Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Removed rootkit and IDP Trojan, is cleanup complete?


  • This topic is locked This topic is locked
19 replies to this topic

#1 Mysterial

Mysterial

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:08 AM

Posted 09 May 2015 - 03:22 AM

I picked up a trojan from a torrented file that is not detected as a virus by AVG. Upon running the .exe, AVG picked up it up as IDP.trojan. Since this happens occasionally with my torrent source, I sent the file for aggregate scanning on Virustotal. The log is at the end of the post.

 

Since it appeared that it was a potential false positive, I went ahead and ran the file after turning of my AVG real-time protection. Some time later, my computer experienced spikes of 100% CPU usage and the AVG icon on my desktop changed to a generic executable icon. I attempted to turn on real-time protection but it failed to restart and when I tried accessing the AVG folder I was denied access as I did not have sufficient permissions.

 

I rebooted in safe mode and noticed that connecting to the internet resulted in several processes with duplicate names. These processes terminated upon disconnection from internet. I also noticed that several 'system' processes were running on 32-bit even though i run a 64-bit system. I terminated those processes.

 

I attempted system restore but the window would not appear and I tried running system restore through the 'Repair your computer' at the boot screen. I was successful in choosing a restore point prior to that day but the system restore would not be able to complete. I also noticed two restore points created around the time of infection and labelled as 'Microsoft Visual C++ 2010 Redistributable'.

 

I brought down the computer to my organisation's IT support and they ran a few adware softwares and removed some additional programs. I managed to retrieve one of these logs from AdwCleaner below.

 

They tried installing MBAM but kept getting an error (I forgot the code). They gave up eventually and recommended a restore as they could not install any antivirus/antimalware tools.

 

I found some results relating to IDP.Trojan on bleepingcomputer and a few other sites and did some trial and error of my own.

 

A summary of what I did:

  • Show hidden files and folders
  • Ran rkill (I lost the log for the initial cleanup but I recall cleaner.exe being terminated)
  • Cleaner.exe seemed like a key process for the trojan so I tried removing the exe but could not do so as I did not have permissions. Booted into my Linux partition to relocate the exe one file location down
  • Ran mbar twice (log attached below)
  • Ran Combofix (log attached below)
  • Still could not install mbam so ran fixdamage.exe
  • Installed mbam, PUPs were ignored because I know those programs (log attached below)
  • Used 'AVG Remover tool' and
  • Restored permissions to corrupted AVG folder using 'Take Ownership shortcut' regkey
  • Reinstalled AVG Free with full protection and updates
  • Ran a full scan with AVG, real-time protection picked up one.

Problems

  1. Found a keylog in plain text (no longer active around the time since rkill terminated cleaner.exe and when the file was moved)
  2. Cleaner.exe not detected by mbam or AVG
  3. Noticed currently installed programs have 'Microsoft Visual C++ 2010' installed on the day of infection and some other programs with 'Windows' in the name and mixed with french and chinese
  4. Is my computer free from the trojan? Am i able to login to email and banking accounts now safely?

A new scan in Virustotal shows that significantly more scanners pick the initial file up as a trojan today (log below). I have attached the FRST and Addition log at the very end (uploading addition.txt fails).



BC AdBot (Login to Remove)

 


#2 Mysterial

Mysterial
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:08 AM

Posted 09 May 2015 - 03:28 AM

Logs

 

Virustotal

SHA256:

20629ab5cdf8f2406b4278595a9a5f5f4e7fcce355b358561e5e2af0526e7b87

File name:

adobe patch.exe

Detection ratio:

6 / 56

Analysis date:

2015-05-07 17:21:48 UTC ( 1 day, 13 hours ago )

Antivirus

Result

Update

Tencent

Trojan.Win32.YY.Gen.18

20150507

DrWeb

Trojan.DownLoader13.7719

20150507

Panda

Trj/Zbot.M

20150507

Avast

MSIL:GenMalicious-ETC [Trj]

20150507

Fortinet

MSIL/Kryptik.BXG!tr

20150507

ESET-NOD32

a variant of MSIL/Kryptik.BWG

20150507

ALYac

 

20150507

AVG

 

20150507

AVware

 

20150507

Ad-Aware

 

20150507

AegisLab

 

20150507

Agnitum

 

20150506

AhnLab-V3

 

20150507

Alibaba

 

20150507

Antiy-AVL

 

20150507

Avira

 

20150507

Baidu-International

 

20150507

BitDefender

 

20150507

Bkav

 

20150507

ByteHero

 

20150507

CAT-QuickHeal

 

20150507

CMC

 

20150506

ClamAV

 

20150507

Comodo

 

20150507

Cyren

 

20150507

Emsisoft

 

20150507

F-Prot

 

20150507

F-Secure

 

20150507

GData

 

20150507

Ikarus

 

20150507

Jiangmin

 

20150506

K7AntiVirus

 

20150507

K7GW

 

20150507

Kaspersky

 

20150507

Kingsoft

 

20150507

Malwarebytes

 

20150507

McAfee

 

20150507

McAfee-GW-Edition

 

20150507

MicroWorld-eScan

 

20150507

Microsoft

 

20150507

NANO-Antivirus

 

20150507

Norman

 

20150507

Qihoo-360

 

20150507

Rising

 

20150507

SUPERAntiSpyware

 

20150507

Sophos

 

20150507

Symantec

 

20150507

TheHacker

 

20150507

TotalDefense

 

20150507

TrendMicro

 

20150507

TrendMicro-HouseCall

 

20150507

VBA32

 

20150507

VIPRE

 

20150507

ViRobot

 

20150507

Zillya

 

20150507

Zoner

 

20150507

nProtect

 

20150507

           

 

SHA256:

20629ab5cdf8f2406b4278595a9a5f5f4e7fcce355b358561e5e2af0526e7b87

File name:

adobe patch.exe

Detection ratio:

25 / 57

Analysis date:

2015-05-09 06:27:30 UTC ( 0 minutes ago )

Antivirus

Result

Update

ALYac

Trojan.GenericKD.2383094

20150509

AVG

Atros.AENH

20150509

Ad-Aware

Trojan.GenericKD.2383094

20150509

Avast

MSIL:GenMalicious-ETC [Trj]

20150509

Avira

TR/Dropper.MSIL.155731

20150509

Baidu-International

Adware.MSIL.iBryte.BWG

20150508

BitDefender

Trojan.GenericKD.2383094

20150509

DrWeb

Trojan.DownLoader13.7719

20150509

ESET-NOD32

a variant of MSIL/Kryptik.BWG

20150509

Emsisoft

Trojan.GenericKD.2383094 ( B)

20150509

F-Secure

Trojan.GenericKD.2383094

20150509

Fortinet

MSIL/Kryptik.BXG!tr

20150509

GData

Trojan.GenericKD.2383094

20150509

Ikarus

Trojan.MSIL.Crypt

20150509

K7AntiVirus

Trojan ( 004bfb4f1 )

20150509

K7GW

Trojan ( 004bfb4f1 )

20150509

Kaspersky

Backdoor.MSIL.NanoBot.bvg

20150509

McAfee

Artemis!B07D4776F6F2

20150509

MicroWorld-eScan

Trojan.GenericKD.2383094

20150509

Microsoft

Backdoor:MSIL/Noancooe.C

20150509

Panda

Trj/Zbot.M

20150508

Qihoo-360

Win32/Trojan.58d

20150509

Sophos

Mal/Generic-S

20150509

Tencent

Trojan.Win32.YY.Gen.18

20150509

TrendMicro-HouseCall

Suspicious_GEN.F47V0507

20150509

AVware

 

20150509

AegisLab

 

20150509

Agnitum

 

20150506

AhnLab-V3

 

20150508

Alibaba

 

20150509

Antiy-AVL

 

20150508

Bkav

 

20150508

ByteHero

 

20150509

CAT-QuickHeal

 

20150508

CMC

 

20150508

ClamAV

 

20150509

Comodo

 

20150509

Cyren

 

20150509

F-Prot

 

20150509

Jiangmin

 

20150506

Kingsoft

 

20150509

Malwarebytes

 

20150509

McAfee-GW-Edition

 

20150508

NANO-Antivirus

 

20150509

Norman

 

20150509

Rising

 

20150508

SUPERAntiSpyware

 

20150509

Symantec

 

20150509

TheHacker

 

20150508

TotalDefense

 

20150508

TrendMicro

 

20150509

VBA32

 

20150508

VIPRE

 

20150509

ViRobot

 

20150509

Zillya

 

20150508

Zoner

 

20150507

nProtect

 

20150508

 

AdwCleaner

 

AdwCleaner[R0]

# AdwCleaner v4.203 - Logfile created 08/05/2015 at 10:07:44
# Updated 30/04/2015 by Xplode
# Database : 2015-05-05.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Mysterial - MYSTERIAL-PC
# Running from : C:\Users\Mysterial\Desktop\adwcleaner_4.203.exe
# Option : Scan

***** [ Services ] *****

Service Found : hola_svc
Service Found : hola_updater

***** [ Files / Folders ] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
File Found : C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\searchplugins\avg-secure-search.xml
File Found : C:\Windows\System32\roboot64.exe
Folder Found : C:\Hola
Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found : C:\Program Files (x86)\RegClean Pro
Folder Found : C:\Program Files\Hola
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\ProgramData\AVG Security Toolbar
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Folder Found : C:\Users\Mysterial\AppData\Local\Hola
Folder Found : C:\Users\Mysterial\AppData\Local\PackageAware
Folder Found : C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
Folder Found : C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar
Folder Found : C:\Users\Mysterial\AppData\Roaming\Systweak
Folder Found : C:\Users\Mysterial\AppData\Roaming\Uniblue

***** [ Scheduled tasks ] *****

Task Found : RunAsStdUser Task for VeohWebPlayer

***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\SweetIM
Key Found : HKCU\Software\systweak
Key Found : [x64] HKCU\Software\1ClickDownload
Key Found : [x64] HKCU\Software\AVG Secure Search
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\SweetIM
Key Found : [x64] HKCU\Software\systweak
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Found : HKLM\SOFTWARE\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{373A6E54-61B4-4CA0-A07D-6944A921DD6D}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\SOFTWARE\SweetIM
Key Found : HKLM\SOFTWARE\systweak
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17728


-\\ Mozilla Firefox v37.0.2 (x86 en-US)

[0ladad7a.default] - Line Found : user_pref("avg.wtu.ext.setting_hp_list", "[{\"name\":\"AVG Secure Search\",\"value\":\"hxxp://mysearch.avg.com\"},{\"name\":\"Google\",\"value\":\"hxxp://www.google.com\"},{\"name\":\"Yahoo\",\"value\[...]
[0ladad7a.default] - Line Found : user_pref("surfcanyon.fractions", "0.0_0.0\r\n");
[0ladad7a.default] - Line Found : user_pref("surfcanyon.last_checked_ts", "1267000948230");

-\\ Google Chrome v42.0.2311.135

[C:\Users\Guest with network\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
[C:\Users\Guest with network\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Guest.Mysterial-PC\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
[C:\Users\Guest.Mysterial-PC\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [6273 bytes] - [08/05/2015 10:07:44]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [6332 bytes] ##########

 

AdwCleaner[S0]

# AdwCleaner v4.203 - Logfile created 08/05/2015 at 10:15:58
# Updated 30/04/2015 by Xplode
# Database : 2015-05-05.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Mysterial - MYSTERIAL-PC
# Running from : C:\Users\Mysterial\Desktop\adwcleaner_4.203.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : hola_svc
[#] Service Deleted : hola_updater

***** [ Files / Folders ] *****

Folder Deleted : C:\Hola
[#] Folder Deleted : C:\ProgramData\AVG Secure Search
[#] Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Folder Deleted : C:\Program Files (x86)\RegClean Pro
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files\Hola
Folder Deleted : C:\Users\Mysterial\AppData\Local\PackageAware
Folder Deleted : C:\Users\Mysterial\AppData\Local\Hola
Folder Deleted : C:\Users\Mysterial\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Mysterial\AppData\Roaming\Uniblue
[!] Folder Deleted : C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
Folder Deleted : C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml

***** [ Scheduled tasks ] *****

Task Deleted : RunAsStdUser Task for VeohWebPlayer

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\systweak
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{373A6E54-61B4-4CA0-A07D-6944A921DD6D}_is1
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17728


-\\ Mozilla Firefox v37.0.2 (x86 en-US)

[0ladad7a.default\prefs.js] - Line Deleted : user_pref("avg.wtu.ext.setting_hp_list", "[{\"name\":\"AVG Secure Search\",\"value\":\"hxxp://mysearch.avg.com\"},{\"name\":\"Google\",\"value\":\"hxxp://www.google.com\"},{\"name\":\"Yahoo\",\"value\[...]
[0ladad7a.default\prefs.js] - Line Deleted : user_pref("surfcanyon.fractions", "0.0_0.0\r\n");
[0ladad7a.default\prefs.js] - Line Deleted : user_pref("surfcanyon.last_checked_ts", "1267000948230");

-\\ Google Chrome v42.0.2311.135

[C:\Users\Guest with network\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
[C:\Users\Guest with network\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Guest.Mysterial-PC\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
[C:\Users\Guest.Mysterial-PC\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [6443 bytes] - [08/05/2015 10:07:44]
AdwCleaner[S0].txt - [6312 bytes] - [08/05/2015 10:15:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6371  bytes] ##########


Edited by Mysterial, 09 May 2015 - 03:30 AM.


#3 Mysterial

Mysterial
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:08 AM

Posted 09 May 2015 - 03:33 AM

Quarantine

C:\Hola\dht.info->C:\AdwCleaner\Quarantine\C\Hola\dht.info.vir
C:\ProgramData\AVG Secure Search\Logger\logger.properties->C:\AdwCleaner\Quarantine\C\ProgramData\AVG Secure Search\Logger\logger.properties.vir
C:\ProgramData\AVG Security Toolbar\TBCampaignINSP.txt->C:\AdwCleaner\Quarantine\C\ProgramData\AVG Security Toolbar\TBCampaignINSP.txt.vir
C:\Program Files (x86)\RegClean Pro\Chinese_rcp.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\Chinese_rcp.ini.vir
C:\Program Files (x86)\RegClean Pro\Chinese_uninst.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\Chinese_uninst.ini.vir
C:\Program Files (x86)\RegClean Pro\CleanSchedule.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\CleanSchedule.exe.vir
C:\Program Files (x86)\RegClean Pro\Danish_rcp.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\Danish_rcp.ini.vir
C:\Program Files (x86)\RegClean Pro\Danish_uninst.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\Danish_uninst.ini.vir
C:\Program Files (x86)\RegClean Pro\Dutch_rcp.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\Dutch_rcp.ini.vir
C:\Program Files (x86)\RegClean Pro\Dutch_uninst.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\Dutch_uninst.ini.vir
C:\Program Files (x86)\RegClean Pro\eng_rcp.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\eng_rcp.ini.vir
C:\Program Files (x86)\RegClean Pro\eng_uninst.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\eng_uninst.ini.vir
C:\Program Files (x86)\RegClean Pro\Finnish_rcp_fi.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\Finnish_rcp_fi.ini.vir
C:\Program Files (x86)\RegClean Pro\Finnish_uninst_fi.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\Finnish_uninst_fi.ini.vir
C:\Program Files (x86)\RegClean Pro\French_rcp.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\French_rcp.ini.vir
C:\Program Files (x86)\RegClean Pro\French_uninst.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\French_uninst.ini.vir
C:\Program Files (x86)\RegClean Pro\German_rcp.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\German_rcp.ini.vir
C:\Program Files (x86)\RegClean Pro\German_uninst.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\German_uninst.ini.vir
C:\Program Files (x86)\RegClean Pro\greek_rcp_el.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\greek_rcp_el.ini.vir
C:\Program Files (x86)\RegClean Pro\greek_uninst_el.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\greek_uninst_el.ini.vir
C:\Program Files (x86)\RegClean Pro\install_left_image.bmp->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\install_left_image.bmp.vir
C:\Program Files (x86)\RegClean Pro\isxdl.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\isxdl.dll.vir
C:\Program Files (x86)\RegClean Pro\Italian_rcp.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\Italian_rcp.ini.vir
C:\Program Files (x86)\RegClean Pro\Italian_uninst.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\Italian_uninst.ini.vir
C:\Program Files (x86)\RegClean Pro\Japanese_rcp.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\Japanese_rcp.ini.vir
C:\Program Files (x86)\RegClean Pro\Japanese_uninst.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\Japanese_uninst.ini.vir
C:\Program Files (x86)\RegClean Pro\korean_rcp_ko.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\korean_rcp_ko.ini.vir
C:\Program Files (x86)\RegClean Pro\korean_uninst_ko.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\korean_uninst_ko.ini.vir
C:\Program Files (x86)\RegClean Pro\Norwegian_rcp.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\Norwegian_rcp.ini.vir
C:\Program Files (x86)\RegClean Pro\Norwegian_uninst.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\Norwegian_uninst.ini.vir
C:\Program Files (x86)\RegClean Pro\polish_rcp_pl.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\polish_rcp_pl.ini.vir
C:\Program Files (x86)\RegClean Pro\polish_uninst_pl.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\polish_uninst_pl.ini.vir
C:\Program Files (x86)\RegClean Pro\portugese_rcp_pt.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\portugese_rcp_pt.ini.vir
C:\Program Files (x86)\RegClean Pro\portugese_uninst_pt.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\portugese_uninst_pt.ini.vir
C:\Program Files (x86)\RegClean Pro\Portuguese_rcp.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\Portuguese_rcp.ini.vir
C:\Program Files (x86)\RegClean Pro\Portuguese_uninst.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\Portuguese_uninst.ini.vir
C:\Program Files (x86)\RegClean Pro\RCPUninstall.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\RCPUninstall.exe.vir
C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\RegCleanPro.exe.vir
C:\Program Files (x86)\RegClean Pro\russian_rcp_ru.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\russian_rcp_ru.ini.vir
C:\Program Files (x86)\RegClean Pro\russian_uninst_ru.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\russian_uninst_ru.ini.vir
C:\Program Files (x86)\RegClean Pro\Spanish_rcp.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\Spanish_rcp.ini.vir
C:\Program Files (x86)\RegClean Pro\spanish_uninst.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\spanish_uninst.ini.vir
C:\Program Files (x86)\RegClean Pro\Swedish_rcp.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\Swedish_rcp.ini.vir
C:\Program Files (x86)\RegClean Pro\swedish_uninst.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\swedish_uninst.ini.vir
C:\Program Files (x86)\RegClean Pro\systweakasp.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\systweakasp.exe.vir
C:\Program Files (x86)\RegClean Pro\TPS.ico->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\TPS.ico.vir
C:\Program Files (x86)\RegClean Pro\TraditionalCn_rcp_zh-tw.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\TraditionalCn_rcp_zh-tw.ini.vir
C:\Program Files (x86)\RegClean Pro\traditionalcn_uninst_zh-tw.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\traditionalcn_uninst_zh-tw.ini.vir
C:\Program Files (x86)\RegClean Pro\turkish_rcp_tr.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\turkish_rcp_tr.ini.vir
C:\Program Files (x86)\RegClean Pro\Turkish_uninst_tr.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\Turkish_uninst_tr.ini.vir
C:\Program Files (x86)\RegClean Pro\unins000.dat->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\unins000.dat.vir
C:\Program Files (x86)\RegClean Pro\unins000.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\unins000.exe.vir
C:\Program Files (x86)\RegClean Pro\unins000.msg->C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\unins000.msg.vir
C:\Program Files (x86)\Common Files\AVG Secure Search\InstalledProducts.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\AVG Secure Search\InstalledProducts.ini.vir
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\log4cplusU.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\log4cplusU.dll.vir
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\loggingserver.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\loggingserver.exe.vir
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe.vir
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\updater.xml->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\updater.xml.vir
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\UpdaterConfig.ini->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\UpdaterConfig.ini.vir
C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.2.0\ViProtocol.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.2.0\ViProtocol.dll.vir
C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\3.2.0\manifest.json->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\3.2.0\manifest.json.vir
C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\3.2.0\ScriptHelper.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\3.2.0\ScriptHelper.exe.vir
C:\Program Files (x86)\Common Files\AVG Secure Search\NativeBrowserApi\3.2.0\NativeBrowserApi.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\AVG Secure Search\NativeBrowserApi\3.2.0\NativeBrowserApi.dll.vir
C:\Program Files (x86)\Common Files\AVG Secure Search\DriverInstaller\3.2.0\DriverInstaller.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\AVG Secure Search\DriverInstaller\3.2.0\DriverInstaller.exe.vir
C:\Program Files\Hola\hola_svc.exe.cid->C:\AdwCleaner\Quarantine\C\Program Files\Hola\hola_svc.exe.cid.vir
C:\Program Files\Hola\hola_updater.exe.cid->C:\AdwCleaner\Quarantine\C\Program Files\Hola\hola_updater.exe.cid.vir
C:\Program Files\Hola\log\20150504_195203_perr_svc_wait_timers_missing.log->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\20150504_195203_perr_svc_wait_timers_missing.log.vir
C:\Program Files\Hola\log\20150504_195203_perr_svc_wait_timers_missing.sent->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\20150504_195203_perr_svc_wait_timers_missing.sent.vir
C:\Program Files\Hola\log\20150505_134154_perr_svc_wait_timers_missing.log->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\20150505_134154_perr_svc_wait_timers_missing.log.vir
C:\Program Files\Hola\log\20150505_134154_perr_svc_wait_timers_missing.sent->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\20150505_134154_perr_svc_wait_timers_missing.sent.vir
C:\Program Files\Hola\log\20150506_113803_perr_svc_wait_timers_missing.log->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\20150506_113803_perr_svc_wait_timers_missing.log.vir
C:\Program Files\Hola\log\20150506_113803_perr_svc_wait_timers_missing.sent->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\20150506_113803_perr_svc_wait_timers_missing.sent.vir
C:\Program Files\Hola\log\20150506_193806_perr_svc_wait_timers_missing.log->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\20150506_193806_perr_svc_wait_timers_missing.log.vir
C:\Program Files\Hola\log\20150506_193806_perr_svc_wait_timers_missing.sent->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\20150506_193806_perr_svc_wait_timers_missing.sent.vir
C:\Program Files\Hola\log\20150507_125430_perr_svc_wait_timers_missing.log->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\20150507_125430_perr_svc_wait_timers_missing.log.vir
C:\Program Files\Hola\log\20150507_125430_perr_svc_wait_timers_missing.sent->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\20150507_125430_perr_svc_wait_timers_missing.sent.vir
C:\Program Files\Hola\log\20150507_143954_svc_crash.dmp->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\20150507_143954_svc_crash.dmp.vir
C:\Program Files\Hola\log\20150507_143954_svc_crash.log->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\20150507_143954_svc_crash.log.vir
C:\Program Files\Hola\log\20150507_143954_svc_crash.sent->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\20150507_143954_svc_crash.sent.vir
C:\Program Files\Hola\log\20150507_143954_svc_crash.set->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\20150507_143954_svc_crash.set.vir
C:\Program Files\Hola\log\20150507_144017_perr_svc_upnp_svc_xml_parse.log->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\20150507_144017_perr_svc_upnp_svc_xml_parse.log.vir
C:\Program Files\Hola\log\20150507_144017_perr_svc_upnp_svc_xml_parse.sent->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\20150507_144017_perr_svc_upnp_svc_xml_parse.sent.vir
C:\Program Files\Hola\log\20150507_145016_perr_svc_wait_timers_missing.log->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\20150507_145016_perr_svc_wait_timers_missing.log.vir
C:\Program Files\Hola\log\20150507_145016_perr_svc_wait_timers_missing.sent->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\20150507_145016_perr_svc_wait_timers_missing.sent.vir
C:\Program Files\Hola\log\20150507_161512_perr_svc_server_auth_timeout.log->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\20150507_161512_perr_svc_server_auth_timeout.log.vir
C:\Program Files\Hola\log\20150507_161512_perr_svc_server_auth_timeout.sent->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\20150507_161512_perr_svc_server_auth_timeout.sent.vir
C:\Program Files\Hola\log\install.log->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\install.log.vir
C:\Program Files\Hola\log\svc.log->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\svc.log.vir
C:\Program Files\Hola\log\svc.log.1->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\svc.log.1.vir
C:\Program Files\Hola\log\ui.log->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\ui.log.vir
C:\Program Files\Hola\log\ui.log.1->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\ui.log.1.vir
C:\Program Files\Hola\log\updater.log->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\updater.log.vir
C:\Program Files\Hola\log\updater.log.1->C:\AdwCleaner\Quarantine\C\Program Files\Hola\log\updater.log.1.vir
C:\Program Files\Hola\db\cache.db->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\cache.db.vir
C:\Program Files\Hola\db\cache.db-shm->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\cache.db-shm.vir
C:\Program Files\Hola\db\cache.db-wal->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\cache.db-wal.vir
C:\Program Files\Hola\db\chunks.db->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\chunks.db.vir
C:\Program Files\Hola\db\chunks.db-shm->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\chunks.db-shm.vir
C:\Program Files\Hola\db\chunks.db-wal->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\chunks.db-wal.vir
C:\Program Files\Hola\db\dnss.db->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\dnss.db.vir
C:\Program Files\Hola\db\hola.conf->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\hola.conf.vir
C:\Program Files\Hola\db\slab0.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\slab0.ndfs.vir
C:\Program Files\Hola\db\slab1.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\slab1.ndfs.vir
C:\Program Files\Hola\db\slab2.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\slab2.ndfs.vir
C:\Program Files\Hola\db\updater.conf->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\updater.conf.vir

