488B844B8C35AA11D625275A4011F5CEF4E2C64738E19D7B25096597D3940667531F6B0941F8D0779F3C57C00EA7CC6160D22E5CCFB6D04A9E94EA445E723F713652E8A7FF546273952CCFAD0A2E1F282F8D66A521DE4095C901EE76697CBA3F1B7C8188E2CC4568288435F130C54976B4716313E307BE7AD724CEE69076E291B08639C04C41324E00FCD6611DC8906F90F7019A88C9EDCB79426A67351561B3EAF3DA3336E6B1A0975DEF8C93A6AC796647F0C77EF8F0C2DF069242E4D6B0DE322545E136453539FC463CC71D7DB99AF7341F4345C604F40209A516E3F7F1BE78F9DCFD6DF9A531BDB8152442F5A84B9F0FD30363727BDEF7F0FCEB24F91B206914D3597D2EC6CF3F71476912B8C0D121CA15AC667C80E725084AE51B78A2E584723C2BEF1D3F1BC9938EB910F341CCA404E01C0AE563B621D48E2358F731B9873DBEDCA4D1ADB50356A0F875BD670B0348DC19A25F22BD6464D241166C094A04F7C3B5D4B344DB2E7D260F3F66A88F1D96CC1CCFE1D8D08A748DDE3ED3035E604CA0CBBC029713E583AF5D66AB1C406CF4043153F5216C5F90C763E01D1C99E153FC515AEB5E08F1D120894D9C0956C18F27C869C29C51AD0FD3F0E1300
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1098560578-3003778375-3873536982-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKU\S-1-5-21-1098560578-3003778375-3873536982-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/betapit/PCPitStop.CAB
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\skeet_000\AppData\Roaming\Mozilla\Firefox\Profiles\lbemok3i.default
FF DefaultSearchEngine: Google
FF Homepage: https://www.pogo.com/action/pogo/lightreg2-signin.do
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_240.dll ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_240.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1215155.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\skeet_000\AppData\Local\Google\Chrome\User Data\Default

