Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus, Blank screen, only start in safe mode


  • This topic is locked This topic is locked
27 replies to this topic

#1 in2xs

in2xs

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Local time:03:19 AM

Posted 27 January 2015 - 12:58 PM

Hi

Hope you can help, a friend has windows 7 pc 64 bit, windowns won't load, only blank screen, Virus found but unable to delete,

Only way can start windows is in safe mode.

Any help appriciated

Regards

Adam



BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:09:19 PM

Posted 27 January 2015 - 03:38 PM

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.


To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.


On the System Recovery Options menu you will get the following options:Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64)  and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.


 


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 in2xs

in2xs
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Local time:03:19 AM

Posted 28 January 2015 - 03:44 PM

Hi

Thanks for you help, Please find below information requested

Regards

Adam

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015
Ran by SYSTEM on MININT-E39CA8O on 28-01-2015 20:13:45
Running from f:\
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2465088 2014-11-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-09] (AVAST Software)
HKLM-x32\...\Run: [LogitechVideoRepair] => C:\Program Files (x86)\Logitech\Video\ISStart.exe [188416 2004-02-12] (Labtec Inc.)
HKLM-x32\...\Run: [LogitechVideoTray] => C:\Program Files (x86)\Logitech\Video\LogiTray.exe [77824 2004-02-12] (Labtec Inc.)
HKLM-x32\...\Run: [LogitechGalleryRepair] => C:\Program Files (x86)\Logitech\Video\ISStart.exe [188416 2004-02-12] (Labtec Inc.)
HKLM-x32\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1988968 2015-01-08] (YTDownloader)
HKLM-x32\...\Run: [WinCheck] => C:\Users\Owner\AppData\Local\wincheck\wincheck.exe [268800 2015-01-14] ()
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1472.0.0.0\jsdrv.exe [3224576 2015-01-14] ()
HKLM-x32\...\Run: [gmsd_gb_79] => C:\Program Files (x86)\gmsd_gb_79\gmsd_gb_79.exe [3974824 2015-01-15] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3977576 2015-01-20] (LogMeIn Inc.)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [847872 2009-12-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [rec_gb_7] => C:\Program Files (x86)\rec_gb_7\rec_gb_7.exe [3975312 2015-01-20] ()
HKLM-x32\...\RunOnce: [upgmsd_gb_79.exe] => C:\Users\Owner\AppData\Local\gmsd_gb_79\upgmsd_gb_79.exe [3309224 2015-01-15] ()
HKLM-x32\...\RunOnce: [SpybotDeletingA7323] => command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\RegClean Pro.lnk"
HKLM-x32\...\RunOnce: [SpybotDeletingC6983] => cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\RegClean Pro.lnk"
HKLM-x32\...\RunOnce: [SpybotDeletingA8506] => command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\Register RegClean Pro.lnk"
HKLM-x32\...\RunOnce: [SpybotDeletingC1738] => cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\Register RegClean Pro.lnk"
HKLM-x32\...\RunOnce: [SpybotDeletingA4613] => command.com /c del "C:\Users\Owner\AppData\Roaming\systweak\regclean pro\Version 6.1\ExcludeList.rcp"
HKLM-x32\...\RunOnce: [SpybotDeletingC9485] => cmd.exe /c del "C:\Users\Owner\AppData\Roaming\systweak\regclean pro\Version 6.1\ExcludeList.rcp"
HKLM-x32\...\RunOnce: [SpybotDeletingA8446] => command.com /c del "C:\Users\Owner\AppData\Roaming\systweak\regclean pro\Version 6.1\results.rcp"
HKLM-x32\...\RunOnce: [SpybotDeletingC2867] => cmd.exe /c del "C:\Users\Owner\AppData\Roaming\systweak\regclean pro\Version 6.1\results.rcp"
HKLM-x32\...\RunOnce: [SpybotDeletingA7300] => command.com /c del "C:\Users\Owner\AppData\Roaming\systweak\regclean pro\Version 6.1\TempHLList.rcp"
HKLM-x32\...\RunOnce: [SpybotDeletingC894] => cmd.exe /c del "C:\Users\Owner\AppData\Roaming\systweak\regclean pro\Version 6.1\TempHLList.rcp"
HKLM-x32\...\RunOnce: [SpybotDeletingA4043] => command.com /c del "C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup\MyPC Backup.lnk"
HKLM-x32\...\RunOnce: [SpybotDeletingC4473] => cmd.exe /c del "C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup\MyPC Backup.lnk"
HKLM-x32\...\RunOnce: [SpybotDeletingA4341] => command.com /c del "C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup\Uninstall.lnk"
HKLM-x32\...\RunOnce: [SpybotDeletingC1705] => cmd.exe /c del "C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup\Uninstall.lnk"
HKLM-x32\...\RunOnce: [SpybotDeletingA8149] => command.com /c del "C:\Program Files (x86)\MyPC Backup\aff.conf"
HKLM-x32\...\RunOnce: [SpybotDeletingC4867] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\aff.conf"
HKLM-x32\...\RunOnce: [SpybotDeletingA9306] => command.com /c del "C:\Program Files (x86)\MyPC Backup\AlphaVSS.51.x86.dll"
HKLM-x32\...\RunOnce: [SpybotDeletingC3764] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\AlphaVSS.51.x86.dll"
HKLM-x32\...\RunOnce: [SpybotDeletingA670] => command.com /c del "C:\Program Files (x86)\MyPC Backup\AlphaVSS.52.x64.dll"
HKLM-x32\...\RunOnce: [SpybotDeletingC9113] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\AlphaVSS.52.x64.dll"
HKLM-x32\...\RunOnce: [SpybotDeletingA4900] => command.com /c del "C:\Program Files (x86)\MyPC Backup\AlphaVSS.52.x86.dll"
HKLM-x32\...\RunOnce: [SpybotDeletingC4491] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\AlphaVSS.52.x86.dll"
HKLM-x32\...\RunOnce: [SpybotDeletingA2227] => command.com /c del "C:\Program Files (x86)\MyPC Backup\AlphaVSS.60.x64.dll"
HKLM-x32\...\RunOnce: [SpybotDeletingC4732] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\AlphaVSS.60.x64.dll"
HKLM-x32\...\RunOnce: [SpybotDeletingA5746] => command.com /c del "C:\Program Files (x86)\MyPC Backup\AlphaVSS.60.x86.dll"
HKLM-x32\...\RunOnce: [SpybotDeletingC4698] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\AlphaVSS.60.x86.dll"
HKLM-x32\...\RunOnce: [SpybotDeletingA5122] => command.com /c del "C:\Program Files (x86)\MyPC Backup\AlphaVSS.Common.dll"
HKLM-x32\...\RunOnce: [SpybotDeletingC2592] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\AlphaVSS.Common.dll"
HKLM-x32\...\RunOnce: [SpybotDeletingA4059] => command.com /c del "C:\Program Files (x86)\MyPC Backup\BackupStack.exe"
HKLM-x32\...\RunOnce: [SpybotDeletingC9200] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\BackupStack.exe"
HKLM-x32\...\RunOnce: [SpybotDeletingA2317] => command.com /c del "C:\Program Files (x86)\MyPC Backup\de_DE.mo"
HKLM-x32\...\RunOnce: [SpybotDeletingC193] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\de_DE.mo"
HKLM-x32\...\RunOnce: [SpybotDeletingA2351] => command.com /c del "C:\Program Files (x86)\MyPC Backup\es_ES.mo"
HKLM-x32\...\RunOnce: [SpybotDeletingC4715] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\es_ES.mo"
HKLM-x32\...\RunOnce: [SpybotDeletingA7910] => command.com /c del "C:\Program Files (x86)\MyPC Backup\fr_FR.mo"
HKLM-x32\...\RunOnce: [SpybotDeletingC2842] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\fr_FR.mo"
HKLM-x32\...\RunOnce: [SpybotDeletingA1207] => command.com /c del "C:\Program Files (x86)\MyPC Backup\GetText.dll"
HKLM-x32\...\RunOnce: [SpybotDeletingC9388] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\GetText.dll"
HKLM-x32\...\RunOnce: [SpybotDeletingA4859] => command.com /c del "C:\Program Files (x86)\MyPC Backup\it_IT.mo"
HKLM-x32\...\RunOnce: [SpybotDeletingC8640] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\it_IT.mo"
HKLM-x32\...\RunOnce: [SpybotDeletingA8485] => command.com /c del "C:\Program Files (x86)\MyPC Backup\LogicNP.EZShellExtensions.dll"
HKLM-x32\...\RunOnce: [SpybotDeletingC5570] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\LogicNP.EZShellExtensions.dll"
HKLM-x32\...\RunOnce: [SpybotDeletingA9544] => command.com /c del "C:\Program Files (x86)\MyPC Backup\MPCBClient.dll"
HKLM-x32\...\RunOnce: [SpybotDeletingC8919] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\MPCBClient.dll"
HKLM-x32\...\RunOnce: [SpybotDeletingA3408] => command.com /c del "C:\Program Files (x86)\MyPC Backup\MPCBContextMenu.dll"
HKLM-x32\...\RunOnce: [SpybotDeletingC2098] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\MPCBContextMenu.dll"
HKLM-x32\...\RunOnce: [SpybotDeletingA1874] => command.com /c del "C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe"
HKLM-x32\...\RunOnce: [SpybotDeletingC9543] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe"
HKLM-x32\...\RunOnce: [SpybotDeletingA9042] => command.com /c del "C:\Program Files (x86)\MyPC Backup\mypcbackup.ico"
HKLM-x32\...\RunOnce: [SpybotDeletingC4037] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\mypcbackup.ico"
HKLM-x32\...\RunOnce: [SpybotDeletingA1587] => command.com /c del "C:\Program Files (x86)\MyPC Backup\pt_PT.mo"
HKLM-x32\...\RunOnce: [SpybotDeletingC5882] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\pt_PT.mo"
HKLM-x32\...\RunOnce: [SpybotDeletingA8253] => command.com /c del "C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet20_x64.exe"
HKLM-x32\...\RunOnce: [SpybotDeletingC1416] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet20_x64.exe"
HKLM-x32\...\RunOnce: [SpybotDeletingA5025] => command.com /c del "C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet20_x86.exe"
HKLM-x32\...\RunOnce: [SpybotDeletingC3913] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet20_x86.exe"
HKLM-x32\...\RunOnce: [SpybotDeletingA8073] => command.com /c del "C:\Program Files (x86)\MyPC Backup\Service Start.exe"
HKLM-x32\...\RunOnce: [SpybotDeletingC4718] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\Service Start.exe"
HKLM-x32\...\RunOnce: [SpybotDeletingA8379] => command.com /c del "C:\Program Files (x86)\MyPC Backup\Shared Stack.dll"
HKLM-x32\...\RunOnce: [SpybotDeletingC3364] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\Shared Stack.dll"
HKLM-x32\...\RunOnce: [SpybotDeletingA7200] => command.com /c del "C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe"
HKLM-x32\...\RunOnce: [SpybotDeletingC3516] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe"
HKLM-x32\...\RunOnce: [SpybotDeletingA4369] => command.com /c del "C:\Program Files (x86)\MyPC Backup\syncicon.ico"
HKLM-x32\...\RunOnce: [SpybotDeletingC8009] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\syncicon.ico"
HKLM-x32\...\RunOnce: [SpybotDeletingA1076] => command.com /c del "C:\Program Files (x86)\MyPC Backup\uninst.exe"
HKLM-x32\...\RunOnce: [SpybotDeletingC2834] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\uninst.exe"
HKLM-x32\...\RunOnce: [SpybotDeletingA1886] => command.com /c del "C:\Program Files (x86)\MyPC Backup\UnRegisterExtensions.exe"
HKLM-x32\...\RunOnce: [SpybotDeletingC440] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\UnRegisterExtensions.exe"
HKLM-x32\...\RunOnce: [SpybotDeletingA1251] => command.com /c del "C:\Program Files (x86)\MyPC Backup\Updater.exe"
HKLM-x32\...\RunOnce: [SpybotDeletingC8841] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\Updater.exe"
HKLM-x32\...\RunOnce: [SpybotDeletingA263] => command.com /c del "C:\Program Files (x86)\MyPC Backup\Config\api.ts2"
HKLM-x32\...\RunOnce: [SpybotDeletingC2615] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\Config\api.ts2"
HKLM-x32\...\RunOnce: [SpybotDeletingA6806] => command.com /c del "C:\Program Files (x86)\MyPC Backup\Database\mpcb_file_cache.db"
HKLM-x32\...\RunOnce: [SpybotDeletingC8357] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\Database\mpcb_file_cache.db"
HKLM-x32\...\RunOnce: [SpybotDeletingA9896] => command.com /c del "C:\Program Files (x86)\MyPC Backup\Database\mpcb_settings.db"
HKLM-x32\...\RunOnce: [SpybotDeletingC8451] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\Database\mpcb_settings.db"
HKLM-x32\...\RunOnce: [SpybotDeletingA474] => command.com /c del "C:\Program Files (x86)\MyPC Backup\Database\mpcb_version_queue.db"
HKLM-x32\...\RunOnce: [SpybotDeletingC1223] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\Database\mpcb_version_queue.db"
HKLM-x32\...\RunOnce: [SpybotDeletingA9577] => command.com /c del "C:\Program Files (x86)\MyPC Backup\Configuration Updater.exe"
HKLM-x32\...\RunOnce: [SpybotDeletingC1375] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\Configuration Updater.exe"
HKLM-x32\...\RunOnce: [SpybotDeletingA5366] => command.com /c del "C:\Program Files (x86)\MyPC Backup\log\WAIT_HANDLES.log"
HKLM-x32\...\RunOnce: [SpybotDeletingC4336] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\log\WAIT_HANDLES.log"
HKLM-x32\...\RunOnce: [WSE_Vosteran] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Owner\AppData\Roaming\WSE_Vosteran\UpdateProc\bkup.dat"
HKU\Owner\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\Owner\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3618648 2014-12-27] (Electronic Arts)
HKU\Owner\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1367360 2014-12-16] (Lavasoft)
HKU\Owner\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1988968 2015-01-08] (YTDownloader)
HKU\Owner\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1472.0.0.0\jsdrv.exe [3224576 2015-01-14] ()
HKU\Owner\...\Run: [GoogleChromeAutoLaunch_72163ED846C662263823BD18C10D98A7] => C:\Users\Owner\AppData\Local\Vosteran\Application\vosteran.exe [1014272 2014-11-06] ()
HKU\Owner\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro 3.33\OptProLauncher.exe [148048 2015-01-16] (PC Utilities Software Limited)
HKU\Owner\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1942720 2015-01-19] (Valve Corporation)
HKU\Owner\...\Run: [EPSON482D8A (Epson Stylus Office BX305)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGJE.EXE [224768 2009-09-13] (SEIKO EPSON CORPORATION)
HKU\Owner\...\RunOnce: [SpybotDeletingB4324] => command.com /c del "C:\Program Files (x86)\MyPC Backup\MPCBContextMenu.dll"
HKU\Owner\...\RunOnce: [SpybotDeletingD2115] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\MPCBContextMenu.dll"
HKU\Owner\...\RunOnce: [SpybotDeletingB4474] => command.com /c del "C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe"
HKU\Owner\...\RunOnce: [SpybotDeletingD772] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe"
HKU\Owner\...\RunOnce: [SpybotDeletingB5942] => command.com /c del "C:\Program Files (x86)\MyPC Backup\mypcbackup.ico"
HKU\Owner\...\RunOnce: [SpybotDeletingD4107] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\mypcbackup.ico"
HKU\Owner\...\RunOnce: [SpybotDeletingB3949] => command.com /c del "C:\Program Files (x86)\MyPC Backup\pt_PT.mo"
HKU\Owner\...\RunOnce: [SpybotDeletingD1908] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\pt_PT.mo"
HKU\Owner\...\RunOnce: [SpybotDeletingB5306] => command.com /c del "C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet20_x64.exe"
HKU\Owner\...\RunOnce: [SpybotDeletingD1363] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet20_x64.exe"
HKU\Owner\...\RunOnce: [SpybotDeletingB7490] => command.com /c del "C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet20_x86.exe"
HKU\Owner\...\RunOnce: [SpybotDeletingD8976] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet20_x86.exe"
HKU\Owner\...\RunOnce: [SpybotDeletingB5608] => command.com /c del "C:\Program Files (x86)\MyPC Backup\Service Start.exe"
HKU\Owner\...\RunOnce: [SpybotDeletingD658] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\Service Start.exe"
HKU\Owner\...\RunOnce: [SpybotDeletingB44] => command.com /c del "C:\Program Files (x86)\MyPC Backup\Shared Stack.dll"
HKU\Owner\...\RunOnce: [SpybotDeletingD1026] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\Shared Stack.dll"
HKU\Owner\...\RunOnce: [SpybotDeletingB3984] => command.com /c del "C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe"
HKU\Owner\...\RunOnce: [SpybotDeletingD2896] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe"
HKU\Owner\...\RunOnce: [SpybotDeletingB5453] => command.com /c del "C:\Program Files (x86)\MyPC Backup\syncicon.ico"
HKU\Owner\...\RunOnce: [SpybotDeletingD6230] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\syncicon.ico"
HKU\Owner\...\RunOnce: [SpybotDeletingB2304] => command.com /c del "C:\Program Files (x86)\MyPC Backup\uninst.exe"
HKU\Owner\...\RunOnce: [SpybotDeletingD8194] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\uninst.exe"
HKU\Owner\...\RunOnce: [SpybotDeletingB6851] => command.com /c del "C:\Program Files (x86)\MyPC Backup\UnRegisterExtensions.exe"
HKU\Owner\...\RunOnce: [SpybotDeletingD2443] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\UnRegisterExtensions.exe"
HKU\Owner\...\RunOnce: [SpybotDeletingB6397] => command.com /c del "C:\Program Files (x86)\MyPC Backup\Updater.exe"
HKU\Owner\...\RunOnce: [SpybotDeletingD701] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\Updater.exe"
HKU\Owner\...\RunOnce: [SpybotDeletingB534] => command.com /c del "C:\Program Files (x86)\MyPC Backup\Config\api.ts2"
HKU\Owner\...\RunOnce: [SpybotDeletingD1024] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\Config\api.ts2"
HKU\Owner\...\RunOnce: [SpybotDeletingB3791] => command.com /c del "C:\Program Files (x86)\MyPC Backup\Database\mpcb_file_cache.db"
HKU\Owner\...\RunOnce: [SpybotDeletingD8228] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\Database\mpcb_file_cache.db"
HKU\Owner\...\RunOnce: [SpybotDeletingB7403] => command.com /c del "C:\Program Files (x86)\MyPC Backup\Database\mpcb_settings.db"
HKU\Owner\...\RunOnce: [SpybotDeletingD2418] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\Database\mpcb_settings.db"
HKU\Owner\...\RunOnce: [SpybotDeletingB4641] => command.com /c del "C:\Program Files (x86)\MyPC Backup\Database\mpcb_version_queue.db"
HKU\Owner\...\RunOnce: [SpybotDeletingD981] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\Database\mpcb_version_queue.db"
HKU\Owner\...\RunOnce: [SpybotDeletingB9765] => command.com /c del "C:\Program Files (x86)\MyPC Backup\Configuration Updater.exe"
HKU\Owner\...\RunOnce: [SpybotDeletingD9346] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\Configuration Updater.exe"
HKU\Owner\...\RunOnce: [SpybotDeletingB1565] => command.com /c del "C:\Program Files (x86)\MyPC Backup\log\WAIT_HANDLES.log"
HKU\Owner\...\RunOnce: [SpybotDeletingD2340] => cmd.exe /c del "C:\Program Files (x86)\MyPC Backup\log\WAIT_HANDLES.log"
HKU\Owner\...\RunOnce: [WSE_Vosteran] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Owner\AppData\Roaming\WSE_Vosteran\UpdateProc\bkup.dat"
AppInit_DLLs: _C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL => C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL File Not Found
AppInit_DLLs-x32: _C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL => "C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL" File Not Found
AppInit_DLLs-x32:  C:/PROGRA~3/{3070D~1/171~1.0/noce.dll => C:/PROGRA~3/{3070D~1/171~1.0/noce.dll [649216 2015-01-15] ()
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk
ShortcutTarget: SmartWeb.lnk ->  (No File)
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk
ShortcutTarget: StormWatch.lnk -> C:\Program Files (x86)\StormWatch\StormWatch.exe ()
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatchApp.lnk
ShortcutTarget: StormWatchApp.lnk -> C:\Program Files (x86)\StormWatch\StormWatchApp.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-20] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-20] (Avast Software)
S2 BrsHelper; C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe [22376 2015-01-08] ()
S2 ccsvc_1.10.0.6; C:\Program Files (x86)\ClickCaption_1.10.0.6\Service\ccsvc.exe [277584 2015-01-07] ()
S2 d924d8dc; c:\Program Files (x86)\Optimizer Pro 3.33\OptProMon.dll [1597008 2015-01-17] ()
S2 FGDrVuRO; C:\ProgramData\EnpQpdi\FGDrVuRO.exe [2726256 2015-01-18] ()
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-17] (NVIDIA Corporation)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-01-18] (globalUpdate)
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-01-18] (globalUpdate)
S2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158864 2015-01-07] (XTab system)
S2 Internet Enhancer Service; C:\Program Files (x86)\WaInterEnhance\WaInterEnhance Internet Enhancer\InternetEnhancerService.exe [312320 2015-01-05] ()
S2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe [1351512 2014-12-16] (Lavasoft Limited)
S2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-01-14] (LogMeIn, Inc.)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-17] (NVIDIA Corporation)
S2 Orbiter; C:/Program Files (x86)/ORBTR/orbiter.dll [558544 2015-01-15] ()
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-27] (Electronic Arts)
S2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [15208 2014-12-16] ()
S4 serverca; C:\Users\Owner\AppData\Local\ConvertAd\CASrv.exe [181248 2015-01-15] ()
S2 serversu; C:\Users\Owner\AppData\Roaming\SoftwareUpdater\SUsrv.exe [469504 2015-01-15] ()
S2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2015-01-14] ()
S2 SWUpdater; C:\Program Files (x86)\StormWatch\SWUpdaterSvc.exe [17584 2014-11-21] (Weather Protector LLC)
S2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [111208 2015-01-15] (RaMMicHaeL)
S2 Update Dynamo Combo; C:\Program Files (x86)\Dynamo Combo\updateDynamoCombo.exe [664824 2015-01-24] ()
S2 Util Dynamo Combo; C:\Program Files (x86)\Dynamo Combo\bin\utilDynamoCombo.exe [664824 2015-01-24] ()
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S4 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [464384 2015-01-18] ()
S4 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [X]
S4 servervo; C:\Users\Owner\AppData\Roaming\VOPackage\VOsrv.exe [X] <==== ATTENTION