 


C:\Program Files\Hola\db\remap.ndfs\rslab.1.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.10.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.10.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.100.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.100.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1000.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1000.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1001.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1001.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1002.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1002.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1003.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1003.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1004.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1004.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1005.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1005.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1006.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1006.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1007.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1007.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1008.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1008.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1009.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1009.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.101.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.101.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1010.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1010.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1011.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1011.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1012.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1012.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1013.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1013.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1014.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1014.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1015.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1015.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1016.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1016.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1017.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1017.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1018.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1018.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1019.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1019.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.102.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.102.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1020.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1020.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1021.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1021.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1022.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1022.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1023.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1023.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1024.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1024.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1025.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1025.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1026.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1026.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1027.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1027.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1028.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1028.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1029.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1029.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.103.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.103.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1030.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1030.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1031.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1031.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1032.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1032.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1033.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1033.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1034.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1034.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1035.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1035.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1036.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1036.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1037.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1037.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1038.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1038.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1039.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1039.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.104.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.104.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1040.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1040.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1041.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1041.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1042.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1042.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1043.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1043.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1044.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1044.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1045.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1045.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1046.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1046.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1047.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1047.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1048.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1048.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1049.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1049.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.105.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.105.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1050.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1050.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1051.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1051.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1052.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1052.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1053.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1053.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1054.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1054.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1055.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1055.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1056.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1056.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1057.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1057.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1058.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1058.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1059.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1059.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.106.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.106.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1060.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1060.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1061.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1061.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1062.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1062.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1063.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1063.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1064.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1064.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1065.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1065.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1066.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1066.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1067.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1067.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1068.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1068.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1069.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1069.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.107.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.107.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1070.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1070.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1071.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1071.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1072.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1072.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1073.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1073.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1074.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1074.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1075.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1075.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1076.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1076.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1077.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1077.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1078.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1078.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1079.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1079.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.108.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.108.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1080.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1080.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1081.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1081.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1082.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1082.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1083.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1083.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1084.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1084.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1085.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1085.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1086.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1086.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1087.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1087.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1088.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1088.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1089.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1089.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.109.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.109.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1090.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1090.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1091.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1091.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1092.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1092.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1093.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1093.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1094.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1094.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1095.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1095.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1096.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1096.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1097.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1097.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1098.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1098.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1099.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1099.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.11.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.11.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.110.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.110.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1100.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1100.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1101.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1101.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1102.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1102.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1103.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1103.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1104.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1104.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1105.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1105.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1106.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1106.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1107.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1107.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1108.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1108.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1109.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1109.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.111.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.111.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1110.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1110.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1111.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1111.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1112.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1112.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1113.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1113.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1114.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1114.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1115.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1115.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1116.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1116.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1117.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1117.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1118.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1118.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1119.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1119.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.112.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.112.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1120.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1120.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1121.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1121.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1122.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1122.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1123.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1123.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1124.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1124.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1125.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1125.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1126.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1126.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1127.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1127.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1128.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1128.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1129.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1129.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.113.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.113.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1130.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1130.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1131.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1131.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1132.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1132.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1133.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1133.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1134.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1134.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1135.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1135.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1136.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1136.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1137.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1137.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1138.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1138.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1139.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1139.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.114.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.114.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1140.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1140.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1141.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1141.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1142.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1142.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1143.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1143.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1144.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1144.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1145.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1145.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1146.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1146.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1147.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1147.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1148.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1148.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1149.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1149.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.115.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.115.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1150.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1150.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1151.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1151.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1152.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1152.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1153.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1153.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1154.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1154.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1155.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1155.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1156.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1156.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1157.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1157.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1158.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1158.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1159.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1159.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.116.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.116.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1160.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1160.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1161.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1161.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1162.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1162.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1163.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1163.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1164.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1164.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1165.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1165.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1166.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1166.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1167.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1167.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1168.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1168.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1169.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1169.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.117.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.117.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1170.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1170.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1171.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1171.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1172.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1172.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1173.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1173.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1174.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1174.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1175.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1175.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1176.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1176.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1177.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1177.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1178.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1178.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1179.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1179.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.118.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.118.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1180.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1180.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1181.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1181.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1182.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1182.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1183.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1183.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1184.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1184.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1185.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1185.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1186.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1186.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1187.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1187.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1188.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1188.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1189.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1189.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.119.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.119.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1190.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1190.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1191.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1191.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1192.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1192.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1193.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1193.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1194.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1194.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1195.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1195.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1196.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1196.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1197.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1197.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1198.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1198.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1199.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1199.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.12.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.12.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.120.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.120.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1200.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1200.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1201.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1201.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1202.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1202.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1203.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1203.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1204.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1204.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1205.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1205.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1206.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1206.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1207.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1207.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1208.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1208.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1209.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1209.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.121.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.121.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1210.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1210.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1211.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1211.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1212.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1212.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1213.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1213.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1214.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1214.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1215.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1215.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1216.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1216.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1217.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1217.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1218.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1218.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1219.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1219.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.122.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.122.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1220.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1220.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1221.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1221.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1222.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1222.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1223.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1223.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1224.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1224.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1225.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1225.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1226.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1226.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1227.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1227.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1228.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1228.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1229.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1229.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.123.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.123.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1230.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1230.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1231.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1231.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1232.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1232.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1233.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1233.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1234.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1234.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1235.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1235.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1236.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1236.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1237.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1237.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1238.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1238.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1239.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1239.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.124.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.124.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1240.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1240.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1241.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1241.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1242.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1242.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1243.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1243.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1244.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1244.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1245.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1245.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1246.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1246.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1247.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1247.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1248.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1248.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1249.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1249.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.125.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.125.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1250.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1250.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1251.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1251.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1252.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1252.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1253.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1253.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1254.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1254.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1255.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1255.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1256.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1256.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1257.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1257.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1258.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1258.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1259.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1259.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.126.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.126.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1260.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1260.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1261.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1261.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1262.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1262.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1263.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1263.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1264.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1264.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1265.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1265.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1266.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1266.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1267.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1267.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1268.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1268.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1269.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1269.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.127.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.127.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1270.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1270.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1271.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1271.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1272.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1272.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1273.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1273.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1274.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1274.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1275.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1275.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1276.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1276.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1277.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1277.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1278.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1278.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1279.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1279.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.128.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.128.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1280.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1280.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1281.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1281.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1282.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1282.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1283.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1283.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1284.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1284.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1285.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1285.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1286.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1286.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1287.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1287.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1288.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1288.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1289.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1289.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.129.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.129.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1290.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1290.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1291.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1291.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1292.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1292.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1293.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1293.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1294.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1294.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1295.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1295.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1296.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1296.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1297.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1297.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1298.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1298.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1299.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1299.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.13.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.13.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.130.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.130.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1300.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1300.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1301.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1301.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1302.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1302.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1303.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1303.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1304.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1304.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1305.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1305.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1306.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1306.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1307.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1307.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1308.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1308.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1309.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1309.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.131.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.131.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1310.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1310.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1311.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1311.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1312.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1312.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1313.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1313.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1314.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1314.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1315.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1315.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1316.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1316.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1317.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1317.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1318.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1318.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1319.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1319.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.132.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.132.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1320.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1320.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1321.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1321.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1322.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1322.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1323.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1323.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1324.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1324.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1325.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1325.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1326.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1326.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1327.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1327.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1328.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1328.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1329.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1329.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.133.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.133.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1330.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1330.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1331.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1331.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1332.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1332.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1333.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1333.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1334.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1334.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1335.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1335.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1336.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1336.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1337.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1337.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1338.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1338.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1339.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1339.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.134.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.134.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1340.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1340.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1341.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1341.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1342.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1342.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1343.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1343.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1344.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1344.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1345.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1345.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1346.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1346.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1347.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1347.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1348.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1348.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1349.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1349.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.135.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.135.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1350.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1350.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1351.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1351.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1352.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1352.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1353.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1353.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1354.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1354.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1355.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1355.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1356.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1356.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1357.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1357.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1358.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1358.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1359.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1359.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.136.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.136.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1360.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1360.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1361.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1361.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1362.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1362.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1363.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1363.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1364.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1364.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1365.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1365.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1366.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1366.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1367.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1367.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1368.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1368.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1369.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1369.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.137.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.137.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1370.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1370.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1371.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1371.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1372.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1372.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1373.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1373.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1374.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1374.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1375.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1375.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1376.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1376.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1377.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1377.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1378.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1378.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1379.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1379.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.138.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.138.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1380.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1380.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1381.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1381.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1382.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1382.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1383.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1383.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1384.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1384.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1385.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1385.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1386.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1386.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1387.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1387.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1388.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1388.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1389.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1389.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.139.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.139.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1390.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1390.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1391.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1391.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1392.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1392.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1393.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1393.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1394.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1394.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1395.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1395.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1396.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1396.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1397.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1397.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1398.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1398.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1399.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1399.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.14.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.14.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.140.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.140.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1400.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1400.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1401.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1401.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1402.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1402.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1403.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1403.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1404.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1404.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1405.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1405.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1406.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1406.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1407.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1407.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1408.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1408.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1409.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1409.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.141.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.141.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1410.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1410.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1411.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1411.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1412.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1412.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1413.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1413.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1414.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1414.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1415.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1415.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1416.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1416.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1417.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1417.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1418.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1418.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1419.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1419.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.142.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.142.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1420.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1420.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1421.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1421.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1422.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1422.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1423.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1423.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1424.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1424.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1425.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1425.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1426.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1426.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1427.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1427.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1428.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1428.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1429.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1429.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.143.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.143.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1430.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1430.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1431.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1431.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1432.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1432.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1433.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1433.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1434.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1434.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1435.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1435.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1436.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1436.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1437.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1437.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1438.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1438.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1439.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1439.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.144.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.144.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1440.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1440.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1441.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1441.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1442.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1442.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1443.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1443.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1444.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1444.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1445.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1445.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1446.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1446.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1447.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1447.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1448.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1448.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1449.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1449.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.145.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.145.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1450.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1450.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1451.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1451.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1452.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1452.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1453.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1453.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1454.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1454.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1455.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1455.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1456.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1456.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1457.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1457.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1458.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1458.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1459.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1459.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.146.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.146.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1460.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1460.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1461.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1461.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1462.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1462.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1463.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1463.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1464.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1464.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1465.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1465.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1466.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1466.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1467.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1467.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1468.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1468.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1469.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1469.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.147.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.147.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1470.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1470.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1471.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1471.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1472.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1472.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1473.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1473.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1474.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1474.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1475.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1475.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1476.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1476.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1477.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1477.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1478.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1478.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1479.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1479.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.148.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.148.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1480.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1480.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1481.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1481.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1482.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1482.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1483.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1483.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1484.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1484.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1485.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1485.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1486.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1486.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1487.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1487.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1488.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1488.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1489.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1489.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.149.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.149.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1490.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1490.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1491.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1491.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1492.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1492.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1493.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1493.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1494.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1494.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1495.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1495.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1496.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1496.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1497.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1497.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1498.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1498.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1499.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1499.ndfs.vir

 