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-10-03] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-09] (Intel Corporation)
S3 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S3 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-10-03] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-10-03] (NVIDIA Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-26] (Atheros)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-23] (Microsoft Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-09] (Intel Corporation)
S3 MxlW2k; C:\Windows\SysWow64\Drivers\MxlW2k.sys [28276 2015-01-04] (MusicMatch, Inc.) [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-10-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 pmxdrv; C:\WINDOWS\system32\drivers\pmxdrv.sys [31152 2014-11-21] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2014-12-20] ()
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
S3 AthBTPort; \SystemRoot\system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_BUS; \SystemRoot\System32\drivers\btath_bus.sys [X]
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-04 17:26 - 2015-01-04 17:26 - 00053917 _____ () C:\Users\skeet_000\Desktop\summary.zip
2015-01-04 17:22 - 2015-01-04 17:22 - 00752532 _____ () C:\Users\skeet_000\Desktop\summary.txt
2015-01-04 16:52 - 2015-01-04 16:52 - 00000000 _____ () C:\Users\skeet_000\Desktop\New Text Document.txt
2015-01-04 14:52 - 2015-01-04 17:02 - 00000990 _____ () C:\Users\skeet_000\Desktop\vvvv.txt
2015-01-04 14:11 - 2015-01-04 14:14 - 00000000 ____D () C:\Users\skeet_000\Desktop\IMPLANTS
2015-01-04 11:42 - 2015-01-04 11:42 - 00000139 _____ () C:\Users\skeet_000\Desktop\Santos-Robinson Mortuary Obituaries.url
2015-01-03 21:55 - 2015-01-03 21:55 - 00000242 _____ () C:\Users\skeet_000\Desktop\Bowsers affected with AdChoices - Tech Support Forum.url
2015-01-03 21:48 - 2015-01-04 17:29 - 00000000 ____D () C:\FRST
2015-01-03 04:11 - 2015-01-03 04:11 - 00001009 _____ () C:\Users\skeet_000\Desktop\WinRAR.lnk
2015-01-03 04:11 - 2015-01-03 04:11 - 00000000 ____D () C:\Users\skeet_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-03 04:11 - 2015-01-03 04:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-01 22:40 - 2015-01-03 04:07 - 00000000 ____D () C:\Users\skeet_000\Desktop\TECHHH
2014-12-31 07:37 - 2014-12-31 07:38 - 00000000 ____D () C:\Program Files\trend micro
2014-12-30 18:07 - 2014-12-30 18:07 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-PAS-Microsoft-Windows-8.1-(64-bit).dat
2014-12-30 18:07 - 2014-12-30 18:07 - 00000000 ____D () C:\RegBackup
2014-12-30 15:12 - 2014-12-30 15:12 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-12-30 14:01 - 2015-01-04 17:29 - 00000000 ____D () C:\Users\skeet_000\Desktop\TOOLS
2014-12-22 19:59 - 2014-12-22 19:59 - 00000000 ____D () C:\Program Files\Canon
2014-12-22 19:56 - 2014-12-22 19:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-12-22 19:56 - 2014-12-22 19:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP560 series
2014-12-22 19:45 - 2014-12-22 19:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP560 series Manual
2014-12-21 21:03 - 2014-12-21 21:03 - 00003568 _____ () C:\WINDOWS\System32\Tasks\Point_Creator
2014-12-21 20:50 - 2014-09-07 11:28 - 00002027 _____ () C:\Program Files\Scheduled_Instant_Restore_Point.vbs
2014-12-20 07:00 - 2014-12-20 07:00 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-12-20 00:46 - 2014-12-20 00:46 - 00001867 _____ () C:\Users\skeet_000\Desktop\LOADER.lnk
2014-12-20 00:46 - 2014-12-20 00:46 - 00000000 ____D () C:\Users\skeet_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Loader
2014-12-19 23:27 - 2014-01-10 00:36 - 00033616 _____ (Intel Corporation ) C:\WINDOWS\system32\Drivers\iqvw64e.sys
2014-12-19 22:52 - 2014-12-19 22:52 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-12-19 21:45 - 2014-12-19 21:45 - 00000017 _____ () C:\Users\skeet_000\AppData\Local\resmon.resmoncfg
2014-12-19 21:05 - 2014-12-20 06:18 - 00035064 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-12-19 00:30 - 2014-12-19 00:30 - 00000605 _____ () C:\Users\Public\Desktop\FLAC To MP3.lnk
2014-12-19 00:30 - 2014-12-19 00:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLAC To MP3
2014-12-19 00:30 - 2014-12-19 00:30 - 00000000 ____D () C:\FLAC To MP3
2014-12-18 13:18 - 2014-12-18 13:18 - 00001042 _____ () C:\Users\Public\Desktop\MP3 Cutter.lnk
2014-12-18 13:18 - 2014-12-18 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 Cutter
2014-12-18 13:18 - 2014-12-18 13:18 - 00000000 ____D () C:\Program Files (x86)\MP3 Cutter
2014-12-18 13:18 - 1998-06-23 18:00 - 00140096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.ocx
2014-12-18 13:08 - 2014-12-18 13:08 - 00000000 ____D () C:\ProgramData\NCH Swift Sound
2014-12-18 13:07 - 2014-12-18 13:12 - 00000000 ____D () C:\WINDOWS\System32\Tasks\NCH Software
2014-12-18 06:15 - 2014-12-18 06:15 - 00000076 _____ () C:\WINDOWS\SysWOW64\w3url.dll
2014-12-18 06:15 - 2014-12-18 06:15 - 00000000 ____D () C:\Users\skeet_000\AppData\Roaming\J River
2014-12-18 06:15 - 2014-08-29 06:54 - 00585728 _____ (Audible Inc.) C:\WINDOWS\SysWOW64\AReadyLB.dll
2014-12-18 06:15 - 2014-08-29 06:54 - 00585728 _____ (Audible Inc.) C:\WINDOWS\system32\AReadyLB.dll
2014-12-18 06:15 - 2014-08-29 06:54 - 00229376 _____ (Audible Inc.) C:\WINDOWS\SysWOW64\AudDevicePlugin.dll
2014-12-18 06:15 - 2014-08-29 06:54 - 00229376 _____ (Audible Inc.) C:\WINDOWS\system32\AudDevicePlugin.dll
2014-12-18 06:06 - 2015-01-04 12:43 - 00028276 _____ (MusicMatch, Inc.) C:\WINDOWS\SysWOW64\Drivers\MxlW2k.sys
2014-12-18 06:06 - 2014-12-18 06:06 - 00002130 _____ () C:\Users\Public\Desktop\MM 7.50.3103.lnk
2014-12-18 06:06 - 2014-12-18 06:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MUSICMATCH
2014-12-18 06:06 - 2014-12-18 06:06 - 00000000 ____D () C:\Program Files (x86)\MUSICMATCH
2014-12-18 04:51 - 2014-12-18 04:51 - 00000000 ____D () C:\Users\skeet_000\AppData\Local\Musicmatch
2014-12-18 04:12 - 2015-01-03 04:12 - 00000212 _____ () C:\Users\skeet_000\Desktop\HJTL.url
2014-12-17 08:42 - 2014-12-17 08:42 - 00000000 ____D () C:\Program Files\BadgeHelp
2014-12-16 14:39 - 2014-12-16 14:40 - 00000035 _____ () C:\Users\skeet_000\Documents\!! CAM4.txt
2014-12-15 15:57 - 2014-12-15 15:57 - 00000334 _____ () C:\Users\skeet_000\Desktop\UTUBEMP3.url
2014-12-14 17:44 - 2014-12-28 05:00 - 00000520 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 95f1b334-436c-4a43-a9c2-1d70303541ef.job
2014-12-14 17:44 - 2014-12-14 17:44 - 00003292 _____ () C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 95f1b334-436c-4a43-a9c2-1d70303541ef
2014-12-14 17:43 - 2014-12-14 18:38 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-12-14 17:43 - 2014-12-14 17:43 - 00001820 _____ () C:\Users\Public\Desktop\SAS.lnk
2014-12-14 17:43 - 2014-12-14 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-12-14 17:18 - 2014-12-14 17:18 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-12-14 16:45 - 2014-12-14 16:45 - 00001118 _____ () C:\Users\Public\Desktop\MWB 2.04.lnk
2014-12-14 16:40 - 2014-12-14 16:40 - 00001163 _____ () C:\Users\Public\Desktop\FF 35.0.lnk
2014-12-14 15:19 - 2014-12-14 15:19 - 00002279 _____ () C:\Users\Public\Desktop\CHROME.lnk