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [36448 2011-01-30] (Asmedia Technology)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-20] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-20] (AVAST Software)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-20] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-20] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-28] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-20] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-20] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-20] ()
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-24] (Malwarebytes Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-17] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1528976 2013-03-05] (Realtek Semiconductor Corporation                           )
S2 sbmntr; C:\Program Files (x86)\YTDownloader\sbmntr.sys [58728 2015-01-08] (YTDownloader)
S3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2015-01-14] ()
S2 SPDRIVER_1472.0.0.0; C:\Program Files (x86)\ShopperPro\JSDriver\1472.0.0.0\jsdrv.sys [52584 2015-01-14] ()
S2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-20] (Avast Software)
S1 {915cb94b-b4d8-4c0e-83b4-61409471b1c3}Gw64; C:\Windows\System32\drivers\{915cb94b-b4d8-4c0e-83b4-61409471b1c3}Gw64.sys [48792 2015-01-23] (StdLib)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-28 20:13 - 2015-01-28 20:13 - 00000000 ____D () C:\FRST
2015-01-28 12:05 - 2015-01-28 12:05 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2015-01-28 12:05 - 2015-01-28 12:05 - 00000000 ____D () C:\users\Administrator
2015-01-24 10:15 - 2015-01-24 10:15 - 00003460 _____ () C:\Windows\System32\Tasks\ProPCCleaner_Popup
2015-01-24 10:14 - 2015-01-24 10:14 - 00000197 _____ () C:\Windows\System32\2015-01-24-18-14-08.092-AvastVBoxSVC.exe-5396.log
2015-01-24 10:12 - 2015-01-23 19:38 - 00048792 _____ (StdLib) C:\Windows\System32\Drivers\{915cb94b-b4d8-4c0e-83b4-61409471b1c3}Gw64.sys
2015-01-24 10:02 - 2015-01-24 10:02 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2015-01-24 09:41 - 2015-01-24 09:41 - 00001332 _____ () C:\Users\Owner\Desktop\Clean Registry for Free!.lnk
2015-01-24 09:40 - 2015-01-24 09:41 - 00000197 _____ () C:\Windows\System32\2015-01-24-17-40-41.091-AvastVBoxSVC.exe-4876.log
2015-01-24 02:55 - 2015-01-24 02:55 - 00000197 _____ () C:\Windows\System32\2015-01-24-10-55-46.045-AvastVBoxSVC.exe-1384.log
2015-01-23 10:54 - 2015-01-23 10:54 - 00000000 ____D () C:\Users\Owner\AppData\Local\rec_gb_7
2015-01-23 10:54 - 2015-01-23 10:54 - 00000000 ____D () C:\Program Files (x86)\rec_gb_7
2015-01-23 10:53 - 2015-01-23 10:53 - 00000197 _____ () C:\Windows\System32\2015-01-23-18-53-05.053-AvastVBoxSVC.exe-6068.log
2015-01-23 10:50 - 2015-01-23 10:50 - 00000464 __RSH () C:\ProgramData\ntuser.pol
2015-01-23 10:28 - 2015-01-23 10:28 - 00000000 ____D () C:\Program Files\Common Files\EPSON
2015-01-23 10:26 - 2015-01-23 10:26 - 00000197 _____ () C:\Windows\System32\2015-01-23-18-26-04.042-AvastVBoxSVC.exe-936.log
2015-01-23 00:10 - 2015-01-23 00:10 - 00000197 _____ () C:\Windows\System32\2015-01-23-08-10-21.027-AvastVBoxSVC.exe-5184.log
2015-01-22 11:07 - 2015-01-24 03:09 - 00000292 _____ () C:\Windows\Tasks\WSE_Vosteran.job
2015-01-22 11:07 - 2015-01-22 11:07 - 00003232 _____ () C:\Windows\System32\Tasks\WSE_Vosteran
2015-01-22 11:06 - 2015-01-24 10:12 - 00000000 ____D () C:\Program Files (x86)\Dynamo Combo
2015-01-22 11:06 - 2015-01-22 11:05 - 01055936 _____ (Adobe) C:\Users\Owner\Downloads\flash_setup.exe
2015-01-22 10:59 - 2015-01-22 10:59 - 00002171 _____ () C:\Users\Public\Desktop\Epson Easy Photo Print.lnk
2015-01-22 10:59 - 2015-01-22 10:59 - 00000000 ____D () C:\ProgramData\UDL
2015-01-22 10:57 - 2015-01-22 10:57 - 00000306 _____ () C:\Windows\setup.iss
2015-01-22 10:57 - 2015-01-22 10:57 - 00000000 ____D () C:\Program Files\Epson Software
2015-01-22 10:55 - 2015-01-22 10:55 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Epson
2015-01-22 10:54 - 2015-01-22 10:57 - 00000000 ____D () C:\Program Files (x86)\Epson Software
2015-01-22 10:54 - 2015-01-22 10:54 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\InstallShield
2015-01-22 10:52 - 2015-01-22 11:16 - 00002295 _____ () C:\Users\Public\Desktop\EPSON BX305 Series Network Guide.lnk
2015-01-22 10:52 - 2015-01-22 11:16 - 00002295 _____ () C:\Users\Public\Desktop\EPSON BX305 Series Manual.lnk
2015-01-22 10:52 - 2015-01-22 10:52 - 00000000 ____D () C:\Program Files (x86)\EpsonNet
2015-01-22 10:51 - 2015-01-23 10:28 - 00000000 ____D () C:\ProgramData\EPSON
2015-01-22 10:51 - 2015-01-22 11:15 - 00000934 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk
2015-01-22 10:51 - 2015-01-22 10:51 - 00000000 ____D () C:\Program Files (x86)\epson
2015-01-22 10:51 - 2009-11-19 16:00 - 00464384 _____ (Seiko Epson Corporation) C:\Windows\System32\esxw2ud.dll
2015-01-22 10:51 - 2009-09-30 19:01 - 00088064 _____ (SEIKO EPSON CORPORATION) C:\Windows\System32\E_IBCBGJE.DLL
2015-01-22 10:51 - 2009-04-30 16:00 - 00128392 _____ (Seiko Epson Corporation) C:\Windows\System32\esdevapp.exe
2015-01-22 10:51 - 2009-04-30 16:00 - 00017408 _____ (SEIKO EPSON CORP.) C:\Windows\System32\esxcdev.dll
2015-01-22 10:51 - 2008-11-11 19:00 - 00118784 _____ (SEIKO EPSON CORPORATION) C:\Windows\System32\E_ILMGJE.DLL
2015-01-22 10:51 - 2007-04-09 17:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\Windows\System32\E_GCINST.DLL
2015-01-22 10:35 - 2015-01-22 10:35 - 00000000 __RHD () C:\MSOCache
2015-01-22 10:30 - 2015-01-22 10:30 - 00000197 _____ () C:\Windows\System32\2015-01-22-18-30-48.072-AvastVBoxSVC.exe-5860.log
2015-01-22 10:18 - 2015-01-22 10:18 - 00003158 _____ () C:\Windows\System32\Tasks\UNELEVATE_4924
2015-01-22 10:14 - 2015-01-22 10:14 - 00000197 _____ () C:\Windows\System32\2015-01-22-18-14-41.043-AvastVBoxSVC.exe-6156.log
2015-01-21 12:16 - 2010-06-01 20:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-01-21 12:16 - 2010-06-01 20:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_7.dll
2015-01-21 12:16 - 2010-06-01 20:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-01-21 12:16 - 2010-06-01 20:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_7.dll
2015-01-21 12:16 - 2010-06-01 20:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_5.dll
2015-01-21 12:16 - 2010-06-01 20:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-01-21 12:16 - 2010-05-26 03:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_43.dll
2015-01-21 12:16 - 2010-05-26 03:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-01-21 12:16 - 2010-05-26 03:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\System32\d3dcsx_43.dll
2015-01-21 12:16 - 2010-05-26 03:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-01-21 12:16 - 2010-02-04 02:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_6.dll
2015-01-21 12:16 - 2010-02-04 02:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-01-21 12:16 - 2010-02-04 02:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-01-21 12:16 - 2010-02-04 02:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_6.dll
2015-01-21 12:16 - 2010-02-04 02:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_4.dll
2015-01-21 12:16 - 2010-02-04 02:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-01-21 12:16 - 2010-02-04 02:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_7.dll
2015-01-21 12:16 - 2010-02-04 02:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-01-21 12:16 - 2009-09-04 09:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_5.dll
2015-01-21 12:16 - 2009-09-04 09:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-01-21 12:16 - 2009-09-04 09:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-01-21 12:16 - 2009-09-04 09:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_5.dll
2015-01-21 12:16 - 2009-09-04 09:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_3.dll
2015-01-21 12:16 - 2009-09-04 09:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-01-21 12:16 - 2009-09-04 09:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\System32\d3dcsx_42.dll
2015-01-21 12:16 - 2009-09-04 09:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-01-21 12:16 - 2009-09-04 09:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_42.dll
2015-01-21 12:16 - 2009-09-04 09:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_42.dll
2015-01-21 12:16 - 2009-09-04 09:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-01-21 12:16 - 2009-09-04 09:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-01-21 12:16 - 2009-09-04 09:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_42.dll
2015-01-21 12:16 - 2009-09-04 09:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-01-21 12:16 - 2009-09-04 09:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\System32\d3dx11_42.dll
2015-01-21 12:16 - 2009-09-04 09:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-01-21 12:16 - 2009-03-16 06:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_4.dll
2015-01-21 12:16 - 2009-03-16 06:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-01-21 12:16 - 2009-03-16 06:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-01-21 12:16 - 2009-03-16 06:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_4.dll
2015-01-21 12:16 - 2009-03-16 06:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_6.dll
2015-01-21 12:16 - 2009-03-16 06:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-01-21 12:16 - 2009-03-09 07:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_41.dll
2015-01-21 12:16 - 2009-03-09 07:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-01-21 12:16 - 2009-03-09 07:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_41.dll
2015-01-21 12:16 - 2009-03-09 07:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-01-21 12:16 - 2009-03-09 07:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_41.dll
2015-01-21 12:16 - 2009-03-09 07:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-01-21 12:16 - 2008-10-27 02:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_3.dll
2015-01-21 12:16 - 2008-10-27 02:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-01-21 12:16 - 2008-10-27 02:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-01-21 12:16 - 2008-10-27 02:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_3.dll
2015-01-21 12:16 - 2008-10-27 02:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_2.dll
2015-01-21 12:16 - 2008-10-27 02:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-01-21 12:16 - 2008-10-27 02:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_5.dll
2015-01-21 12:16 - 2008-10-27 02:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-01-21 12:16 - 2008-10-09 20:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_40.dll
2015-01-21 12:16 - 2008-10-09 20:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-01-21 12:16 - 2008-10-09 20:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_40.dll
2015-01-21 12:16 - 2008-10-09 20:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-01-21 12:16 - 2008-10-09 20:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_40.dll
2015-01-21 12:16 - 2008-10-09 20:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-01-21 12:15 - 2008-07-31 02:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-01-21 12:15 - 2008-07-31 02:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_2.dll
2015-01-21 12:15 - 2008-07-31 02:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_1.dll
2015-01-21 12:15 - 2008-07-31 02:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-01-21 12:15 - 2008-07-31 02:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_2.dll
2015-01-21 12:15 - 2008-07-31 02:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-01-21 12:15 - 2008-07-10 03:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-01-21 12:15 - 2008-07-10 03:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_39.dll
2015-01-21 12:15 - 2008-07-10 03:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-01-21 12:15 - 2008-07-10 03:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_39.dll
2015-01-21 12:15 - 2008-07-10 03:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-01-21 12:15 - 2008-07-10 03:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_39.dll
2015-01-21 12:15 - 2008-05-30 06:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_1.dll
2015-01-21 12:15 - 2008-05-30 06:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-01-21 12:15 - 2008-05-30 06:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-01-21 12:15 - 2008-05-30 06:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_1.dll
2015-01-21 12:15 - 2008-05-30 06:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_0.dll
2015-01-21 12:15 - 2008-05-30 06:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-01-21 12:15 - 2008-05-30 06:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-01-21 12:15 - 2008-05-30 06:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_4.dll
2015-01-21 12:15 - 2008-05-30 06:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_38.dll
2015-01-21 12:15 - 2008-05-30 06:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-01-21 12:15 - 2008-05-30 06:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_38.dll
2015-01-21 12:15 - 2008-05-30 06:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-01-21 12:15 - 2008-05-30 06:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_38.dll
2015-01-21 12:15 - 2008-05-30 06:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-01-21 12:15 - 2008-03-05 08:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_0.dll
2015-01-21 12:15 - 2008-03-05 08:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-01-21 12:15 - 2008-03-05 08:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-01-21 12:15 - 2008-03-05 08:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_0.dll
2015-01-21 12:15 - 2008-03-05 08:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_3.dll
2015-01-21 12:15 - 2008-03-05 08:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-01-21 12:15 - 2008-03-05 07:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_37.dll
2015-01-21 12:15 - 2008-03-05 07:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-01-21 12:15 - 2008-03-05 07:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_37.dll
2015-01-21 12:15 - 2008-03-05 07:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-01-21 12:15 - 2008-02-05 15:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_37.dll
2015-01-21 12:15 - 2008-02-05 15:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-01-21 12:15 - 2007-10-21 19:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_10.dll
2015-01-21 12:15 - 2007-10-21 19:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-01-21 12:15 - 2007-10-21 19:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_2.dll
2015-01-21 12:15 - 2007-10-21 19:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-01-21 12:15 - 2007-10-12 07:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_36.dll
2015-01-21 12:15 - 2007-10-12 07:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-01-21 12:15 - 2007-10-12 07:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_36.dll
2015-01-21 12:15 - 2007-10-12 07:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-01-21 12:15 - 2007-10-02 01:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_36.dll
2015-01-21 12:15 - 2007-10-02 01:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-01-21 12:15 - 2007-07-19 16:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_9.dll
2015-01-21 12:15 - 2007-07-19 16:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-01-21 12:15 - 2007-07-19 10:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_35.dll
2015-01-21 12:15 - 2007-07-19 10:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-01-21 12:15 - 2007-07-19 10:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_35.dll
2015-01-21 12:15 - 2007-07-19 10:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-01-21 12:15 - 2007-07-19 10:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_35.dll
2015-01-21 12:15 - 2007-07-19 10:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-01-21 12:15 - 2007-06-20 12:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_8.dll
2015-01-21 12:15 - 2007-06-20 12:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-01-21 12:15 - 2007-05-16 08:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_34.dll
2015-01-21 12:15 - 2007-05-16 08:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-01-21 12:15 - 2007-05-16 08:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_34.dll
2015-01-21 12:15 - 2007-05-16 08:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-01-21 12:15 - 2007-05-16 08:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_34.dll
2015-01-21 12:15 - 2007-05-16 08:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-01-21 12:15 - 2007-04-04 10:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_7.dll
2015-01-21 12:15 - 2007-04-04 10:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-01-21 12:15 - 2007-04-04 10:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\System32\xinput1_3.dll
2015-01-21 12:15 - 2007-04-04 10:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-01-21 12:15 - 2007-03-15 08:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_33.dll
2015-01-21 12:15 - 2007-03-15 08:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-01-21 12:15 - 2007-03-12 08:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_33.dll
2015-01-21 12:15 - 2007-03-12 08:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-01-21 12:15 - 2007-03-12 08:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_33.dll
2015-01-21 12:15 - 2007-03-12 08:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-01-21 12:15 - 2007-03-05 04:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\System32\x3daudio1_1.dll
2015-01-21 12:15 - 2007-03-05 04:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-01-21 12:15 - 2007-01-24 07:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_6.dll
2015-01-21 12:15 - 2007-01-24 07:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-01-21 12:15 - 2006-12-08 04:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-01-21 12:15 - 2006-12-08 04:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_5.dll
2015-01-21 12:15 - 2006-11-29 05:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_32.dll
2015-01-21 12:15 - 2006-11-29 05:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-01-21 12:15 - 2006-11-29 05:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10.dll
2015-01-21 12:15 - 2006-11-29 05:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-01-21 12:15 - 2006-09-28 08:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_31.dll
2015-01-21 12:15 - 2006-09-28 08:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-01-21 12:15 - 2006-09-28 08:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-01-21 12:15 - 2006-09-28 08:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_4.dll
2015-01-21 12:15 - 2006-07-28 01:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\System32\xinput1_2.dll
2015-01-21 12:15 - 2006-07-28 01:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_3.dll
2015-01-21 12:15 - 2006-07-28 01:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-01-21 12:15 - 2006-07-28 01:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-01-21 12:15 - 2006-05-30 23:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-01-21 12:15 - 2006-05-30 23:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_2.dll
2015-01-21 12:15 - 2006-03-31 04:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_30.dll
2015-01-21 12:15 - 2006-03-31 04:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-01-21 12:15 - 2006-03-31 04:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_1.dll
2015-01-21 12:15 - 2006-03-31 04:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-01-21 12:15 - 2006-03-31 04:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\System32\xinput1_1.dll
2015-01-21 12:15 - 2006-03-31 04:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-01-21 12:15 - 2006-02-03 00:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_29.dll
2015-01-21 12:15 - 2006-02-03 00:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-01-21 12:15 - 2006-02-03 00:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_0.dll
2015-01-21 12:15 - 2006-02-03 00:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-01-21 12:15 - 2006-02-03 00:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\System32\x3daudio1_0.dll
2015-01-21 12:15 - 2006-02-03 00:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-01-21 12:15 - 2005-12-05 10:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_28.dll
2015-01-21 12:15 - 2005-12-05 10:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-01-21 12:15 - 2005-07-22 11:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_27.dll
2015-01-21 12:15 - 2005-07-22 11:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-01-21 12:14 - 2015-01-21 12:15 - 00010009 _____ () C:\Windows\DirectX.log
2015-01-21 12:14 - 2005-05-26 07:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_26.dll
2015-01-21 12:14 - 2005-05-26 07:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-01-21 12:14 - 2005-03-18 09:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_25.dll
2015-01-21 12:14 - 2005-03-18 09:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-01-21 12:14 - 2005-02-05 11:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_24.dll
2015-01-21 12:14 - 2005-02-05 11:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-01-21 12:11 - 2015-01-21 12:16 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-01-21 12:11 - 2015-01-21 12:14 - 00000000 ___HD () C:\Windows\msdownld.tmp
2015-01-21 11:09 - 2015-01-21 11:10 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\.technic
2015-01-21 11:08 - 2015-01-21 11:09 - 04582264 _____ () C:\Users\Owner\Downloads\TechnicLauncher.exe
2015-01-21 09:01 - 2015-01-21 09:03 - 00000000 ____D () C:\Program Files (x86)\Minecraft
2015-01-21 09:01 - 2015-01-21 09:01 - 02314240 _____ () C:\Users\Owner\Downloads\MinecraftInstaller.msi
2015-01-21 09:01 - 2015-01-21 09:01 - 00000961 _____ () C:\Users\Public\Desktop\Minecraft.lnk
2015-01-21 08:49 - 2015-01-21 08:49 - 00000197 _____ () C:\Windows\System32\2015-01-21-16-49-14.052-AvastVBoxSVC.exe-5948.log
2015-01-21 08:48 - 2015-01-21 08:48 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-01-20 10:16 - 2015-01-20 10:17 - 00000197 _____ () C:\Windows\System32\2015-01-20-18-16-58.040-AvastVBoxSVC.exe-5784.log
2015-01-19 14:48 - 2015-01-19 14:49 - 06512600 _____ (383 Media, Inc.) C:\Users\Owner\Downloads\DriverRestore (1).exe
2015-01-19 14:45 - 2015-01-19 14:46 - 00292184 _____ (Microsoft Corporation) C:\Users\Owner\Downloads\dxwebsetup.exe
2015-01-19 13:45 - 2015-01-19 13:45 - 00000220 _____ () C:\Users\Owner\Desktop\Garry's Mod.url
2015-01-19 13:40 - 2015-01-24 10:24 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-19 13:40 - 2015-01-19 13:40 - 00000967 _____ () C:\Users\Public\Desktop\Steam.lnk
2015-01-19 13:39 - 2015-01-19 13:39 - 01142128 _____ () C:\Users\Owner\Downloads\SteamSetup (1).exe
2015-01-19 13:38 - 2015-01-19 13:39 - 01142128 _____ () C:\Users\Owner\Downloads\SteamSetup.exe
2015-01-19 13:25 - 2015-01-19 13:29 - 00376184 _____ () C:\Users\Owner\Downloads\Setup (2).exe
2015-01-19 13:03 - 2015-01-19 13:03 - 00000197 _____ () C:\Windows\System32\2015-01-19-21-03-19.062-AvastVBoxSVC.exe-4960.log
2015-01-19 11:30 - 2015-01-19 11:30 - 00000197 _____ () C:\Windows\System32\2015-01-19-19-30-15.040-AvastVBoxSVC.exe-6480.log
2015-01-19 11:30 - 2015-01-19 11:30 - 00000000 ____D () C:\Users\Owner\AppData\Local\TVWizard
2015-01-18 12:44 - 2015-01-18 12:44 - 00000197 _____ () C:\Windows\System32\2015-01-18-20-44-16.002-AvastVBoxSVC.exe-6276.log
2015-01-18 12:35 - 2015-01-18 12:35 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-01-18 12:35 - 2015-01-18 12:35 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-01-18 12:34 - 2015-01-24 10:11 - 00003450 _____ () C:\Windows\Tasks\45008f83-45f6-4cb3-bfb2-7e51f0750adf-1.job
2015-01-18 12:34 - 2015-01-24 10:11 - 00003446 _____ () C:\Windows\Tasks\18e77132-9373-49af-81ce-b0bb1c25b909-1.job
2015-01-18 12:34 - 2015-01-24 10:11 - 00002438 _____ () C:\Windows\Tasks\45008f83-45f6-4cb3-bfb2-7e51f0750adf-5_user.job
2015-01-18 12:34 - 2015-01-24 10:11 - 00002438 _____ () C:\Windows\Tasks\45008f83-45f6-4cb3-bfb2-7e51f0750adf-5.job
2015-01-18 12:34 - 2015-01-24 10:11 - 00002436 _____ () C:\Windows\Tasks\18e77132-9373-49af-81ce-b0bb1c25b909-5_user.job
2015-01-18 12:34 - 2015-01-24 10:11 - 00002436 _____ () C:\Windows\Tasks\18e77132-9373-49af-81ce-b0bb1c25b909-5.job
2015-01-18 12:34 - 2015-01-24 10:11 - 00002102 _____ () C:\Windows\Tasks\45008f83-45f6-4cb3-bfb2-7e51f0750adf-2.job
2015-01-18 12:34 - 2015-01-24 10:11 - 00002100 _____ () C:\Windows\Tasks\18e77132-9373-49af-81ce-b0bb1c25b909-2.job
2015-01-18 12:34 - 2015-01-18 12:34 - 00006480 _____ () C:\Windows\System32\Tasks\45008f83-45f6-4cb3-bfb2-7e51f0750adf-1
2015-01-18 12:34 - 2015-01-18 12:34 - 00006476 _____ () C:\Windows\System32\Tasks\18e77132-9373-49af-81ce-b0bb1c25b909-1
2015-01-18 12:34 - 2015-01-18 12:34 - 00005468 _____ () C:\Windows\System32\Tasks\45008f83-45f6-4cb3-bfb2-7e51f0750adf-5
2015-01-18 12:34 - 2015-01-18 12:34 - 00005466 _____ () C:\Windows\System32\Tasks\18e77132-9373-49af-81ce-b0bb1c25b909-5
2015-01-18 12:34 - 2015-01-18 12:34 - 00005132 _____ () C:\Windows\System32\Tasks\45008f83-45f6-4cb3-bfb2-7e51f0750adf-2
2015-01-18 12:34 - 2015-01-18 12:34 - 00005130 _____ () C:\Windows\System32\Tasks\18e77132-9373-49af-81ce-b0bb1c25b909-2
2015-01-18 12:34 - 2015-01-18 12:34 - 00000000 ____D () C:\Users\Owner\AppData\Local\Weather_Protector_LLC