#4 Mysterial

Mysterial
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:08 AM

Posted 09 May 2015 - 03:36 AM

C:\Program Files\Hola\db\remap.ndfs\rslab.15.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.15.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.150.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.150.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1500.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1500.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1501.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1501.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1502.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1502.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1503.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1503.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1504.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1504.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1505.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1505.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1506.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1506.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1507.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1507.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1508.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1508.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1509.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1509.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.151.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.151.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1510.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1510.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1511.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1511.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1512.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1512.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1513.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1513.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1514.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1514.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1515.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1515.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1516.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1516.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1517.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1517.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1518.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1518.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1519.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1519.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.152.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.152.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1520.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1520.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1521.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1521.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1522.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1522.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1523.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1523.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1524.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1524.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1525.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1525.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1526.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1526.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1527.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1527.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1528.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1528.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1529.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1529.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.153.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.153.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1530.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1530.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1531.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1531.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1532.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1532.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1533.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1533.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1534.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1534.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1535.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1535.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1536.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1536.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1537.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1537.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1538.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1538.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1539.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1539.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.154.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.154.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1540.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1540.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1541.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1541.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1542.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1542.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1543.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1543.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1544.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1544.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.1545.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.1545.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.155.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.155.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.156.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.156.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.157.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.157.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.158.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.158.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.159.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.159.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.16.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.16.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.160.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.160.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.161.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.161.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.162.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.162.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.163.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.163.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.164.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.164.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.165.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.165.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.166.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.166.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.167.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.167.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.168.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.168.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.169.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.169.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.17.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.17.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.170.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.170.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.171.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.171.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.172.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.172.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.173.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.173.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.174.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.174.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.175.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.175.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.176.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.176.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.177.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.177.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.178.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.178.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.179.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.179.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.18.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.18.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.180.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.180.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.181.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.181.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.182.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.182.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.183.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.183.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.184.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.184.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.185.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.185.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.186.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.186.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.187.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.187.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.188.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.188.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.189.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.189.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.19.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.19.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.190.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.190.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.191.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.191.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.192.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.192.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.193.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.193.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.194.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.194.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.195.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.195.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.196.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.196.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.197.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.197.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.198.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.198.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.199.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.199.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.2.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.2.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.20.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.20.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.200.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.200.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.201.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.201.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.202.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.202.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.203.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.203.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.204.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.204.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.205.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.205.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.206.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.206.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.207.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.207.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.208.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.208.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.209.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.209.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.21.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.21.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.210.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.210.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.211.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.211.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.212.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.212.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.213.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.213.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.214.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.214.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.215.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.215.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.216.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.216.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.217.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.217.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.218.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.218.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.219.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.219.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.22.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.22.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.220.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.220.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.221.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.221.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.222.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.222.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.223.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.223.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.224.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.224.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.225.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.225.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.226.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.226.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.227.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.227.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.228.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.228.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.229.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.229.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.23.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.23.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.230.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.230.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.231.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.231.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.232.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.232.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.233.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.233.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.234.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.234.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.235.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.235.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.236.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.236.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.237.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.237.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.238.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.238.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.239.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.239.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.24.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.24.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.240.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.240.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.241.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.241.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.242.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.242.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.243.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.243.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.244.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.244.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.245.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.245.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.246.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.246.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.247.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.247.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.248.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.248.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.249.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.249.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.25.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.25.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.250.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.250.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.251.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.251.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.252.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.252.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.253.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.253.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.254.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.254.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.255.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.255.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.256.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.256.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.257.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.257.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.258.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.258.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.259.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.259.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.26.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.26.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.260.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.260.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.261.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.261.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.262.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.262.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.263.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.263.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.264.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.264.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.265.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.265.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.266.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.266.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.267.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.267.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.268.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.268.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.269.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.269.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.27.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.27.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.270.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.270.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.271.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.271.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.272.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.272.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.273.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.273.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.274.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.274.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.275.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.275.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.276.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.276.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.277.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.277.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.278.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.278.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.279.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.279.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.28.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.28.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.280.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.280.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.281.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.281.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.282.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.282.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.283.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.283.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.284.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.284.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.285.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.285.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.286.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.286.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.287.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.287.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.288.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.288.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.289.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.289.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.29.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.29.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.290.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.290.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.291.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.291.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.292.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.292.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.293.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.293.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.294.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.294.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.295.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.295.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.296.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.296.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.297.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.297.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.298.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.298.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.299.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.299.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.3.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.3.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.30.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.30.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.300.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.300.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.301.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.301.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.302.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.302.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.303.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.303.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.304.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.304.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.305.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.305.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.306.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.306.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.307.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.307.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.308.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.308.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.309.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.309.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.31.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.31.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.310.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.310.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.311.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.311.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.312.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.312.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.313.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.313.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.314.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.314.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.315.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.315.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.316.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.316.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.317.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.317.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.318.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.318.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.319.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.319.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.32.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.32.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.320.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.320.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.321.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.321.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.322.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.322.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.323.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.323.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.324.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.324.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.325.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.325.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.326.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.326.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.327.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.327.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.328.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.328.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.329.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.329.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.33.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.33.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.330.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.330.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.331.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.331.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.332.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.332.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.333.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.333.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.334.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.334.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.335.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.335.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.336.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.336.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.337.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.337.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.338.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.338.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.339.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.339.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.34.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.34.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.340.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.340.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.341.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.341.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.342.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.342.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.343.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.343.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.344.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.344.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.345.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.345.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.346.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.346.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.347.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.347.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.348.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.348.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.349.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.349.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.35.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.35.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.350.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.350.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.351.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.351.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.352.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.352.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.353.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.353.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.354.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.354.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.355.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.355.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.356.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.356.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.357.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.357.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.358.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.358.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.359.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.359.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.36.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.36.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.360.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.360.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.361.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.361.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.362.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.362.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.363.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.363.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.364.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.364.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.365.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.365.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.366.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.366.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.367.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.367.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.368.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.368.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.369.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.369.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.37.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.37.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.370.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.370.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.371.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.371.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.372.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.372.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.373.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.373.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.374.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.374.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.375.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.375.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.376.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.376.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.377.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.377.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.378.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.378.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.379.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.379.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.38.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.38.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.380.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.380.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.381.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.381.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.382.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.382.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.383.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.383.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.384.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.384.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.385.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.385.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.386.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.386.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.387.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.387.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.388.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.388.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.389.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.389.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.39.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.39.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.390.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.390.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.391.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.391.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.392.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.392.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.393.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.393.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.394.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.394.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.395.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.395.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.396.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.396.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.397.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.397.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.398.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.398.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.399.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.399.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.4.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.4.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.40.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.40.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.400.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.400.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.401.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.401.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.402.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.402.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.403.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.403.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.404.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.404.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.405.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.405.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.406.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.406.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.407.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.407.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.408.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.408.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.409.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.409.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.41.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.41.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.410.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.410.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.411.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.411.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.412.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.412.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.413.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.413.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.414.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.414.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.415.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.415.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.416.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.416.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.417.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.417.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.418.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.418.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.419.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.419.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.42.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.42.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.420.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.420.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.421.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.421.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.422.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.422.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.423.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.423.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.424.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.424.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.425.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.425.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.426.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.426.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.427.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.427.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.428.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.428.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.429.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.429.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.43.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.43.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.430.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.430.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.431.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.431.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.432.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.432.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.433.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.433.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.434.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.434.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.435.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.435.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.436.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.436.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.437.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.437.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.438.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.438.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.439.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.439.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.44.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.44.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.440.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.440.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.441.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.441.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.442.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.442.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.443.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.443.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.444.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.444.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.445.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.445.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.446.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.446.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.447.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.447.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.448.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.448.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.449.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.449.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.45.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.45.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.450.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.450.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.451.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.451.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.452.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.452.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.453.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.453.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.454.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.454.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.455.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.455.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.456.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.456.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.457.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.457.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.458.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.458.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.459.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.459.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.46.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.46.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.460.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.460.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.461.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.461.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.462.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.462.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.463.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.463.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.464.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.464.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.465.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.465.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.466.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.466.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.467.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.467.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.468.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.468.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.469.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.469.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.47.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.47.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.470.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.470.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.471.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.471.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.472.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.472.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.473.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.473.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.474.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.474.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.475.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.475.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.476.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.476.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.477.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.477.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.478.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.478.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.479.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.479.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.48.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.48.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.480.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.480.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.481.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.481.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.482.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.482.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.483.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.483.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.484.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.484.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.485.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.485.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.486.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.486.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.487.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.487.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.488.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.488.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.489.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.489.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.49.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.49.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.490.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.490.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.491.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.491.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.492.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.492.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.493.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.493.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.494.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.494.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.495.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.495.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.496.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.496.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.497.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.497.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.498.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.498.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.499.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.499.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.5.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.5.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.50.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.50.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.500.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.500.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.501.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.501.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.502.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.502.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.503.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.503.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.504.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.504.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.505.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.505.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.506.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.506.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.507.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.507.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.508.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.508.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.509.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.509.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.51.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.51.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.510.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.510.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.511.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.511.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.512.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.512.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.52.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.52.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.53.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.53.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.54.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.54.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.55.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.55.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.56.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.56.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.569.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.569.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.57.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.57.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.570.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.570.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.571.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.571.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.572.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.572.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.573.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.573.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.574.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.574.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.575.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.575.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.576.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.576.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.577.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.577.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.578.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.578.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.579.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.579.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.58.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.58.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.580.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.580.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.581.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.581.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.582.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.582.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.583.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.583.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.584.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.584.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.585.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.585.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.586.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.586.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.587.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.587.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.588.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.588.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.589.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.589.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.59.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.59.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.590.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.590.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.591.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.591.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.592.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.592.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.593.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.593.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.594.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.594.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.595.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.595.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.596.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.596.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.597.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.597.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.598.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.598.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.599.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.599.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.6.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.6.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.60.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.60.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.600.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.600.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.601.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.601.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.602.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.602.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.603.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.603.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.604.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.604.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.605.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.605.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.606.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.606.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.607.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.607.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.608.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.608.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.609.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.609.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.61.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.61.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.610.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.610.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.611.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.611.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.612.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.612.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.613.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.613.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.614.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.614.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.615.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.615.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.616.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.616.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.617.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.617.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.618.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.618.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.619.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.619.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.62.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.62.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.620.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.620.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.621.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.621.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.622.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.622.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.623.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.623.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.624.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.624.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.625.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.625.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.626.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.626.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.627.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.627.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.628.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.628.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.629.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.629.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.63.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.63.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.630.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.630.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.631.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.631.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.632.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.632.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.633.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.633.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.634.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.634.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.635.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.635.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.636.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.636.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.637.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.637.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.638.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.638.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.639.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.639.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.64.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.64.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.640.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.640.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.641.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.641.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.642.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.642.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.643.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.643.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.644.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.644.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.645.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.645.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.646.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.646.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.647.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.647.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.648.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.648.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.649.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.649.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.65.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.65.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.650.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.650.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.651.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.651.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.652.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.652.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.653.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.653.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.654.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.654.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.655.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.655.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.656.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.656.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.657.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.657.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.658.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.658.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.659.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.659.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.66.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.66.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.660.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.660.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.661.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.661.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.662.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.662.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.663.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.663.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.664.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.664.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.665.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.665.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.666.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.666.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.667.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.667.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.668.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.668.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.669.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.669.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.67.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.67.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.670.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.670.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.671.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.671.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.672.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.672.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.673.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.673.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.674.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.674.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.675.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.675.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.676.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.676.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.677.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.677.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.678.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.678.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.679.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.679.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.68.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.68.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.680.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.680.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.681.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.681.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.682.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.682.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.683.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.683.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.684.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.684.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.685.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.685.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.686.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.686.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.687.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.687.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.688.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.688.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.689.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.689.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.69.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.69.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.690.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.690.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.691.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.691.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.692.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.692.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.693.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.693.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.694.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.694.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.695.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.695.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.696.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.696.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.697.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.697.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.698.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.698.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.699.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.699.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.7.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.7.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.70.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.70.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.700.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.700.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.701.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.701.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.702.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.702.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.703.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.703.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.704.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.704.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.705.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.705.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.706.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.706.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.707.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.707.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.708.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.708.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.709.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.709.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.71.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.71.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.710.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.710.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.711.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.711.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.712.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.712.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.713.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.713.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.714.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.714.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.715.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.715.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.716.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.716.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.717.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.717.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.718.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.718.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.719.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.719.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.72.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.72.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.720.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.720.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.721.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.721.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.722.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.722.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.723.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.723.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.724.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.724.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.725.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.725.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.726.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.726.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.727.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.727.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.728.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.728.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.729.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.729.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.73.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.73.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.730.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.730.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.731.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.731.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.732.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.732.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.733.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.733.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.734.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.734.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.735.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.735.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.736.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.736.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.737.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.737.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.738.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.738.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.739.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.739.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.74.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.74.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.740.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.740.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.741.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.741.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.742.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.742.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.743.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.743.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.744.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.744.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.745.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.745.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.746.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.746.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.747.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.747.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.748.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.748.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.749.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.749.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.75.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.75.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.750.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.750.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.751.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.751.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.752.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.752.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.753.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.753.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.754.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.754.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.755.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.755.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.756.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.756.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.757.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.757.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.758.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.758.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.759.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.759.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.76.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.76.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.760.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.760.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.761.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.761.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.762.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.762.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.763.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.763.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.764.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.764.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.765.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.765.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.766.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.766.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.767.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.767.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.768.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.768.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.769.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.769.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.77.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.77.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.770.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.770.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.771.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.771.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.772.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.772.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.773.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.773.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.774.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.774.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.775.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.775.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.776.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.776.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.777.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.777.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.778.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.778.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.779.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.779.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.78.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.78.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.780.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.780.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.781.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.781.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.782.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.782.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.783.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.783.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.784.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.784.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.785.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.785.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.786.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.786.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.787.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.787.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.788.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.788.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.789.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.789.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.79.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.79.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.790.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.790.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.791.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.791.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.792.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.792.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.793.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.793.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.794.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.794.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.795.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.795.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.796.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.796.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.797.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.797.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.798.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.798.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.799.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.799.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.8.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.8.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.80.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.80.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.800.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.800.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.801.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.801.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.802.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.802.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.803.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.803.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.804.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.804.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.805.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.805.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.806.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.806.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.807.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.807.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.808.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.808.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.809.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.809.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.81.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.81.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.810.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.810.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.811.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.811.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.812.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.812.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.813.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.813.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.814.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.814.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.815.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.815.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.816.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.816.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.817.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.817.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.818.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.818.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.819.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.819.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.82.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.82.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.820.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.820.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.821.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.821.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.822.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.822.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.823.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.823.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.824.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.824.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.825.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.825.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.826.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.826.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.827.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.827.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.828.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.828.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.829.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.829.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.83.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.83.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.830.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.830.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.831.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.831.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.832.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.832.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.833.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.833.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.834.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.834.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.835.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.835.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.836.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.836.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.837.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.837.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.838.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.838.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.839.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.839.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.84.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.84.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.840.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.840.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.841.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.841.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.842.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.842.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.843.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.843.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.844.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.844.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.845.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.845.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.846.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.846.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.847.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.847.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.848.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.848.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.849.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.849.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.85.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.85.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.850.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.850.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.851.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.851.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.852.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.852.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.853.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.853.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.854.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.854.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.855.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.855.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.856.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.856.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.857.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.857.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.858.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.858.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.859.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.859.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.86.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.86.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.860.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.860.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.861.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.861.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.862.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.862.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.863.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.863.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.864.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.864.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.865.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.865.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.866.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.866.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.867.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.867.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.868.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.868.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.869.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.869.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.87.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.87.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.870.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.870.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.871.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.871.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.872.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.872.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.873.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.873.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.874.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.874.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.875.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.875.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.876.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.876.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.877.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.877.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.878.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.878.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.879.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.879.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.88.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.88.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.880.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.880.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.881.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.881.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.882.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.882.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.883.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.883.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.884.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.884.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.885.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.885.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.886.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.886.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.887.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.887.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.888.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.888.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.889.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.889.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.89.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.89.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.890.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.890.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.891.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.891.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.892.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.892.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.893.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.893.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.894.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.894.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.895.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.895.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.896.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.896.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.897.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.897.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.898.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.898.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.899.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.899.ndfs.vir

 