2014-12-14 15:19 - 2014-12-14 15:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-14 15:17 - 2015-01-04 17:22 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-14 15:17 - 2015-01-04 15:22 - 00000902 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-14 15:17 - 2014-12-14 15:17 - 00003878 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-14 15:17 - 2014-12-14 15:17 - 00003642 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-12-13 20:41 - 2014-12-13 20:51 - 00049664 _____ () C:\Users\skeet_000\Documents\MY.xls
2014-12-11 21:25 - 2014-12-11 21:25 - 00000223 _____ () C:\Users\skeet_000\Desktop\Guitars101.url
2014-12-10 22:31 - 2014-12-10 22:31 - 00000000 _____ () C:\autoexec.bat
2014-12-10 08:42 - 2014-12-10 08:42 - 00599240 _____ (Qualcomm Atheros) C:\WINDOWS\system32\Drivers\btfilter.sys
2014-12-09 11:26 - 2014-11-17 12:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-12-09 11:26 - 2014-11-17 12:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-12-09 11:26 - 2014-11-15 11:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-12-09 11:26 - 2014-11-14 22:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-12-09 11:26 - 2014-11-14 06:36 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-12-09 11:26 - 2014-11-13 23:10 - 03558400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-12-09 11:26 - 2014-11-13 22:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2014-12-09 11:26 - 2014-11-13 22:58 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-12-09 11:26 - 2014-11-13 22:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-12-09 11:26 - 2014-11-13 22:57 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-12-09 11:26 - 2014-11-13 22:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2014-12-09 11:26 - 2014-11-13 22:54 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-12-09 11:26 - 2014-11-13 22:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-12-09 11:26 - 2014-11-13 22:53 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-12-09 11:26 - 2014-11-13 22:52 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-12-09 11:26 - 2014-11-13 22:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-12-09 11:26 - 2014-11-13 22:46 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-09 11:26 - 2014-11-13 22:39 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-12-09 11:26 - 2014-11-13 21:04 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-12-09 11:26 - 2014-11-13 21:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-12-09 11:26 - 2014-11-13 21:03 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-12-09 11:26 - 2014-11-13 21:01 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-12-09 11:26 - 2014-11-13 21:01 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-12-09 11:26 - 2014-11-13 20:53 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-09 11:26 - 2014-11-10 16:39 - 22290560 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-12-09 11:26 - 2014-11-10 16:17 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-12-09 11:26 - 2014-11-10 10:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-12-09 11:26 - 2014-11-10 10:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-12-09 11:26 - 2014-11-10 10:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-12-09 11:26 - 2014-11-10 10:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-12-09 11:26 - 2014-11-09 18:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-12-09 11:26 - 2014-11-09 17:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-12-09 11:26 - 2014-11-09 17:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-12-09 11:26 - 2014-11-09 17:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-12-09 11:26 - 2014-11-09 17:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-12-09 11:26 - 2014-11-09 17:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-12-09 11:26 - 2014-11-09 17:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-12-09 11:26 - 2014-11-09 17:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-12-09 11:26 - 2014-11-09 16:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-12-09 11:26 - 2014-11-09 16:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-12-09 11:26 - 2014-11-08 02:42 - 01390928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2014-12-09 11:26 - 2014-11-08 02:23 - 01127976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2014-12-09 11:26 - 2014-11-07 20:00 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2014-12-09 11:26 - 2014-11-07 20:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2014-12-09 11:26 - 2014-11-07 19:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2014-12-09 11:26 - 2014-11-07 19:58 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2014-12-09 11:26 - 2014-11-07 19:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2014-12-09 11:26 - 2014-11-07 19:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2014-12-09 11:26 - 2014-11-07 19:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2014-12-09 11:26 - 2014-11-07 19:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2014-12-09 11:26 - 2014-11-07 19:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2014-12-09 11:26 - 2014-11-07 19:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2014-12-09 11:26 - 2014-11-07 19:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2014-12-09 11:26 - 2014-11-07 18:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2014-12-09 11:26 - 2014-11-07 18:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-12-09 11:26 - 2014-11-07 18:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-12-09 11:26 - 2014-11-07 18:09 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2014-12-09 11:26 - 2014-11-07 18:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-12-09 11:26 - 2014-11-07 17:59 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2014-12-09 11:26 - 2014-11-07 17:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-12-09 11:26 - 2014-11-07 17:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-12-09 11:26 - 2014-11-06 19:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-12-09 11:26 - 2014-11-06 19:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-12-09 11:26 - 2014-11-04 18:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2014-12-09 11:26 - 2014-11-04 18:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2014-12-09 11:26 - 2014-11-04 18:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2014-12-09 11:26 - 2014-11-04 17:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-12-09 11:26 - 2014-11-04 17:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-12-09 11:26 - 2014-11-04 17:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-12-09 11:26 - 2014-11-04 17:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2014-12-09 11:26 - 2014-11-04 17:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2014-12-09 11:26 - 2014-11-04 17:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2014-12-09 11:26 - 2014-11-04 17:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2014-12-09 11:26 - 2014-11-04 17:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-12-09 11:26 - 2014-11-04 17:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-12-09 11:26 - 2014-11-04 17:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-12-09 11:26 - 2014-11-04 17:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2014-12-09 11:26 - 2014-11-04 11:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2014-12-09 11:26 - 2014-11-04 11:25 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2014-12-09 11:26 - 2014-11-04 11:25 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2014-12-09 11:26 - 2014-11-03 22:55 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2014-12-09 11:26 - 2014-11-03 22:54 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2014-12-09 11:26 - 2014-11-03 22:54 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2014-12-09 11:26 - 2014-11-03 22:54 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2014-12-09 11:26 - 2014-11-03 22:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2014-12-09 11:26 - 2014-11-03 21:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-12-09 11:26 - 2014-10-30 16:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-12-09 11:26 - 2014-10-30 16:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-12-09 11:26 - 2014-10-30 15:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-09 11:26 - 2014-10-30 15:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-09 11:26 - 2014-10-29 21:55 - 07473472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-12-09 11:26 - 2014-10-29 21:47 - 01499384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-12-09 11:26 - 2014-10-29 21:41 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-12-09 11:26 - 2014-10-28 19:05 - 00551232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2014-12-09 11:26 - 2014-10-28 18:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2014-12-09 11:26 - 2014-10-28 18:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2014-12-09 11:26 - 2014-10-28 17:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2014-12-09 11:26 - 2014-10-28 17:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2014-12-09 11:26 - 2014-10-28 17:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2014-12-09 11:26 - 2014-10-28 17:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2014-12-09 11:26 - 2014-10-28 17:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2014-12-09 11:26 - 2014-10-28 17:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2014-12-09 11:26 - 2014-10-28 17:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2014-12-09 11:26 - 2014-10-28 17:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2014-12-09 11:26 - 2014-10-26 14:10 - 00390841 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-12-09 11:26 - 2014-10-20 17:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2014-12-09 11:26 - 2014-10-20 17:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2014-12-09 11:26 - 2014-10-20 16:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2014-12-09 11:26 - 2014-10-20 16:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2014-12-09 11:26 - 2014-10-20 16:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2014-12-09 11:26 - 2014-10-20 16:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-12-09 11:26 - 2014-10-20 16:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2014-12-09 11:26 - 2014-10-16 20:56 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-09 11:26 - 2014-10-16 20:56 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-09 11:26 - 2014-10-16 20:56 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-09 11:26 - 2014-10-16 19:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-09 11:25 - 2014-11-09 18:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-09 11:25 - 2014-11-09 17:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-09 11:20 - 2014-10-30 14:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-09 11:20 - 2014-10-30 14:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-09 11:07 - 2014-11-21 19:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-09 11:07 - 2014-11-21 18:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-09 11:07 - 2014-11-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-09 11:07 - 2014-11-21 18:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-09 11:07 - 2014-11-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-09 11:07 - 2014-11-21 18:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-09 11:07 - 2014-11-21 18:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-09 11:07 - 2014-11-21 18:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-09 11:07 - 2014-11-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-09 11:07 - 2014-11-21 18:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-09 11:07 - 2014-11-21 18:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-09 11:07 - 2014-11-21 18:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-09 11:07 - 2014-11-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-09 11:07 - 2014-11-21 18:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-09 11:07 - 2014-11-21 18:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-09 11:07 - 2014-11-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-09 11:07 - 2014-11-21 17:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-09 11:07 - 2014-11-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-09 11:07 - 2014-11-21 17:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-09 11:07 - 2014-11-21 17:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-09 11:07 - 2014-11-21 17:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-09 11:07 - 2014-11-21 17:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-09 11:07 - 2014-11-21 17:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-09 11:07 - 2014-11-21 17:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-09 11:07 - 2014-11-21 17:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-09 11:07 - 2014-11-21 17:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-09 11:07 - 2014-11-21 17:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-09 11:07 - 2014-11-21 17:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-09 11:07 - 2014-11-21 17:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-09 11:07 - 2014-11-21 17:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-09 11:07 - 2014-11-21 17:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-09 11:07 - 2014-11-21 17:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-09 11:07 - 2014-11-21 17:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-09 11:07 - 2014-11-21 17:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-09 11:07 - 2014-11-21 17:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-09 11:07 - 2014-11-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-09 11:07 - 2014-11-21 17:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-09 11:07 - 2014-11-21 16:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-09 11:07 - 2014-11-21 16:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-09 11:03 - 2014-11-06 20:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-09 11:03 - 2014-11-06 19:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-09 00:34 - 2014-12-22 19:48 - 00001575 _____ () C:\WINDOWS\setupact.log
2014-12-09 00:34 - 2014-12-19 23:23 - 00000178 _____ () C:\WINDOWS\setuperr.log
2014-12-08 19:56 - 2014-12-14 01:14 - 00000000 ____D () C:\Program Files (x86)\Garmin
2014-12-07 14:05 - 2014-12-07 14:05 - 00000213 _____ () C:\Users\skeet_000\Desktop\12-3  51vids.url