2015-01-18 12:34 - 2015-01-18 12:34 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-01-18 12:33 - 2015-01-24 10:11 - 00005854 _____ () C:\Windows\Tasks\45008f83-45f6-4cb3-bfb2-7e51f0750adf-6.job
2015-01-18 12:33 - 2015-01-24 10:11 - 00005852 _____ () C:\Windows\Tasks\18e77132-9373-49af-81ce-b0bb1c25b909-6.job
2015-01-18 12:33 - 2015-01-24 10:11 - 00005510 _____ () C:\Windows\Tasks\45008f83-45f6-4cb3-bfb2-7e51f0750adf-7.job
2015-01-18 12:33 - 2015-01-24 10:11 - 00005508 _____ () C:\Windows\Tasks\18e77132-9373-49af-81ce-b0bb1c25b909-7.job
2015-01-18 12:33 - 2015-01-24 10:11 - 00004486 _____ () C:\Windows\Tasks\45008f83-45f6-4cb3-bfb2-7e51f0750adf-4.job
2015-01-18 12:33 - 2015-01-24 10:11 - 00004484 _____ () C:\Windows\Tasks\18e77132-9373-49af-81ce-b0bb1c25b909-4.job
2015-01-18 12:33 - 2015-01-18 12:33 - 00008882 _____ () C:\Windows\System32\Tasks\45008f83-45f6-4cb3-bfb2-7e51f0750adf-6
2015-01-18 12:33 - 2015-01-18 12:33 - 00008880 _____ () C:\Windows\System32\Tasks\18e77132-9373-49af-81ce-b0bb1c25b909-6
2015-01-18 12:33 - 2015-01-18 12:33 - 00008540 _____ () C:\Windows\System32\Tasks\45008f83-45f6-4cb3-bfb2-7e51f0750adf-7
2015-01-18 12:33 - 2015-01-18 12:33 - 00008538 _____ () C:\Windows\System32\Tasks\18e77132-9373-49af-81ce-b0bb1c25b909-7
2015-01-18 12:33 - 2015-01-18 12:33 - 00007516 _____ () C:\Windows\System32\Tasks\45008f83-45f6-4cb3-bfb2-7e51f0750adf-4
2015-01-18 12:33 - 2015-01-18 12:33 - 00007514 _____ () C:\Windows\System32\Tasks\18e77132-9373-49af-81ce-b0bb1c25b909-4
2015-01-18 12:33 - 2015-01-18 12:33 - 00003196 _____ () C:\Windows\System32\Tasks\ProPCCleaner_Start
2015-01-18 12:33 - 2015-01-18 12:33 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\omiga-plus
2015-01-18 12:33 - 2015-01-18 12:33 - 00000000 ____D () C:\Users\Owner\AppData\Local\Pro_PC_Cleaner
2015-01-18 12:33 - 2015-01-18 12:33 - 00000000 ____D () C:\Program Files (x86)\e92a6a1e-294f-4a9f-95af-3eb6e732759e
2015-01-18 12:33 - 2015-01-18 12:33 - 00000000 ____D () C:\Program Files (x86)\ce6aa4a3-ccea-42b0-8ad7-b0a84358893a
2015-01-18 12:32 - 2015-01-24 10:15 - 00000000 ____D () C:\Users\Owner\Documents\ProPCCleaner
2015-01-18 12:32 - 2015-01-24 10:13 - 00001760 _____ () C:\Windows\Tasks\45008f83-45f6-4cb3-bfb2-7e51f0750adf-10_user.job
2015-01-18 12:32 - 2015-01-21 12:20 - 00000000 ____D () C:\Program Files (x86)\MPlayerPlusvideo4
2015-01-18 12:32 - 2015-01-19 11:33 - 00000000 ____D () C:\Users\Owner\AppData\Local\StormWatch
2015-01-18 12:32 - 2015-01-18 12:33 - 00000000 ____D () C:\ProgramData\EnpQpdi
2015-01-18 12:32 - 2015-01-18 12:32 - 00000999 _____ () C:\Users\Public\Desktop\Pro PC Cleaner.lnk
2015-01-18 12:32 - 2015-01-18 12:32 - 00000000 ____D () C:\Program Files (x86)\StormWatch
2015-01-18 12:32 - 2015-01-18 12:32 - 00000000 ____D () C:\Program Files (x86)\Pro PC Cleaner
2015-01-18 12:31 - 2015-01-18 12:32 - 00000000 ____D () C:\ProgramData\TVWizard
2015-01-18 12:31 - 2015-01-18 12:31 - 00001023 _____ () C:\Users\Owner\Desktop\PepperZip.lnk
2015-01-18 12:31 - 2015-01-18 12:31 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Pro PC Cleaner
2015-01-18 12:31 - 2015-01-18 12:31 - 00000000 ____D () C:\Program Files (x86)\PepperZip
2015-01-18 10:07 - 2015-01-18 10:07 - 00000197 _____ () C:\Windows\System32\2015-01-18-18-07-11.063-AvastVBoxSVC.exe-6092.log
2015-01-17 13:29 - 2015-01-17 13:29 - 00288826 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2015-01-17 11:18 - 2015-01-17 11:18 - 00234679 _____ () C:\Users\Owner\AppData\Local\dsi1.dat
2015-01-17 11:18 - 2015-01-17 11:18 - 00161916 _____ () C:\Users\Owner\AppData\Local\dsi2.dat
2015-01-17 10:58 - 2015-01-17 10:58 - 00000197 _____ () C:\Windows\System32\2015-01-17-18-58-06.020-AvastVBoxSVC.exe-6068.log
2015-01-17 05:55 - 2015-01-24 03:11 - 00003254 _____ () C:\Windows\System32\Tasks\Optimizer Pro Schedule
2015-01-17 05:54 - 2015-01-24 10:11 - 00002458 _____ () C:\Windows\Tasks\d2a1034f-4746-4167-bcf7-9338f39cdd64-5_user.job
2015-01-17 05:54 - 2015-01-24 10:11 - 00002458 _____ () C:\Windows\Tasks\d2a1034f-4746-4167-bcf7-9338f39cdd64-5.job
2015-01-17 05:54 - 2015-01-17 05:54 - 00005488 _____ () C:\Windows\System32\Tasks\d2a1034f-4746-4167-bcf7-9338f39cdd64-5
2015-01-17 05:53 - 2015-01-24 10:11 - 00004506 _____ () C:\Windows\Tasks\d2a1034f-4746-4167-bcf7-9338f39cdd64-4.job
2015-01-17 05:53 - 2015-01-24 10:11 - 00003490 _____ () C:\Windows\Tasks\d2a1034f-4746-4167-bcf7-9338f39cdd64-1.job
2015-01-17 05:53 - 2015-01-24 10:11 - 00002122 _____ () C:\Windows\Tasks\d2a1034f-4746-4167-bcf7-9338f39cdd64-2.job
2015-01-17 05:53 - 2015-01-17 05:54 - 00005152 _____ () C:\Windows\System32\Tasks\d2a1034f-4746-4167-bcf7-9338f39cdd64-2
2015-01-17 05:53 - 2015-01-17 05:53 - 00007536 _____ () C:\Windows\System32\Tasks\d2a1034f-4746-4167-bcf7-9338f39cdd64-4
2015-01-17 05:53 - 2015-01-17 05:53 - 00006520 _____ () C:\Windows\System32\Tasks\d2a1034f-4746-4167-bcf7-9338f39cdd64-1
2015-01-17 05:52 - 2015-01-24 10:11 - 00005530 _____ () C:\Windows\Tasks\d2a1034f-4746-4167-bcf7-9338f39cdd64-7.job
2015-01-17 05:52 - 2015-01-17 05:52 - 00008560 _____ () C:\Windows\System32\Tasks\d2a1034f-4746-4167-bcf7-9338f39cdd64-7
2015-01-17 05:52 - 2015-01-17 05:52 - 00000000 ____D () C:\Program Files (x86)\aed48a43-11d0-44a1-8406-d35df41df2c0
2015-01-17 05:51 - 2015-01-24 10:11 - 00001780 _____ () C:\Windows\Tasks\d2a1034f-4746-4167-bcf7-9338f39cdd64-10_user.job
2015-01-17 05:51 - 2015-01-24 10:01 - 00003608 _____ () C:\Windows\wininit.ini
2015-01-17 05:51 - 2015-01-24 09:40 - 00003302 _____ () C:\Windows\System32\Tasks\ASP
2015-01-17 05:51 - 2015-01-24 02:54 - 00003090 _____ () C:\Windows\System32\Tasks\RegClean Pro
2015-01-17 05:51 - 2015-01-18 11:52 - 00000000 ____D () C:\Program Files (x86)\CinemaHd For Pro 2.4cV16.01
2015-01-17 05:51 - 2015-01-17 05:51 - 00003008 _____ () C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2015-01-17 05:51 - 2015-01-17 05:51 - 00002852 _____ () C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
2015-01-17 05:51 - 2015-01-17 05:51 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\ASP
2015-01-17 05:50 - 2015-01-24 10:12 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\systweak
2015-01-17 05:50 - 2015-01-17 05:50 - 00000000 ____D () C:\Program Files (x86)\RCP
2015-01-17 05:50 - 2015-01-17 05:50 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro 3.33
2015-01-17 05:50 - 2014-12-08 09:01 - 00020216 _____ () C:\Windows\System32\roboot64.exe
2015-01-17 05:47 - 2015-01-17 05:47 - 00000197 _____ () C:\Windows\System32\2015-01-17-13-47-27.063-AvastVBoxSVC.exe-5816.log
2015-01-15 13:02 - 2015-01-15 13:02 - 00290174 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2015-01-15 13:02 - 2015-01-15 13:02 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2015-01-15 11:18 - 2015-01-23 11:08 - 00000130 _____ () C:\Users\Owner\AppData\Roaming\WB.CFG
2015-01-15 10:25 - 2015-01-15 10:25 - 00000197 _____ () C:\Windows\System32\2015-01-15-18-25-01.049-AvastVBoxSVC.exe-5504.log
2015-01-15 10:21 - 2015-01-15 10:21 - 00000000 ____D () C:\Program Files (x86)\ORBTR
2015-01-15 10:20 - 2015-01-22 11:08 - 00002269 _____ () C:\Users\Owner\Desktop\Vosteran.lnk
2015-01-15 10:20 - 2015-01-17 05:46 - 00002431 _____ () C:\Users\Owner\Desktop\Video Of The Day.lnk
2015-01-15 10:20 - 2015-01-17 05:46 - 00002267 _____ () C:\Users\Owner\Desktop\Facebook.lnk
2015-01-15 10:19 - 2015-01-24 10:01 - 00000000 ____D () C:\Users\Owner\AppData\Local\SmartWeb
2015-01-15 10:18 - 2015-01-24 10:18 - 00000302 _____ () C:\Windows\Tasks\Vosteran_helper.job
2015-01-15 10:18 - 2015-01-24 09:40 - 00000000 ____D () C:\Users\Owner\AppData\Local\gmsd_gb_79
2015-01-15 10:18 - 2015-01-22 11:08 - 00000000 ____D () C:\Users\Owner\AppData\Local\Vosteran
2015-01-15 10:18 - 2015-01-22 11:06 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\WSE_Vosteran
2015-01-15 10:18 - 2015-01-15 10:18 - 00003242 _____ () C:\Windows\System32\Tasks\Vosteran_helper
2015-01-15 10:18 - 2015-01-15 10:18 - 00000000 ____D () C:\ProgramData\{3070D8B3-60F2-0935-D174-79B701F6AA39}
2015-01-15 10:18 - 2015-01-15 10:18 - 00000000 ____D () C:\Program Files (x86)\WSE_Vosteran
2015-01-15 10:18 - 2015-01-15 10:18 - 00000000 ____D () C:\Program Files (x86)\gmsd_gb_79
2015-01-15 10:17 - 2015-01-22 11:24 - 00000000 ____D () C:\ProgramData\Unchecky
2015-01-15 10:17 - 2015-01-15 10:18 - 00000000 ____D () C:\Program Files (x86)\ClickCaption_1.10.0.6
2015-01-15 10:17 - 2015-01-15 10:17 - 00001023 _____ () C:\Users\Public\Desktop\Unchecky.lnk
2015-01-15 10:17 - 2015-01-15 10:17 - 00000000 ____D () C:\Program Files (x86)\Unchecky
2015-01-15 10:16 - 2015-01-15 10:16 - 00001091 _____ () C:\Users\Owner\Desktop\Continue Live Installation.lnk
2015-01-15 10:09 - 2015-01-24 10:11 - 00004480 _____ () C:\Windows\Tasks\b17420af-9a12-4492-ae8e-c82c9e673c19-4.job
2015-01-15 10:09 - 2015-01-15 10:09 - 00007510 _____ () C:\Windows\System32\Tasks\b17420af-9a12-4492-ae8e-c82c9e673c19-4
2015-01-15 10:09 - 2015-01-15 10:09 - 00004508 _____ () C:\Windows\System32\Tasks\ShopperPro
2015-01-15 10:09 - 2015-01-15 10:09 - 00004234 _____ () C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_313638363333363031392d454a2a415034412a4a6c575a
2015-01-15 10:09 - 2015-01-15 10:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2015-01-15 10:08 - 2015-01-24 10:11 - 00000934 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-01-15 10:08 - 2015-01-22 12:38 - 00000938 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-01-15 10:08 - 2015-01-22 10:18 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\SoftwareUpdater
2015-01-15 10:08 - 2015-01-18 12:33 - 00003936 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-01-15 10:08 - 2015-01-18 12:33 - 00003682 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-01-15 10:08 - 2015-01-18 12:33 - 00000000 ____D () C:\Program Files (x86)\8a826731-641f-476a-ba10-aeda36e4804f
2015-01-15 10:08 - 2015-01-18 12:08 - 00000000 ____D () C:\Program Files (x86)\Object Browser
2015-01-15 10:08 - 2015-01-15 10:19 - 00000000 ____D () C:\Users\Owner\AppData\Local\ConvertAd
2015-01-15 10:08 - 2015-01-15 10:09 - 00003492 _____ () C:\Windows\System32\Tasks\SPDriver
2015-01-15 10:08 - 2015-01-15 10:09 - 00000000 ____D () C:\ProgramData\ShopperPro
2015-01-15 10:08 - 2015-01-15 10:08 - 00007838 _____ () C:\Windows\System32\Tasks\c15af386-6f8b-48f3-8d67-4125c8a9408e-4
2015-01-15 10:08 - 2015-01-15 10:08 - 00003568 _____ () C:\Windows\System32\Tasks\ShopperProJSUpd
2015-01-15 10:08 - 2015-01-15 10:08 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2015-01-15 10:08 - 2015-01-15 10:08 - 00000000 ____D () C:\Users\Owner\AppData\Local\globalUpdate
2015-01-15 10:08 - 2015-01-15 10:08 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2015-01-15 10:08 - 2015-01-15 10:08 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-01-15 10:06 - 2015-01-15 10:10 - 00000000 ____D () C:\Users\Owner\AppData\Local\BrowserHelper
2015-01-15 10:06 - 2015-01-15 10:06 - 00003722 _____ () C:\Windows\System32\Tasks\SMupdate1
2015-01-15 10:05 - 2015-01-15 10:19 - 00000000 ____D () C:\Users\Owner\AppData\Local\wincheck
2015-01-15 10:05 - 2015-01-15 10:05 - 00003904 _____ () C:\Windows\System32\Tasks\YTDownloaderUpd
2015-01-15 10:05 - 2015-01-15 10:05 - 00003582 _____ () C:\Windows\System32\Tasks\YTDownloader
2015-01-15 10:05 - 2015-01-15 10:05 - 00001953 _____ () C:\Users\Owner\Desktop\YTDownloader.lnk
2015-01-15 10:05 - 2015-01-15 10:05 - 00000000 ____D () C:\Users\Owner\AppData\Local\CrashRpt
2015-01-15 10:05 - 2015-01-15 10:05 - 00000000 ____D () C:\Program Files (x86)\YTDownloader
2015-01-15 10:04 - 2015-01-15 10:04 - 00004014 _____ () C:\Windows\System32\Tasks\LaunchSignup
2015-01-15 10:03 - 2015-01-24 03:18 - 00000000 ____D () C:\Users\Owner\AppData\Local\LogMeIn Hamachi
2015-01-15 10:03 - 2015-01-15 10:03 - 00000000 ____D () C:\Users\Owner\AppData\Local\LogMeIn
2015-01-15 10:03 - 2015-01-15 10:03 - 00000000 ____D () C:\ProgramData\LogMeIn
2015-01-15 10:03 - 2015-01-15 10:03 - 00000000 ____D () C:\Program Files (x86)\WaInterEnhance
2015-01-15 10:03 - 2015-01-14 03:32 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\System32\hamachi.sys
2015-01-15 10:02 - 2015-01-24 10:11 - 00000361 _____ () C:\prefs.js
2015-01-15 10:02 - 2015-01-15 10:31 - 00000000 ____D () C:\searchplugins
2015-01-15 10:02 - 2015-01-15 10:02 - 00003596 _____ () C:\Windows\System32\Tasks\TotalSystemCare.Scanning
2015-01-15 10:02 - 2015-01-15 10:02 - 00003526 _____ () C:\Windows\System32\Tasks\TotalSystemCare.Autostart
2015-01-15 10:02 - 2015-01-15 10:02 - 00000000 ____D () C:\Users\Owner\AppData\Local\Lavasoft
2015-01-15 10:01 - 2015-01-15 10:02 - 00000000 ____D () C:\Program Files\TotalSystemCare
2015-01-15 10:01 - 2015-01-15 10:01 - 00004648 _____ () C:\Windows\SysWOW64\LavasoftTcpService.ini
2015-01-15 10:01 - 2015-01-15 10:01 - 00002480 _____ () C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-01-15 10:01 - 2015-01-15 10:01 - 00002480 _____ () C:\Windows\System32\LavasoftTcpServiceOff.ini
2015-01-15 10:01 - 2015-01-15 10:01 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2015-01-15 10:01 - 2014-12-16 04:10 - 00358736 _____ (Lavasoft Limited) C:\Windows\System32\LavasoftTcpService64.dll
2015-01-15 10:01 - 2014-12-16 04:10 - 00312424 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-01-15 10:00 - 2015-01-15 10:00 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Lavasoft
2015-01-15 10:00 - 2015-01-15 10:00 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-01-15 09:23 - 2015-01-15 09:24 - 00000197 _____ () C:\Windows\System32\2015-01-15-17-23-41.092-AvastVBoxSVC.exe-2416.log
2015-01-14 10:18 - 2015-01-14 10:19 - 00000197 _____ () C:\Windows\System32\2015-01-14-18-18-50.065-AvastVBoxSVC.exe-4960.log
2015-01-14 10:07 - 2015-01-22 11:09 - 00000000 ____D () C:\Users\Owner\Documents\Fax
2015-01-14 10:00 - 2015-01-21 12:20 - 00003794 _____ () C:\Windows\System32\Tasks\Driver Support-RTMScan
2015-01-14 10:00 - 2015-01-21 12:20 - 00003750 _____ () C:\Windows\System32\Tasks\Driver Support-RTMUpdater
2015-01-14 10:00 - 2015-01-21 12:20 - 00003742 _____ () C:\Windows\System32\Tasks\Driver Support-RTMRules
2015-01-14 10:00 - 2015-01-21 12:20 - 00003554 _____ () C:\Windows\System32\Tasks\Driver Support
2015-01-14 10:00 - 2015-01-14 10:19 - 00000000 ____D () C:\ProgramData\UAB
2015-01-14 10:00 - 2015-01-14 10:00 - 00000000 ____D () C:\Users\Owner\Downloads\Driver Support
2015-01-14 10:00 - 2015-01-14 10:00 - 00000000 ____D () C:\Users\Owner\AppData\Local\PC_Drivers_Headquarters
2015-01-14 10:00 - 2015-01-14 10:00 - 00000000 ____D () C:\ProgramData\Driver Support
2015-01-14 09:59 - 2015-01-14 09:59 - 00000000 ____D () C:\Program Files (x86)\Driver Support
2015-01-14 09:58 - 2015-01-14 09:59 - 00000197 _____ () C:\Windows\System32\2015-01-14-17-58-57.079-AvastVBoxSVC.exe-3560.log
2015-01-14 09:53 - 2015-01-14 10:15 - 00002017 _____ () C:\Users\Public\Desktop\Labtec WebCam.lnk
2015-01-14 09:53 - 2015-01-14 10:15 - 00001864 _____ () C:\Users\Public\Desktop\My Labtec Pictures.lnk
2015-01-14 09:52 - 2015-01-14 09:52 - 00000268 _____ () C:\Windows\_delis32.ini
2015-01-14 09:52 - 2015-01-14 09:52 - 00000000 ____D () C:\SXS
2015-01-14 09:52 - 2015-01-14 09:52 - 00000000 ____D () C:\Program Files (x86)\Logitech
2015-01-14 09:52 - 1998-10-29 08:45 - 00306688 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2015-01-14 09:51 - 2015-01-14 10:15 - 00097740 _____ () C:\MSIInstall.log
2015-01-14 09:51 - 2015-01-14 09:51 - 00000090 _____ () C:\LogiSetup.log
2015-01-14 08:56 - 2014-12-18 19:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2015-01-14 08:56 - 2014-12-18 17:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys
2015-01-14 08:56 - 2014-12-11 21:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2015-01-14 08:56 - 2014-12-11 21:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll
2015-01-14 08:56 - 2014-12-11 21:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\rstrui.exe
2015-01-14 08:56 - 2014-12-11 21:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\System32\srclient.dll
2015-01-14 08:56 - 2014-12-11 21:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 08:56 - 2014-12-11 21:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 08:56 - 2014-12-11 21:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 08:56 - 2014-12-11 09:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\System32\TSWbPrxy.exe
2015-01-14 08:56 - 2014-12-05 20:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\System32\nlasvc.dll
2015-01-14 08:56 - 2014-12-05 19:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 08:56 - 2014-12-05 19:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 08:49 - 2015-01-14 08:50 - 00000197 _____ () C:\Windows\System32\2015-01-14-16-49-54.019-AvastVBoxSVC.exe-3796.log
2015-01-11 04:08 - 2015-01-11 04:08 - 00000247 _____ () C:\Windows\System32\2015-01-11-12-08-34.016-aswFe.exe-5256.log
2015-01-11 04:04 - 2015-01-11 04:08 - 00000247 _____ () C:\Windows\System32\2015-01-11-12-04-06.083-aswFe.exe-3064.log
2015-01-11 04:04 - 2015-01-11 04:04 - 00000197 _____ () C:\Windows\System32\2015-01-11-12-04-02.013-AvastVBoxSVC.exe-2792.log
2015-01-11 00:50 - 2015-01-11 00:51 - 00000197 _____ () C:\Windows\System32\2015-01-11-08-50-47.017-AvastVBoxSVC.exe-1500.log
2015-01-10 15:09 - 2015-01-10 15:09 - 00000000 ____D () C:\Users\Owner\Documents\Electronic Arts
2015-01-10 14:39 - 2015-01-10 14:57 - 00001342 _____ () C:\Users\Public\Desktop\The Sims 4.lnk
2015-01-10 14:39 - 2015-01-10 14:39 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-10 14:39 - 2011-02-18 07:07 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2015-01-10 12:33 - 2015-01-10 12:45 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2015-01-10 11:25 - 2015-01-10 11:25 - 00000000 ____D () C:\Users\Owner\Desktop\tools
2015-01-10 11:24 - 2015-01-10 11:25 - 00000197 _____ () C:\Windows\System32\2015-01-10-19-24-59.042-AvastVBoxSVC.exe-3980.log
2015-01-10 08:43 - 2015-01-10 08:43 - 00000197 _____ () C:\Windows\System32\2015-01-10-16-43-35.096-AvastVBoxSVC.exe-3684.log
2015-01-09 09:02 - 2015-01-09 09:16 - 00013138 ____H () C:\Users\Owner\Documents\~WRL3089.tmp
2015-01-09 08:50 - 2015-01-09 08:51 - 00000197 _____ () C:\Windows\System32\2015-01-09-16-50-29.086-AvastVBoxSVC.exe-3032.log
2015-01-04 07:35 - 2015-01-04 07:35 - 00022638 _____ () C:\Users\Owner\Downloads\car.htm
2015-01-04 07:24 - 2015-01-04 07:24 - 00000197 _____ () C:\Windows\System32\2015-01-04-15-24-09.091-AvastVBoxSVC.exe-2992.log
2014-12-30 07:45 - 2014-06-26 18:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2014-12-30 07:45 - 2014-06-26 17:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-12-30 07:28 - 2014-12-30 07:28 - 00000197 _____ () C:\Windows\System32\2014-12-30-15-28-12.019-AvastVBoxSVC.exe-4540.log
2014-12-30 06:50 - 2014-12-30 06:50 - 00000197 _____ () C:\Windows\System32\2014-12-30-14-50-38.012-AvastVBoxSVC.exe-4340.log
2014-12-30 04:25 - 2014-07-08 18:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDYAK.DLL
2014-12-30 04:25 - 2014-07-08 18:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDTAT.DLL
2014-12-30 04:25 - 2014-07-08 18:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDRU1.DLL
2014-12-30 04:25 - 2014-07-08 18:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDBASH.DLL
2014-12-30 04:25 - 2014-07-08 18:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\KBDRU.DLL
2014-12-30 04:25 - 2014-07-08 17:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-12-30 04:25 - 2014-07-08 17:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-12-30 04:25 - 2014-07-08 17:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-12-30 04:25 - 2014-07-08 17:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-12-30 04:25 - 2014-07-08 17:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-12-30 04:25 - 2014-07-08 14:38 - 00419992 _____ () C:\Windows\System32\locale.nls
2014-12-30 04:25 - 2014-07-08 14:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-12-30 04:25 - 2014-06-23 19:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2014-12-30 04:25 - 2014-06-23 18:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-12-30 04:25 - 2013-11-26 00:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-12-30 04:25 - 2013-11-23 10:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-12-30 04:25 - 2013-11-23 09:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2014-12-30 04:25 - 2013-11-22 14:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2014-12-30 04:25 - 2011-02-24 22:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-12-30 04:25 - 2011-02-24 21:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-12-30 04:24 - 2012-02-10 22:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\System32\spoolsv.exe
2014-12-30 04:24 - 2012-02-10 22:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2014-12-30 04:24 - 2011-03-10 22:41 - 00410496 _____ (Intel Corporation) C:\Windows\System32\Drivers\iaStorV.sys
2014-12-30 04:24 - 2011-03-10 22:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvstor.sys
2014-12-30 04:24 - 2011-03-10 22:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvraid.sys
2014-12-30 04:24 - 2011-03-10 22:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\System32\Drivers\amdsata.sys
2014-12-30 04:24 - 2011-03-10 22:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\System32\Drivers\amdxata.sys
2014-12-30 04:24 - 2011-03-10 22:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\System32\esent.dll
2014-12-30 04:24 - 2011-03-10 22:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\System32\fsutil.exe
2014-12-30 04:24 - 2011-03-10 21:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-12-30 04:24 - 2011-03-10 21:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-12-30 04:24 - 2011-03-10 20:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2014-12-30 04:19 - 2014-12-30 04:19 - 00000197 _____ () C:\Windows\System32\2014-12-30-12-19-14.009-AvastVBoxSVC.exe-5056.log
2014-12-30 04:18 - 2014-12-20 08:34 - 00364512 _____ (AVAST Software) C:\Windows\System32\aswBoot.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-28 12:03 - 2009-07-13 21:13 - 00783336 _____ () C:\Windows\System32\PerfStringBackup.INI
2015-01-24 10:19 - 2014-12-20 06:50 - 01253349 _____ () C:\Windows\WindowsUpdate.log
2015-01-24 10:19 - 2009-07-13 20:45 - 00020880 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-24 10:19 - 2009-07-13 20:45 - 00020880 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-24 10:15 - 2014-12-25 04:24 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2C3D991A-DF9D-4001-9B11-2EE354E1D4C0}
2015-01-24 10:12 - 2009-07-13 18:34 - 00000505 _____ () C:\Windows\win.ini
2015-01-24 10:11 - 2014-12-20 08:27 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-24 10:11 - 2009-07-13 20:51 - 00032139 _____ () C:\Windows\setupact.log
2015-01-24 10:11 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\tracing
2015-01-24 10:10 - 2014-12-20 08:08 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-24 10:10 - 2010-11-20 19:47 - 00042024 _____ () C:\Windows\PFRO.log
2015-01-24 10:10 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-24 10:02 - 2014-12-20 08:08 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-01-24 10:01 - 2014-12-20 08:33 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-24 09:40 - 2014-12-20 08:35 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-23 10:38 - 2014-12-20 08:27 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-23 10:33 - 2014-12-20 08:27 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-23 10:25 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\GroupPolicy
2015-01-22 13:23 - 2014-12-25 05:00 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\SoftGrid Client
2015-01-22 13:23 - 2014-12-25 04:33 - 00000000 ____D () C:\ProgramData\Origin
2015-01-22 13:23 - 2009-07-13 21:32 - 00000000 ____D () C:\Windows\System32\FxsTmp
2015-01-22 13:22 - 2014-12-25 03:59 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Skype
2015-01-22 11:06 - 2014-12-20 08:27 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-22 11:06 - 2014-12-20 08:27 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-22 10:57 - 2014-12-20 07:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-22 10:29 - 2014-12-25 04:39 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-01-21 11:58 - 2014-12-27 11:41 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\.minecraft
2015-01-18 11:16 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-01-15 10:05 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-14 09:56 - 2014-12-20 06:56 - 00000000 ____D () C:\Users\Owner\AppData\Local\VirtualStore
2015-01-10 15:09 - 2014-12-25 04:39 - 00000000 ____D () C:\ProgramData\Electronic Arts
2015-01-10 13:23 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2015-01-10 12:40 - 2014-12-25 04:40 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Origin
2015-01-10 12:33 - 2014-12-25 04:40 - 00000000 ____D () C:\Users\Owner\AppData\Local\Origin
2015-01-10 11:25 - 2014-12-27 13:14 - 00000000 ____D () C:\Users\Owner\Desktop\game
2015-01-09 08:48 - 2009-07-13 20:45 - 00294512 _____ () C:\Windows\System32\FNTCACHE.DAT
2015-01-05 20:36 - 2010-11-20 19:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2014-12-30 12:12 - 2014-12-20 06:55 - 00000000 ____D () C:\users\Owner
2014-12-30 12:12 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\registration
2014-12-30 07:48 - 2014-12-20 08:07 - 00767202 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-12-30 04:19 - 2014-12-20 08:35 - 00001964 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-30 04:15 - 2009-07-13 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-12-29 06:11 - 2014-12-20 08:33 - 00064024 _____ () C:\Users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT

Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\_is3967.exe
C:\Users\Owner\AppData\Local\Temp\_is731D.exe
C:\Users\Owner\AppData\Local\Temp\_isC68A.exe
C:\Users\Owner\AppData\Local\Temp\_isFD91.exe

==================== Known DLLs (Whitelisted) ================

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points  =========================

Restore point made on: 2014-12-20 02:49:09
Restore point made on: 2014-12-20 02:50:05
Restore point made on: 2014-12-20 02:56:57
Restore point made on: 2014-12-20 03:16:29
Restore point made on: 2014-12-20 03:21:29
Restore point made on: 2014-12-20 03:57:30
Restore point made on: 2014-12-20 03:58:54
Restore point made on: 2014-12-20 04:00:06
Restore point made on: 2014-12-20 04:01:08
Restore point made on: 2014-12-20 04:02:37
Restore point made on: 2014-12-20 04:15:09
Restore point made on: 2014-12-20 07:00:51
Restore point made on: 2014-12-20 07:38:42
Restore point made on: 2014-12-20 07:52:52
Restore point made on: 2014-12-20 08:04:46
Restore point made on: 2014-12-20 08:08:49
Restore point made on: 2014-12-20 08:31:14
Restore point made on: 2014-12-20 08:32:04
Restore point made on: 2014-12-20 08:32:54
Restore point made on: 2014-12-20 08:33:44
Restore point made on: 2014-12-20 08:35:18
Restore point made on: 2014-12-27 11:01:08
Restore point made on: 2014-12-27 11:01:45
Restore point made on: 2014-12-27 11:37:40
Restore point made on: 2014-12-27 15:24:26
Restore point made on: 2014-12-28 03:37:53
Restore point made on: 2014-12-28 07:39:58
Restore point made on: 2014-12-30 04:17:20
Restore point made on: 2014-12-30 07:45:00
Restore point made on: 2015-01-04 07:28:50
Restore point made on: 2015-01-09 08:53:47
Restore point made on: 2015-01-10 14:39:07
Restore point made on: 2015-01-10 14:39:35
Restore point made on: 2015-01-11 03:58:28
Restore point made on: 2015-01-14 08:56:20
Restore point made on: 2015-01-14 09:52:00
Restore point made on: 2015-01-14 13:08:03
Restore point made on: 2015-01-15 10:00:54
Restore point made on: 2015-01-15 10:02:20
Restore point made on: 2015-01-15 13:02:01
Restore point made on: 2015-01-17 13:29:13
Restore point made on: 2015-01-21 09:01:46
Restore point made on: 2015-01-21 12:14:40
Restore point made on: 2015-01-22 10:52:33
Restore point made on: 2015-01-22 10:54:23
Restore point made on: 2015-01-22 10:55:47
Restore point made on: 2015-01-22 10:57:17
Restore point made on: 2015-01-22 11:16:40
Restore point made on: 2015-01-22 11:23:32

==================== Memory info ===========================

Percentage of memory in use: 10%
Total physical RAM: 8175.23 MB
Available physical RAM: 7305.48 MB
Total Pagefile: 8173.43 MB
Available Pagefile: 7294.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:749.36 GB) NTFS
Drive e: (EPSON) (CDROM) (Total:0.28 GB) (Free:0 GB) CDFS
Drive f: () (Removable) (Total:1.86 GB) (Free:1.53 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.02 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9F021A2D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 1.9 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

LastRegBack: 2015-01-14 10:40

==================== End Of Log ============================



#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:09:19 PM

Posted 28 January 2015 - 04:15 PM

Can you please post the Additional.txt that FRST produced.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 in2xs

in2xs
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Local time:03:19 AM

Posted 28 January 2015 - 05:15 PM

hi

think that was the only one produced, do you want me to run again, Also can I run this from windows desktop in safe mode as I have no mouse when using other way?

Cheers for help

Regards

Ada,



#6 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:09:19 PM

Posted 28 January 2015 - 05:31 PM

I need for you to run this fix the same way you been running FRST for now.