C:\Program Files\Hola\db\remap.ndfs\rslab.9.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.9.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.90.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.90.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.900.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.900.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.901.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.901.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.902.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.902.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.903.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.903.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.904.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.904.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.905.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.905.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.906.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.906.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.907.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.907.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.908.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.908.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.909.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.909.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.91.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.91.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.910.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.910.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.911.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.911.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.912.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.912.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.913.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.913.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.914.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.914.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.915.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.915.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.916.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.916.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.917.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.917.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.918.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.918.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.919.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.919.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.92.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.92.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.920.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.920.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.921.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.921.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.922.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.922.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.923.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.923.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.924.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.924.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.925.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.925.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.926.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.926.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.927.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.927.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.928.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.928.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.929.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.929.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.93.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.93.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.930.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.930.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.931.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.931.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.932.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.932.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.933.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.933.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.934.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.934.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.935.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.935.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.936.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.936.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.937.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.937.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.938.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.938.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.939.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.939.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.94.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.94.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.940.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.940.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.941.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.941.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.942.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.942.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.943.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.943.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.944.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.944.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.945.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.945.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.946.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.946.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.947.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.947.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.948.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.948.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.949.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.949.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.95.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.95.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.950.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.950.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.951.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.951.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.952.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.952.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.953.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.953.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.954.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.954.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.955.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.955.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.956.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.956.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.957.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.957.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.958.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.958.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.959.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.959.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.96.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.96.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.960.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.960.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.961.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.961.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.962.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.962.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.963.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.963.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.964.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.964.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.965.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.965.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.966.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.966.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.967.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.967.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.968.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.968.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.969.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.969.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.97.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.97.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.970.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.970.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.971.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.971.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.972.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.972.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.973.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.973.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.974.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.974.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.975.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.975.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.976.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.976.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.977.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.977.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.978.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.978.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.979.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.979.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.98.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.98.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.980.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.980.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.981.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.981.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.982.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.982.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.983.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.983.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.984.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.984.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.985.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.985.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.986.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.986.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.987.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.987.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.988.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.988.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.989.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.989.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.99.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.99.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.990.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.990.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.991.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.991.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.992.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.992.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.993.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.993.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.994.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.994.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.995.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.995.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.996.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.996.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.997.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.997.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.998.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.998.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.999.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.999.ndfs.vir
C:\Program Files\Hola\db\remap.ndfs\rslab.ndfs->C:\AdwCleaner\Quarantine\C\Program Files\Hola\db\remap.ndfs\rslab.ndfs.vir
C:\Program Files\Hola\app\hola.exe->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\hola.exe.vir
C:\Program Files\Hola\app\hola_cert.spc->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\hola_cert.spc.vir
C:\Program Files\Hola\app\hola_chrome_ext_1.2.664.crx->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\hola_chrome_ext_1.2.664.crx.vir
C:\Program Files\Hola\app\hola_chrome_ext_1.5.242.crx->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\hola_chrome_ext_1.5.242.crx.vir
C:\Program Files\Hola\app\hola_chrome_ext_1.5.267.crx->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\hola_chrome_ext_1.5.267.crx.vir
C:\Program Files\Hola\app\hola_drv.sys->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\hola_drv.sys.vir
C:\Program Files\Hola\app\hola_drv5.cat->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\hola_drv5.cat.vir
C:\Program Files\Hola\app\hola_drv5.inf->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\hola_drv5.inf.vir
C:\Program Files\Hola\app\hola_drv6.cat->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\hola_drv6.cat.vir
C:\Program Files\Hola\app\hola_drv6.inf->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\hola_drv6.inf.vir
C:\Program Files\Hola\app\hola_mon_drv.cat->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\hola_mon_drv.cat.vir
C:\Program Files\Hola\app\hola_mon_drv.inf->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\hola_mon_drv.inf.vir
C:\Program Files\Hola\app\hola_mon_drv.sys->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\hola_mon_drv.sys.vir
C:\Program Files\Hola\app\hola_net.cat->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\hola_net.cat.vir
C:\Program Files\Hola\app\hola_net.inf->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\hola_net.inf.vir
C:\Program Files\Hola\app\hola_net.sys->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\hola_net.sys.vir
C:\Program Files\Hola\app\hola_setup.exe->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\hola_setup.exe.vir
C:\Program Files\Hola\app\hola_svc.exe->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\hola_svc.exe.vir
C:\Program Files\Hola\app\hola_updater.exe->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\hola_updater.exe.vir
C:\Program Files\Hola\app\lsp_1.2.664.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\lsp_1.2.664.dll.vir
C:\Program Files\Hola\app\lsp_1.5.242.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\lsp_1.5.242.dll.vir
C:\Program Files\Hola\app\lsp_1.5.267.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\lsp_1.5.267.dll.vir
C:\Program Files\Hola\app\lsp_w32_1.2.664.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\lsp_w32_1.2.664.dll.vir
C:\Program Files\Hola\app\lsp_w32_1.5.242.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\lsp_w32_1.5.242.dll.vir
C:\Program Files\Hola\app\lsp_w32_1.5.267.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\lsp_w32_1.5.267.dll.vir
C:\Program Files\Hola\app\vlc\AUTHORS.txt->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\AUTHORS.txt.vir
C:\Program Files\Hola\app\vlc\axvlc.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\axvlc.dll.vir
C:\Program Files\Hola\app\vlc\COPYING.txt->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\COPYING.txt.vir
C:\Program Files\Hola\app\vlc\libvlc.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\libvlc.dll.vir
C:\Program Files\Hola\app\vlc\libvlc.dll.manifest->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\libvlc.dll.manifest.vir
C:\Program Files\Hola\app\vlc\libvlccore.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\libvlccore.dll.vir
C:\Program Files\Hola\app\vlc\NEWS.txt->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\NEWS.txt.vir
C:\Program Files\Hola\app\vlc\npvlc.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\npvlc.dll.vir
C:\Program Files\Hola\app\vlc\npvlc.dll.manifest->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\npvlc.dll.manifest.vir
C:\Program Files\Hola\app\vlc\README.txt->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\README.txt.vir
C:\Program Files\Hola\app\vlc\THANKS.txt->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\THANKS.txt.vir
C:\Program Files\Hola\app\vlc\vlc.exe->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\vlc.exe.vir
C:\Program Files\Hola\app\vlc\vlc.exe.manifest->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\vlc.exe.manifest.vir
C:\Program Files\Hola\app\vlc\vlc.ico->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\vlc.ico.vir
C:\Program Files\Hola\app\vlc\skins\default.vlt->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\skins\default.vlt.vir
C:\Program Files\Hola\app\vlc\skins\skin.catalog->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\skins\skin.catalog.vir
C:\Program Files\Hola\app\vlc\skins\skin.dtd->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\skins\skin.dtd.vir
C:\Program Files\Hola\app\vlc\skins\winamp2.xml->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\skins\winamp2.xml.vir
C:\Program Files\Hola\app\vlc\skins\fonts\FreeSans.ttf->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\skins\fonts\FreeSans.ttf.vir
C:\Program Files\Hola\app\vlc\skins\fonts\FreeSansBold.ttf->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\skins\fonts\FreeSansBold.ttf.vir
C:\Program Files\Hola\app\vlc\plugins\video_output\libdirect2d_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\video_output\libdirect2d_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\video_output\libdirect3d_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\video_output\libdirect3d_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\video_output\libdirectdraw_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\video_output\libdirectdraw_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\video_output\libdrawable_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\video_output\libdrawable_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\video_output\libvmem_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\video_output\libvmem_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\video_filter\libscale_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\video_filter\libscale_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\video_filter\libswscale_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\video_filter\libswscale_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\video_filter\libyuvp_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\video_filter\libyuvp_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\text_renderer\libfreetype_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\text_renderer\libfreetype_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\stream_filter\libdash_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\stream_filter\libdash_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\stream_filter\librecord_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\stream_filter\librecord_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\stream_filter\libsmooth_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\stream_filter\libsmooth_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\misc\liblogger_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\misc\liblogger_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\misc\libxml_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\misc\libxml_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\meta_engine\libfolder_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\meta_engine\libfolder_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\gui\libqt4_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\gui\libqt4_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\gui\libskins2_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\gui\libskins2_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libaiff_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libaiff_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libasf_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libasf_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libau_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libau_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libavi_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libavi_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libdemuxdump_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libdemuxdump_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libdemux_cdg_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libdemux_cdg_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libdemux_stl_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libdemux_stl_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libdirac_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libdirac_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libes_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libes_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libflacsys_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libflacsys_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libh264_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libh264_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libimage_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libimage_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libmjpeg_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libmjpeg_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libmkv_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libmkv_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libmp4_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libmp4_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libmpgv_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libmpgv_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libnsc_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libnsc_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libnsv_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libnsv_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libnuv_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libnuv_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libogg_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libogg_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libplaylist_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libplaylist_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libps_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libps_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libpva_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libpva_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\librawaud_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\librawaud_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\librawdv_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\librawdv_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\librawvid_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\librawvid_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libsmf_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libsmf_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libsubtitle_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libsubtitle_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libts_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libts_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libtta_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libtta_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libty_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libty_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libvc1_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libvc1_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libvobsub_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libvobsub_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libvoc_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libvoc_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libwav_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libwav_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\demux\libxa_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\demux\libxa_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\control\libhotkeys_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\control\libhotkeys_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\liba52_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\liba52_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\libadpcm_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\libadpcm_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\libaes3_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\libaes3_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\libaraw_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\libaraw_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\libavcodec_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\libavcodec_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\libcc_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\libcc_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\libcdg_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\libcdg_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\libcrystalhd_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\libcrystalhd_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\libcvdsub_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\libcvdsub_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\libdmo_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\libdmo_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\libdts_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\libdts_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\libdvbsub_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\libdvbsub_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\libdxva2_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\libdxva2_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\libfaad_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\libfaad_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\libg711_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\libg711_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\liblibass_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\liblibass_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\liblibmpeg2_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\liblibmpeg2_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\liblpcm_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\liblpcm_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\libmpeg_audio_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\libmpeg_audio_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\libpng_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\libpng_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\libscte27_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\libscte27_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\libspudec_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\libspudec_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\libstl_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\libstl_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\libsubsdec_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\libsubsdec_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\libsubsusf_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\libsubsusf_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\libsvcdsub_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\libsvcdsub_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\libt140_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\libt140_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\libuleaddvaudio_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\libuleaddvaudio_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\libvorbis_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\libvorbis_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\codec\libx264_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\codec\libx264_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\audio_output\libdirectsound_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\audio_output\libdirectsound_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\audio_output\libwaveout_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\audio_output\libwaveout_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\audio_filter\liba52tospdif_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\audio_filter\liba52tospdif_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\audio_filter\libaudio_format_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\audio_filter\libaudio_format_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\audio_filter\libdolby_surround_decoder_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\audio_filter\libdolby_surround_decoder_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\audio_filter\libdtstospdif_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\audio_filter\libdtstospdif_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\audio_filter\libscaletempo_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\audio_filter\libscaletempo_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\audio_filter\libsimple_channel_mixer_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\audio_filter\libsimple_channel_mixer_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\audio_filter\libugly_resampler_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\audio_filter\libugly_resampler_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\access_output\libaccess_output_file_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\access_output\libaccess_output_file_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\access_output\libaccess_output_http_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\access_output\libaccess_output_http_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\access\libaccess_http_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\access\libaccess_http_plugin.dll.vir
C:\Program Files\Hola\app\vlc\plugins\access\libfilesystem_plugin.dll->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\vlc\plugins\access\libfilesystem_plugin.dll.vir
C:\Program Files\Hola\app\image\Hola-Setup-x64-1.6.485.exe->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\image\Hola-Setup-x64-1.6.485.exe.vir
C:\Program Files\Hola\app\image\Hola-Setup-x64-1.6.974.1.exe->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\image\Hola-Setup-x64-1.6.974.1.exe.vir
C:\Program Files\Hola\app\image\Hola-Setup-x64-1.6.974.exe->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\image\Hola-Setup-x64-1.6.974.exe.vir
C:\Program Files\Hola\app\image\Hola-Setup-x64-1.7.5.1.exe->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\image\Hola-Setup-x64-1.7.5.1.exe.vir
C:\Program Files\Hola\app\image\Hola-Setup-x64-1.7.5.exe->C:\AdwCleaner\Quarantine\C\Program Files\Hola\app\image\Hola-Setup-x64-1.7.5.exe.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\hola_svc.exe.cid->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\hola_svc.exe.cid.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\log\20141218_165635_install_failed.log->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\log\20141218_165635_install_failed.log.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\log\20141218_165635_install_failed.sent->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\log\20141218_165635_install_failed.sent.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\log\20141225_124235_perr_svc_upnp_svc_xml_parse.log->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\log\20141225_124235_perr_svc_upnp_svc_xml_parse.log.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\log\20141225_124235_perr_svc_upnp_svc_xml_parse.sent->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\log\20141225_124235_perr_svc_upnp_svc_xml_parse.sent.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\log\20141227_171618_perr_svc_upnp_svc_xml_parse.log->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\log\20141227_171618_perr_svc_upnp_svc_xml_parse.log.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\log\20141227_171618_perr_svc_upnp_svc_xml_parse.sent->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\log\20141227_171618_perr_svc_upnp_svc_xml_parse.sent.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\log\20150111_050930_perr_svc_bio_flush_long_cb.log->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\log\20150111_050930_perr_svc_bio_flush_long_cb.log.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\log\20150111_050930_perr_svc_bio_flush_long_cb.sent->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\log\20150111_050930_perr_svc_bio_flush_long_cb.sent.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\log\20150111_051203_perr_svc_bio_flush_long_cb.log->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\log\20150111_051203_perr_svc_bio_flush_long_cb.log.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\log\20150111_051203_perr_svc_bio_flush_long_cb.sent->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\log\20150111_051203_perr_svc_bio_flush_long_cb.sent.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\log\20150123_054025_perr_svc_wait_timers_missing.log->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\log\20150123_054025_perr_svc_wait_timers_missing.log.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\log\20150123_054025_perr_svc_wait_timers_missing.sent->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\log\20150123_054025_perr_svc_wait_timers_missing.sent.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\log\20150327_102857_install_failed.log->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\log\20150327_102857_install_failed.log.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\log\20150329_070228_install_failed.log->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\log\20150329_070228_install_failed.log.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\log\install.log->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\log\install.log.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\log\svc.log->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\log\svc.log.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\log\svc.log.1->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\log\svc.log.1.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\db\cache.db->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\db\cache.db.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\db\cache.db-shm->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\db\cache.db-shm.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\db\chunks.db->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\db\chunks.db.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\db\chunks.db-shm->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\db\chunks.db-shm.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\db\dnss.db->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\db\dnss.db.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\db\dnss.db-shm->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\db\dnss.db-shm.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\db\dnss.db-wal->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\db\dnss.db-wal.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\db\hola.conf->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\db\hola.conf.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\hola_br.exe->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\hola_br.exe.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\hola_plugin.exe->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\hola_plugin.exe.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\hola_vlc_skin.vlt->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\hola_vlc_skin.vlt.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\zplugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\zplugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\AUTHORS.txt->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\AUTHORS.txt.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\axvlc.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\axvlc.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\COPYING.txt->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\COPYING.txt.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\libvlc.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\libvlc.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\libvlc.dll.manifest->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\libvlc.dll.manifest.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\libvlccore.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\libvlccore.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\NEWS.txt->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\NEWS.txt.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\npvlc.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\npvlc.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\npvlc.dll.manifest->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\npvlc.dll.manifest.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\README.txt->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\README.txt.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\THANKS.txt->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\THANKS.txt.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\vlc.exe->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\vlc.exe.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\vlc.exe.manifest->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\vlc.exe.manifest.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\vlc.ico->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\vlc.ico.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\skins\default.vlt->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\skins\default.vlt.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\skins\skin.catalog->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\skins\skin.catalog.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\skins\skin.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\skins\skin.dtd.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\skins\winamp2.xml->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\skins\winamp2.xml.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\skins\fonts\FreeSans.ttf->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\skins\fonts\FreeSans.ttf.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\skins\fonts\FreeSansBold.ttf->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\skins\fonts\FreeSansBold.ttf.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\video_output\libdirect2d_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\video_output\libdirect2d_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\video_output\libdirect3d_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\video_output\libdirect3d_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\video_output\libdirectdraw_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\video_output\libdirectdraw_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\video_output\libdrawable_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\video_output\libdrawable_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\video_output\libvmem_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\video_output\libvmem_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\video_filter\libscale_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\video_filter\libscale_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\video_filter\libswscale_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\video_filter\libswscale_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\video_filter\libyuvp_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\video_filter\libyuvp_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\text_renderer\libfreetype_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\text_renderer\libfreetype_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\stream_filter\libdash_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\stream_filter\libdash_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\stream_filter\librecord_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\stream_filter\librecord_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\stream_filter\libsmooth_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\stream_filter\libsmooth_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\misc\liblogger_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\misc\liblogger_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\misc\libxml_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\misc\libxml_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\meta_engine\libfolder_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\meta_engine\libfolder_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\gui\libqt4_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\gui\libqt4_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\gui\libskins2_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\gui\libskins2_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libaiff_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libaiff_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libasf_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libasf_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libau_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libau_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libavi_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libavi_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libdemuxdump_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libdemuxdump_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libdemux_cdg_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libdemux_cdg_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libdemux_stl_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libdemux_stl_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libdirac_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libdirac_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libes_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libes_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libflacsys_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libflacsys_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libh264_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libh264_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libimage_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libimage_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libmjpeg_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libmjpeg_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libmkv_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libmkv_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libmp4_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libmp4_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libmpgv_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libmpgv_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libnsc_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libnsc_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libnsv_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libnsv_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libnuv_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libnuv_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libogg_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libogg_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libplaylist_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libplaylist_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libps_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libps_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libpva_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libpva_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\librawaud_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\librawaud_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\librawdv_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\librawdv_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\librawvid_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\librawvid_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libsmf_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libsmf_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libsubtitle_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libsubtitle_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libts_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libts_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libtta_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libtta_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libty_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libty_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libvc1_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libvc1_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libvobsub_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libvobsub_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libvoc_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libvoc_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libwav_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libwav_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libxa_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libxa_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\control\libhotkeys_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\control\libhotkeys_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\liba52_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\liba52_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libadpcm_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libadpcm_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libaes3_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libaes3_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libaraw_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libaraw_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libavcodec_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libavcodec_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libcc_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libcc_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libcdg_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libcdg_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libcrystalhd_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libcrystalhd_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libcvdsub_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libcvdsub_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libdmo_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libdmo_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libdts_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libdts_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libdvbsub_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libdvbsub_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libdxva2_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libdxva2_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libfaad_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libfaad_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libg711_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libg711_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\liblibass_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\liblibass_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\liblibmpeg2_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\liblibmpeg2_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\liblpcm_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\liblpcm_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libmpeg_audio_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libmpeg_audio_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libpng_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libpng_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libscte27_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libscte27_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libspudec_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libspudec_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libstl_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libstl_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libsubsdec_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libsubsdec_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libsubsusf_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libsubsusf_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libsvcdsub_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libsvcdsub_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libt140_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libt140_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libuleaddvaudio_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libuleaddvaudio_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libvorbis_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libvorbis_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libx264_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libx264_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\audio_output\libdirectsound_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\audio_output\libdirectsound_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\audio_output\libwaveout_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\audio_output\libwaveout_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\audio_filter\liba52tospdif_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\audio_filter\liba52tospdif_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\audio_filter\libaudio_format_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\audio_filter\libaudio_format_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\audio_filter\libdolby_surround_decoder_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\audio_filter\libdolby_surround_decoder_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\audio_filter\libdtstospdif_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\audio_filter\libdtstospdif_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\audio_filter\libscaletempo_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\audio_filter\libscaletempo_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\audio_filter\libsimple_channel_mixer_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\audio_filter\libsimple_channel_mixer_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\audio_filter\libugly_resampler_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\audio_filter\libugly_resampler_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\access_output\libaccess_output_file_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\access_output\libaccess_output_file_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\access_output\libaccess_output_http_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\access_output\libaccess_output_http_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\access\libaccess_http_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\access\libaccess_http_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\access\libfilesystem_plugin.dll->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc\plugins\access\libfilesystem_plugin.dll.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\image\Hola-Setup-x64-1.7.681.exe->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\image\Hola-Setup-x64-1.7.681.exe.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\image\Hola-Setup-x64-1.7.697.1.exe->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\image\Hola-Setup-x64-1.7.697.1.exe.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\image\Hola-Setup-x64-1.7.697.exe->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\image\Hola-Setup-x64-1.7.697.exe.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\image\Hola-Setup-x64-1.7.712.1.exe->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\image\Hola-Setup-x64-1.7.712.1.exe.vir
C:\Users\Mysterial\AppData\Local\Hola\firefox\app\image\Hola-Setup-x64-1.7.712.exe->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Local\Hola\firefox\app\image\Hola-Setup-x64-1.7.712.exe.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\SpeedUpMyPC\error.log->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\SpeedUpMyPC\error.log.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\SpeedUpMyPC\settings.dat->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\SpeedUpMyPC\settings.dat.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\SpeedUpMyPC\state.sqlite->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\SpeedUpMyPC\state.sqlite.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\SpeedUpMyPC\ubm.dat->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\SpeedUpMyPC\ubm.dat.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\error.log->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\error.log.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\last_scan.dat->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\last_scan.dat.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\settings.dat->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\settings.dat.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\ubm.dat->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\ubm.dat.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110501-092947_repair.xml->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110501-092947_repair.xml.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110509-000223_repair.xml->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110509-000223_repair.xml.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110509-015427_repair.xml->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110509-015427_repair.xml.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110515-124549_repair.xml->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110515-124549_repair.xml.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110522-180122_repair.xml->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110522-180122_repair.xml.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110531-213020_repair.xml->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110531-213020_repair.xml.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110603-201845_repair.xml->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110603-201845_repair.xml.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110603-223538_repair.xml->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110603-223538_repair.xml.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110603-224649_repair.xml->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110603-224649_repair.xml.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110607-202755_repair.xml->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110607-202755_repair.xml.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110630-141723_repair.xml->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110630-141723_repair.xml.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110712-204736_repair.xml->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110712-204736_repair.xml.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110908-040249_repair.xml->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110908-040249_repair.xml.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110908-172722_repair.xml->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110908-172722_repair.xml.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110917-005324_repair.xml->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20110917-005324_repair.xml.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20111104-001018_repair.xml->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20111104-001018_repair.xml.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20111114-224455_repair.xml->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20111114-224455_repair.xml.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20111130-230106_repair.xml->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20111130-230106_repair.xml.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20111218-063945_repair.xml->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\20111218-063945_repair.xml.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\latest_scan_results.html->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\history\latest_scan_results.html.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110501.093048.zip->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110501.093048.zip.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110509.015142.zip->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110509.015142.zip.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110509.015443.zip->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110509.015443.zip.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110509.015501.zip->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110509.015501.zip.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110516.003738.zip->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110516.003738.zip.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110516.003743.zip->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110516.003743.zip.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110522.180741.zip->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110522.180741.zip.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110601.045348.zip->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110601.045348.zip.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110603.202120.zip->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110603.202120.zip.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110603.223947.zip->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110603.223947.zip.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110603.224842.zip->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110603.224842.zip.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110607.202857.zip->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110607.202857.zip.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110630.141741.zip->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110630.141741.zip.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110712.211248.zip->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110712.211248.zip.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110712.211256.zip->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110712.211256.zip.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110908.060051.zip->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110908.060051.zip.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110908.173124.zip->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110908.173124.zip.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110917.005354.zip->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20110917.005354.zip.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20111104.001050.zip->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20111104.001050.zip.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20111114.224526.zip->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20111114.224526.zip.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20111130.230114.zip->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20111130.230114.zip.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20111218.065531.zip->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\RegistryBooster\backup\20111218.065531.zip.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\PowerSuite\error.log->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\PowerSuite\error.log.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\PowerSuite\settings.dat->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\PowerSuite\settings.dat.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\PowerSuite\state.sqlite->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\PowerSuite\state.sqlite.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\DriverScanner\download_history.dat->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\DriverScanner\download_history.dat.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\DriverScanner\error.log->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\DriverScanner\error.log.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\DriverScanner\settings.dat->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\DriverScanner\settings.dat.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\DriverScanner\ubm.dat->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\DriverScanner\ubm.dat.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\DriverScanner\drivers\repackaged_06f49066ba2722e7c6f06d453f53d398->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\DriverScanner\drivers\repackaged_06f49066ba2722e7c6f06d453f53d398.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\DriverScanner\drivers\repackaged_09def23dd97bab66f0fb8243bfe230de->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\DriverScanner\drivers\repackaged_09def23dd97bab66f0fb8243bfe230de.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\DriverScanner\drivers\repackaged_4c7ac79c0895306bb259ca41f407f417->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\DriverScanner\drivers\repackaged_4c7ac79c0895306bb259ca41f407f417.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\DriverScanner\drivers\repackaged_5da171ce390e7cb32df6c93eb60d8c43->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\DriverScanner\drivers\repackaged_5da171ce390e7cb32df6c93eb60d8c43.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\DriverScanner\drivers\repackaged_a730b64e674bc5fc82abc1a1ebabf6d9->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\DriverScanner\drivers\repackaged_a730b64e674bc5fc82abc1a1ebabf6d9.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\DriverScanner\drivers\repackaged_c4a961739b448c49a18a4231d8bf0ae3->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\DriverScanner\drivers\repackaged_c4a961739b448c49a18a4231d8bf0ae3.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\DriverScanner\drivers\repackaged_cdce00d1baf77b54dd4d996904afa6fa->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\DriverScanner\drivers\repackaged_cdce00d1baf77b54dd4d996904afa6fa.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\DriverScanner\drivers\repackaged_f872b8b78d403bf918b07d4d9f9a5f2a->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\DriverScanner\drivers\repackaged_f872b8b78d403bf918b07d4d9f9a5f2a.vir
C:\Users\Mysterial\AppData\Roaming\Uniblue\DriverScanner\drivers\repackaged_fd16ea747dfe138f9e7604dce8689e97->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Uniblue\DriverScanner\drivers\repackaged_fd16ea747dfe138f9e7604dce8689e97.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\chrome.manifest->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\chrome.manifest.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\icon.png->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\icon.png.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\install.rdf->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\install.rdf.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\avg-dnt-adapter.js->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\avg-dnt-adapter.js.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\avg.xml->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\avg.xml.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\avgJsm.js->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\avgJsm.js.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\HistoryCleaner.js->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\HistoryCleaner.js.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\inflate.js->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\inflate.js.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\IOJsm.js->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\IOJsm.js.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\Preferences.js->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\Preferences.js.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\XMLHTTPUtilsJsm.js->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\XMLHTTPUtilsJsm.js.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\about.png->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\about.png.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\ajax-loader.gif->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\ajax-loader.gif.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\close.png->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\close.png.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\current.png->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\current.png.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\EULA.png->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\EULA.png.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\feedback.png->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\feedback.png.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\feedicon.png->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\feedicon.png.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\help.png->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\help.png.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\icon18.png->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\icon18.png.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\icon_search.png->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\icon_search.png.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\information-24.png->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\information-24.png.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\labs.png->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\labs.png.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\loader.gif->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\loader.gif.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\privacy.png->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\privacy.png.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\questionmarkIcon.png->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\questionmarkIcon.png.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\search.png->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\search.png.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\uninstall.png->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\uninstall.png.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\window-close.png->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\skin\window-close.png.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\zh-tw\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\zh-tw\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\zh-tw\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\zh-tw\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\zh-cn\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\zh-cn\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\zh-cn\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\zh-cn\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\tr\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\tr\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\tr\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\tr\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\th\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\th\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\th\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\th\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\sv\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\sv\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\sv\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\sv\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\sr\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\sr\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\sr\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\sr\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\sk\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\sk\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\sk\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\sk\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\ru\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\ru\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\ru\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\ru\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\ro\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\ro\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\ro\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\ro\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\pt-br\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\pt-br\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\pt-br\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\pt-br\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\pt\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\pt\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\pt\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\pt\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\pl\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\pl\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\pl\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\pl\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\nl\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\nl\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\nl\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\nl\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\nb\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\nb\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\nb\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\nb\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\ms\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\ms\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\ms\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\ms\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\ko\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\ko\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\ko\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\ko\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\ja\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\ja\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\ja\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\ja\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\it\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\it\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\it\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\it\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\id\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\id\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\id\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\id\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\hu\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\hu\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\hu\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\hu\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\hi\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\hi\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\hi\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\hi\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\fr\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\fr\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\fr\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\fr\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\fi\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\fi\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\fi\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\fi\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\es-es\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\es-es\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\es-es\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\es-es\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\es\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\es\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\es\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\es\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\en\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\en\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\en\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\en\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\el\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\el\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\el\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\el\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\de\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\de\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\de\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\de\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\da\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\da\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\da\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\da\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\cs\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\cs\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\cs\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\cs\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\af\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\af\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\af\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\modules\locale\af\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\locale\en-US\global.dtd->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\locale\en-US\global.dtd.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\locale\en-US\global.properties->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\locale\en-US\global.properties.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\components\avg-dnt-policy.js->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\components\avg-dnt-policy.js.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\components\toolbarhomeApi.js->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\components\toolbarhomeApi.js.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\components\xpcomApi.js->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\components\xpcomApi.js.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\chrome\avg.jar->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\Avg@toolbar\chrome\avg.jar.vir
C:\Windows\System32\roboot64.exe->C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\searchplugins\avg-secure-search.xml->C:\AdwCleaner\Quarantine\C\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\searchplugins\avg-secure-search.xml.vir
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml.vir



#5 Mysterial

Mysterial
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:08 AM

Posted 09 May 2015 - 03:39 AM

mbar

 

mbar-log-2015-05-08 (13-11-58)

Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.05.08.01
  rootkit: v2015.04.21.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17728
Mysterial :: MYSTERIAL-PC [administrator]