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-04 17:28 - 2014-10-10 20:41 - 00000000 ____D () C:\Users\skeet_000\AppData\Roaming\ClassicShell
2015-01-04 17:00 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-04 15:55 - 2014-10-11 05:19 - 00000000 ___RD () C:\Users\skeet_000\Desktop\MOVIEZ
2015-01-04 14:07 - 2014-10-12 01:05 - 00000000 ____D () C:\Users\skeet_000\AppData\Local\CrashDumps
2015-01-04 13:56 - 2014-12-02 20:50 - 00000000 ____D () C:\Users\skeet_000\Desktop\! MUSIXX
2015-01-04 13:15 - 2014-11-06 20:13 - 01487168 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-04 11:28 - 2014-09-23 23:15 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-04 11:22 - 2014-11-06 20:57 - 00000000 ___DO () C:\Users\skeet_000\OneDrive
2015-01-04 11:21 - 2014-11-06 20:13 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-04 11:21 - 2013-08-22 06:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-04 11:01 - 2014-11-22 11:01 - 00000520 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task b871150b-1b51-4aed-a313-f5406bf76f24.job
2015-01-04 05:19 - 2013-08-22 05:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-04 01:18 - 2014-10-13 21:45 - 00000000 ____D () C:\ProgramData\AllMyMovies
2015-01-03 22:05 - 2014-11-16 15:17 - 00003910 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CF0BC3AD-769E-4FCD-824B-39AFE99389A3}
2015-01-03 21:46 - 2014-10-10 22:29 - 00000000 ____D () C:\Users\skeet_000\Desktop\MISC
2015-01-03 07:08 - 2014-09-23 23:03 - 00025070 _____ () C:\WINDOWS\PFRO.log
2015-01-03 06:00 - 2014-10-10 17:57 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1098560578-3003778375-3873536982-1001
2015-01-03 05:31 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-03 05:27 - 2014-11-25 19:10 - 00000210 _____ () C:\Users\skeet_000\Desktop\DATES.url
2015-01-03 05:27 - 2014-11-17 04:13 - 00000237 _____ () C:\Users\skeet_000\Desktop\PRICES.url
2015-01-03 04:49 - 2014-10-14 21:01 - 00000000 ____D () C:\Users\skeet_000\Documents\ConvertXtoDVD
2015-01-03 04:14 - 2014-10-28 22:52 - 00000000 ____D () C:\Users\skeet_000\Desktop\FLEET
2015-01-03 04:11 - 2014-10-11 08:44 - 00000000 ____D () C:\Program Files\WinRAR
2015-01-03 02:12 - 2014-10-10 23:36 - 00000000 ____D () C:\Users\skeet_000\Desktop\COMICS
2015-01-01 03:11 - 2014-10-10 19:11 - 00000000 ____D () C:\Users\skeet_000\Documents\! ACCTS INFO
2014-12-31 13:39 - 2014-11-06 20:17 - 00000000 ____D () C:\Users\skeet_000
2014-12-30 18:48 - 2013-08-22 06:44 - 00420408 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-12-29 06:15 - 2014-11-12 21:12 - 00000000 ____D () C:\ProgramData\Licenses
2014-12-22 22:27 - 2014-11-21 11:38 - 00000000 ____D () C:\Users\skeet_000\AppData\Local\Deployment
2014-12-22 19:59 - 2014-10-11 21:48 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-12-22 19:53 - 2014-10-19 23:56 - 00000000 ____D () C:\Users\skeet_000\AppData\Roaming\Canon
2014-12-21 05:41 - 2014-10-11 05:09 - 00000000 ____D () C:\Users\skeet_000\Desktop\FORUMS
2014-12-21 05:25 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-12-20 07:00 - 2014-10-12 00:23 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-12-20 02:48 - 2014-10-12 18:01 - 00000000 ____D () C:\Users\skeet_000\Documents\Movie Collector
2014-12-20 01:53 - 2014-10-14 23:56 - 00001745 _____ () C:\Users\skeet_000\Desktop\! 2014 MOVIES.txt
2014-12-20 00:46 - 2014-10-11 03:03 - 00000000 ____D () C:\Program Files (x86)\Loader
2014-12-19 23:24 - 2014-10-11 20:46 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-12-19 16:11 - 2014-10-10 19:14 - 00000000 ____D () C:\Users\skeet_000\Documents\ALL LYRICS
2014-12-19 03:17 - 2014-10-10 17:49 - 00000000 ____D () C:\Users\skeet_000\AppData\Local\VirtualStore
2014-12-18 06:06 - 2014-10-11 12:04 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-18 05:10 - 2012-07-25 23:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-17 09:13 - 2014-10-19 21:23 - 00000000 ____D () C:\ProgramData\TEMP
2014-12-17 04:16 - 2014-10-10 23:36 - 00000000 ____D () C:\Users\skeet_000\Desktop\MP3
2014-12-15 10:14 - 2014-10-10 19:13 - 00000000 ____D () C:\Users\skeet_000\Documents\! CONCERTS
2014-12-14 17:31 - 2014-10-10 19:06 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-14 16:45 - 2014-10-11 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-14 16:45 - 2014-10-11 20:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-14 16:40 - 2014-10-21 01:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-14 15:19 - 2014-10-10 18:55 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-14 01:14 - 2014-12-01 15:54 - 00000000 ____D () C:\ProgramData\Garmin
2014-12-12 21:26 - 2014-10-11 15:12 - 00000000 ____D () C:\Users\skeet_000\AppData\Local\Microsoft Help
2014-12-12 21:09 - 2014-11-25 16:50 - 00000000 ____D () C:\Users\skeet_000\AppData\Roaming\Windows Live Writer
2014-12-12 21:08 - 2014-11-24 19:36 - 00000000 ____D () C:\Users\skeet_000\AppData\Local\Windows Live
2014-12-10 22:37 - 2014-10-10 18:57 - 00000000 ____D () C:\Users\skeet_000\AppData\Local\Adobe
2014-12-10 16:31 - 2014-10-12 21:46 - 00000000 ____D () C:\Users\skeet_000\AppData\Roaming\Ahead
2014-12-09 15:02 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-09 11:28 - 2013-08-22 07:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-12-09 11:28 - 2013-08-22 07:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-12-09 11:28 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-12-09 11:28 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-12-09 11:25 - 2014-11-11 16:37 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-12-09 11:25 - 2014-11-11 16:37 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-12-09 11:25 - 2014-11-11 16:37 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-12-09 11:25 - 2014-11-11 16:37 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-12-09 11:15 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-09 11:15 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-09 11:15 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-09 11:14 - 2014-10-11 15:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-09 11:12 - 2014-10-10 19:43 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-09 11:11 - 2014-10-10 19:43 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-04 11:38