 

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the flashdrive as fixlist.txt

HKLM-x32\...\Run: [WinCheck] => C:\Users\Owner\AppData\Local\wincheck\wincheck.exe [268800 2015-01-14] ()
C:\Users\Owner\AppData\Local\wincheck
HKLM-x32\...\Run: [gmsd_gb_79] => C:\Program Files (x86)\gmsd_gb_79\gmsd_gb_79.exe [3974824 2015-01-15] ()
HKLM-x32\...\Run: [rec_gb_7] => C:\Program Files (x86)\rec_gb_7\rec_gb_7.exe [3975312 2015-01-20] ()
HKLM-x32\...\RunOnce: [upgmsd_gb_79.exe] => C:\Users\Owner\AppData\Local
\gmsd_gb_79\upgmsd_gb_79.exe [3309224 2015-01-15] ()
C:\Users\Owner\AppData\Local\gmsd_gb_79
C:\Program Files (x86)\rec_gb_7
HKLM-x32\...\RunOnce: [WSE_Vosteran] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Owner\AppData\Roaming\WSE_Vosteran\UpdateProc\bkup.dat"
HKU\Owner\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro 3.33\OptProLauncher.exe [148048 2015-01-16] (PC Utilities Software Limited)
AppInit_DLLs: _C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL => C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL File Not Found
AppInit_DLLs-x32: _C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL => "C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL" File Not Found
AppInit_DLLs-x32:  C:/PROGRA~3/{3070D~1/171~1.0/noce.dll => C:/PROGRA~3/{3070D~1/171~1.0/noce.dll [649216 2015-01-15] ()
S2 ccsvc_1.10.0.6; C:\Program Files (x86)\ClickCaption_1.10.0.6\Service\ccsvc.exe [277584 2015-01-07] ()
S2 d924d8dc; c:\Program Files (x86)\Optimizer Pro 3.33\OptProMon.dll [1597008 2015-01-17] ()
S2 FGDrVuRO; C:\ProgramData\EnpQpdi\FGDrVuRO.exe [2726256 2015-01-18] ()
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-01-18] (globalUpdate)
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-01-18] (globalUpdate)
S2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158864 2015-01-07] (XTab system)
S2 Internet Enhancer Service; C:\Program Files (x86)\WaInterEnhance\WaInterEnhance Internet Enhancer\InternetEnhancerService.exe [312320 2015-01-05] ()
S2 Orbiter; C:/Program Files (x86)/ORBTR/orbiter.dll [558544 2015-01-15] ()
S4 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [X]
S4 servervo; C:\Users\Owner\AppData\Roaming\VOPackage\VOsrv.exe [X] <==== ATTENTION
S2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [111208 2015-01-15] (RaMMicHaeL)
S2 Update Dynamo Combo; C:\Program Files (x86)\Dynamo Combo\updateDynamoCombo.exe [664824 2015-01-24] ()
S2 Util Dynamo Combo; C:\Program Files (x86)\Dynamo Combo\bin\utilDynamoCombo.exe [664824 2015-01-24] ()
S4 serverca; C:\Users\Owner\AppData\Local\ConvertAd\CASrv.exe [181248 2015-01-15] ()
S2 serversu; C:\Users\Owner\AppData\Roaming\SoftwareUpdater\SUsrv.exe [469504 2015-01-15] ()
S2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2015-01-14] ()
S2 SWUpdater; C:\Program Files (x86)\StormWatch\SWUpdaterSvc.exe [17584 2014-11-21] (Weather Protector LLC)
S2 sbmntr; C:\Program Files (x86)\YTDownloader\sbmntr.sys [58728 2015-01-08] (YTDownloader)
S3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2015-01-14] ()
S2 SPDRIVER_1472.0.0.0; C:\Program Files (x86)\ShopperPro\JSDriver\1472.0.0.0\jsdrv.sys [52584 2015-01-14] ()
S1 {915cb94b-b4d8-4c0e-83b4-61409471b1c3}Gw64; C:\Windows\System32\drivers\{915cb94b-b4d8-4c0e-83b4-61409471b1c3}Gw64.sys [48792 2015-01-23] (StdLib)
2015-01-24 09:41 - 2015-01-24 09:41 - 00001332 _____ () C:\Users\Owner\Desktop\Clean Registry for Free!.lnk
Emptytemp:
S2 BrsHelper; C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe [22376 2015-01-08] ()
S2 ccsvc_1.10.0.6; C:\Program Files (x86)\ClickCaption_1.10.0.6\Service\ccsvc.exe [277584 2015-01-07] ()
2015-01-15 10:08 - 2015-01-15 10:08 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2015-01-15 10:08 - 2015-01-15 10:08 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-01-15 10:08 - 2015-01-18 12:08 - 00000000 ____D () C:\Program Files (x86)\Object Browser
2015-01-15 10:08 - 2015-01-15 10:19 - 00000000 ____D () C:\Users\Owner\AppData\Local\ConvertAd
2015-01-15 10:08 - 2015-01-15 10:09 - 00003492 _____ () C:\Windows\System32\Tasks\SPDriver
2015-01-15 10:08 - 2015-01-15 10:09 - 00000000 ____D () C:\ProgramData\ShopperPro
2015-01-15 10:08 - 2015-01-15 10:08 - 00007838 _____ () C:\Windows\System32\Tasks\c15af386-6f8b-48f3-8d67-4125c8a9408e-4
2015-01-15 10:08 - 2015-01-15 10:08 - 00003568 _____ () C:\Windows\System32\Tasks\ShopperProJSUpd
2015-01-15 10:08 - 2015-01-15 10:08 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2015-01-15 10:08 - 2015-01-15 10:08 - 00000000 ____D () C:\Users\Owner\AppData\Local\globalUpdate
2015-01-15 10:08 - 2015-01-15 10:08 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2015-01-15 10:08 - 2015-01-15 10:08 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-01-15 10:08 - 2015-01-18 12:33 - 00003936 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-01-15 10:08 - 2015-01-18 12:33 - 00003682 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-01-15 10:17 - 2015-01-22 11:24 - 00000000 ____D () C:\ProgramData\Unchecky
2015-01-15 10:17 - 2015-01-15 10:18 - 00000000 ____D () C:\Program Files (x86)\ClickCaption_1.10.0.6
2015-01-15 10:17 - 2015-01-15 10:17 - 00001023 _____ () C:\Users\Public\Desktop\Unchecky.lnk
2015-01-15 10:17 - 2015-01-15 10:17 - 00000000 ____D () C:\Program Files (x86)\Unchecky
2015-01-18 12:32 - 2015-01-19 11:33 - 00000000 ____D () C:\Users\Owner\AppData\Local\StormWatch
2015-01-18 12:32 - 2015-01-18 12:33 - 00000000 ____D () C:\ProgramData\EnpQpdi
2015-01-18 12:32 - 2015-01-18 12:32 - 00000999 _____ () C:\Users\Public\Desktop\Pro PC Cleaner.lnk
2015-01-18 12:32 - 2015-01-18 12:32 - 00000000 ____D () C:\Program Files (x86)\StormWatch
2015-01-18 12:32 - 2015-01-18 12:32 - 00000000 ____D () C:\Program Files (x86)\Pro PC Cleaner
2015-01-18 12:31 - 2015-01-18 12:32 - 00000000 ____D () C:\ProgramData\TVWizard
2015-01-18 12:31 - 2015-01-18 12:31 - 00001023 _____ () C:\Users\Owner\Desktop\PepperZip.lnk
2015-01-18 12:31 - 2015-01-18 12:31 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Pro PC Cleaner
2015-01-18 12:31 - 2015-01-18 12:31 - 00000000 ____D () C:\Program Files (x86)\PepperZip
S4 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [464384 2015-01-18] ()

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.
On Windows XP: Now please boot into the BartPE CD.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

 

 

 

After you run this fix try and boot into normal mode

 


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#7 in2xs

in2xs
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Local time:03:19 AM

Posted 29 January 2015 - 02:32 PM

Hi

Once again thanks for the ongoing help.

Please find below fixlog file as requested, also I can now boot into normal mode now

Regards

Adam

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-01-2015
Ran by SYSTEM at 2015-01-29 19:17:22 Run:1
Running from f:\
Boot Mode: Recovery
==============================================
 
Content of fixlist:
*****************
HKLM-x32\...\Run: [WinCheck] => C:\Users\Owner\AppData\Local\wincheck\wincheck.exe [268800 2015-01-14] ()
C:\Users\Owner\AppData\Local\wincheck
HKLM-x32\...\Run: [gmsd_gb_79] => C:\Program Files (x86)\gmsd_gb_79\gmsd_gb_79.exe [3974824 2015-01-15] ()
HKLM-x32\...\Run: [rec_gb_7] => C:\Program Files (x86)\rec_gb_7\rec_gb_7.exe [3975312 2015-01-20] ()
HKLM-x32\...\RunOnce: [upgmsd_gb_79.exe] => C:\Users\Owner\AppData\Local
\gmsd_gb_79\upgmsd_gb_79.exe [3309224 2015-01-15] ()
C:\Users\Owner\AppData\Local\gmsd_gb_79
C:\Program Files (x86)\rec_gb_7
HKLM-x32\...\RunOnce: [WSE_Vosteran] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Owner\AppData\Roaming\WSE_Vosteran\UpdateProc\bkup.dat"
HKU\Owner\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro 3.33\OptProLauncher.exe [148048 2015-01-16] (PC Utilities Software Limited)
AppInit_DLLs: _C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL => C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL File Not Found
AppInit_DLLs-x32: _C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL => "C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL" File Not Found
AppInit_DLLs-x32:  C:/PROGRA~3/{3070D~1/171~1.0/noce.dll => C:/PROGRA~3/{3070D~1/171~1.0/noce.dll [649216 2015-01-15] ()
S2 ccsvc_1.10.0.6; C:\Program Files (x86)\ClickCaption_1.10.0.6\Service\ccsvc.exe [277584 2015-01-07] ()
S2 d924d8dc; c:\Program Files (x86)\Optimizer Pro 3.33\OptProMon.dll [1597008 2015-01-17] ()
S2 FGDrVuRO; C:\ProgramData\EnpQpdi\FGDrVuRO.exe [2726256 2015-01-18] ()
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-01-18] (globalUpdate)
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-01-18] (globalUpdate)
S2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158864 2015-01-07] (XTab system)
S2 Internet Enhancer Service; C:\Program Files (x86)\WaInterEnhance\WaInterEnhance Internet Enhancer\InternetEnhancerService.exe [312320 2015-01-05] ()
S2 Orbiter; C:/Program Files (x86)/ORBTR/orbiter.dll [558544 2015-01-15] ()
S4 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [X]
S4 servervo; C:\Users\Owner\AppData\Roaming\VOPackage\VOsrv.exe [X] <==== ATTENTION
S2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [111208 2015-01-15] (RaMMicHaeL)
S2 Update Dynamo Combo; C:\Program Files (x86)\Dynamo Combo\updateDynamoCombo.exe [664824 2015-01-24] ()
S2 Util Dynamo Combo; C:\Program Files (x86)\Dynamo Combo\bin\utilDynamoCombo.exe [664824 2015-01-24] ()
S4 serverca; C:\Users\Owner\AppData\Local\ConvertAd\CASrv.exe [181248 2015-01-15] ()
S2 serversu; C:\Users\Owner\AppData\Roaming\SoftwareUpdater\SUsrv.exe [469504 2015-01-15] ()
S2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2015-01-14] ()
S2 SWUpdater; C:\Program Files (x86)\StormWatch\SWUpdaterSvc.exe [17584 2014-11-21] (Weather Protector LLC)
S2 sbmntr; C:\Program Files (x86)\YTDownloader\sbmntr.sys [58728 2015-01-08] (YTDownloader)
S3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2015-01-14] ()
S2 SPDRIVER_1472.0.0.0; C:\Program Files (x86)\ShopperPro\JSDriver\1472.0.0.0\jsdrv.sys [52584 2015-01-14] ()
S1 {915cb94b-b4d8-4c0e-83b4-61409471b1c3}Gw64; C:\Windows\System32\drivers\{915cb94b-b4d8-4c0e-83b4-61409471b1c3}Gw64.sys [48792 2015-01-23] (StdLib)
2015-01-24 09:41 - 2015-01-24 09:41 - 00001332 _____ () C:\Users\Owner\Desktop\Clean Registry for Free!.lnk
Emptytemp:
S2 BrsHelper; C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe [22376 2015-01-08] ()
S2 ccsvc_1.10.0.6; C:\Program Files (x86)\ClickCaption_1.10.0.6\Service\ccsvc.exe [277584 2015-01-07] ()
2015-01-15 10:08 - 2015-01-15 10:08 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2015-01-15 10:08 - 2015-01-15 10:08 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-01-15 10:08 - 2015-01-18 12:08 - 00000000 ____D () C:\Program Files (x86)\Object Browser
2015-01-15 10:08 - 2015-01-15 10:19 - 00000000 ____D () C:\Users\Owner\AppData\Local\ConvertAd
2015-01-15 10:08 - 2015-01-15 10:09 - 00003492 _____ () C:\Windows\System32\Tasks\SPDriver
2015-01-15 10:08 - 2015-01-15 10:09 - 00000000 ____D () C:\ProgramData\ShopperPro
2015-01-15 10:08 - 2015-01-15 10:08 - 00007838 _____ () C:\Windows\System32\Tasks\c15af386-6f8b-48f3-8d67-4125c8a9408e-4
2015-01-15 10:08 - 2015-01-15 10:08 - 00003568 _____ () C:\Windows\System32\Tasks\ShopperProJSUpd
2015-01-15 10:08 - 2015-01-15 10:08 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2015-01-15 10:08 - 2015-01-15 10:08 - 00000000 ____D () C:\Users\Owner\AppData\Local\globalUpdate
2015-01-15 10:08 - 2015-01-15 10:08 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2015-01-15 10:08 - 2015-01-15 10:08 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-01-15 10:08 - 2015-01-18 12:33 - 00003936 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-01-15 10:08 - 2015-01-18 12:33 - 00003682 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-01-15 10:17 - 2015-01-22 11:24 - 00000000 ____D () C:\ProgramData\Unchecky
2015-01-15 10:17 - 2015-01-15 10:18 - 00000000 ____D () C:\Program Files (x86)\ClickCaption_1.10.0.6
2015-01-15 10:17 - 2015-01-15 10:17 - 00001023 _____ () C:\Users\Public\Desktop\Unchecky.lnk
2015-01-15 10:17 - 2015-01-15 10:17 - 00000000 ____D () C:\Program Files (x86)\Unchecky
2015-01-18 12:32 - 2015-01-19 11:33 - 00000000 ____D () C:\Users\Owner\AppData\Local\StormWatch
2015-01-18 12:32 - 2015-01-18 12:33 - 00000000 ____D () C:\ProgramData\EnpQpdi
2015-01-18 12:32 - 2015-01-18 12:32 - 00000999 _____ () C:\Users\Public\Desktop\Pro PC Cleaner.lnk
2015-01-18 12:32 - 2015-01-18 12:32 - 00000000 ____D () C:\Program Files (x86)\StormWatch
2015-01-18 12:32 - 2015-01-18 12:32 - 00000000 ____D () C:\Program Files (x86)\Pro PC Cleaner
2015-01-18 12:31 - 2015-01-18 12:32 - 00000000 ____D () C:\ProgramData\TVWizard
2015-01-18 12:31 - 2015-01-18 12:31 - 00001023 _____ () C:\Users\Owner\Desktop\PepperZip.lnk
2015-01-18 12:31 - 2015-01-18 12:31 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Pro PC Cleaner
2015-01-18 12:31 - 2015-01-18 12:31 - 00000000 ____D () C:\Program Files (x86)\PepperZip
S4 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [464384 2015-01-18] ()
*****************
 
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WinCheck => value deleted successfully.
C:\Users\Owner\AppData\Local\wincheck => Moved successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_gb_79 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\rec_gb_7 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\upgmsd_gb_79.exe => value deleted successfully.
\gmsd_gb_79\upgmsd_gb_79.exe [3309224 2015-01-15] () => Error: No automatic fix found for this entry.
C:\Users\Owner\AppData\Local\gmsd_gb_79 => Moved successfully.
C:\Program Files (x86)\rec_gb_7 => Moved successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\WSE_Vosteran => value deleted successfully.
HKU\Owner\Software\Microsoft\Windows\CurrentVersion\Run\\Optimizer Pro => value deleted successfully.
"_C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL" => Value Data removed successfully.
"_C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL" => Value Data removed successfully.
" C:/PROGRA~3/{3070D~1/171~1.0/noce.dll" => Value Data removed successfully.
ccsvc_1.10.0.6 => Service deleted successfully.
d924d8dc => Service deleted successfully.
FGDrVuRO => Service deleted successfully.
globalUpdate => Service deleted successfully.
globalUpdatem => Service deleted successfully.
IHProtect Service => Service deleted successfully.
Internet Enhancer Service => Service deleted successfully.
Orbiter => Service deleted successfully.
CltMngSvc => Service deleted successfully.
servervo => Service deleted successfully.
Unchecky => Service deleted successfully.
Update Dynamo Combo => Service deleted successfully.
Util Dynamo Combo => Service deleted successfully.
serverca => Service deleted successfully.
serversu => Service deleted successfully.
SPBIUpd => Service deleted successfully.
SWUpdater => Service deleted successfully.
sbmntr => Service deleted successfully.
SPBIUpdd => Service deleted successfully.
SPDRIVER_1472.0.0.0 => Service deleted successfully.
{915cb94b-b4d8-4c0e-83b4-61409471b1c3}Gw64 => Service deleted successfully.
C:\Users\Owner\Desktop\Clean Registry for Free!.lnk => Moved successfully.
Emptytemp: => Error: This directive works only outside recovery mode.
BrsHelper => Service deleted successfully.
ccsvc_1.10.0.6 => Service not found.
C:\Program Files (x86)\ShopperPro => Moved successfully.
C:\Program Files (x86)\globalUpdate => Moved successfully.
C:\Program Files (x86)\Object Browser => Moved successfully.
C:\Users\Owner\AppData\Local\ConvertAd => Moved successfully.
C:\Windows\System32\Tasks\SPDriver => Moved successfully.
C:\ProgramData\ShopperPro => Moved successfully.
C:\Windows\System32\Tasks\c15af386-6f8b-48f3-8d67-4125c8a9408e-4 => Moved successfully.
C:\Windows\System32\Tasks\ShopperProJSUpd => Moved successfully.
C:\Users\Public\Documents\ShopperPro => Moved successfully.
C:\Users\Owner\AppData\Local\globalUpdate => Moved successfully.
"C:\Program Files (x86)\ShopperPro" => File/Directory not found.
"C:\Program Files (x86)\globalUpdate" => File/Directory not found.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA => Moved successfully.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore => Moved successfully.
C:\ProgramData\Unchecky => Moved successfully.
C:\Program Files (x86)\ClickCaption_1.10.0.6 => Moved successfully.
C:\Users\Public\Desktop\Unchecky.lnk => Moved successfully.
C:\Program Files (x86)\Unchecky => Moved successfully.
C:\Users\Owner\AppData\Local\StormWatch => Moved successfully.
C:\ProgramData\EnpQpdi => Moved successfully.
C:\Users\Public\Desktop\Pro PC Cleaner.lnk => Moved successfully.
C:\Program Files (x86)\StormWatch => Moved successfully.
C:\Program Files (x86)\Pro PC Cleaner => Moved successfully.
C:\ProgramData\TVWizard => Moved successfully.
C:\Users\Owner\Desktop\PepperZip.lnk => Moved successfully.
C:\Users\Owner\AppData\Roaming\Pro PC Cleaner => Moved successfully.
C:\Program Files (x86)\PepperZip => Moved successfully.
WindowsMangerProtect => Service deleted successfully.
 
==== End of Fixlog 19:17:29 ====


#8 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:09:19 PM

Posted 29 January 2015 - 03:02 PM

The machine now boots properly? Did you reinstall? or just run the fix?


Edited by fireman4it, 29 January 2015 - 03:03 PM.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#9 in2xs

in2xs
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Local time:03:19 AM

Posted 29 January 2015 - 03:20 PM

Hi

I just ran the fix you advised to do, No I didn't reinstall, The machine now boots properly but machine still has loads of viruses, Can you please advise what you would like me to do next?

Kind Regards

Adam



#10 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:09:19 PM

Posted 29 January 2015 - 06:27 PM

1.

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool .
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer.
  • After the scan has finished...
  • Click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

 

 

2.