8/5/2015 1:11:58 PM
mbar-log-2015-05-08 (13-11-58).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 863848
Time elapsed: 3 hour(s), 9 minute(s), 31 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 56
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVASTSVC.EXE (Security.Hijack) -> Delete on reboot. [cc6593fe4941bd79351f2e6deb1931cf]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVCENTER.EXE (Security.Hijack) -> Delete on reboot. [28098d0477134ee873e5d0cb36ce827e]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVCONFIG.EXE (Security.Hijack) -> Delete on reboot. [4ae7870ac4c64de9ff5c306b0400926e]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVGNT.EXE (Security.Hijack) -> Delete on reboot. [71c0b5dca9e12313393ddfbcb74d50b0]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVGUARD.EXE (Security.Hijack) -> Delete on reboot. [6dc45c352664142298e9e9b257ad27d9]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVP.EXE (Security.Hijack) -> Delete on reboot. [cf624d445c2e53e3dec67c1f4eb6847c]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVSCAN.EXE (Security.Hijack) -> Delete on reboot. [62cf92ffbecccc6a8b27dcbf0cf806fa]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BLINDMAN.EXE (Security.Hijack) -> Delete on reboot. [3001721f1971b680a47d21dfc2427789]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CCUAC.EXE (Security.Hijack) -> Delete on reboot. [5cd5771ad0ba0a2ce1dc350c63a2ac54]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\COMBOFIX.EXE (Security.Hijack) -> Delete on reboot. [ce63bbd62a60e155cd907527b64ee31d]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\HIJACKTHIS.EXE (Security.Hijack) -> Delete on reboot. [d25f276aa6e446f05bf43865887c4fb1]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\KEYSCRAMBLER.EXE (Security.Hijack) -> Delete on reboot. [fe33147d375364d2f1cb46fb4bba5ca4]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MBAM.EXE (Security.Hijack) -> Delete on reboot. [dc55e8a9e9a1f0469d8d9c02ff05ab55]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MBAMGUI.EXE (Security.Hijack) -> Delete on reboot. [d75a127f3f4bb87eb2d3c8801fe53cc4]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MBAMPT.EXE (Security.Hijack) -> Delete on reboot. [3001910007833105b76d103b5fa625db]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MBAMSCHEDULER.EXE (Security.Hijack) -> Delete on reboot. [a38e335ea5e5ad89d67560bff41059a7]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MBAMSERVICE.EXE (Security.Hijack) -> Delete on reboot. [c46d028fdcae261042e9346aff05758b]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MPCMDRUN.EXE (Security.Hijack) -> Delete on reboot. [b47d4f42cebcf2440d5ab4ea06fe9b65]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSASCUI.EXE (Security.Hijack) -> Delete on reboot. [5bd6444d6a20112507726e30dc2802fe]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSMPENG.EXE (Security.Hijack) -> Delete on reboot. [1120dcb56129fa3c4d3f96088381936d]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSSECES.EXE (Security.Hijack) -> Delete on reboot. [86abc0d1dcae80b6068c277708fc6d93]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RSTRUI.EXE (Security.Hijack) -> Delete on reboot. [cc652f62d4b6270f80962c7453b1e917]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SDFILES.EXE (Security.Hijack) -> Delete on reboot. [9a975041ec9ebb7b527e1bf14fb5c63a]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SDMAIN.EXE (Security.Hijack) -> Delete on reboot. [a98831601377fc3a5a77e527e123b64a]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SDWINSEC.EXE (Security.Hijack) -> Delete on reboot. [1819771a91f93501d10163a903012cd4]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SPYBOTSD.EXE (Security.Hijack) -> Delete on reboot. [fd343c555a30ba7ce4f0f32c33d244bc]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WIRESHARK.EXE (Security.Hijack) -> Delete on reboot. [d25f97fa692183b3497549f8a75e9e62]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ZLCLIENT.EXE (Security.Hijack) -> Delete on reboot. [8fa2bed3c9c12511d90e722f36ce46ba]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVASTSVC.EXE (Security.Hijack) -> Delete on reboot. [ca67127f038736001a3af9a24abacb35]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVCENTER.EXE (Security.Hijack) -> Delete on reboot. [88a9eaa73f4b2f071444712a41c3a65a]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVCONFIG.EXE (Security.Hijack) -> Delete on reboot. [4be6167b0b7f6bcb1f3c1b80b45016ea]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVGNT.EXE (Security.Hijack) -> Delete on reboot. [8fa295fc0f7b2d093c3a594210f40df3]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVGUARD.EXE (Security.Hijack) -> Delete on reboot. [171a266bb5d5c472f889801bfa0a4eb2]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVP.EXE (Security.Hijack) -> Delete on reboot. [9b96474ac5c5fd39366edfbc61a34ab6]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVSCAN.EXE (Security.Hijack) -> Delete on reboot. [f63ba6eba8e27fb729898c0f996b17e9]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BLINDMAN.EXE (Security.Hijack) -> Delete on reboot. [5cd5a8e9cebc9a9c32ef27d9f212c13f]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CCUAC.EXE (Security.Hijack) -> Delete on reboot. [ad846a272862cb6b17a6b58c72938080]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\COMBOFIX.EXE (Security.Hijack) -> Delete on reboot. [2f025f32b3d7d0663b223b61c044b14f]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\HIJACKTHIS.EXE (Security.Hijack) -> Delete on reboot. [0f22d2bfdbafd75fa7a8dfbe33d14bb5]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\KEYSCRAMBLER.EXE (Security.Hijack) -> Delete on reboot. [1c15cfc23d4dc3734d6f67da877e926e]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MBAM.EXE (Security.Hijack) -> Delete on reboot. [939e93fe6d1d8fa7f832bfdf56aea35d]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MBAMGUI.EXE (Security.Hijack) -> Delete on reboot. [9b96355cb2d81620a6df77d1d430b848]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MBAMPT.EXE (Security.Hijack) -> Delete on reboot. [7cb500911d6d4cea55cf262502038b75]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MBAMSCHEDULER.EXE (Security.Hijack) -> Delete on reboot. [4be699f8226879bd2922041b53b19b65]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MBAMSERVICE.EXE (Security.Hijack) -> Delete on reboot. [a28fd5bc751572c41a114d5138cc0000]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MPCMDRUN.EXE (Security.Hijack) -> Delete on reboot. [35fc5e33b9d16dc93b2c26781aea53ad]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSASCUI.EXE (Security.Hijack) -> Delete on reboot. [d75ae0b123677fb738414e50b64e14ec]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSMPENG.EXE (Security.Hijack) -> Delete on reboot. [ad843e5382080a2c7d0faaf4937121df]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSSECES.EXE (Security.Hijack) -> Delete on reboot. [8fa2c5cc008a1a1cff937f1ff21205fb]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RSTRUI.EXE (Security.Hijack) -> Delete on reboot. [28090c85870395a1997d1090887c738d]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SDFILES.EXE (Security.Hijack) -> Delete on reboot. [3100b1e03b4f88ae656bcc408b79c040]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SDMAIN.EXE (Security.Hijack) -> Delete on reboot. [9b96c3ce1377bd79fcd52ce00afa6c94]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SDWINSEC.EXE (Security.Hijack) -> Delete on reboot. [0c250d84f298db5b2ca652ba70940df3]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SPYBOTSD.EXE (Security.Hijack) -> Delete on reboot. [75bc11802c5efd39dff5cf509e673fc1]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WIRESHARK.EXE (Security.Hijack) -> Delete on reboot. [072a2b66c5c5af87942a55eca65fc33d]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ZLCLIENT.EXE (Security.Hijack) -> Delete on reboot. [6ac7e1b08ffb49ed7176fca5af55758b]

Registry Values Detected: 66
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVASTSVC.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [cc6593fe4941bd79351f2e6deb1931cf]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVASTUI.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [5dd4fa9784069c9a4c0ac5d6fc087987]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVCENTER.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [28098d0477134ee873e5d0cb36ce827e]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVCONFIG.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [4ae7870ac4c64de9ff5c306b0400926e]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVGNT.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [71c0b5dca9e12313393ddfbcb74d50b0]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVGUARD.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [6dc45c352664142298e9e9b257ad27d9]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVP.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [cf624d445c2e53e3dec67c1f4eb6847c]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVSCAN.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [62cf92ffbecccc6a8b27dcbf0cf806fa]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BDAGENT.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [1f12009191f9072f17c30b904fb5b947]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BLINDMAN.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [3001721f1971b680a47d21dfc2427789]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CCUAC.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [5cd5771ad0ba0a2ce1dc350c63a2ac54]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\COMBOFIX.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [ce63bbd62a60e155cd907527b64ee31d]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\EGUI.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [fe33bdd44e3c3501c5f61a825ea6956b]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\HIJACKTHIS.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [d25f276aa6e446f05bf43865887c4fb1]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\INSTUP.EXE|Debugger (Hijack.Security) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [929fbfd2a0eadb5b53ce1bfedf2547b9]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\KEYSCRAMBLER.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [fe33147d375364d2f1cb46fb4bba5ca4]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MBAM.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [dc55e8a9e9a1f0469d8d9c02ff05ab55]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MBAMGUI.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [d75a127f3f4bb87eb2d3c8801fe53cc4]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MBAMPT.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [3001910007833105b76d103b5fa625db]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MBAMSCHEDULER.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [a38e335ea5e5ad89d67560bff41059a7]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MBAMSERVICE.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [c46d028fdcae261042e9346aff05758b]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MPCMDRUN.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [b47d4f42cebcf2440d5ab4ea06fe9b65]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSASCUI.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [5bd6444d6a20112507726e30dc2802fe]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSMPENG.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [1120dcb56129fa3c4d3f96088381936d]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSSECES.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [86abc0d1dcae80b6068c277708fc6d93]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RSTRUI.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [cc652f62d4b6270f80962c7453b1e917]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SDFILES.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [9a975041ec9ebb7b527e1bf14fb5c63a]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SDMAIN.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [a98831601377fc3a5a77e527e123b64a]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SDWINSEC.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [1819771a91f93501d10163a903012cd4]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SPYBOTSD.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [fd343c555a30ba7ce4f0f32c33d244bc]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WIRESHARK.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [d25f97fa692183b3497549f8a75e9e62]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ZLCLIENT.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [8fa2bed3c9c12511d90e722f36ce46ba]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVASTSVC.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [ca67127f038736001a3af9a24abacb35]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVASTUI.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [ab86d9b83e4c3cfa8bcb0794c73de818]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVCENTER.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [88a9eaa73f4b2f071444712a41c3a65a]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVCONFIG.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [4be6167b0b7f6bcb1f3c1b80b45016ea]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVGNT.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [8fa295fc0f7b2d093c3a594210f40df3]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVGUARD.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [171a266bb5d5c472f889801bfa0a4eb2]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVP.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [9b96474ac5c5fd39366edfbc61a34ab6]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVSCAN.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [f63ba6eba8e27fb729898c0f996b17e9]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BDAGENT.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [57dad3bee9a174c29743673439cbc13f]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BLINDMAN.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [5cd5a8e9cebc9a9c32ef27d9f212c13f]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CCUAC.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [ad846a272862cb6b17a6b58c72938080]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\COMBOFIX.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [2f025f32b3d7d0663b223b61c044b14f]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\EGUI.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [48e997fa6b1f16208e2d8c10c24259a7]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\HIJACKTHIS.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [0f22d2bfdbafd75fa7a8dfbe33d14bb5]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\INSTUP.EXE|Debugger (Hijack.Security) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [86ab672a1b6f072f42df06132cd845bb]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\KEYSCRAMBLER.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [1c15cfc23d4dc3734d6f67da877e926e]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MBAM.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [939e93fe6d1d8fa7f832bfdf56aea35d]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MBAMGUI.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [9b96355cb2d81620a6df77d1d430b848]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MBAMPT.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [7cb500911d6d4cea55cf262502038b75]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MBAMSCHEDULER.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [4be699f8226879bd2922041b53b19b65]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MBAMSERVICE.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [a28fd5bc751572c41a114d5138cc0000]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MPCMDRUN.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [35fc5e33b9d16dc93b2c26781aea53ad]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSASCUI.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [d75ae0b123677fb738414e50b64e14ec]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSMPENG.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [ad843e5382080a2c7d0faaf4937121df]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSSECES.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [8fa2c5cc008a1a1cff937f1ff21205fb]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RSTRUI.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [28090c85870395a1997d1090887c738d]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SDFILES.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [3100b1e03b4f88ae656bcc408b79c040]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SDMAIN.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [9b96c3ce1377bd79fcd52ce00afa6c94]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SDWINSEC.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [0c250d84f298db5b2ca652ba70940df3]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SPYBOTSD.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [75bc11802c5efd39dff5cf509e673fc1]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WIRESHARK.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [072a2b66c5c5af87942a55eca65fc33d]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ZLCLIENT.EXE|Debugger (Security.Hijack) -> Data: C:\ProgramData\760617\helper.exe -> Delete on reboot. [6ac7e1b08ffb49ed7176fca5af55758b]
HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|Computer Helper (Trojan.Agent.E) -> Data: "C:\ProgramData\760617\helper.exe" -> Delete on reboot. [be737d140b7fba7c55b8e086877eb947]
HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|shell (Hijack.Shell) -> Data: explorer.exe,"C:\ProgramData\760617\helper.exe" -> Delete on reboot. [f8398b060c7e4de9c344095dde272fd1]

Registry Data Items Detected: 1
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit (Hijack.UserInit) -> Bad: (userinit.exe,"C:\Windows\system32\clientsvr.exe") Good: (userinit.exe) -> Replace on reboot. [9c95dab72a60a096281bc35450b68d73]

Folders Detected: 0
(No malicious items detected)

Files Detected: 13
C:\$Recycle.Bin\S-1-5-21-2102144433-2307754193-2593861232-1001\$RCNQFOU.tmp\KMService.exe (RiskWare.Tool.CK) -> No action taken. [5bd6236e96f4c76fa0f624869c662cd4]
C:\Users\Daddy\AppData\Roaming\data.dat (Stolen.Data) -> Delete on reboot. [0d24fc9555354beb218acb8243c101ff]
C:\Users\Mysterial\AppData\Roaming\data.dat (Stolen.Data) -> Delete on reboot. [50e158396c1ef3435b505cf105ffa35d]
C:\Users\Mysterial\AppData\Local\Temp\phatk121016.cl (Trojan.BitcoinMiner) -> Delete on reboot. [79b81e732d5d2610c9f99c9514f105fb]
C:\Windows\Temp\phatk121016.cl (Trojan.BitcoinMiner) -> Delete on reboot. [1e139af7503a56e01aa8979a6f96ea16]
C:\Users\Mysterial\AppData\Local\Temp\scrypt130511.cl (Trojan.BitcoinMiner) -> Delete on reboot. [34fd177acac00234744f2b06b05517e9]
C:\Windows\Temp\scrypt130511.cl (Trojan.BitcoinMiner) -> Delete on reboot. [3af7f39ec0ca6fc7f7cc9f929c69639d]
C:\Users\Mysterial\AppData\Local\Temp\diablo130302.cl (Trojan.BitcoinMiner) -> Delete on reboot. [929f2f62fb8fda5ceada121fe421a35d]
C:\Windows\Temp\diablo130302.cl (Trojan.BitcoinMiner) -> Delete on reboot. [0b269ff2afdbc571daead55c5ca946ba]
C:\Users\Mysterial\AppData\Local\Temp\poclbm130302.cl (Trojan.BitcoinMiner) -> Delete on reboot. [ca67e1b09befd066745153ded233b947]
C:\Windows\Temp\poclbm130302.cl (Trojan.BitcoinMiner) -> Delete on reboot. [1d14048d800a072f08bd4ce59d68f010]
C:\Users\Mysterial\AppData\Local\Temp\diakgcn121016.cl (Trojan.BitcoinMiner) -> Delete on reboot. [121f49488cfe57df8c3ad8591fe65da3]
C:\Windows\Temp\diakgcn121016.cl (Trojan.BitcoinMiner) -> Delete on reboot. [0a27c2cf8efc68cefec8bd742cd9e719]

Physical Sectors Detected: 0
(No malicious items detected)

(end)

mbar-log-2015-05-08 (18-16-04)

Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.05.08.03
  rootkit: v2015.04.21.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17728
Mysterial :: MYSTERIAL-PC [administrator]

8/5/2015 6:16:04 PM
mbar-log-2015-05-08 (18-16-04).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 899687
Time elapsed: 3 hour(s), 3 minute(s), 17 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

 

ComboFix

 