==================== End Of Log ============================

 

 

 

 

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2015
Ran by skeetz at 2015-01-04 17:29:19
Running from C:\Users\skeet_000\Desktop\TOOLS
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.240 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.)
All My Movies (HKLM-x32\...\{DEE77D4F-249F-46DF-8176-4BC4822D68AD}_is1) (Version: 7.9 - Bolide Software)
AMD Catalyst Install Manager (HKLM\...\{2F30A369-52DA-C9A0-F7E5-FCC37E8FF580}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Ashampoo Burning Studio 9.21 (HKLM-x32\...\Ashampoo Burning Studio 9_is1) (Version: 9.2.1 - ashampoo GmbH & Co. KG)
att.net Internet Mail (HKLM-x32\...\Yahoo! Mail) (Version:  - )
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version:  - )
Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version:  - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell System Detect (HKU\S-1-5-21-1098560578-3003778375-3873536982-1001\...\73f463568823ebbe) (Version: 5.13.0.1 - Dell)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
FLAC To MP3 V4.0.4 (HKLM-x32\...\FLAC To MP3_is1) (Version:  - FLAC To MP3, Inc.)
Gaming Safari (HKLM\...\Gaming Safari Installer (x64)_is1) (Version:  - GamingSafari)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.45 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Jasc Animation Shop 3 (HKLM-x32\...\{7C4196CA-CA41-4F34-9C08-7724E7705D52}) (Version: 3.11 - Jasc Software Inc)
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Loader-Full (HKLM-x32\...\Loader-Full) (Version:  - )
Lyrics Plugin for Windows Media Player (HKLM-x32\...\{43002AE2-4093-49E0-A03D-990EE184C568}) (Version: 0.4 - Lyrics Plugin)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla)
MP3 Cutter 1.9 (HKLM-x32\...\MP3 Cutter_is1) (Version:  - Aiv Software)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MUSICMATCH Jukebox (HKLM-x32\...\{45EBDA59-D33B-433A-956E-B2F236468B56}) (Version:  - )
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Nero 7 Premium (HKLM-x32\...\{98EFD8F0-08DE-48DB-B922-A2EBAB711033}) (Version: 7.03.1151 - Nero AG)
NVIDIA 3D Vision Controller Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.11 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.11 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.3 - NVIDIA Corporation)
NVIDIA Graphics Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
PSP Thumbnail Handler (HKLM\...\{2086A549-ED96-4dc9-BBE3-0538AB29ABEC}) (Version: 2.10.49 - Bot Productions)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.18.621.2013 - Realtek)
Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHG Installation (HKLM-x32\...\{B5A6A85E-B264-426C-8A52-70D38CB371E1}) (Version: 2.0.73 - SafeHarborGames)
SHIELD Streaming (Version: 3.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.56 - NVIDIA Corporation) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.45 - VSO-Software SARL)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Player 64-bit Plug-in Fix (HKLM\...\{00a8ce68-cb2e-4652-aecd-c05c0d9d53a7}.sdb) (Version:  - )
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WMPCDText 1.4 (HKLM-x32\...\{CE4CAD46-3F3F-4248-B0F2-6B0FAFBE40B1}_is1) (Version: 1.4 - BM-productions)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

20-12-2014 22:52:40 clnscn
21-12-2014 05:56:46 newpnt
21-12-2014 20:37:59 fine
22-12-2014 20:00:44 canon
22-12-2014 22:22:30 clean2
29-12-2014 04:28:52 gdpnt
30-12-2014 18:07:44 Tweaking.com - Windows Repair
31-12-2014 00:28:38 choices
02-01-2015 10:24:31 ADS
03-01-2015 23:18:06 songs
04-01-2015 11:12:58 bnd
04-01-2015 12:19:11 jump

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 05:25 - 2013-08-22 05:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {037E6153-EF4F-4C34-BF73-3A6D57649B97} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-09] (Microsoft Corporation)
Task: {4884557C-0B8A-4EDF-9E83-A76924DD5B96} - System32\Tasks\Point_Creator => C:\Program Files\Scheduled_Instant_Restore_Point.vbs [2014-09-07] ()
Task: {6441FF45-5FAE-41D5-A5DB-5FB5DFB68D3E} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {828DC172-F509-4E11-8908-EEC505F24425} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-14] (Google Inc.)
Task: {9292225A-49EA-4E61-8D33-F5592D513699} - System32\Tasks\SUPERAntiSpyware Scheduled Task b871150b-1b51-4aed-a313-f5406bf76f24 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {AA1D0ED1-E448-4E04-9237-C12F4BDB1642} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-14] (Google Inc.)
Task: {D972432F-4B51-42F2-94D0-70A1C848C026} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {DE717B33-01A1-42BF-B7F0-B455D42D07FF} - System32\Tasks\SUPERAntiSpyware Scheduled Task 95f1b334-436c-4a43-a9c2-1d70303541ef => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {EADFB5E6-2CCE-4E0F-9E5F-266E72F924BC} - System32\Tasks\{7B98FA67-1365-439D-BCFF-BE9C13BB5EEE} => pcalua.exe -a "C:\Program Files (x86)\AllMyMovies\unins000.exe"
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 95f1b334-436c-4a43-a9c2-1d70303541ef.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task b871150b-1b51-4aed-a313-f5406bf76f24.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Loaded Modules (whitelisted) =============