Please run FRST  again as you did the first time you ran it and post the FRST.txt


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#11 in2xs

in2xs
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Local time:03:19 AM

Posted 29 January 2015 - 06:49 PM

Hi, After I've ran adwcleaner do I need to run frst from system recovery menu again, or from Windows desktop?
Many thanks
Adam

#12 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:09:19 PM

Posted 29 January 2015 - 08:24 PM

You can run from desktop if you want.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#13 in2xs

in2xs
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Local time:03:19 AM

Posted 30 January 2015 - 03:43 PM

Hi

Please find below adwcleaner txt file as requested and also frst text file

Kind Regards

Adam

 

# AdwCleaner v4.109 - Report created 30/01/2015 at 19:59:24
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Administrator - OWNER-PC
# Running from : C:\Users\Administrator\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\ProgramData\Driver Support
Folder Deleted : C:\ProgramData\IHProtectUpDate
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TotalSystemCare
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pro PC Cleaner
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInterEnhance
Folder Deleted : C:\Program Files (x86)\YTDownloader
Folder Deleted : C:\Program Files (x86)\Driver Support
Folder Deleted : C:\Program Files (x86)\RCP
Folder Deleted : C:\Program Files (x86)\ORBTR
Folder Deleted : C:\Program Files (x86)\WSE_Vosteran
Folder Deleted : C:\Program Files (x86)\XTab
Folder Deleted : C:\Program Files (x86)\Dynamo Combo
Folder Deleted : C:\Program Files (x86)\WaInterEnhance
Folder Deleted : C:\Program Files (x86)\Browserv3.1.Apps
Folder Deleted : C:\Program Files (x86)\CinemaHd For Pro 2.4cV16.01
Folder Deleted : C:\Program Files (x86)\MPlayerPlusvideo4
Folder Deleted : C:\Program Files\TotalSystemCare
Folder Deleted : C:\Users\Administrator\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Owner\AppData\Local\TVWizard
Folder Deleted : C:\Users\Owner\AppData\Local\Weather_Protector_LLC
Folder Deleted : C:\Users\Owner\AppData\Local\CrashRpt
Folder Deleted : C:\Users\Owner\AppData\Local\SmartWeb
Folder Deleted : C:\Users\Owner\AppData\Local\Vosteran
Folder Deleted : C:\Users\Owner\AppData\Local\Pro_PC_Cleaner
Folder Deleted : C:\Users\Owner\AppData\LocalLow\Object Browser
Folder Deleted : C:\Users\Owner\AppData\LocalLow\SmartWeb
Folder Deleted : C:\Users\Owner\AppData\Roaming\ASP
Folder Deleted : C:\Users\Owner\AppData\Roaming\omiga-plus
Folder Deleted : C:\Users\Owner\AppData\Roaming\SoftwareUpdater
Folder Deleted : C:\Users\Owner\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Owner\AppData\Roaming\WSE_Vosteran
Folder Deleted : C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PepperZip
Folder Deleted : C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Folder Deleted : C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
Folder Deleted : C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Driver Support
Folder Deleted : C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormWatch
Folder Deleted : C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vosteran
Folder Deleted : C:\Users\Owner\Documents\ProPCCleaner
Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk
File Deleted : C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatchApp.lnk
File Deleted : C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk
File Deleted : C:\Users\Owner\Desktop\Continue Live Installation.lnk
File Deleted : C:\Users\Owner\Desktop\Facebook.lnk
File Deleted : C:\Users\Owner\Desktop\YTDownloader.lnk
File Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
File Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
File Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage
File Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : ASP
Task Deleted : Driver Support-RTMRules
Task Deleted : Driver Support-RTMScan
Task Deleted : Driver Support-RTMUpdater
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : LaunchSignup
Task Deleted : Optimizer Pro Schedule
Task Deleted : RegClean Pro
Task Deleted : RegClean Pro_DEFAULT
Task Deleted : RegClean Pro_UPDATES
Task Deleted : ShopperPro
Task Deleted : ShopperProJSUpd
Task Deleted : SMupdate1
Task Deleted : SPDriver
Task Deleted : YTDownloader
Task Deleted : WSE_Vosteran
Task Deleted : ProPCCleaner_Start
Task Deleted : ProPCCleaner_Popup
Task Deleted : YTDownloaderUpd
Task Deleted : 18e77132-9373-49af-81ce-b0bb1c25b909-1
Task Deleted : 18e77132-9373-49af-81ce-b0bb1c25b909-2
Task Deleted : 18e77132-9373-49af-81ce-b0bb1c25b909-4
Task Deleted : 18e77132-9373-49af-81ce-b0bb1c25b909-5
Task Deleted : 18e77132-9373-49af-81ce-b0bb1c25b909-5_user
Task Deleted : 18e77132-9373-49af-81ce-b0bb1c25b909-6
Task Deleted : 18e77132-9373-49af-81ce-b0bb1c25b909-7
Task Deleted : 45008f83-45f6-4cb3-bfb2-7e51f0750adf-1
Task Deleted : 45008f83-45f6-4cb3-bfb2-7e51f0750adf-10_user
Task Deleted : 45008f83-45f6-4cb3-bfb2-7e51f0750adf-2
Task Deleted : 45008f83-45f6-4cb3-bfb2-7e51f0750adf-4
Task Deleted : 45008f83-45f6-4cb3-bfb2-7e51f0750adf-5
Task Deleted : 45008f83-45f6-4cb3-bfb2-7e51f0750adf-5_user
Task Deleted : 45008f83-45f6-4cb3-bfb2-7e51f0750adf-6
Task Deleted : 45008f83-45f6-4cb3-bfb2-7e51f0750adf-7
Task Deleted : b17420af-9a12-4492-ae8e-c82c9e673c19-4
Task Deleted : d2a1034f-4746-4167-bcf7-9338f39cdd64-1
Task Deleted : d2a1034f-4746-4167-bcf7-9338f39cdd64-10_user
Task Deleted : d2a1034f-4746-4167-bcf7-9338f39cdd64-2
Task Deleted : d2a1034f-4746-4167-bcf7-9338f39cdd64-4
Task Deleted : d2a1034f-4746-4167-bcf7-9338f39cdd64-5
Task Deleted : d2a1034f-4746-4167-bcf7-9338f39cdd64-5_user
Task Deleted : d2a1034f-4746-4167-bcf7-9338f39cdd64-7
 
***** [ Shortcuts ] *****
 
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SPDriver]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Dynamo Combo
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Dynamo Combo
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{986C37A1-7B65-476F-80DC-54F80BD4B0D6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311281150}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611791113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611901165}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611991117}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322282250}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622792213}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622902265}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622992217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355285550}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655795513}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655905565}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655995517}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366286650}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666796613}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666906665}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666996617}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344284450}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644794413}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644904465}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644994417}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{53f00938-0214-4c62-b6d8-9e2034314ebb}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{986C37A1-7B65-476F-80DC-54F80BD4B0D6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311281150}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611791113}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611901165}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611991117}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311281150}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110611791113}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110611901165}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110611991117}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311281150}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611791113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611901165}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611991117}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322282250}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622792213}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622902265}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622992217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355285550}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655795513}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655905565}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655995517}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366286650}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666796613}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666906665}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666996617}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311281150}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611791113}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611901165}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611991117}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\YTDownloader
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Browserv3.1.Apps
Key Deleted : HKCU\Software\AppDataLow\Software\CinemaHd For Pro 2.4cV16.01
Key Deleted : HKCU\Software\AppDataLow\Software\MPlayerPlusvideo4
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstallCore
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\Object Browser
Key Deleted : HKLM\SOFTWARE\omiga-plusSoftware
Key Deleted : HKLM\SOFTWARE\ShopperPro
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\StormWatch
Key Deleted : HKLM\SOFTWARE\ORBTR
Key Deleted : HKLM\SOFTWARE\YTDownloader
Key Deleted : HKLM\SOFTWARE\GAMESDESKTOP
Key Deleted : HKLM\SOFTWARE\IHProtect
Key Deleted : HKLM\SOFTWARE\WaInterEnhance
Key Deleted : HKLM\SOFTWARE\Pro PC Cleaner
Key Deleted : HKLM\SOFTWARE\SPPDCOM
Key Deleted : HKLM\SOFTWARE\Dynamo Combo
Key Deleted : HKLM\SOFTWARE\Browserv3.1.Apps
Key Deleted : HKLM\SOFTWARE\CinemaHd For Pro 2.4cV16.01
Key Deleted : HKLM\SOFTWARE\MPlayerPlusvideo4
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Object Browser
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PepperZip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean-Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ConvertAd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TVWizard
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\omiga-plus uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SmartWeb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSE_Vosteran
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YTDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wincheck
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3060724-6AC7-4BEF-B516-4F6B1D90887D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WaInterEnhance
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browserv3.1.Apps
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinemaHd For Pro 2.4cV16.01
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MPlayerPlusvideo4
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro
Key Deleted : [x64] HKLM\SOFTWARE\TotalSystemCare
Key Deleted : [x64] HKLM\SOFTWARE\YTDownloader
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TotalSystemCare
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dynamo Combo
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.17183
 