ComboFix 15-05-07.01 - Mysterial 08/05/2015  17:01:19.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.65.1033.18.7968.4722 [GMT 8:00]
Running from: c:\users\Mysterial\Desktop\ComboFix.exe
AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\bb1fae635d6224b1c3f0262dad23ac6903f41227
c:\users\Mysterial\AppData\Roaming\Windir
c:\users\Mysterial\AppData\Roaming\windows
c:\users\Mysterial\AppData\Roaming\windows\Word\wtoldata1.bin
c:\windows\msdownld.tmp
.
.
(((((((((((((((((((((((((   Files Created from 2015-04-08 to 2015-05-08  )))))))))))))))))))))))))))))))
.
.
2015-05-08 09:24 . 2015-05-08 09:24    --------    d-----w-    c:\users\Lynn(110)\AppData\Local\temp
2015-05-08 09:24 . 2015-05-08 09:24    --------    d-----w-    c:\users\Guest.Mysterial-PC\AppData\Local\temp
2015-05-08 09:24 . 2015-05-08 09:24    --------    d-----w-    c:\users\Guest with network\AppData\Local\temp
2015-05-08 09:24 . 2015-05-08 09:24    --------    d-----w-    c:\users\Default\AppData\Local\temp
2015-05-08 05:11 . 2015-05-08 08:49    --------    d-----w-    c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-05-08 05:11 . 2015-05-08 08:47    136408    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-08 05:10 . 2015-05-08 08:46    107736    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2015-05-08 04:22 . 2015-05-08 04:22    --------    d-----w-    c:\programdata\AVAST Software
2015-05-08 03:09 . 2015-05-08 03:09    --------    d-----w-    c:\program files (x86)\Malwarebytes Anti-Malware
2015-05-08 02:41 . 2015-05-08 02:41    --------    d-----w-    c:\users\Mysterial\AppData\Local\Hola
2015-05-08 02:07 . 2015-05-08 02:16    --------    d-----w-    C:\AdwCleaner
2015-05-08 02:02 . 2015-05-08 05:11    --------    d-----w-    c:\programdata\Malwarebytes
2015-05-07 17:37 . 2015-05-08 04:30    --------    d-sh--w-    c:\programdata\760617
2015-05-07 17:37 . 2015-05-07 17:37    --------    d-sh--w-    c:\programdata\760717
2015-05-07 17:37 . 2015-05-07 17:37    816640    --sha-r-    c:\windows\SysWow64\clientsvr.exe
2015-05-07 16:44 . 2015-05-07 17:31    --------    d-----w-    c:\users\Mysterial\AppData\Roaming\88B060F8-59D3-4207-85D0-DB8F6B462296
2015-05-07 16:41 . 2015-05-08 10:35    --------    d-----w-    c:\program files\PhotomatixPro5
2015-05-07 16:41 . 2015-05-07 16:41    --------    d-----w-    c:\users\Mysterial\AppData\Roaming\HDRsoft
2015-05-04 22:09 . 2015-05-04 22:09    --------    d-----w-    c:\users\Mysterial\AppData\Local\openvr
2015-04-19 11:24 . 2015-04-19 11:24    --------    d-----w-    c:\program files (x86)\iTunes
2015-04-19 11:24 . 2015-04-19 11:24    --------    d-----w-    c:\program files\iPod
2015-04-19 11:24 . 2015-04-19 11:25    --------    d-----w-    c:\programdata\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-04-19 11:24 . 2015-04-19 11:25    --------    d-----w-    c:\program files\iTunes
2015-04-19 11:12 . 2015-03-23 03:24    957952    ----a-w-    c:\windows\system32\appraiser.dll
2015-04-19 11:12 . 2015-03-23 03:24    30720    ----a-w-    c:\windows\system32\acmigration.dll
2015-04-19 11:12 . 2015-03-23 03:25    726528    ----a-w-    c:\windows\system32\generaltel.dll
2015-04-19 11:12 . 2015-03-23 03:25    769536    ----a-w-    c:\windows\system32\invagent.dll
2015-04-19 11:12 . 2015-03-23 03:24    419840    ----a-w-    c:\windows\system32\devinv.dll
2015-04-19 11:12 . 2015-03-23 03:17    1111552    ----a-w-    c:\windows\system32\aeinv.dll
2015-04-19 11:12 . 2015-03-23 03:24    227328    ----a-w-    c:\windows\system32\aepdu.dll
2015-04-19 11:12 . 2015-03-23 03:24    192000    ----a-w-    c:\windows\system32\aepic.dll
2015-04-17 15:57 . 2015-04-17 15:57    --------    d-----w-    c:\users\Mysterial\AppData\Local\Macroplant_LLC
2015-04-17 15:55 . 2015-04-17 16:11    --------    d-----w-    c:\program files (x86)\iExplorer
2015-04-17 12:51 . 2015-03-05 05:12    404480    ----a-w-    c:\windows\system32\gdi32.dll
2015-04-17 12:51 . 2015-03-05 04:05    311808    ----a-w-    c:\windows\SysWow64\gdi32.dll
2015-04-17 12:51 . 2015-03-10 03:25    1882624    ----a-w-    c:\windows\system32\msxml3.dll
2015-04-17 12:51 . 2015-03-10 03:21    2048    ----a-w-    c:\windows\system32\msxml3r.dll
2015-04-17 12:51 . 2015-03-10 03:08    1237504    ----a-w-    c:\windows\SysWow64\msxml3.dll
2015-04-17 12:51 . 2015-03-10 03:05    2048    ----a-w-    c:\windows\SysWow64\msxml3r.dll
2015-04-17 12:51 . 2015-02-25 03:18    754688    ----a-w-    c:\windows\system32\drivers\http.sys
2015-04-17 12:51 . 2015-03-04 04:55    367552    ----a-w-    c:\windows\system32\clfs.sys
2015-04-17 12:51 . 2015-03-04 04:41    79360    ----a-w-    c:\windows\system32\clfsw32.dll
2015-04-17 12:51 . 2015-03-04 04:10    58880    ----a-w-    c:\windows\SysWow64\clfsw32.dll
2015-04-15 05:06 . 2015-04-15 05:06    256992    ----a-w-    c:\windows\system32\drivers\avgldx64.sys
2015-04-09 22:39 . 2015-05-08 10:35    --------    d-s---w-    c:\windows\system32\GWX
2015-04-09 22:39 . 2015-04-09 22:39    --------    d-s---w-    c:\windows\SysWow64\GWX
2015-04-09 06:11 . 2015-04-09 06:11    284128    ----a-w-    c:\windows\system32\drivers\avgidsdrivera.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-08 08:42 . 2012-07-12 08:46    387    ----a-w-    c:\users\Mysterial\AppData\Roaming\sp_data.sys
2015-05-01 07:41 . 2012-12-23 05:57    128913832    ----a-w-    c:\windows\system32\MRT.exe
2015-04-07 04:39 . 2015-04-07 04:39    291296    ----a-w-    c:\windows\system32\drivers\avgtdia.sys
2015-04-03 01:34 . 2015-04-03 01:34    137184    ----a-w-    c:\windows\system32\drivers\avgmfx64.sys
2015-03-20 04:18 . 2015-03-20 04:18    40928    ----a-w-    c:\windows\system32\drivers\avgrkx64.sys
2015-03-17 04:56 . 2015-04-20 10:13    44032    ----a-w-    c:\windows\apppatch\acwow64.dll
2015-03-11 04:16 . 2015-03-11 04:16    162784    ----a-w-    c:\windows\system32\drivers\avgdiska.sys
2015-03-11 04:13 . 2015-03-11 04:13    344544    ----a-w-    c:\windows\system32\drivers\avgloga.sys
2015-03-11 04:13 . 2015-03-11 04:13    213984    ----a-w-    c:\windows\system32\drivers\avgidsha.sys
2015-03-05 10:34 . 2015-03-05 10:30    71344    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-05 10:34 . 2015-03-05 10:30    701616    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-26 03:25 . 2015-03-11 03:09    3204096    ----a-w-    c:\windows\system32\win32k.sys
2015-02-20 04:41 . 2015-03-11 03:12    41984    ----a-w-    c:\windows\system32\lpk.dll
2015-02-20 04:40 . 2015-03-11 03:12    100864    ----a-w-    c:\windows\system32\fontsub.dll
2015-02-20 04:40 . 2015-03-11 03:12    14336    ----a-w-    c:\windows\system32\dciman32.dll
2015-02-20 04:40 . 2015-03-11 03:12    46080    ----a-w-    c:\windows\system32\atmlib.dll
2015-02-20 04:13 . 2015-03-11 03:12    70656    ----a-w-    c:\windows\SysWow64\fontsub.dll
2015-02-20 04:13 . 2015-03-11 03:12    10240    ----a-w-    c:\windows\SysWow64\dciman32.dll
2015-02-20 04:13 . 2015-03-11 03:12    34304    ----a-w-    c:\windows\SysWow64\atmlib.dll
2015-02-20 04:12 . 2015-03-11 03:12    25600    ----a-w-    c:\windows\SysWow64\lpk.dll
2015-02-20 03:29 . 2015-03-11 03:12    372224    ----a-w-    c:\windows\system32\atmfd.dll
2015-02-20 03:09 . 2015-03-11 03:12    299008    ----a-w-    c:\windows\SysWow64\atmfd.dll
2015-02-17 22:26 . 2015-02-17 22:26    1217184    ----a-w-    c:\windows\SysWow64\FM20.DLL
2015-02-13 05:22 . 2015-03-11 03:10    14177280    ----a-w-    c:\windows\system32\shell32.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12    152544    ----a-w-    c:\users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12    152544    ----a-w-    c:\users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12    152544    ----a-w-    c:\users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
c:\users\Guest with network\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel® Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-30 204288]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe /start [2011-10-18 549040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 ADExchange;ArcSoft Exchange Service;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [x]
R2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe [x]
R2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe [x]
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 vToolbarUpdater3.2.0;vToolbarUpdater3.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys;c:\windows\SYSNATIVE\DRIVERS\wachidrouter.sys [x]
R3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 vidsflt61;Acronis Disk Storage Filter (61);c:\windows\system32\DRIVERS\vsflt61.sys;c:\windows\SYSNATIVE\DRIVERS\vsflt61.sys [x]
S1 ATKWMIACPIIO_;ATKWMIACPI Driver_;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 OS Selector;Acronis OS Selector activator;c:\program files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe;c:\program files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys;c:\windows\SYSNATIVE\DRIVERS\tmevtmgr.sys [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-04-30 06:16    988488    ----a-w-    c:\program files (x86)\Google\Chrome\Application\42.0.2311.135\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-05-08 c:\windows\Tasks\G2MUpdateTask-S-1-5-21-2102144433-2307754193-2593861232-1001.job
- c:\users\Mysterial\AppData\Local\Citrix\GoToMeeting\2553\g2mupdate.exe [2015-04-13 07:27]
.
2015-05-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-27 11:52]
.
2015-05-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-27 11:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-05-25 07:09    227840    ----a-w-    c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-05-25 07:09    227840    ----a-w-    c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12    185824    ----a-w-    c:\users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12    185824    ----a-w-    c:\users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12    185824    ----a-w-    c:\users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12    185824    ----a-w-    c:\users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-03 2277992]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-10-28 984224]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-10-28 800416]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-02-10 197152]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-13 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-13 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-13 441968]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-12-13 2531472]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-12-13 2824504]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-04-06 169768]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-09-19 557768]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: hola.org
TCP: DhcpNameServer = 137.132.0.254 137.132.0.252
TCP: Interfaces\{6DB33BBE-AEDD-4B11-BFC9-18E99A5114FE}: NameServer = 165.21.83.88,165.21.100.88
FF - ProfilePath - c:\users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - prefs.js: keyword.URL -
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
c:\users\Mysterial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DreamScene StartUp.lnk - (no file)
c:\users\Mysterial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - (no file)
c:\users\Mysterial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk - (no file)
c:\users\Mysterial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RescueTime.lnk - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
HKLM-Run-hola - c:\program files\Hola\app\hola.exe
AddRemove-Adobe Flash Player ActiveX - c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_ActiveX.exe
AddRemove-AVG Web TuneUp - c:\program files (x86)\AVG Web TuneUp\UNINSTALL.exe
AddRemove-Magicka_is1 - c:\program files\Steam\steamapps\common\magicka\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2015-05-08  17:44:55
ComboFix-quarantined-files.txt  2015-05-08 09:44
.
Pre-Run: 98,598,752,256 bytes free
Post-Run: 101,297,864,704 bytes free
.
- - End Of File - - 975627E8682261E9057F42E7404DAD1



#6 Mysterial

Mysterial
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:08 AM

Posted 09 May 2015 - 03:41 AM

mbam

 

mbam

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 9/5/2015
Scan Time: 12:09:12 AM
Logfile: mbam.txt
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.05.08.05
Rootkit Database: v2015.04.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Mysterial

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 898077
Time Elapsed: 2 hr, 10 min, 5 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 31
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\cache, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\cache\flashStamp, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\control, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\Media, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\Media\æ?å??ç??游æ?第ä¸?å­£, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\Media\è¯?欺游æ?~ç»?æ?ä¹?æ??-MP4, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\Seed, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\update, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\backup, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\cache, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\cache\Baiduflash, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\cache\Baiduflash\subflash, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\cache\Cacheflash, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\cache\flash, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\cache\flashNew, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\cache\flashStamp, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\cache\popwind, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\control, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\download, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\historyTorrent, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\ini, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\Media, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\Media\弱�-MP4, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\Media\æ?å??ç??游æ?第ä¸?å­£, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\Media\è?ç?¸è?å¦?浪漫å²ç¬¬ä¸?å­£, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\Media\è¯?欺游æ?~ç»?æ?ä¹?æ??-MP4, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\screensave, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\Seed, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\update, , [0332721f0585b284ff97d9c29a6912ee],

Files: 62
PUP.Keygen.Intro, C:\Users\Kenneth x86\Downloads\Yamicsoft.Vista.Manager.v1.5.6.Incl.Keymaker_CORE.rar, , [a98c504146444cea44cb426574912bd5],
PUP.Keygen.Intro, C:\Users\Mysterial\Downloads\Yamicsoft.Vista.Manager.v1.5.6.Incl.Keymaker_CORE.rar, , [b184a0f15c2e4cea4bc43e693cc9c23e],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\history.txt, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\cache\flashStamp\blank.gif, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\control\1309200835_18524595_1303208649_735.dat, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\control\1309200835_18524595_1303208649_735.fsp, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\control\1309200835_a270020bed68e28.json, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\control\1314541994_18277256_1303809166_468.dat, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\control\1314541994_18277256_1303809166_468.fsp, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\control\1319477645_24272712_1319017845_681.dat, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\control\1319477645_24272712_1319017845_681.fsp, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\control\1319477645_e57f0dcfc3624d0.json, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\control\1320663027_18277256_1293007051_785.dat, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\control\1320663027_18277256_1293007051_785.fsp, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\control\1322418844_20080446_1303712575_434.dat, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\control\1322418844_20080446_1303712575_434.fsp, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\Media\æ?å??ç??游æ?第ä¸?å­£\æ?å??ç??游æ?第ä¸?å­£-第1é??.rmvb.fc!, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\Media\æ?å??ç??游æ?第ä¸?å­£\æ?å??ç??游æ?第ä¸?å­£-第2é??.rmvb.fc!, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\Media\è¯?欺游æ?~ç»?æ?ä¹?æ??-MP4\è¯?欺游æ?~ç»?æ?ä¹?æ??C.mp4.fc!, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\Seed\18277256_1293007051_785.fsp, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\Seed\20080446_1303712575_434.fsp, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\Seed\a270020bed68e28.json, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\update\AdLinkParamFile.fax, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\update\ad_bsapi.json, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\update\ad_define.fai, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\update\ad_material.fax, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\update\flashnew.json, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\update\flashParam.txt, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\update\localad.fax, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\update\popwind.json, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\update\StampPolicy.txt, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\update\updatexmlfile.txt, , [31040b8676145cda7323dac11de612ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\history.txt, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\cache\flashStamp\blank.gif, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\control\1309200835_18524595_1303208649_735.dat, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\control\1309200835_18524595_1303208649_735.fsp, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\control\1309200835_a270020bed68e28.json, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\control\1314541994_18277256_1303809166_468.dat, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\control\1314541994_18277256_1303809166_468.fsp, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\control\1319477645_24272712_1319017845_681.dat, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\control\1319477645_24272712_1319017845_681.fsp, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\control\1319477645_e57f0dcfc3624d0.json, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\control\1320663027_18277256_1293007051_785.dat, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\control\1320663027_18277256_1293007051_785.fsp, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\control\1322418844_20080446_1303712575_434.dat, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\control\1322418844_20080446_1303712575_434.fsp, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\Media\æ?å??ç??游æ?第ä¸?å­£\æ?å??ç??游æ?第ä¸?å­£-第1é??.rmvb.fc!, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\Media\æ?å??ç??游æ?第ä¸?å­£\æ?å??ç??游æ?第ä¸?å­£-第2é??.rmvb.fc!, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\Media\è¯?欺游æ?~ç»?æ?ä¹?æ??-MP4\è¯?欺游æ?~ç»?æ?ä¹?æ??C.mp4.fc!, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\Seed\18277256_1293007051_785.fsp, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\Seed\20080446_1303712575_434.fsp, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\Seed\a270020bed68e28.json, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\update\AdLinkParamFile.fax, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\update\ad_bsapi.json, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\update\ad_define.fai, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\update\ad_material.fax, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\update\flashnew.json, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\update\flashParam.txt, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\update\localad.fax, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\update\popwind.json, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\update\StampPolicy.txt, , [0332721f0585b284ff97d9c29a6912ee],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\update\updatexmlfile.txt, , [0332721f0585b284ff97d9c29a6912ee],

Physical Sectors: 0
(No malicious items detected)


(end)

 

mbam_2

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 9/5/2015
Scan Time: 6:19:21 AM
Logfile: mbam_2.txt
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.05.08.09
Rootkit Database: v2015.04.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Mysterial

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 899187
Time Elapsed: 6 hr, 13 min, 18 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 31
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\cache, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\cache\flashStamp, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\control, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\Media, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\Media\æ?å??ç??游æ?第ä¸?å­£, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\Media\è¯?欺游æ?~ç»?æ?ä¹?æ??-MP4, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\Seed, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\update, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\backup, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\cache, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\cache\Baiduflash, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\cache\Baiduflash\subflash, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\cache\Cacheflash, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\cache\flash, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\cache\flashNew, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\cache\flashStamp, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\cache\popwind, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\control, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\download, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\historyTorrent, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\ini, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\Media, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\Media\弱�-MP4, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\Media\æ?å??ç??游æ?第ä¸?å­£, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\Media\è?ç?¸è?å¦?浪漫å²ç¬¬ä¸?å­£, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\Media\è¯?欺游æ?~ç»?æ?ä¹?æ??-MP4, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\screensave, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\Seed, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\update, , [f7423d545832a98dfde92675d3308b75],

Files: 62
PUP.Keygen.Intro, C:\Users\Kenneth x86\Downloads\Yamicsoft.Vista.Manager.v1.5.6.Incl.Keymaker_CORE.rar, , [89b018793d4dc6703d3192156c99837d],
PUP.Keygen.Intro, C:\Users\Mysterial\Downloads\Yamicsoft.Vista.Manager.v1.5.6.Incl.Keymaker_CORE.rar, , [b881cec3395170c6c8a6dccbcd38ab55],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\history.txt, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\cache\flashStamp\blank.gif, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\control\1309200835_18524595_1303208649_735.dat, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\control\1309200835_18524595_1303208649_735.fsp, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\control\1309200835_a270020bed68e28.json, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\control\1314541994_18277256_1303809166_468.dat, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\control\1314541994_18277256_1303809166_468.fsp, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\control\1319477645_24272712_1319017845_681.dat, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\control\1319477645_24272712_1319017845_681.fsp, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\control\1319477645_e57f0dcfc3624d0.json, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\control\1320663027_18277256_1293007051_785.dat, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\control\1320663027_18277256_1293007051_785.fsp, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\control\1322418844_20080446_1303712575_434.dat, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\control\1322418844_20080446_1303712575_434.fsp, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\Media\æ?å??ç??游æ?第ä¸?å­£\æ?å??ç??游æ?第ä¸?å­£-第1é??.rmvb.fc!, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\Media\æ?å??ç??游æ?第ä¸?å­£\æ?å??ç??游æ?第ä¸?å­£-第2é??.rmvb.fc!, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\Media\è¯?欺游æ?~ç»?æ?ä¹?æ??-MP4\è¯?欺游æ?~ç»?æ?ä¹?æ??C.mp4.fc!, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\Seed\18277256_1293007051_785.fsp, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\Seed\20080446_1303712575_434.fsp, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\Seed\a270020bed68e28.json, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\update\AdLinkParamFile.fax, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\update\ad_bsapi.json, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\update\ad_define.fai, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\update\ad_material.fax, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\update\flashnew.json, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\update\flashParam.txt, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\update\localad.fax, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\update\popwind.json, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\update\StampPolicy.txt, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Kenneth x86\funshion\update\updatexmlfile.txt, , [7ebba8e93f4b8da98264c6d5798abe42],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\history.txt, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\cache\flashStamp\blank.gif, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\control\1309200835_18524595_1303208649_735.dat, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\control\1309200835_18524595_1303208649_735.fsp, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\control\1309200835_a270020bed68e28.json, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\control\1314541994_18277256_1303809166_468.dat, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\control\1314541994_18277256_1303809166_468.fsp, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\control\1319477645_24272712_1319017845_681.dat, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\control\1319477645_24272712_1319017845_681.fsp, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\control\1319477645_e57f0dcfc3624d0.json, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\control\1320663027_18277256_1293007051_785.dat, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\control\1320663027_18277256_1293007051_785.fsp, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\control\1322418844_20080446_1303712575_434.dat, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\control\1322418844_20080446_1303712575_434.fsp, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\Media\æ?å??ç??游æ?第ä¸?å­£\æ?å??ç??游æ?第ä¸?å­£-第1é??.rmvb.fc!, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\Media\æ?å??ç??游æ?第ä¸?å­£\æ?å??ç??游æ?第ä¸?å­£-第2é??.rmvb.fc!, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\Media\è¯?欺游æ?~ç»?æ?ä¹?æ??-MP4\è¯?欺游æ?~ç»?æ?ä¹?æ??C.mp4.fc!, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\Seed\18277256_1293007051_785.fsp, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\Seed\20080446_1303712575_434.fsp, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\Seed\a270020bed68e28.json, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\update\AdLinkParamFile.fax, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\update\ad_bsapi.json, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\update\ad_define.fai, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\update\ad_material.fax, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\update\flashnew.json, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\update\flashParam.txt, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\update\localad.fax, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\update\popwind.json, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\update\StampPolicy.txt, , [f7423d545832a98dfde92675d3308b75],
PUP.Optional.Funshion, C:\Users\Mysterial\funshion\update\updatexmlfile.txt, , [f7423d545832a98dfde92675d3308b75],

Physical Sectors: 0
(No malicious items detected)


(end)

 

AVG

Resident Shield Results
"Threat Name";"Status";"Detection Time";"Object Type";"Process"

"Trojan horse MSIL7.CJYR, c:\Windows\SysWOW64\clientsvr.exe";"Secured";"9/5/2015, 5:42:07 AM";"File or Directory";"c:\Users\Mysterial\Desktop\FRST64.exe"



#7 Mysterial

Mysterial
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:08 AM

Posted 09 May 2015 - 03:44 AM

FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2015 01
Ran by Mysterial (administrator) on MYSTERIAL-PC on 09-05-2015 06:20:52
Running from C:\Users\Mysterial\Desktop
Loaded Profiles: Mysterial &  (Available profiles: Mysterial & Guest with network & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
() C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Dropbox, Inc.) C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hola Networks Ltd.) C:\Users\Mysterial\AppData\Local\Hola\firefox\app\hola_plugin.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-07-21] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-03] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [984224 2011-10-29] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2011-10-29] (Atheros Commnucations)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [197152 2011-02-10] (Trend Micro Inc.)
HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe --silent
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745232 2015-04-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\RunOnce: [AvgRemover] => C:\AVG_Remover\utils\remover.exe [3681088 2015-05-09] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2102144433-2307754193-2593861232-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-06] (Acresso Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2014-11-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2014-11-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2011-10-18]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
Startup: C:\Users\Guest with network\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk [2013-11-21]
ShortcutTarget: Intel® Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\Users\Mysterial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-08]
ShortcutTarget: Dropbox.lnk -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2102144433-2307754193-2593861232-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
HKU\S-1-5-21-2102144433-2307754193-2593861232-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg.dll [2010-07-21] (Trend Micro Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-15] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe64.dll [2011-03-25] (Trend Micro Inc.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll [2010-07-21] (Trend Micro Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-10-29] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-12-10] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-15] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll [2011-03-25] (Trend Micro Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-12-10] (Adobe Systems Incorporated)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-12-10] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKU\S-1-5-21-2102144433-2307754193-2593861232-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-15] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-15] (Microsoft Corporation)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe64.dll [2011-03-25] (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll [2011-03-25] (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg.dll [2010-07-21] (Trend Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll [2010-07-21] (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{6DB33BBE-AEDD-4B11-BFC9-18E99A5114FE}: [NameServer] 165.21.83.88,165.21.100.88