2014-11-06 20:13 - 2014-09-13 13:53 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-12-20 06:59 - 2013-08-09 01:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-10-21 01:01 - 2014-12-11 19:28 - 03924592 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:07348C09
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:3712CD64
AlternateDataStreams: C:\ProgramData\TEMP:494E4266
AlternateDataStreams: C:\ProgramData\TEMP:4EFDF5FB
AlternateDataStreams: C:\ProgramData\TEMP:65B701A9
AlternateDataStreams: C:\ProgramData\TEMP:BA33ABBC
AlternateDataStreams: C:\ProgramData\TEMP:C604AFF4
AlternateDataStreams: C:\ProgramData\TEMP:D09AEE3D
AlternateDataStreams: C:\Users\skeet_000\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "NpsSetSerialNr"
HKU\S-1-5-21-1098560578-3003778375-3873536982-1001\...\StartupApproved\Run: => "DellSystemDetect"
HKU\S-1-5-21-1098560578-3003778375-3873536982-1001\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"

========================= Accounts: ==========================

Administrator (S-1-5-21-1098560578-3003778375-3873536982-500 - Administrator - Disabled)
Guest (S-1-5-21-1098560578-3003778375-3873536982-501 - Limited - Disabled)
skeetz (S-1-5-21-1098560578-3003778375-3873536982-1001 - Administrator - Enabled) => C:\Users\skeet_000

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/04/2015 02:07:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mmjb.exe, version: 7.50.3.103, time stamp: 0x3e9498fa
Faulting module name: MMC70U.DLL, version: 7.0.9466.0, time stamp: 0x3d8674ae
Exception code: 0xc0000005
Fault offset: 0x00090c21
Faulting process id: 0xcc0
Faulting application start time: 0xmmjb.exe0
Faulting application path: mmjb.exe1
Faulting module path: mmjb.exe2
Report Id: mmjb.exe3
Faulting package full name: mmjb.exe4
Faulting package-relative application ID: mmjb.exe5

Error: (01/04/2015 02:07:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mmjb.exe, version: 7.50.3.103, time stamp: 0x3e9498fa
Faulting module name: MMC70U.DLL, version: 7.0.9466.0, time stamp: 0x3d8674ae
Exception code: 0xc0000005
Fault offset: 0x000aa680
Faulting process id: 0xcc0
Faulting application start time: 0xmmjb.exe0
Faulting application path: mmjb.exe1
Faulting module path: mmjb.exe2
Report Id: mmjb.exe3
Faulting package full name: mmjb.exe4
Faulting package-relative application ID: mmjb.exe5

Error: (01/04/2015 11:12:53 AM) (Source: SPP) (EventID: 16389) (User: )
Description: Writer WMI Writer experienced retryable error during shadow copy creation. Retrying...

More info: .

Error: (01/04/2015 11:12:53 AM) (Source: SPP) (EventID: 16389) (User: )
Description: Writer COM+ REGDB Writer experienced retryable error during shadow copy creation. Retrying...

More info: .

Error: (01/04/2015 11:12:53 AM) (Source: SPP) (EventID: 16389) (User: )
Description: Writer MSSearch Service Writer experienced retryable error during shadow copy creation. Retrying...

More info: .

Error: (01/04/2015 11:12:53 AM) (Source: SPP) (EventID: 16389) (User: )
Description: Writer Registry Writer experienced retryable error during shadow copy creation. Retrying...

More info: .

Error: (01/04/2015 11:12:53 AM) (Source: SPP) (EventID: 16389) (User: )
Description: Writer Shadow Copy Optimization Writer experienced retryable error during shadow copy creation. Retrying...

More info: .

Error: (01/04/2015 11:12:53 AM) (Source: SPP) (EventID: 16389) (User: )
Description: Writer System Writer experienced retryable error during shadow copy creation. Retrying...

More info: .

Error: (01/04/2015 02:39:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mmjb.exe, version: 7.50.3.103, time stamp: 0x3e9498fa
Faulting module name: MMC70U.DLL, version: 7.0.9466.0, time stamp: 0x3d8674ae
Exception code: 0xc0000005
Fault offset: 0x00090c21
Faulting process id: 0x1064
Faulting application start time: 0xmmjb.exe0
Faulting application path: mmjb.exe1
Faulting module path: mmjb.exe2
Report Id: mmjb.exe3
Faulting package full name: mmjb.exe4
Faulting package-relative application ID: mmjb.exe5

Error: (01/04/2015 02:39:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mmjb.exe, version: 7.50.3.103, time stamp: 0x3e9498fa
Faulting module name: MMC70U.DLL, version: 7.0.9466.0, time stamp: 0x3d8674ae
Exception code: 0xc0000005
Fault offset: 0x000aa680
Faulting process id: 0x1064
Faulting application start time: 0xmmjb.exe0
Faulting application path: mmjb.exe1
Faulting module path: mmjb.exe2
Report Id: mmjb.exe3
Faulting package full name: mmjb.exe4
Faulting package-relative application ID: mmjb.exe5