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
 
-\\ Google Chrome v39.0.2171.99
 
[C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
[C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://vosteran.com/results.php?f=4&q={searchTerms}&a=vst_coinis_15_04_ie&cd=2XzuyEtN2Y1L1Qzu0Ezz0D0EtByBtD0CtDtByD0C0FyEtByBtN0D0Tzu0StCtCtCyBtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDyD1V1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0A0E0Fzz0C0BzytG0EtBtC0AtGtBtCzz0FtG0C0ByE0EtGtD0F0DyD0D0EyCyBzytBtAyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCyBtD0ByByBtAtGyEyEtAyBtGyE0B0E0FtGzy0B0EtBtGyByDtBtAyEyCtDyCtB0C0A0E2Q&cr=1404895878&ir=
[C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://vosteran.com/results.php?f=4&q={searchTerms}&a=vst_coinis_15_04_ie&cd=2XzuyEtN2Y1L1Qzu0Ezz0D0EtByBtD0CtDtByD0C0FyEtByBtN0D0Tzu0StCtCtCyBtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDyD1V1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0A0E0Fzz0C0BzytG0EtBtC0AtGtBtCzz0FtG0C0ByE0EtGtD0F0DyD0D0EyCyBzytBtAyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCyBtD0ByByBtAtGyEyEtAyBtGyE0B0E0FtGzy0B0EtBtGyByDtBtAyEyCtDyCtB0C0A0E2Q&cr=1404895878&ir=
[C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1421613250&from=tugs&uid=ST1000DM003-1ER162_W4Y0WV1ZXXXXW4Y0WV1Z&q={searchTerms}
[C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1421613250&from=tugs&uid=ST1000DM003-1ER162_W4Y0WV1ZXXXXW4Y0WV1Z&q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [29001 octets] - [30/01/2015 19:56:58]
AdwCleaner[S0].txt - [27715 octets] - [30/01/2015 19:59:24]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [27776 octets] ##########
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015
Ran by Administrator (administrator) on OWNER-PC on 30-01-2015 20:04:41
Running from C:\Users\Administrator\Desktop
Loaded Profiles: Administrator (Available profiles: Owner & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Labtec Inc.) C:\Program Files (x86)\Logitech\Video\LogiTray.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2465088 2014-11-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-09] (AVAST Software)
HKLM-x32\...\Run: [LogitechVideoRepair] => C:\Program Files (x86)\Logitech\Video\ISStart.exe [188416 2004-02-12] (Labtec Inc.)
HKLM-x32\...\Run: [LogitechVideoTray] => C:\Program Files (x86)\Logitech\Video\LogiTray.exe [77824 2004-02-12] (Labtec Inc.)
HKLM-x32\...\Run: [LogitechGalleryRepair] => C:\Program Files (x86)\Logitech\Video\ISStart.exe [188416 2004-02-12] (Labtec Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3977576 2015-01-20] (LogMeIn Inc.)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [847872 2009-12-03] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-4091020299-2403980179-1133043104-500\...\RunOnce: [Adobe Speed Launcher] => 1422648214
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:50658;https=127.0.0.1:50658
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-20]
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-20]
StartMenuInternet: Google Chrome - chrome.exe
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-20] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-20] (Avast Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-17] (NVIDIA Corporation)
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe [1351512 2014-12-16] (Lavasoft Limited)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-01-14] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-27] (Electronic Arts)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [15208 2014-12-16] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [36448 2011-01-30] (Asmedia Technology)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-20] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-20] ()
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-24] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
R3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1528976 2013-03-05] (Realtek Semiconductor Corporation                           )
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-20] (Avast Software)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-30 20:04 - 2015-01-30 20:05 - 00013193 _____ () C:\Users\Administrator\Desktop\FRST.txt
2015-01-30 20:04 - 2015-01-28 19:02 - 02130432 _____ (Farbar) C:\Users\Administrator\Desktop\FRST64.exe
2015-01-30 19:56 - 2015-01-30 20:00 - 00000000 ____D () C:\AdwCleaner
2015-01-30 19:56 - 2015-01-30 19:57 - 00000197 _____ () C:\Windows\system32\2015-01-30-19-56-45.041-AvastVBoxSVC.exe-4812.log
2015-01-30 19:56 - 2015-01-30 18:57 - 02194432 _____ () C:\Users\Administrator\Desktop\AdwCleaner.exe
2015-01-29 19:23 - 2015-01-29 19:23 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Epson
2015-01-29 19:23 - 2015-01-29 19:23 - 00000000 ____D () C:\Users\Administrator\AppData\Local\NVIDIA Corporation
2015-01-29 19:22 - 2015-01-30 20:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\LogMeIn Hamachi
2015-01-29 19:22 - 2015-01-29 19:23 - 00000197 _____ () C:\Windows\system32\2015-01-29-19-22-51.055-AvastVBoxSVC.exe-3740.log
2015-01-29 19:22 - 2015-01-29 19:22 - 00001413 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-29 19:22 - 2015-01-29 19:22 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AVAST Software
2015-01-29 19:22 - 2015-01-29 19:22 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2015-01-29 19:22 - 2015-01-29 19:22 - 00000000 ____D () C:\Users\Administrator\AppData\Local\LogMeIn
2015-01-29 19:22 - 2015-01-29 19:22 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2015-01-29 19:21 - 2015-01-29 19:21 - 00000000 ____D () C:\Users\Administrator\AppData\Local\NVIDIA
2015-01-29 04:13 - 2015-01-30 20:04 - 00000000 ____D () C:\FRST
2015-01-28 20:05 - 2015-01-29 19:22 - 00000000 ____D () C:\Users\Administrator
2015-01-28 20:05 - 2015-01-28 20:05 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2015-01-28 20:05 - 2009-07-14 04:54 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-28 20:05 - 2009-07-14 04:49 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-24 18:14 - 2015-01-24 18:14 - 00000197 _____ () C:\Windows\system32\2015-01-24-18-14-08.092-AvastVBoxSVC.exe-5396.log
2015-01-24 18:12 - 2015-01-24 03:38 - 00048792 _____ (StdLib) C:\Windows\system32\Drivers\{915cb94b-b4d8-4c0e-83b4-61409471b1c3}Gw64.sys
2015-01-24 18:02 - 2015-01-24 18:02 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-24 17:40 - 2015-01-24 17:41 - 00000197 _____ () C:\Windows\system32\2015-01-24-17-40-41.091-AvastVBoxSVC.exe-4876.log
2015-01-24 10:55 - 2015-01-24 10:55 - 00000197 _____ () C:\Windows\system32\2015-01-24-10-55-46.045-AvastVBoxSVC.exe-1384.log
2015-01-23 18:54 - 2015-01-23 18:54 - 00000000 ____D () C:\Users\Owner\AppData\Local\rec_gb_7
2015-01-23 18:53 - 2015-01-23 18:53 - 00000197 _____ () C:\Windows\system32\2015-01-23-18-53-05.053-AvastVBoxSVC.exe-6068.log
2015-01-23 18:50 - 2015-01-23 18:50 - 00000464 __RSH () C:\ProgramData\ntuser.pol
2015-01-23 18:28 - 2015-01-23 18:28 - 00000000 ____D () C:\Program Files\Common Files\EPSON
2015-01-23 18:26 - 2015-01-23 18:26 - 00000197 _____ () C:\Windows\system32\2015-01-23-18-26-04.042-AvastVBoxSVC.exe-936.log
2015-01-23 08:10 - 2015-01-23 08:10 - 00000197 _____ () C:\Windows\system32\2015-01-23-08-10-21.027-AvastVBoxSVC.exe-5184.log
2015-01-22 19:06 - 2015-01-22 19:05 - 01055936 _____ (Adobe) C:\Users\Owner\Downloads\flash_setup.exe
2015-01-22 18:59 - 2015-01-22 18:59 - 00002171 _____ () C:\Users\Public\Desktop\Epson Easy Photo Print.lnk
2015-01-22 18:59 - 2015-01-22 18:59 - 00000000 ____D () C:\ProgramData\UDL
2015-01-22 18:57 - 2015-01-22 18:57 - 00000306 _____ () C:\Windows\setup.iss
2015-01-22 18:57 - 2015-01-22 18:57 - 00000000 ____D () C:\Program Files\Epson Software
2015-01-22 18:55 - 2015-01-22 18:55 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Epson
2015-01-22 18:54 - 2015-01-22 18:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2015-01-22 18:54 - 2015-01-22 18:57 - 00000000 ____D () C:\Program Files (x86)\Epson Software
2015-01-22 18:54 - 2015-01-22 18:54 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\InstallShield
2015-01-22 18:52 - 2015-01-22 19:16 - 00002295 _____ () C:\Users\Public\Desktop\EPSON BX305 Series Network Guide.lnk
2015-01-22 18:52 - 2015-01-22 19:16 - 00002295 _____ () C:\Users\Public\Desktop\EPSON BX305 Series Manual.lnk
2015-01-22 18:52 - 2015-01-22 18:52 - 00000000 ____D () C:\Program Files (x86)\EpsonNet
2015-01-22 18:51 - 2015-01-23 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-01-22 18:51 - 2015-01-23 18:28 - 00000000 ____D () C:\ProgramData\EPSON
2015-01-22 18:51 - 2015-01-22 19:15 - 00000934 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk
2015-01-22 18:51 - 2015-01-22 18:51 - 00000000 ____D () C:\Program Files (x86)\epson
2015-01-22 18:51 - 2009-11-20 00:00 - 00464384 _____ (Seiko Epson Corporation) C:\Windows\system32\esxw2ud.dll
2015-01-22 18:51 - 2009-10-01 03:01 - 00088064 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_IBCBGJE.DLL
2015-01-22 18:51 - 2009-05-01 00:00 - 00128392 _____ (Seiko Epson Corporation) C:\Windows\system32\esdevapp.exe
2015-01-22 18:51 - 2009-05-01 00:00 - 00017408 _____ (SEIKO EPSON CORP.) C:\Windows\system32\esxcdev.dll
2015-01-22 18:51 - 2008-11-12 03:00 - 00118784 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_ILMGJE.DLL
2015-01-22 18:51 - 2007-04-10 01:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL
2015-01-22 18:35 - 2015-01-22 18:35 - 00000000 __RHD () C:\MSOCache
2015-01-22 18:30 - 2015-01-22 18:30 - 00000197 _____ () C:\Windows\system32\2015-01-22-18-30-48.072-AvastVBoxSVC.exe-5860.log
2015-01-22 18:18 - 2015-01-22 18:18 - 00003158 _____ () C:\Windows\System32\Tasks\UNELEVATE_4924
2015-01-22 18:14 - 2015-01-22 18:14 - 00000197 _____ () C:\Windows\system32\2015-01-22-18-14-41.043-AvastVBoxSVC.exe-6156.log
2015-01-21 20:16 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-01-21 20:16 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-01-21 20:16 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-01-21 20:16 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-01-21 20:16 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-01-21 20:16 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-01-21 20:16 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-01-21 20:16 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-01-21 20:16 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-01-21 20:16 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-01-21 20:16 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-01-21 20:16 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-01-21 20:16 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-01-21 20:16 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-01-21 20:16 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-01-21 20:16 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-01-21 20:16 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-01-21 20:16 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-01-21 20:16 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-01-21 20:16 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-01-21 20:16 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-01-21 20:16 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-01-21 20:16 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-01-21 20:16 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-01-21 20:16 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-01-21 20:16 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-01-21 20:16 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-01-21 20:16 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-01-21 20:16 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-01-21 20:16 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-01-21 20:16 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-01-21 20:16 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-01-21 20:16 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-01-21 20:16 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-01-21 20:16 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-01-21 20:16 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-01-21 20:16 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-01-21 20:16 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-01-21 20:16 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-01-21 20:16 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-01-21 20:16 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-01-21 20:16 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-01-21 20:16 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-01-21 20:16 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-01-21 20:16 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-01-21 20:16 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-01-21 20:16 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-01-21 20:16 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-01-21 20:16 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-01-21 20:16 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-01-21 20:16 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-01-21 20:16 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-01-21 20:16 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-01-21 20:16 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-01-21 20:16 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-01-21 20:16 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-01-21 20:16 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-01-21 20:16 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-01-21 20:16 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-01-21 20:16 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-01-21 20:15 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-01-21 20:15 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-01-21 20:15 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-01-21 20:15 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-01-21 20:15 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-01-21 20:15 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-01-21 20:15 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-01-21 20:15 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-01-21 20:15 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-01-21 20:15 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-01-21 20:15 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-01-21 20:15 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-01-21 20:15 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-01-21 20:15 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-01-21 20:15 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-01-21 20:15 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-01-21 20:15 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-01-21 20:15 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-01-21 20:15 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-01-21 20:15 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-01-21 20:15 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-01-21 20:15 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-01-21 20:15 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-01-21 20:15 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-01-21 20:15 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-01-21 20:15 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-01-21 20:15 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-01-21 20:15 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-01-21 20:15 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-01-21 20:15 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-01-21 20:15 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-01-21 20:15 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-01-21 20:15 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-01-21 20:15 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-01-21 20:15 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-01-21 20:15 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-01-21 20:15 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-01-21 20:15 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-01-21 20:15 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-01-21 20:15 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-01-21 20:15 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-01-21 20:15 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-01-21 20:15 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-01-21 20:15 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-01-21 20:15 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-01-21 20:15 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-01-21 20:15 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-01-21 20:15 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-01-21 20:15 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-01-21 20:15 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-01-21 20:15 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-01-21 20:15 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-01-21 20:15 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-01-21 20:15 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-01-21 20:15 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-01-21 20:15 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-01-21 20:15 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-01-21 20:15 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-01-21 20:15 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-01-21 20:15 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-01-21 20:15 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-01-21 20:15 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-01-21 20:15 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-01-21 20:15 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-01-21 20:15 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-01-21 20:15 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-01-21 20:15 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-01-21 20:15 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-01-21 20:15 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-01-21 20:15 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-01-21 20:15 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-01-21 20:15 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-01-21 20:15 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-01-21 20:15 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-01-21 20:15 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-01-21 20:15 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-01-21 20:15 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-01-21 20:15 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-01-21 20:15 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-01-21 20:15 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-01-21 20:15 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-01-21 20:15 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-01-21 20:15 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-01-21 20:15 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-01-21 20:15 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-01-21 20:15 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-01-21 20:15 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-01-21 20:15 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-01-21 20:15 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-01-21 20:15 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-01-21 20:15 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-01-21 20:15 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-01-21 20:15 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-01-21 20:15 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-01-21 20:15 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-01-21 20:15 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-01-21 20:15 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-01-21 20:15 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-01-21 20:15 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-01-21 20:15 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-01-21 20:15 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-01-21 20:15 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-01-21 20:15 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-01-21 20:15 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-01-21 20:15 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-01-21 20:15 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-01-21 20:15 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-01-21 20:15 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-01-21 20:15 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-01-21 20:15 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-01-21 20:14 - 2015-01-21 20:15 - 00010009 _____ () C:\Windows\DirectX.log
2015-01-21 20:14 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-01-21 20:14 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-01-21 20:14 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-01-21 20:14 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-01-21 20:14 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-01-21 20:14 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-01-21 20:11 - 2015-01-21 20:16 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-01-21 20:11 - 2015-01-21 20:14 - 00000000 ___HD () C:\Windows\msdownld.tmp
2015-01-21 19:09 - 2015-01-21 19:10 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\.technic
2015-01-21 19:08 - 2015-01-21 19:09 - 04582264 _____ () C:\Users\Owner\Downloads\TechnicLauncher.exe
2015-01-21 17:01 - 2015-01-21 17:03 - 00000000 ____D () C:\Program Files (x86)\Minecraft
2015-01-21 17:01 - 2015-01-21 17:01 - 02314240 _____ () C:\Users\Owner\Downloads\MinecraftInstaller.msi
2015-01-21 17:01 - 2015-01-21 17:01 - 00000961 _____ () C:\Users\Public\Desktop\Minecraft.lnk
2015-01-21 17:01 - 2015-01-21 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-01-21 16:49 - 2015-01-21 16:49 - 00000197 _____ () C:\Windows\system32\2015-01-21-16-49-14.052-AvastVBoxSVC.exe-5948.log
2015-01-21 16:48 - 2015-01-21 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-01-21 16:48 - 2015-01-21 16:48 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-01-20 18:16 - 2015-01-20 18:17 - 00000197 _____ () C:\Windows\system32\2015-01-20-18-16-58.040-AvastVBoxSVC.exe-5784.log
2015-01-19 22:48 - 2015-01-19 22:49 - 06512600 _____ (383 Media, Inc.) C:\Users\Owner\Downloads\DriverRestore (1).exe
2015-01-19 22:45 - 2015-01-19 22:46 - 00292184 _____ (Microsoft Corporation) C:\Users\Owner\Downloads\dxwebsetup.exe
2015-01-19 21:45 - 2015-01-19 21:45 - 00000220 _____ () C:\Users\Owner\Desktop\Garry's Mod.url
2015-01-19 21:45 - 2015-01-19 21:45 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-01-19 21:40 - 2015-01-24 18:24 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-19 21:40 - 2015-01-19 21:40 - 00000967 _____ () C:\Users\Public\Desktop\Steam.lnk
2015-01-19 21:40 - 2015-01-19 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-01-19 21:39 - 2015-01-19 21:39 - 01142128 _____ () C:\Users\Owner\Downloads\SteamSetup (1).exe
2015-01-19 21:38 - 2015-01-19 21:39 - 01142128 _____ () C:\Users\Owner\Downloads\SteamSetup.exe
2015-01-19 21:25 - 2015-01-19 21:29 - 00376184 _____ () C:\Users\Owner\Downloads\Setup (2).exe
2015-01-19 21:03 - 2015-01-19 21:03 - 00000197 _____ () C:\Windows\system32\2015-01-19-21-03-19.062-AvastVBoxSVC.exe-4960.log
2015-01-19 19:30 - 2015-01-19 19:30 - 00000197 _____ () C:\Windows\system32\2015-01-19-19-30-15.040-AvastVBoxSVC.exe-6480.log
2015-01-18 20:44 - 2015-01-18 20:44 - 00000197 _____ () C:\Windows\system32\2015-01-18-20-44-16.002-AvastVBoxSVC.exe-6276.log
2015-01-18 20:33 - 2015-01-18 20:33 - 00000000 ____D () C:\Program Files (x86)\e92a6a1e-294f-4a9f-95af-3eb6e732759e
2015-01-18 20:33 - 2015-01-18 20:33 - 00000000 ____D () C:\Program Files (x86)\ce6aa4a3-ccea-42b0-8ad7-b0a84358893a
2015-01-18 18:07 - 2015-01-18 18:07 - 00000197 _____ () C:\Windows\system32\2015-01-18-18-07-11.063-AvastVBoxSVC.exe-6092.log
2015-01-17 21:29 - 2015-01-17 21:29 - 00288826 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2015-01-17 19:18 - 2015-01-17 19:18 - 00234679 _____ () C:\Users\Owner\AppData\Local\dsi1.dat
2015-01-17 19:18 - 2015-01-17 19:18 - 00161916 _____ () C:\Users\Owner\AppData\Local\dsi2.dat
2015-01-17 18:58 - 2015-01-17 18:58 - 00000197 _____ () C:\Windows\system32\2015-01-17-18-58-06.020-AvastVBoxSVC.exe-6068.log
2015-01-17 13:52 - 2015-01-17 13:52 - 00000000 ____D () C:\Program Files (x86)\aed48a43-11d0-44a1-8406-d35df41df2c0
2015-01-17 13:51 - 2015-01-24 18:01 - 00003608 _____ () C:\Windows\wininit.ini
2015-01-17 13:50 - 2015-01-17 13:50 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro 3.33
2015-01-17 13:47 - 2015-01-17 13:47 - 00000197 _____ () C:\Windows\system32\2015-01-17-13-47-27.063-AvastVBoxSVC.exe-5816.log
2015-01-15 21:02 - 2015-01-15 21:02 - 00290174 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2015-01-15 21:02 - 2015-01-15 21:02 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2015-01-15 19:18 - 2015-01-23 19:08 - 00000130 _____ () C:\Users\Owner\AppData\Roaming\WB.CFG
2015-01-15 18:25 - 2015-01-15 18:25 - 00000197 _____ () C:\Windows\system32\2015-01-15-18-25-01.049-AvastVBoxSVC.exe-5504.log
2015-01-15 18:20 - 2015-01-22 19:08 - 00002269 _____ () C:\Users\Owner\Desktop\Vosteran.lnk
2015-01-15 18:20 - 2015-01-17 13:46 - 00002431 _____ () C:\Users\Owner\Desktop\Video Of The Day.lnk
2015-01-15 18:18 - 2015-01-24 18:18 - 00000302 _____ () C:\Windows\Tasks\Vosteran_helper.job
2015-01-15 18:18 - 2015-01-15 18:18 - 00003242 _____ () C:\Windows\System32\Tasks\Vosteran_helper
2015-01-15 18:18 - 2015-01-15 18:18 - 00000000 ____D () C:\ProgramData\{3070D8B3-60F2-0935-D174-79B701F6AA39}
2015-01-15 18:18 - 2015-01-15 18:18 - 00000000 ____D () C:\Program Files (x86)\gmsd_gb_79
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky
2015-01-15 18:09 - 2015-01-15 18:09 - 00004234 _____ () C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_313638363333363031392d454a2a415034412a4a6c575a
2015-01-15 18:09 - 2015-01-15 18:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2015-01-15 18:08 - 2015-01-18 20:33 - 00000000 ____D () C:\Program Files (x86)\8a826731-641f-476a-ba10-aeda36e4804f
2015-01-15 18:06 - 2015-01-15 18:10 - 00000000 ____D () C:\Users\Owner\AppData\Local\BrowserHelper
2015-01-15 18:03 - 2015-01-24 11:18 - 00000000 ____D () C:\Users\Owner\AppData\Local\LogMeIn Hamachi
2015-01-15 18:03 - 2015-01-15 18:03 - 00000000 ____D () C:\Users\Owner\AppData\Local\LogMeIn
2015-01-15 18:03 - 2015-01-15 18:03 - 00000000 ____D () C:\ProgramData\LogMeIn
2015-01-15 18:03 - 2015-01-14 11:32 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-01-15 18:02 - 2015-01-24 18:11 - 00000361 _____ () C:\prefs.js
2015-01-15 18:02 - 2015-01-15 18:31 - 00000000 ____D () C:\searchplugins
2015-01-15 18:02 - 2015-01-15 18:02 - 00003596 _____ () C:\Windows\System32\Tasks\TotalSystemCare.Scanning
2015-01-15 18:02 - 2015-01-15 18:02 - 00003526 _____ () C:\Windows\System32\Tasks\TotalSystemCare.Autostart
2015-01-15 18:02 - 2015-01-15 18:02 - 00000000 ____D () C:\Users\Owner\AppData\Local\Lavasoft
2015-01-15 18:01 - 2015-01-15 18:01 - 00004648 _____ () C:\Windows\SysWOW64\LavasoftTcpService.ini
2015-01-15 18:01 - 2015-01-15 18:01 - 00002480 _____ () C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-01-15 18:01 - 2015-01-15 18:01 - 00002480 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-01-15 18:01 - 2015-01-15 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-01-15 18:01 - 2015-01-15 18:01 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2015-01-15 18:01 - 2014-12-16 12:10 - 00358736 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-01-15 18:01 - 2014-12-16 12:10 - 00312424 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-01-15 18:00 - 2015-01-15 18:00 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Lavasoft
2015-01-15 18:00 - 2015-01-15 18:00 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-01-15 17:23 - 2015-01-15 17:24 - 00000197 _____ () C:\Windows\system32\2015-01-15-17-23-41.092-AvastVBoxSVC.exe-2416.log
2015-01-14 18:18 - 2015-01-14 18:19 - 00000197 _____ () C:\Windows\system32\2015-01-14-18-18-50.065-AvastVBoxSVC.exe-4960.log
2015-01-14 18:07 - 2015-01-22 19:09 - 00000000 ____D () C:\Users\Owner\Documents\Fax
2015-01-14 18:00 - 2015-01-21 20:20 - 00003554 _____ () C:\Windows\System32\Tasks\Driver Support
2015-01-14 18:00 - 2015-01-14 18:19 - 00000000 ____D () C:\ProgramData\UAB
2015-01-14 18:00 - 2015-01-14 18:00 - 00000000 ____D () C:\Users\Owner\Downloads\Driver Support
2015-01-14 18:00 - 2015-01-14 18:00 - 00000000 ____D () C:\Users\Owner\AppData\Local\PC_Drivers_Headquarters
2015-01-14 17:58 - 2015-01-14 17:59 - 00000197 _____ () C:\Windows\system32\2015-01-14-17-58-57.079-AvastVBoxSVC.exe-3560.log
2015-01-14 17:53 - 2015-01-14 18:15 - 00002017 _____ () C:\Users\Public\Desktop\Labtec WebCam.lnk
2015-01-14 17:53 - 2015-01-14 18:15 - 00001864 _____ () C:\Users\Public\Desktop\My Labtec Pictures.lnk
2015-01-14 17:53 - 2015-01-14 17:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Labtec
2015-01-14 17:52 - 2015-01-14 17:52 - 00000268 _____ () C:\Windows\_delis32.ini
2015-01-14 17:52 - 2015-01-14 17:52 - 00000000 ____D () C:\SXS
2015-01-14 17:52 - 2015-01-14 17:52 - 00000000 ____D () C:\Program Files (x86)\Logitech
2015-01-14 17:52 - 1998-10-29 16:45 - 00306688 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2015-01-14 17:51 - 2015-01-14 18:15 - 00097740 _____ () C:\MSIInstall.log
2015-01-14 17:51 - 2015-01-14 17:51 - 00000090 _____ () C:\LogiSetup.log
2015-01-14 16:56 - 2014-12-19 03:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 16:56 - 2014-12-19 01:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 16:56 - 2014-12-12 05:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 16:56 - 2014-12-12 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 16:56 - 2014-12-12 05:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 16:56 - 2014-12-12 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 16:56 - 2014-12-12 05:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 16:56 - 2014-12-12 05:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 16:56 - 2014-12-12 05:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 16:56 - 2014-12-11 17:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 16:56 - 2014-12-06 04:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 16:56 - 2014-12-06 03:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 16:56 - 2014-12-06 03:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 16:49 - 2015-01-14 16:50 - 00000197 _____ () C:\Windows\system32\2015-01-14-16-49-54.019-AvastVBoxSVC.exe-3796.log
2015-01-11 12:08 - 2015-01-11 12:08 - 00000247 _____ () C:\Windows\system32\2015-01-11-12-08-34.016-aswFe.exe-5256.log
2015-01-11 12:04 - 2015-01-11 12:08 - 00000247 _____ () C:\Windows\system32\2015-01-11-12-04-06.083-aswFe.exe-3064.log
2015-01-11 12:04 - 2015-01-11 12:04 - 00000197 _____ () C:\Windows\system32\2015-01-11-12-04-02.013-AvastVBoxSVC.exe-2792.log
2015-01-11 08:50 - 2015-01-11 08:51 - 00000197 _____ () C:\Windows\system32\2015-01-11-08-50-47.017-AvastVBoxSVC.exe-1500.log
2015-01-10 23:09 - 2015-01-10 23:09 - 00000000 ____D () C:\Users\Owner\Documents\Electronic Arts
2015-01-10 22:39 - 2015-01-10 22:57 - 00001342 _____ () C:\Users\Public\Desktop\The Sims 4.lnk
2015-01-10 22:39 - 2015-01-10 22:39 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-10 22:39 - 2015-01-10 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4
2015-01-10 22:39 - 2011-02-18 15:07 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2015-01-10 20:33 - 2015-01-10 20:45 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2015-01-10 19:25 - 2015-01-10 19:25 - 00000000 ____D () C:\Users\Owner\Desktop\tools
2015-01-10 19:24 - 2015-01-10 19:25 - 00000197 _____ () C:\Windows\system32\2015-01-10-19-24-59.042-AvastVBoxSVC.exe-3980.log
2015-01-10 16:43 - 2015-01-10 16:43 - 00000197 _____ () C:\Windows\system32\2015-01-10-16-43-35.096-AvastVBoxSVC.exe-3684.log
2015-01-09 17:02 - 2015-01-09 17:16 - 00013138 ____H () C:\Users\Owner\Documents\~WRL3089.tmp
2015-01-09 16:50 - 2015-01-09 16:51 - 00000197 _____ () C:\Windows\system32\2015-01-09-16-50-29.086-AvastVBoxSVC.exe-3032.log
2015-01-04 15:35 - 2015-01-04 15:35 - 00022638 _____ () C:\Users\Owner\Downloads\car.htm
2015-01-04 15:24 - 2015-01-04 15:24 - 00000197 _____ () C:\Windows\system32\2015-01-04-15-24-09.091-AvastVBoxSVC.exe-2992.log
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-30 20:05 - 2014-12-20 16:35 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-30 20:02 - 2014-12-20 16:27 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-30 20:02 - 2014-12-20 16:08 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-30 20:02 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-30 20:02 - 2009-07-14 04:51 - 00033437 _____ () C:\Windows\setupact.log
2015-01-30 20:01 - 2010-11-21 03:47 - 00042334 _____ () C:\Windows\PFRO.log
2015-01-30 20:00 - 2014-12-20 14:50 - 01273925 _____ () C:\Windows\WindowsUpdate.log
2015-01-30 20:00 - 2009-07-14 04:45 - 00020880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-30 20:00 - 2009-07-14 04:45 - 00020880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-30 19:59 - 2014-12-20 16:27 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-30 19:59 - 2014-12-20 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-30 19:59 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\tracing
2015-01-29 19:22 - 2009-07-14 04:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-01-28 20:03 - 2009-07-14 05:13 - 00783336 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-24 18:15 - 2014-12-25 12:24 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2C3D991A-DF9D-4001-9B11-2EE354E1D4C0}
2015-01-24 18:12 - 2009-07-14 02:34 - 00000505 _____ () C:\Windows\win.ini
2015-01-24 18:02 - 2014-12-20 16:08 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-01-24 18:01 - 2014-12-20 16:33 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-23 18:38 - 2014-12-20 16:27 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-23 18:33 - 2014-12-20 16:27 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-23 18:25 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2015-01-22 21:23 - 2014-12-25 13:00 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\SoftGrid Client
2015-01-22 21:23 - 2014-12-25 12:33 - 00000000 ____D () C:\ProgramData\Origin
2015-01-22 21:23 - 2009-07-14 05:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-01-22 21:22 - 2014-12-25 11:59 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Skype
2015-01-22 19:06 - 2014-12-20 16:27 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-22 19:06 - 2014-12-20 16:27 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-22 18:57 - 2014-12-20 15:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-22 18:29 - 2014-12-25 12:39 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-01-21 19:58 - 2014-12-27 19:41 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\.minecraft
2015-01-18 20:33 - 2014-12-20 14:56 - 00001643 _____ () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-18 19:16 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-01-15 18:05 - 2009-07-14 03:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-14 17:56 - 2014-12-20 14:56 - 00000000 ____D () C:\Users\Owner\AppData\Local\VirtualStore
2015-01-10 23:09 - 2014-12-25 12:39 - 00000000 ____D () C:\ProgramData\Electronic Arts
2015-01-10 22:39 - 2009-07-14 05:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-10 21:23 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\rescache
2015-01-10 20:40 - 2014-12-25 12:40 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Origin
2015-01-10 20:33 - 2014-12-25 12:40 - 00000000 ____D () C:\Users\Owner\AppData\Local\Origin
2015-01-10 19:25 - 2014-12-27 21:14 - 00000000 ____D () C:\Users\Owner\Desktop\game
2015-01-09 16:48 - 2009-07-14 04:45 - 00294512 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-06 04:36 - 2010-11-21 03:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
 
Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\Quarantine.exe
C:\Users\Administrator\AppData\Local\Temp\sqlite3.dll
C:\Users\Owner\AppData\Local\Temp\_is3967.exe
C:\Users\Owner\AppData\Local\Temp\_is731D.exe
C:\Users\Owner\AppData\Local\Temp\_isC68A.exe
C:\Users\Owner\AppData\Local\Temp\_isFD91.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-01-14 18:40
 
==================== End Of Log ============================


#14 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:09:19 PM

Posted 30 January 2015 - 06:43 PM

1.

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

 

Attached File  fixlist.txt   3.01KB   1 downloads

 

 

2.

Please download Malwarebytes Anti-Malware photo.jpg?sz=48 and save it to your desktop.