FireFox:
========
FF ProfilePath: C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default
FF DefaultSearchEngine.US: Google
FF Homepage: https://www.google.com/
FF Keyword.URL:
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-05] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-05] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-08] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-11-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-11-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\9.0.0.3824406\npmathplugin.dll [2012-11-19] (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: Sony Corporation/PMCADownloader -> C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\npPMCADownloader.dll [2012-10-18] (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderHelper -> C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\PMCADownloaderHelper.exe [2012-10-18] (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderLib -> C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\PMCADownloaderLib.dll [2012-10-18] (Sony Network Entertainment International LLC)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-24] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-2102144433-2307754193-2593861232-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Mysterial\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-07-30] (Citrix Online)
FF Plugin HKU\S-1-5-21-2102144433-2307754193-2593861232-1001: @hola.org/vlc,version=1.7.712 -> C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc [2015-05-08] ()
FF Plugin HKU\S-1-5-21-2102144433-2307754193-2593861232-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mysterial\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-12-08] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2102144433-2307754193-2593861232-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @citrixonline.com/appdetectorplugin -> C:\Users\Mysterial\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-07-30] (Citrix Online)
FF Plugin HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @hola.org/vlc,version=1.7.712 -> C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc [2015-05-08] ()
FF Plugin HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mysterial\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-12-08] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Mysterial\AppData\Roaming\mozilla\plugins\npatgpc.dll [2013-09-09] (Cisco WebEx LLC)
FF SearchPlugin: C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\searchplugins\google-scholar.xml [2013-04-11]
FF SearchPlugin: C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\searchplugins\wiktionary-en.xml [2012-03-20]
FF SearchPlugin: C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\searchplugins\youtube-video-search.xml [2012-03-16]
FF Extension: British English Dictionary - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\en-GB@dictionaries.addons.mozilla.org [2012-03-20]
FF Extension: Hola Better Internet - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2015-04-24]
FF Extension: Zotero Word for Windows Integration - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\zoteroWinWordIntegration@zotero.org [2015-03-09]
FF Extension: Tumblr Post - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\{99210d54-6321-41e8-bd1b-2b4c55874efb} [2014-03-17]
FF Extension: YouTube Video and Audio Downloader - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2014-02-26]
FF Extension: YouTube ALL HTML5 - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\jid1-qj0w91o64N7Eeg@jetpack.xpi [2014-03-03]
FF Extension: RescueTime for Firefox - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\rescuetime_firefox@rescuetime.com.xpi [2014-12-03]
FF Extension: Tree Style Tab - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\treestyletab@piro.sakura.ne.jp.xpi [2015-05-08]
FF Extension: Zotero - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\zotero@chnm.gmu.edu.xpi [2013-04-09]
FF Extension: Adblock Plus - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-08-13]
FF Extension: Greasemonkey - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-10-04]
FF Extension: Sothink Web Video Downloader for Firefox - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}.xpi [2013-09-10]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-21]
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\firefoxextension
FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\firefoxextension [2012-03-28]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-03-27]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-05-10]
CHR Extension: (Google Search) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-05-10]
CHR Extension: (Hola Better Internet) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-02-14]
CHR Extension: (Bookmark Manager) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-01-28]
CHR Extension: (Don't Starve) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiledapehlkhdehbhppgmekfalnlfajc [2013-04-12]
CHR Extension: (Universe) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\igcicgpahfpikagbhofhehldknadneld [2014-11-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-07]
CHR Extension: (Skype Click to Call) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-07-17]
CHR Extension: (Go away MDA - Bypass MDA blocked sites) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\lledpflfnanamkogoclkgaggfdgoalok [2013-03-14]
CHR Extension: (Google Wallet) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR Extension: (Bastion) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohphhdkahjlioohbalmicpokoefkgid [2014-04-18]
CHR Extension: (Gmail) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-05-10]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-02-03] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2011-10-29] (Atheros Commnucations) [File not signed]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438032 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-15] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-15] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2139400 2010-05-25] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-26] (CACE Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2011-10-29] (Atheros) [File not signed]
S2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [X]
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 [X]
S2 vToolbarUpdater3.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [17536 2011-09-07] (ASUS)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [213984 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [344544 2015-03-11] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [137184 2015-04-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [291296 2015-04-07] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-09-01] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-27] (DT Soft Ltd)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-09] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-26] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [90704 2010-09-17] (Trend Micro Inc.)
R2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [144464 2010-09-17] (Trend Micro Inc.)
R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [67664 2010-09-17] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105552 2010-09-17] (Trend Micro Inc.)
R0 vidsflt61; C:\Windows\System32\DRIVERS\vsflt61.sys [142944 2012-03-16] (Acronis)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 WacHidRouter; system32\DRIVERS\wachidrouter.sys [X]
S3 wacomrouterfilter; system32\DRIVERS\wacomrouterfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-09 06:20 - 2015-05-09 06:22 - 00037847 _____ () C:\Users\Mysterial\Desktop\FRST.txt
2015-05-09 05:24 - 2015-05-09 05:24 - 00000000 ____D () C:\OETemp
2015-05-09 05:18 - 2015-05-09 05:18 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{BD6643BF-D020-404A-A522-454BF5831393}
2015-05-09 04:54 - 2015-05-09 04:54 - 00000000 ___RD () C:\Users\Mysterial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-05-09 04:00 - 2015-05-09 04:00 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\AVG2015
2015-05-09 03:59 - 2015-05-09 03:59 - 00000967 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-05-09 03:59 - 2015-05-09 03:59 - 00000967 _____ () C:\ProgramData\Desktop\AVG 2015.lnk
2015-05-09 03:59 - 2015-05-09 03:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-05-09 03:58 - 2015-05-09 03:59 - 00000000 ____D () C:\ProgramData\AVG2015
2015-05-09 03:58 - 2015-05-09 03:58 - 00000000 ___HD () C:\$AVG
2015-05-09 03:57 - 2015-05-09 03:57 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-05-09 03:48 - 2015-05-09 05:06 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\Avg2015
2015-05-09 03:48 - 2015-05-09 04:07 - 00000000 ____D () C:\ProgramData\MFAData
2015-05-09 03:48 - 2015-05-09 03:48 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\MFAData
2015-05-09 02:59 - 2015-05-09 03:30 - 00000181 _____ () C:\cleanup.bat
2015-05-09 02:55 - 2015-05-09 03:30 - 00000000 ____D () C:\AVG_BFEfix
2015-05-09 02:36 - 2015-05-09 03:30 - 00000000 ____D () C:\AVG_Remover
2015-05-09 02:35 - 2015-05-09 06:21 - 00000000 ____D () C:\FRST
2015-05-09 02:34 - 2015-05-09 02:34 - 02102272 _____ (Farbar) C:\Users\Mysterial\Desktop\FRST64.exe
2015-05-09 00:08 - 2015-05-09 00:08 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-09 00:08 - 2015-05-09 00:08 - 00001108 _____ () C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-09 00:08 - 2015-05-09 00:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-09 00:08 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-09 00:08 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-08 18:15 - 2015-05-09 06:19 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-08 18:15 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-08 16:57 - 2011-06-26 14:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-08 16:57 - 2010-11-08 01:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-08 16:57 - 2009-04-20 12:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-08 16:57 - 2000-08-31 08:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-08 16:57 - 2000-08-31 08:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-08 16:57 - 2000-08-31 08:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-08 16:57 - 2000-08-31 08:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-08 16:57 - 2000-08-31 08:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-08 16:51 - 2015-05-08 17:44 - 00000000 ____D () C:\Qoobox
2015-05-08 16:50 - 2015-05-08 17:42 - 00000000 ____D () C:\Windows\erdnt
2015-05-08 13:11 - 2015-05-08 22:59 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-08 13:09 - 2015-05-09 02:26 - 00000000 ____D () C:\Users\Mysterial\Desktop\mbar
2015-05-08 12:22 - 2015-05-08 12:22 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-05-08 11:09 - 2015-05-09 00:08 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-08 10:41 - 2015-05-08 10:41 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\Hola
2015-05-08 10:07 - 2015-05-08 10:16 - 00000000 ____D () C:\AdwCleaner
2015-05-08 10:02 - 2015-05-08 18:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-08 01:37 - 2015-05-08 12:30 - 00000000 __SHD () C:\ProgramData\760617
2015-05-08 01:37 - 2015-05-08 01:37 - 00000000 __SHD () C:\ProgramData\760717
2015-05-08 01:28 - 2015-05-08 01:28 - 00003058 _____ () C:\Windows\System32\Tasks\{9F94ED28-4D50-4E0D-B79C-34A4A0EE3EA1}
2015-05-08 00:44 - 2015-05-08 18:35 - 00000000 ____D () C:\Windows\System32\Tasks\Update
2015-05-08 00:44 - 2015-05-08 01:32 - 00002798 _____ () C:\Windows\System32\Tasks\NAT Host
2015-05-08 00:44 - 2015-05-08 01:31 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\88B060F8-59D3-4207-85D0-DB8F6B462296
2015-05-08 00:41 - 2015-05-08 18:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photomatix Pro 5.0
2015-05-08 00:41 - 2015-05-08 18:35 - 00000000 ____D () C:\Program Files\PhotomatixPro5
2015-05-08 00:41 - 2015-05-08 00:41 - 00001783 _____ () C:\Users\Mysterial\Desktop\Photomatix Pro 5.0.5a (64-bit).lnk
2015-05-08 00:41 - 2015-05-08 00:41 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\HDRsoft
2015-05-08 00:08 - 2015-05-08 00:08 - 00000986 _____ () C:\Users\Mysterial\Desktop\Adobe Lightroom.lnk
2015-05-08 00:08 - 2015-05-08 00:08 - 00000986 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2015-05-07 23:55 - 2015-05-07 23:55 - 00001536 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2015-05-07 23:55 - 2015-05-07 23:55 - 00001524 _____ () C:\Users\Public\Desktop\Adobe Application Manager.lnk
2015-05-07 23:55 - 2015-05-07 23:55 - 00001524 _____ () C:\ProgramData\Desktop\Adobe Application Manager.lnk
2015-05-07 23:36 - 2015-05-08 18:35 - 00000000 ____D () C:\Users\Mysterial\Desktop\Photoshop Lightroom 6.0
2015-05-07 23:01 - 2015-05-07 23:02 - 24164609 ____R () C:\Users\Mysterial\Downloads\HDRsoft Photomatix Pro 5.0.5a.zip
2015-05-07 22:36 - 2015-05-09 05:27 - 00000000 ____D () C:\Users\Mysterial\Downloads\Adobe Photoshop Lightroom 6.0+patch Painter
2015-05-07 20:54 - 2015-05-07 20:55 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{44888ACE-1159-4507-AECE-D6D4CBECFEBD}
2015-05-07 07:39 - 2015-05-07 07:39 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{2335CEDC-2DEC-41FE-A632-532B0189FBAA}
2015-05-06 19:38 - 2015-05-06 19:38 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{B3D24FFA-6315-4886-B6BA-7E8677F9F52B}
2015-05-05 21:42 - 2015-05-05 21:42 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{FA3C45FF-5220-49B4-AE4B-A1F98BA41E77}
2015-05-05 06:09 - 2015-05-05 06:09 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\openvr
2015-05-05 05:16 - 2015-05-05 05:16 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{5C39F2DC-E010-4850-97F9-E3A08ACB09BC}
2015-05-04 19:52 - 2015-05-04 19:53 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{C676C862-C337-4417-BCD0-CB33AF1DFBFF}
2015-05-04 03:46 - 2015-05-04 03:46 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{446D8B17-2506-4348-B80B-327431E8D635}
2015-05-03 22:12 - 2015-05-03 22:42 - 00000000 ____D () C:\Users\Mysterial\Desktop\Lightroom Presets
2015-05-03 15:46 - 2015-05-03 15:46 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{99B39B6B-685F-446D-A051-956D183145D4}
2015-05-01 14:14 - 2015-05-01 14:14 - 00000495 _____ () C:\Users\Mysterial\Desktop\dry cabinet price list.txt
2015-05-01 02:13 - 2015-05-01 02:14 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{46444AB9-06F7-4DF4-83AD-409555BA9AC0}
2015-05-01 00:25 - 2015-05-01 00:25 - 00000000 ____D () C:\Users\Mysterial\Desktop\UROPS
2015-04-30 14:11 - 2015-04-30 14:12 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{9AC40CA8-FD4A-42B9-A81E-EA1A71F89096}
2015-04-29 15:14 - 2015-04-29 15:14 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{E9B4FD72-6F38-4E36-AC11-17FD87A44315}
2015-04-29 03:13 - 2015-04-29 03:13 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{9E68C10D-9BFF-45C0-AD6F-1C7E6928A101}
2015-04-28 15:13 - 2015-04-28 15:13 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{FD8AC1E8-64CE-49E3-9637-4E1A42DEE0FC}
2015-04-28 03:13 - 2015-04-28 03:13 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{5B9148E6-8C20-40A6-BA28-2A2A220104C5}
2015-04-27 15:13 - 2015-04-27 15:13 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{7FDD8ED1-E600-48E3-9E97-E03A88CEFFA1}
2015-04-27 03:12 - 2015-04-27 03:12 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{0B15336B-65C8-4B7F-8305-043E08C44C52}
2015-04-26 15:11 - 2015-04-26 15:11 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{ABDA1A17-85F7-44F8-BC83-FDB7EB42DFD0}
2015-04-26 03:11 - 2015-04-26 03:11 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{45CE4C16-20A7-4A71-A4FA-D8E8179146B0}
2015-04-25 15:10 - 2015-04-25 15:10 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{7BA0FE6C-4AF3-4534-8691-1CE5FFF12B09}
2015-04-25 03:09 - 2015-04-25 03:09 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{D605FB71-3DB6-472F-B624-A47A0150098B}
2015-04-24 15:08 - 2015-04-24 15:08 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{4D0B974E-9270-4471-9F58-9BCC231D1DC5}
2015-04-24 03:08 - 2015-04-24 03:08 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{3187787B-F129-46EC-BE0D-668BD6B1FA87}
2015-04-23 06:53 - 2015-04-23 06:53 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{73504FEC-7EEA-46B4-B263-605A11E6FEF6}
2015-04-22 18:52 - 2015-04-22 18:53 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{FE26B66E-CB85-4E5D-9565-BE527A99DD12}
2015-04-22 18:01 - 2015-04-22 18:02 - 00000000 ____D () C:\Users\Mysterial\Desktop\Grand Canyon
2015-04-22 17:58 - 2015-04-22 17:58 - 00000000 ____D () C:\Users\Mysterial\Documents\Internship applications
2015-04-22 06:52 - 2015-04-22 06:52 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{62E46592-9563-4269-B154-15AFCC5955C0}
2015-04-21 18:52 - 2015-04-21 18:52 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{BFDF3ABF-7F39-4674-A347-B360456B352C}
2015-04-21 09:21 - 2015-04-02 08:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-21 09:21 - 2015-04-02 07:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-21 09:21 - 2015-03-25 11:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-21 09:21 - 2015-03-25 11:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-21 09:21 - 2015-03-25 11:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-21 09:21 - 2015-03-25 11:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-21 09:21 - 2015-03-25 11:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-21 09:21 - 2015-03-25 11:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-21 09:21 - 2015-03-25 11:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-21 09:21 - 2015-03-25 11:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-21 09:21 - 2015-03-25 11:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-21 09:21 - 2015-03-25 11:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-21 09:21 - 2015-03-25 11:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-21 09:21 - 2015-03-25 11:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-21 09:21 - 2015-03-25 11:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-21 09:21 - 2015-03-25 11:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-21 09:21 - 2015-03-25 11:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-21 09:21 - 2015-03-25 11:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-21 09:21 - 2015-03-13 12:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-21 09:21 - 2015-03-13 12:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-21 09:21 - 2015-03-13 12:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-21 09:21 - 2015-03-13 12:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-21 09:21 - 2015-03-13 12:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-21 09:21 - 2015-03-13 12:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-21 09:21 - 2015-03-13 12:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-21 09:21 - 2015-03-13 12:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-21 09:21 - 2015-03-13 12:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-21 09:21 - 2015-03-13 12:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-21 09:21 - 2015-03-13 11:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-21 09:21 - 2015-03-13 11:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-21 09:21 - 2015-03-13 11:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-21 09:21 - 2015-03-13 11:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-21 09:21 - 2015-03-13 11:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-21 09:21 - 2015-03-13 11:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-21 09:21 - 2015-03-13 11:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-21 09:21 - 2015-03-13 11:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-21 09:21 - 2015-03-13 11:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-21 09:21 - 2015-03-13 11:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-21 09:21 - 2015-03-13 11:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-21 09:21 - 2015-03-13 11:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-21 09:21 - 2015-03-13 11:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-21 09:21 - 2015-03-13 11:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-21 09:21 - 2015-03-13 11:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-21 09:21 - 2015-03-13 11:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-21 09:21 - 2015-03-13 11:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-21 09:21 - 2015-03-13 11:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-21 09:21 - 2015-03-13 11:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-21 09:21 - 2015-03-13 11:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-21 09:21 - 2015-03-13 11:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-21 09:21 - 2015-03-13 11:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-21 09:21 - 2015-03-13 11:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-21 09:21 - 2015-03-13 11:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-21 09:21 - 2015-03-13 11:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-21 09:21 - 2015-03-13 11:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-21 09:21 - 2015-03-13 11:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-21 09:21 - 2015-03-13 11:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-21 09:21 - 2015-03-13 11:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-21 09:21 - 2015-03-13 11:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-21 09:21 - 2015-03-13 11:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-21 09:21 - 2015-03-13 11:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-21 09:21 - 2015-03-13 10:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-21 09:21 - 2015-03-13 10:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-21 09:21 - 2015-03-13 10:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-21 09:21 - 2015-03-13 10:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-21 09:21 - 2015-03-13 10:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-21 09:21 - 2015-03-13 10:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-21 09:21 - 2015-03-13 10:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-21 09:21 - 2015-03-13 10:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-21 09:21 - 2015-03-13 10:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-21 09:21 - 2015-03-13 10:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-21 09:21 - 2015-03-13 10:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-21 09:21 - 2015-03-13 10:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-21 09:21 - 2015-03-13 10:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-21 09:21 - 2015-03-13 10:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-21 08:10 - 2015-04-21 08:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-21 06:52 - 2015-04-21 06:52 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{5D1193EC-726C-4675-BD6B-8D7BC50ED7EB}
2015-04-20 19:31 - 2015-05-07 09:04 - 02540864 _____ (HDRsoft Ltd ) C:\Users\Mysterial\Desktop\MergeTo32bitHDR12x64.exe
2015-04-20 18:51 - 2015-04-20 18:51 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{753DB93C-7AB1-4F34-9535-E36A67DC336B}
2015-04-20 18:13 - 2015-03-17 13:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-20 18:13 - 2015-03-17 13:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-20 18:13 - 2015-03-17 13:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-20 18:13 - 2015-03-17 13:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-20 18:13 - 2015-03-17 13:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-20 18:13 - 2015-03-17 13:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-20 18:13 - 2015-03-17 13:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-20 18:13 - 2015-03-17 13:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-20 18:13 - 2015-03-17 13:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-20 18:13 - 2015-03-17 13:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-20 18:13 - 2015-03-17 13:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-20 18:13 - 2015-03-17 13:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-20 18:13 - 2015-03-17 13:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-20 18:13 - 2015-03-17 13:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-20 18:13 - 2015-03-17 13:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-20 18:13 - 2015-03-17 12:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-20 18:13 - 2015-03-17 12:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-20 18:13 - 2015-03-17 12:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-20 18:13 - 2015-03-17 12:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-20 18:13 - 2015-03-17 12:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-20 18:13 - 2015-03-17 12:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-20 18:13 - 2015-03-17 12:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-20 18:13 - 2015-03-17 12:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-20 18:13 - 2015-03-17 12:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-20 18:13 - 2015-03-17 12:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 11:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-20 18:13 - 2015-03-17 11:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-20 18:13 - 2015-03-17 11:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 11:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 11:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 11:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-20 06:51 - 2015-04-20 06:51 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{D25B4D2F-3F6B-414C-8768-34ABEA72DCBD}
2015-04-19 19:25 - 2015-04-19 19:25 - 00001755 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-04-19 19:25 - 2015-04-19 19:25 - 00001755 _____ () C:\ProgramData\Desktop\iTunes.lnk
2015-04-19 19:25 - 2015-04-19 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-04-19 19:24 - 2015-04-19 19:25 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-04-19 19:24 - 2015-04-19 19:25 - 00000000 ____D () C:\Program Files\iTunes
2015-04-19 19:24 - 2015-04-19 19:24 - 00000000 ____D () C:\Program Files\iPod
2015-04-19 19:24 - 2015-04-19 19:24 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-04-19 19:13 - 2015-04-19 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-04-19 19:12 - 2015-03-23 11:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-19 19:12 - 2015-03-23 11:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-19 19:12 - 2015-03-23 11:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-19 19:12 - 2015-03-23 11:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-19 19:12 - 2015-03-23 11:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-19 19:12 - 2015-03-23 11:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-19 19:12 - 2015-03-23 11:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-19 19:12 - 2015-03-23 11:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-19 18:51 - 2015-04-19 18:51 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{D8D7A8BB-067B-4422-8FDD-39DB91355900}
2015-04-17 23:57 - 2015-04-17 23:57 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\Macroplant_LLC
2015-04-17 23:55 - 2015-04-18 00:11 - 00000000 ____D () C:\Program Files (x86)\iExplorer
2015-04-17 20:51 - 2015-03-10 11:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-17 20:51 - 2015-03-10 11:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-17 20:51 - 2015-03-10 11:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-17 20:51 - 2015-03-10 11:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-17 20:51 - 2015-03-05 13:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-17 20:51 - 2015-03-05 12:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-17 20:51 - 2015-03-04 12:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-17 20:51 - 2015-03-04 12:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-17 20:51 - 2015-03-04 12:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-17 20:51 - 2015-02-25 11:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-17 20:22 - 2015-04-17 20:23 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{0D1D35C1-60BC-4216-807B-317DC62ADFBD}
2015-04-15 13:06 - 2015-04-15 13:06 - 00256992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2015-04-14 03:32 - 2015-04-14 03:32 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{AC5D0F7A-458D-4BF8-9B69-1E23217F332E}
2015-04-13 12:03 - 2015-04-13 12:03 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{293DE665-78A7-4E3C-A605-CDD9BA8E60E9}
2015-04-12 14:44 - 2015-04-12 14:44 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{C14E4478-492D-42EA-9068-AF02DBC44820}
2015-04-11 14:31 - 2015-04-11 14:31 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{D0DFFDB8-6D3F-4450-B11D-83226A25D52E}
2015-04-11 02:30 - 2015-04-11 02:30 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{10C17998-C8AF-4A59-B451-1369A3F656BF}
2015-04-10 10:38 - 2015-04-10 10:39 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{FCD3E196-6554-4F7D-81A4-33E6DDAE1B6B}
2015-04-10 06:39 - 2015-05-08 18:35 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-10 06:39 - 2015-04-10 06:39 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-10 03:11 - 2015-04-10 03:11 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{53B7EEC9-BAA6-43E1-8153-80ED61D7C610}
2015-04-09 14:11 - 2015-04-09 14:11 - 00284128 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-04-09 13:52 - 2015-04-09 14:00 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{8241A5DB-DD3E-4EF0-8BFA-9EE2AD0D1813}