System errors:
=============
Error: (01/04/2015 11:21:28 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\MxlW2k.SYS

Error: (01/04/2015 11:20:58 AM) (Source: DCOM) (EventID: 10010) (User: PAS)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (01/04/2015 05:19:41 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\MxlW2k.SYS

Error: (01/04/2015 02:34:50 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\MxlW2k.SYS

Error: (01/03/2015 06:00:50 PM) (Source: DCOM) (EventID: 10016) (User: PAS)
Description: application-specificLocalActivation{228826AF-02E1-4226-A9E0-99A855E455A6}{2FD08A73-D1F1-43EB-B888-24C2496F95FD}PASskeetzS-1-5-21-1098560578-3003778375-3873536982-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (01/03/2015 05:44:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Image Acquisition (WIA) service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/03/2015 05:44:15 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\MxlW2k.SYS

Error: (01/03/2015 04:09:36 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\MxlW2k.SYS

Error: (01/03/2015 07:09:55 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Image Acquisition (WIA) service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/03/2015 07:08:21 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\MxlW2k.SYS


Microsoft Office Sessions:
=========================
Error: (01/04/2015 02:07:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mmjb.exe7.50.3.1033e9498faMMC70U.DLL7.0.9466.03d8674aec000000500090c21cc001d0285f2187bc65C:\Program Files (x86)\MUSICMATCH\MUSICMATCH Jukebox\mmjb.exeC:\Program Files (x86)\MUSICMATCH\MUSICMATCH Jukebox\MMC70U.DLL22fdbb70-945e-11e4-bf56-68942327031c

Error: (01/04/2015 02:07:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mmjb.exe7.50.3.1033e9498faMMC70U.DLL7.0.9466.03d8674aec0000005000aa680cc001d0285f2187bc65C:\Program Files (x86)\MUSICMATCH\MUSICMATCH Jukebox\mmjb.exeC:\Program Files (x86)\MUSICMATCH\MUSICMATCH Jukebox\MMC70U.DLL214d4dd4-945e-11e4-bf56-68942327031c

Error: (01/04/2015 11:12:53 AM) (Source: SPP) (EventID: 16389) (User: )
Description: WMI WriterThe writer's timeout expired between the Freeze and Thaw events. (0x800423F2)

Error: (01/04/2015 11:12:53 AM) (Source: SPP) (EventID: 16389) (User: )
Description: COM+ REGDB WriterThe writer's timeout expired between the Freeze and Thaw events. (0x800423F2)

Error: (01/04/2015 11:12:53 AM) (Source: SPP) (EventID: 16389) (User: )
Description: MSSearch Service WriterThe writer's timeout expired between the Freeze and Thaw events. (0x800423F2)

Error: (01/04/2015 11:12:53 AM) (Source: SPP) (EventID: 16389) (User: )
Description: Registry WriterThe writer's timeout expired between the Freeze and Thaw events. (0x800423F2)

Error: (01/04/2015 11:12:53 AM) (Source: SPP) (EventID: 16389) (User: )
Description: Shadow Copy Optimization WriterThe writer's timeout expired between the Freeze and Thaw events. (0x800423F2)

Error: (01/04/2015 11:12:53 AM) (Source: SPP) (EventID: 16389) (User: )
Description: System WriterThe writer's timeout expired between the Freeze and Thaw events. (0x800423F2)

Error: (01/04/2015 02:39:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mmjb.exe7.50.3.1033e9498faMMC70U.DLL7.0.9466.03d8674aec000000500090c21106401d0280a3449d40fC:\Program Files (x86)\MUSICMATCH\MUSICMATCH Jukebox\mmjb.exeC:\Program Files (x86)\MUSICMATCH\MUSICMATCH Jukebox\MMC70U.DLL03d64f37-93fe-11e4-bf54-68942327031c

Error: (01/04/2015 02:39:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mmjb.exe7.50.3.1033e9498faMMC70U.DLL7.0.9466.03d8674aec0000005000aa680106401d0280a3449d40fC:\Program Files (x86)\MUSICMATCH\MUSICMATCH Jukebox\mmjb.exeC:\Program Files (x86)\MUSICMATCH\MUSICMATCH Jukebox\MMC70U.DLL00886c1e-93fe-11e4-bf54-68942327031c


CodeIntegrity Errors:
===================================
  Date: 2015-01-04 11:39:54.258
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-04 05:35:29.212
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-04 02:51:02.543
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-03 18:00:50.338
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-03 16:22:40.199
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-03 07:26:47.242
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-02 13:30:40.545
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-02 03:55:20.029
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-02 01:13:25.359
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-31 13:53:33.514
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core™ i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 18%
Total physical RAM: 16344.92 MB
Available physical RAM: 13377.2 MB
Total Pagefile: 18776.92 MB
Available Pagefile: 15963.73 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.67 GB) (Free:1789.27 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 612F7D93)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

Attached Files



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,571 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:49 AM

Posted 04 January 2015 - 09:00 PM

Greetings,

Since you are currently being assisted in another Forum I am going to close this Topic. It is always inefficient and counterproductive to be receiving directions from more than one source.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,571 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:49 AM

Posted 04 January 2015 - 09:00 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users