  • Double-click on the setup file (mbam-setup.exe), then click on Run to install.
  • Malwarebytes will automatically open to it's Dashboard. If you have never run this version, you should see a red note at the top indicating "A scan has never been run on your system"
     
    malwarebytes-anti-malware-fix-now.jpg
    .
  • Click on Update Now to download the current database definitions, then click the Scan Now >> button.
    .
  • If you have run this version before, you should see a green note at the top indicating "Your system is fully protected".
  • You will be prompted to update Malwarebytes...click on the Update Now button.
     
    malwarebytes-anti-malware-2-0-update-now
    .
  • The THREAT SCAN will automatically begin.
     
    malwarebytes-anti-malware-scan.jpg
    .
  • When the scan has completed, the results will be displayed. Click on Quarantine All, then click on Apply Actions.
     
    malwarebytes-anti-malware-potential-thre
    .
  • To complete any actions taken you will be prompted to restart your computer...click on Yes. Failure to reboot normally will prevent Malwarebytes from removing all the malware.
     
    mbam4_zps490948cc.png
    .
  • After rebooting the computer, copy and past the mbam.log in your next reply.

.
To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 1)
  • Open Malwarebytes Anti-Malware.
  • Click the History Tab at the top and select Application Logs.
  • Select (check) the box next to Scan Log. Choose the most current scan.
  • Click the View button.
  • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
  • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 2)
  • Open Malwarebytes Anti-Malware.
  • Click the Scan Tab at the top.
  • Click the View detailed log link on the right.
  • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
  • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.


Logs are named by the date of scan in the following format: mbam-log-yyyy-mm-dd and automatically saved to the following locations:
-- XP: C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd
-- Vista, Windows 7/8: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#15 in2xs

in2xs
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Local time:03:19 AM

Posted 31 January 2015 - 10:23 AM

Hi

Please find below frst fixlog.txt and mbam log

Regards

Adam

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-01-2015
Ran by Administrator at 2015-01-31 14:56:20 Run:2
Running from C:\Users\Administrator\Desktop
Loaded Profiles: Administrator (Available profiles: Owner & Administrator)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
HKU\S-1-5-21-4091020299-2403980179-1133043104-500\...\RunOnce: [Adobe Speed Launcher] => 1422648214 
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:50658;https=127.0.0.1:50658
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Hosts:
2015-01-24 18:12 - 2015-01-24 03:38 - 00048792 _____ (StdLib) C:\Windows\system32\Drivers\{915cb94b-b4d8-4c0e-83b4-61409471b1c3}Gw64.sys
2015-01-15 18:20 - 2015-01-22 19:08 - 00002269 _____ () C:\Users\Owner\Desktop\Vosteran.lnk
2015-01-15 18:20 - 2015-01-17 13:46 - 00002431 _____ () C:\Users\Owner\Desktop\Video Of The Day.lnk
2015-01-15 18:18 - 2015-01-24 18:18 - 00000302 _____ () C:\Windows\Tasks\Vosteran_helper.job
2015-01-15 18:18 - 2015-01-15 18:18 - 00003242 _____ () C:\Windows\System32\Tasks\Vosteran_helper
2015-01-15 18:18 - 2015-01-15 18:18 - 00000000 ____D () C:\ProgramData\{3070D8B3-60F2-0935-D174-79B701F6AA39}
2015-01-15 18:18 - 2015-01-15 18:18 - 00000000 ____D () C:\Program Files (x86)\gmsd_gb_79
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky
2015-01-15 18:09 - 2015-01-15 18:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
Emptytemp:
 
 
*****************
 
HKU\S-1-5-21-4091020299-2403980179-1133043104-500\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Adobe Speed Launcher => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}" => Key deleted successfully.
HKCR\CLSID\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} => Key not found. 
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
C:\Windows\system32\Drivers\{915cb94b-b4d8-4c0e-83b4-61409471b1c3}Gw64.sys => Moved successfully.
C:\Users\Owner\Desktop\Vosteran.lnk => Moved successfully.
C:\Users\Owner\Desktop\Video Of The Day.lnk => Moved successfully.
C:\Windows\Tasks\Vosteran_helper.job => Moved successfully.
C:\Windows\System32\Tasks\Vosteran_helper => Moved successfully.
C:\ProgramData\{3070D8B3-60F2-0935-D174-79B701F6AA39} => Moved successfully.
C:\Program Files (x86)\gmsd_gb_79 => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky => Moved successfully.
C:\Program Files\Common Files\ShopperPro => Moved successfully.
EmptyTemp: => Removed 805.5 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog 14:56:37 ====
 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 31/01/2015
Scan Time: 15:03:48
Logfile: 
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2015.01.31.03
Rootkit Database: v2015.01.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Administrator
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 363937
Time Elapsed: 8 min, 44 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 50
PUP.Optional.Vosteran, HKLM\SOFTWARE\CLASSES\APPID\{4CB3598A-82E8-4D1F-983F-061238AE696E}, Quarantined, [f6f99d605039c86e44fc5e97b64c34cc], 
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{4CB3598A-82E8-4D1F-983F-061238AE696E}, Quarantined, [f6f99d605039c86e44fc5e97b64c34cc], 
PUP.Optional.DynamoCombo.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{986C37A1-7B65-476F-80DC-54F80BD4B0D6}, Quarantined, [96591be2aadf3afc074e42b30002b050], 
PUP.Optional.DynamoCombo.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{986C37A1-7B65-476F-80DC-54F80BD4B0D6}, Quarantined, [96591be2aadf3afc074e42b30002b050], 
PUP.Optional.Vosteran.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\Vosteran.5FK4DCU77SZEKAOEKCCGTTO5GU, Quarantined, [e00f1ae3a9e00c2addd8c5bbd72c58a8], 
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, Quarantined, [be3140bdb2d789adb60724ddc0457e82], 
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, Quarantined, [dc1355a8d5b443f339837b86b25311ef], 
PUP.Optional.Vosteran.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\vosteran.exe, Quarantined, [1dd201fcd2b757df89e11e6692717e82], 
PUP.Optional.BrowserApps.A, HKLM\SOFTWARE\WOW6432NODE\Browserv3.1.Apps-nv, Quarantined, [2fc0f6079ced37ffbc6a17f2f70e4ab6], 
PUP.Optional.CinemaHDPro.A, HKLM\SOFTWARE\WOW6432NODE\CinemaHd For Pro 2.4cV16.01-nv, Quarantined, [da150feed7b2e2543cbbadd8788bdf21], 
PUP.Optional.ClickCaption.A, HKLM\SOFTWARE\WOW6432NODE\ClickCaption_1.10.0.6, Quarantined, [658a807d72174aec4e3cb3d8f40f55ab], 
PUP.Optional.MPlayerPlusvideo.A, HKLM\SOFTWARE\WOW6432NODE\MPlayerPlusvideo4-nv, Quarantined, [cc2366976c1d40f6da50008146bddd23], 
PUP.Optional.Vosteran.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\Vosteran.5FK4DCU77SZEKAOEKCCGTTO5GU, Quarantined, [9e51f4091772b185a70e6e12d92a5ba5], 
PUP.Optional.Vosteran.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\vosteran.exe, Quarantined, [a14e877641485cda7af01d67c34041bf], 
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\gmsd_gb_79_is1, Quarantined, [ed02bb424f3a46f0d5a95a2dd92a48b8], 
PUP.Optional.Recover.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\rec_gb_7_is1, Quarantined, [9a556d90ec9de254f3a6c4bee71c16ea], 
PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{d924d8dc}, Quarantined, [3eb1fffe4d3ce2549944366dc14202fe], 
PUP.Optional.BrowserApps.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Browserv3.1.Apps-nv, Quarantined, [48a78875bacfb87e2007c04928dda65a], 
PUP.Optional.CinemaHDPro.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CinemaHd For Pro 2.4cV16.01-nv, Quarantined, [10dffa03dbaec472a94fb1d42fd45ca4], 
PUP.Optional.MPlayerPlusvideo.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MPlayerPlusvideo4-nv, Quarantined, [0be428d5c4c548eef23993ee4ab9837d], 
PUP.Optional.BrowserApps.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Browserv3.1.Apps, Quarantined, [fff056a7cfba1e18ca5e2adfe2232ad6], 
PUP.Optional.CinemaHDPro.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\CinemaHd For Pro 2.4cV16.01, Quarantined, [23cc827b315885b111e8691cfe054cb4], 
PUP.Optional.iWebar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, Quarantined, [7f7096673f4acd69cc5604bf2cd79b65], 
PUP.Optional.MPlayerPlusvideo.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\MPlayerPlusvideo4, Quarantined, [5f9064994a3f4aec6cc0e0a19a6901ff], 
PUP.Optional.BrowserApps.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Browserv3.1.Apps-nv, Quarantined, [e10efc016326cc6a76b17f8af015aa56], 
PUP.Optional.CinemaHDPro.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CinemaHd For Pro 2.4cV16.01-nv, Quarantined, [de116c91b7d2310548b0fa8b9172d828], 
PUP.Optional.DynamoCombo.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Dynamo Combo, Quarantined, [e30c3ac3ddac88ae55bd176d798a718f], 
PUP.Optional.MPlayerPlusvideo.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MPlayerPlusvideo4-nv, Quarantined, [e6095ca1a7e2d95da586eb96db28e11f], 
PUP.Optional.StormWatchApp.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\StormWatchApp, Quarantined, [34bb16e79aeffa3cfb0ea4eb22e107f9], 
PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\TutoTag, Quarantined, [806f9f5e2f5ab5818f36f20e58ada060], 
PUP.Optional.Vosteran.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Vosteran, Quarantined, [f4fb94695f2af93d39a0661c748f52ae], 
PUP.Optional.Vosteran.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Vosteran Browser, Quarantined, [bf30fb02f0995dd94596ff077f86649c], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WaInterEnhance, Quarantined, [668909f43851063008b1b850897ccf31], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WajIEnhance, Quarantined, [f2fd40bd2861f046cbbd0c78739031cf], 
PUP.Optional.Vosteran.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\wse_vosteran, Quarantined, [09e640bd5831a1957ff27a8c4fb6ab55], 
PUP.Optional.BrowserApps.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Browserv3.1.Apps, Quarantined, [e10e59a41178cc6ab67232d7ec19b64a], 
PUP.Optional.CinemaHDPro.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\CinemaHd For Pro 2.4cV16.01, Quarantined, [a24d08f5e8a12e08f900d3b2c73cb947], 
PUP.Optional.MultiIE.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE, Quarantined, [14db9865ea9f5bdb1deada21e024e818], 
PUP.Optional.MPlayerPlusvideo.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\MPlayerPlusvideo4, Quarantined, [856a65987019bc7a3cf0cfb2a063c23e], 
PUP.Optional.Vosteran.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\oilkkkefbalmbfppgjmgjoefbclebkce, Quarantined, [47a8ee0fafdaec4af6330a7c14ef20e0], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [a649e8153f4acb6bcdde8d3ae61df907], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [8966e617becba98d655a716c18ecfe02], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\20891, Quarantined, [c827f30ab3d6a3938d221f75f01322de], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21636, Quarantined, [b6390cf10e7beb4be4cb8113f50ea35d], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, Quarantined, [d9164bb2d2b7f83ef8b730640ff4b34d], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\BROappsV3.1, Quarantined, [ad421ce15039b383df556d1cd033d030], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Cinema HDV16.01, Quarantined, [d11eda231a6f0a2cdd56f891d231ea16], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\MDplay+version, Quarantined, [7a75c538bccd49ed180da267e12416ea], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\ObjectB, Quarantined, [06e91be297f2b1851b1cfe8231d2ec14], 
PUP.Optional.RegCleanerPro.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\RegClean Pro, Quarantined, [6b8412eb1178b482c99308dbec181ae6], 
 
Registry Values: 5
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Vosteran\\, Quarantined, [b03f758893f666d0a499d137e02555ab]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0Z1B1L2Z1S, Quarantined, [8966e617becba98d655a716c18ecfe02]
PUP.Optional.Vosteran, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Vosteran, Quarantined, [529d32cb6128e1558e1348c046bf629e]
PUP.Optional.ShopperPro, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SPDriver, C:\Program Files (x86)\ShopperPro\JSDriver\1472.0.0.0\jsdrv.exe, Quarantined, [db14a9541c6d2a0c66bbecaeeb1830d0]
PUP.Optional.Vosteran.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|WSE_Vosteran, C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Owner\AppData\Roaming\WSE_Vosteran\UpdateProc\bkup.dat", Quarantined, [549b3bc2d1b874c27cf69d699a6b30d0]
 
Registry Data: 3
PUP.Optional.OmigaPlus.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://isearch.omiga-plus.com/web/?type=dspp&ts=1421613250&from=tugs&uid=ST1000DM003-1ER162_W4Y0WV1ZXXXXW4Y0WV1Z&q={searchTerms}, Good: (www.google.com), Bad: (http://isearch.omiga-plus.com/web/?type=dspp&ts=1421613250&from=tugs&uid=ST1000DM003-1ER162_W4Y0WV1ZXXXXW4Y0WV1Z&q={searchTerms}),Replaced,[7679a25b7c0d6fc7a56c6e331ce95fa1]
PUP.Optional.OmigaPlus.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://isearch.omiga-plus.com/?type=hppp&ts=1421613250&from=tugs&uid=ST1000DM003-1ER162_W4Y0WV1ZXXXXW4Y0WV1Z, Good: (www.google.com), Bad: (http://isearch.omiga-plus.com/?type=hppp&ts=1421613250&from=tugs&uid=ST1000DM003-1ER162_W4Y0WV1ZXXXXW4Y0WV1Z),Replaced,[4ba42fce58311125db1b466885805ca4]
PUP.Optional.OmigaPlus.A, HKU\S-1-5-21-4091020299-2403980179-1133043104-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://isearch.omiga-plus.com/web/?type=dspp&ts=1421613250&from=tugs&uid=ST1000DM003-1ER162_W4Y0WV1ZXXXXW4Y0WV1Z&q={searchTerms}, Good: (www.google.com), Bad: (http://isearch.omiga-plus.com/web/?type=dspp&ts=1421613250&from=tugs&uid=ST1000DM003-1ER162_W4Y0WV1ZXXXXW4Y0WV1Z&q={searchTerms}),Replaced,[34bbb449781182b44cc4821f0afb6b95]
 
Folders: 13
PUP.Optional.Recover.A, C:\Users\Owner\AppData\Local\rec_gb_7, Quarantined, [19d6f8055c2df1453ef60c70d330ab55], 
PUP.Optional.Recover.A, C:\Users\Owner\AppData\Local\rec_gb_7\rec_gb_7, Quarantined, [19d6f8055c2df1453ef60c70d330ab55], 
PUP.Optional.Recover.A, C:\Users\Owner\AppData\Local\rec_gb_7\rec_gb_7\1.20, Quarantined, [19d6f8055c2df1453ef60c70d330ab55], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\userCode, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\icons, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\icons\actions, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\api, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\lib, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\lib\popupResource, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
 
Files: 114
PUP.Optional.Nova.A, C:\Program Files (x86)\8a826731-641f-476a-ba10-aeda36e4804f\6a8934d5-4c3b-4ed2-a3b2-066b3778e8ff.dll, Quarantined, [15da48b5a8e155e1bcbb8a7b16ec8b75], 
PUP.Optional.Nova.A, C:\Program Files (x86)\8a826731-641f-476a-ba10-aeda36e4804f\798b1c4c-5b8c-4894-9ae2-5bdfa23c7ba0.dll, Quarantined, [27c88677325785b1f681ba4bc83a1ce4], 
PUP.Optional.Nova.A, C:\Program Files (x86)\8a826731-641f-476a-ba10-aeda36e4804f\92111dcd-2c91-45f9-95f0-a9fe2f1b27da.dll, Quarantined, [1dd243ba8207b680d3a45da87f83bb45], 
PUP.Optional.Nova.A, C:\Program Files (x86)\8a826731-641f-476a-ba10-aeda36e4804f\9abccd9b-5919-448f-8e91-00dfc2c31a39.dll, Quarantined, [41ae5e9fdcadfc3a1f58887d758d926e], 
PUP.Optional.Nova.A, C:\Program Files (x86)\8a826731-641f-476a-ba10-aeda36e4804f\e2b8819b-5686-4ee9-850c-c3d8debdc907.dll, Quarantined, [34bbdf1e2663350100779e67de2426da], 
PUP.Optional.Nova.A, C:\Program Files (x86)\aed48a43-11d0-44a1-8406-d35df41df2c0\c1f0f34a-28e9-4948-a787-4b91f1221647.dll, Quarantined, [c32c7d80aadf3ff7f384f0153ac8e61a], 
PUP.Optional.Nova.A, C:\Program Files (x86)\ce6aa4a3-ccea-42b0-8ad7-b0a84358893a\eed39447-97f4-4c39-a82f-ed9ea597cfdd.dll, Quarantined, [c02fd825e6a3b086ee89739239c91ce4], 
PUP.Optional.Nova.A, C:\Program Files (x86)\e92a6a1e-294f-4a9f-95af-3eb6e732759e\84983008-0a26-4c0f-b5af-57dbe068183b.dll, Quarantined, [f6f91fde820726107cfbff068d7509f7], 
PUP.Optional.Vosteran.A, C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vosteran.lnk, Quarantined, [fcf33ac3395077bfea7e374d23e0827e], 
PUP.Optional.OmigaPlus.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage, Quarantined, [e90641bcc0c980b6441342468380d62a], 
PUP.Optional.OmigaPlus.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage-journal, Quarantined, [db14b944fa8f3cfa52052a5e06fd52ae], 
PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_313638363333363031392d454a2a415034412a4a6c575a, Quarantined, [7e714cb17811b58152d36731d33055ab], 
PUP.Optional.SearchProtect, C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb, Quarantined, [955ad02d266387af9d234fb24fb6c13f], 
PUP.Optional.Recover.A, C:\Users\Owner\AppData\Local\rec_gb_7\rec_gb_7\1.20\cnf.cyl, Quarantined, [19d6f8055c2df1453ef60c70d330ab55], 
PUP.Optional.Recover.A, C:\Users\Owner\AppData\Local\rec_gb_7\rec_gb_7\1.20\eorezo.cyl, Quarantined, [19d6f8055c2df1453ef60c70d330ab55], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\background.html, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\chromeCoreFilesIndex.txt, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\manifest.json, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\popup.html, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\Settings.json, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\manifest.xml, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins.json, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\253.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\102.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\104.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\119.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\123.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\124.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\13.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\14.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\17.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\178.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\179.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\180.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\184.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\19.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\191.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\195.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\200.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\213.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\217.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\220.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\221.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\223.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\230.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\231.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\232.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\233.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\234.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\242.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\244.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\246.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\260.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\262.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\263.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\273.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\281.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\286.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\288.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\289.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\300.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\301.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\314.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\335.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\337.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\339.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\342.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\344.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\345.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\354.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\356.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\4.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\47.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\64.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\7.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\78.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\80.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\9.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\91.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\93.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\plugins\97.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\userCode\background.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\extensionData\userCode\extension.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\icons\icon128.png, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\icons\icon16.png, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\icons\icon48.png, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\icons\actions\1.png, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\2b86fc3aaed979f48bbc2cdaa3552229.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\876f0ab0f45949fe158951faca84b15a.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\main.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\api\03c921ea9f5b12e33ace6615b3d61274.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\api\49d4a2f8fe89c6d2de3e87fd5b2b066c.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\api\50d9a6d7b8c16b4b960b048b3a256ee6.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\api\889cc68e289a7a32096a15cec3a89c0b.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\api\a54103c00d135b817fc3b43874ba2628.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\api\pageAction.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\lib\120dab429450e4eb10be2f7b23f6f20b.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\lib\12dc774832c5bffc9d5d74e23a989f1e.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\lib\15576493e46ed282022748fc3780949e.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\lib\217b888f554650bed552960b9b62dc2f.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\lib\3512de837e113c55e5fdde107d09da6c.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\lib\594b152fb4f97ab846a7b7f68ed38b77.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\lib\694e134ec9d9ed80b6ee2f70293deb24.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\lib\76aad47ee057277601cd7d0e5e6e01db.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\lib\8f611b8d7ffd50e1a5b7864284c46165.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\lib\app_api.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\lib\c899600af0131dca30d6085b686b7171.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\lib\c91984165487be11c9b84a483ca24091.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\lib\ca94030100fd875b74f8128989b387f7.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\lib\ec9cde1f8792ceaa83638f8ee065af54.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\lib\f4b88983aa0d0a3f37eff3597eae19d8.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\lib\installer.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\lib\popupResource\newPopup.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
PUP.Optional.CrossRider.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb\1.26.50_0\js\lib\popupResource\popup.js, Quarantined, [886736c7d0b9c76f1c07413ca162f50b], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users