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-09 06:14 - 2012-03-27 14:58 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-09 05:36 - 2014-07-30 04:28 - 00000586 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2102144433-2307754193-2593861232-1001.job
2015-05-09 04:58 - 2009-07-14 13:13 - 00798054 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-09 04:54 - 2012-07-12 16:46 - 00000387 _____ () C:\Users\Mysterial\AppData\Roaming\sp_data.sys
2015-05-09 04:54 - 2012-03-14 02:19 - 00000000 ____D () C:\Users\Mysterial\Documents\Bluetooth Folder
2015-05-09 03:39 - 2009-07-14 12:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-09 03:39 - 2009-07-14 12:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-09 03:37 - 2012-02-29 07:57 - 01702969 _____ () C:\Windows\WindowsUpdate.log
2015-05-09 03:33 - 2012-03-14 17:13 - 00000000 ___RD () C:\Users\Mysterial\Dropbox
2015-05-09 03:32 - 2012-03-15 01:14 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\Dropbox
2015-05-09 03:31 - 2012-03-27 14:58 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-09 03:31 - 2012-02-29 08:01 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-09 03:31 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-09 03:31 - 2009-07-14 12:51 - 00172471 _____ () C:\Windows\setupact.log
2015-05-09 03:30 - 2011-10-18 11:58 - 00845738 _____ () C:\Windows\PFRO.log
2015-05-09 01:24 - 2012-03-16 21:07 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\CrashDumps
2015-05-09 00:03 - 2013-02-17 08:50 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{288C5043-7135-4EEF-AF3A-CFDC6194ADC0}
2015-05-08 21:54 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\rescache
2015-05-08 18:36 - 2014-12-03 07:29 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\RescueTime.com
2015-05-08 18:36 - 2014-09-01 00:41 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2015-05-08 18:36 - 2014-05-08 20:10 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\TeraCopy
2015-05-08 18:36 - 2013-04-25 13:22 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-05-08 18:36 - 2012-09-17 08:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-08 18:36 - 2012-07-12 15:25 - 00000000 ____D () C:\ProgramData\P4G
2015-05-08 18:36 - 2012-03-16 18:09 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-08 18:36 - 2009-07-14 11:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-05-08 18:35 - 2014-12-12 15:25 - 00000000 ____D () C:\Windows\system32\appraiser
2015-05-08 18:35 - 2014-10-22 03:54 - 00000000 ____D () C:\ProgramData\AVG2015 (corrupted permissions)
2015-05-08 18:35 - 2014-09-24 18:52 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\7+ Taskbar Tweaker
2015-05-08 18:35 - 2014-05-23 16:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-05-08 18:35 - 2014-04-19 08:58 - 00000000 ____D () C:\ProgramData\Avg_Update_0414b
2015-05-08 18:35 - 2012-03-14 02:17 - 00000000 ____D () C:\Users\Mysterial
2015-05-08 18:35 - 2011-10-18 12:30 - 00000000 ____D () C:\ProgramData\Trend Micro
2015-05-08 18:35 - 2010-05-13 00:38 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\BitTorrent
2015-05-08 18:35 - 2009-07-14 15:44 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-05-08 18:35 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-05-08 18:35 - 2007-10-15 23:05 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\vlc
2015-05-08 18:10 - 2012-08-13 20:06 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\Deployment
2015-05-08 17:45 - 2007-05-11 18:02 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\Apps\2.0
2015-05-08 17:40 - 2009-07-14 10:34 - 00000215 _____ () C:\Windows\system.ini
2015-05-08 16:39 - 2013-11-21 12:47 - 00000000 ____D () C:\Users\Guest with network
2015-05-08 10:27 - 2014-12-10 02:25 - 00000000 ____D () C:\Users\Mysterial\Documents\Assassin's Creed Unity
2015-05-08 10:19 - 2012-02-29 08:13 - 00002720 _____ () C:\Windows\system32\AutoRunFilter.ini
2015-05-08 01:44 - 2008-02-17 20:12 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\Skype
2015-05-08 00:52 - 2007-04-30 22:31 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\Adobe
2015-05-08 00:08 - 2012-03-27 03:04 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-05-08 00:07 - 2015-03-01 12:54 - 00000000 ____D () C:\Program Files\Adobe
2015-05-08 00:00 - 2014-12-09 23:56 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-03 03:48 - 2013-03-23 21:08 - 00000000 ____D () C:\ProgramData\Skype
2015-05-03 03:42 - 2012-02-29 08:13 - 00001597 _____ () C:\Windows\system32\ServiceFilter.ini
2015-05-03 03:41 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\AppCompat
2015-05-01 16:08 - 2012-03-27 15:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-01 16:06 - 2011-10-18 12:17 - 00782364 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-05-01 16:01 - 2013-09-21 20:13 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-01 15:41 - 2012-12-23 13:57 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-30 14:31 - 2012-03-27 15:04 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-30 14:31 - 2012-03-27 15:04 - 00002185 _____ () C:\ProgramData\Desktop\Google Chrome.lnk
2015-04-26 21:07 - 2014-12-29 13:45 - 00000000 ____D () C:\Users\Mysterial\Documents\Exchange
2015-04-24 12:38 - 2012-03-15 01:16 - 00001037 _____ () C:\Users\Mysterial\Desktop\Dropbox.lnk
2015-04-24 12:38 - 2012-03-15 01:15 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-22 18:25 - 2012-02-29 08:01 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-22 18:24 - 2014-02-09 17:24 - 00000000 ____D () C:\ProgramData\ArcSoft
2015-04-22 18:15 - 2013-09-13 11:35 - 00000000 ____D () C:\Program Files\Paint.NET
2015-04-22 18:12 - 2013-10-15 12:11 - 00000000 ____D () C:\Program Files\VCG
2015-04-22 18:08 - 2013-10-16 21:01 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-04-22 18:08 - 2013-10-16 21:01 - 00000000 ____D () C:\Program Files\Autodesk
2015-04-22 17:59 - 2014-05-20 21:33 - 00000000 ____D () C:\Users\Mysterial\Documents\CV
2015-04-19 19:24 - 2012-03-16 18:57 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-04-17 23:52 - 2014-02-12 16:35 - 00000000 ____D () C:\Users\Mysterial\Documents\Outlook Files
2015-04-17 20:59 - 2009-07-14 10:34 - 00000478 _____ () C:\Windows\win.ini
2015-04-13 15:27 - 2014-07-30 04:28 - 00003628 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2102144433-2307754193-2593861232-1001
2015-04-10 14:25 - 2015-03-25 14:52 - 00000000 ____D () C:\Users\Mysterial\Documents\Adobe
2015-04-10 14:25 - 2012-03-14 17:16 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\Adobe

==================== Files in the root of some directories =======

2011-06-03 20:46 - 2011-06-03 20:46 - 0000000 _____ () C:\Users\Mysterial\AppData\Roaming\chrtmp
2010-01-22 15:02 - 2010-01-22 15:39 - 0000179 _____ () C:\Users\Mysterial\AppData\Roaming\Current.prx
2005-05-21 13:29 - 2011-06-03 22:05 - 0008200 ____H () C:\Users\Mysterial\AppData\Roaming\Kennethlog.dat
2011-03-22 21:49 - 2011-05-02 17:08 - 0046658 _____ () C:\Users\Mysterial\AppData\Roaming\room.dat
2011-05-31 01:52 - 2012-03-17 03:41 - 0051270 _____ () C:\Users\Mysterial\AppData\Roaming\room_v3.dat
2012-07-12 16:46 - 2015-05-09 04:54 - 0000387 _____ () C:\Users\Mysterial\AppData\Roaming\sp_data.sys
2008-05-04 21:53 - 2010-05-14 01:25 - 0023580 _____ () C:\Users\Mysterial\AppData\Roaming\UserTile.png
2012-10-24 19:38 - 2012-10-24 19:38 - 0000218 _____ () C:\Users\Mysterial\AppData\Local\.recently-used.xbel
2012-11-30 02:10 - 2013-04-21 23:20 - 0131066 _____ () C:\Users\Mysterial\AppData\Local\ars.cache
2012-11-30 02:10 - 2012-11-30 02:10 - 0878528 _____ () C:\Users\Mysterial\AppData\Local\census.cache
2013-04-12 00:00 - 2013-04-12 00:24 - 0001677 _____ () C:\Users\Mysterial\AppData\Local\Cracklock.settings
2011-03-01 23:38 - 2011-03-01 23:38 - 0000552 _____ () C:\Users\Mysterial\AppData\Local\d3d8caps.dat
2008-03-13 10:18 - 2012-02-21 06:05 - 0002032 _____ () C:\Users\Mysterial\AppData\Local\d3d9caps.dat
2013-09-10 18:01 - 2015-01-21 16:50 - 0005120 _____ () C:\Users\Mysterial\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-11-02 19:17 - 2013-04-21 23:08 - 0000036 _____ () C:\Users\Mysterial\AppData\Local\housecall.guid.cache
2013-04-04 04:28 - 2013-04-04 04:28 - 0000337 _____ () C:\Users\Mysterial\AppData\Local\Perfmon.PerfmonCfg
2014-02-07 02:19 - 2014-02-07 02:27 - 0000600 _____ () C:\Users\Mysterial\AppData\Local\PUTTY.RND
2015-02-11 13:30 - 2015-02-11 13:30 - 0002039 _____ () C:\Users\Mysterial\AppData\Local\recently-used.xbel
2013-01-21 01:14 - 2013-01-21 01:14 - 0007598 _____ () C:\Users\Mysterial\AppData\Local\Resmon.ResmonCfg
2012-02-29 08:17 - 2012-02-29 08:18 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-02-29 08:17 - 2012-02-29 08:17 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-02-29 08:16 - 2012-02-29 08:17 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some content of TEMP:
====================
C:\Users\Mysterial\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqct4gf.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-08 21:42

==================== End Of Log ============================


Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2015 01
Ran by Mysterial at 2015-05-09 06:23:40
Running from C:\Users\Mysterial\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2102144433-2307754193-2593861232-500 - Administrator - Disabled)
Guest (S-1-5-21-2102144433-2307754193-2593861232-501 - Limited - Enabled) => C:\Users\Guest.Mysterial-PC
Guest with network (S-1-5-21-2102144433-2307754193-2593861232-1010 - Limited - Enabled) => C:\Users\Guest with network
HomeGroupUser$ (S-1-5-21-2102144433-2307754193-2593861232-1009 - Limited - Enabled)
Mysterial (S-1-5-21-2102144433-2307754193-2593861232-1001 - Administrator - Enabled) => C:\Users\Mysterial

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Trend Micro Titanium Internet Security (Disabled - Out of date) {68F968AC-2AA0-091D-848C-803E83E35902}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Trend Micro Titanium Internet Security (Disabled - Out of date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7+ Taskbar Tweaker v4.5.10 (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\7 Taskbar Tweaker) (Version: 4.5.10 - RaMMicHaeL)
7+ Taskbar Tweaker v4.5.10 (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\7 Taskbar Tweaker) (Version: 4.5.10 - RaMMicHaeL)
Acronis Disk Director Home (HKLM-x32\...\{9CCC78EF-027E-40E0-9B61-39932C65E3FE}) (Version: 11.0.216 - Acronis)
Adobe Acrobat X Professional - Middle Eastern, North African, Greek (HKLM-x32\...\{AC76BA86-1025-0000-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Amnesia - The Dark Descent  (HKLM-x32\...\{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1) (Version: 1.0.0 - Frictional Games)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.4.0 - Asmedia Technology)
Assassin`s Creed Unity / RePack by Baracuda (HKLM\...\Assassin`s Creed Unity_is1) (Version: 1.3 - )
Assassin's Creed III (HKLM-x32\...\Assassin's Creed III_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Assassin's Creed III 1.01 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.01 - Ubisoft)
Assassins Creed IV Black Flag (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.24 - ASUS)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0013 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.29 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.2 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.50 - ASUS)
ASUS Sonic Focus (HKLM-x32\...\{B0002707-4F7E-4745-88A7-852DA8A88635}) (Version: 1.0.0.5 - Synopsys )
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0040 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.25 - ASUS)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)
AsusScr_K3 Series_ENG (HKLM-x32\...\AsusScr_K3 Series_ENG) (Version: 1.0.0001 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.7.142 - ASUSTEK)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.103 - Atheros)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.8.8 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0015 - ASUS)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5941 - AVG Technologies)
AVG 2015 (Version: 15.0.4342 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5941 - AVG Technologies) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
BitTorrent (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\BitTorrent) (Version: 7.9.3.40101 - BitTorrent Inc.)

BitTorrent (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\BitTorrent) (Version: 7.9.3.40101 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Brother MFL-Pro Suite MFC-8860DN (HKLM-x32\...\{9211CCBB-BEFE-4A0C-9199-D7A535DBFE5F}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version:  - Dark Byte)
Cisco WebEx Meetings (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Cisco WebEx Meetings (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{C57F6C71-C365-4AFF-9108-397BBAD6127F}) (Version: 1.0.204 - Citrix)
Complément Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Complemento Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Cracklock 3.9.44 (HKLM-x32\...\Cracklock_is1) (Version: 3.9.44 - William Blum)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.3.0297 - DT Soft Ltd)
Daum ½ºÅ©¸°¼¼À̹ö °íÈ­Áú¹öÀü (HKLM-x32\...\Daum Screensaver High) (Version:  - Daum Communications Corp.)
Dink Smallwood HD (remove only) (HKLM-x32\...\Dink Smallwood HD) (Version:  - )
DiskAid 6.5.4.0 (HKLM\...\DiskAid_is1) (Version: 6.5.4.0 - DigiDNA)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - )
Dropbox (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
ETDWare PS/2-X64 8.0.5.5_WHQL (HKLM\...\Elantech) (Version: 8.0.5.5 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version:  - )
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKLM-x32\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GoToMeeting 7.1.8.2553 (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\GoToMeeting) (Version: 7.1.8.2553 - CitrixOnline)
GoToMeeting 7.1.8.2553 (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GoToMeeting) (Version: 7.1.8.2553 - CitrixOnline)
Gwyddion (HKLM-x32\...\Gwyddion) (Version: 2.30 - Gwyddion developers)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version:  - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version:  - Valve)
Hola™ 1.7.5 - Better Internet (HKLM\...\Hola) (Version: 1.7.5 - Hola Networks Ltd.)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Icy Tower v1.5.1 (HKLM-x32\...\Icy Tower v1.5.1_is1) (Version:  - Free Lunch Design)
iFunbox (v2.7.2386.747), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.7.2386.747 - )
ImageJ 1.47v (HKLM\...\ImageJ_is1) (Version:  - NIH)
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.1.10 - ASUS)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
JabRef 2.8.1 (HKLM-x32\...\JabRef 2.8.1) (Version: 2.8.1 - JabRef Team)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.670 - Oracle)
Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\Juniper_Setup_Client) (Version: 7.4.3.36355 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Juniper_Setup_Client) (Version: 7.4.3.36355 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LyX 2.0.5 (HKLM-x32\...\LyX205) (Version: 2.0.5 - LyX Team)
Magicka (HKLM-x32\...\Magicka_is1) (Version:  - )
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Mathematica Extras 9.0 (3824406) (HKLM\...\A-WIN-Extras 9.0.0 3824406_is1) (Version: 9.0.0 - Wolfram Research, Inc.)
Meld (HKLM-x32\...\Meld) (Version: 0.0.0.0 - Keegan Witt)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
MeshLab_64b 1.3.0 (HKLM\...\MeshLab_64b) (Version: 1.3.0 - Paolo Cignoni - Guido Ranzuglia VCG - ISTI - CNR)
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger
分享元件 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger
浏览器插件 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - English (HKLM-x32\...\Office14.OMUI.en-us) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - German/Deutsch (HKLM-x32\...\Office14.OMUI.de-de) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MiKTeX 2.9 (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MiKTeX 2.9 (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
NUS (Unofficial) Timetable Builder (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\77d34e479c3193ee) (Version: 1.3.6.3 - NUS (Unofficial) Timetable Builder)
NUS (Unofficial) Timetable Builder (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\77d34e479c3193ee) (Version: 1.3.6.3 - NUS (Unofficial) Timetable Builder)
NVIDIA 3D Vision Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OANDA - MetaTrader (HKLM-x32\...\OANDA - MetaTrader) (Version: 4.00 - MetaQuotes Software Corp.)
Oracle VM VirtualBox 4.3.20 (HKLM\...\{DD8F7A7A-852F-4648-8A73-B8FC1DF5F082}) (Version: 4.3.20 - Oracle Corporation)
Photomatix Pro version 5.0.5a (HKLM\...\PhotomatixPro5x64_is1) (Version: 5.0.5a - HDRsoft Ltd)
PlayMemories Camera Apps Downloader (HKLM-x32\...\{E4B95A36-0EF2-44C6-B939-5B3DBBC34502}) (Version: 1.1.1975.475 - Sony Network Entertainment International LLC)
Plus Pack for Acronis True Image Home 2012 (HKLM-x32\...\{DDFAA49C-2B1D-4808-B43A-4AAFF0475B04}) (Version: 15.0.6154 - Acronis)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Prezi Desktop (HKLM-x32\...\{C38FC27A-C586-44F6-A47D-6193FB3024AB}) (Version: 4.2.1 - Prezi.com)
Prototype™ (HKLM-x32\...\InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}) (Version: 1.0 - Activision)
Prototype™ (x32 Version: 1.0 - Activision) Hidden
Python 3.4 Pillow-2.5.2 (64-bit) (HKLM\...\Pillow-py3.4) (Version:  - )
Python 3.4.1 (64-bit) (HKLM\...\{d54842cb-f761-30ba-881f-1ff821dc44df}) (Version: 3.4.1150 - Python Software Foundation)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6499 - Realtek Semiconductor Corp.)
RescueTime 2.10.1.1250 (HKLM-x32\...\{2505571C-03B3-4F9F-AC35-33F1CB4B5E9E}_is1) (Version:  - RescueTime.com)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{F3E80B62-3C51-4940-A434-A1F517AB8D6A}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0409-0000-0000000FF1CE}_Office14.OMUI.en-us_{840912CB-128E-4A73-9CD9-F807BC9B7684}) (Version:  - Microsoft)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
Trend Micro Titanium Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 3.1.1109 - Trend Micro Inc.)
Trend Micro Titanium Internet Security (Version: 3.00 - Trend Micro Inc.) Hidden
Unity Web Player (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Warcraft III: All Products (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\Warcraft III) (Version:  - )
Warcraft III: All Products (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Warcraft III) (Version:  - )
WinDirStat 1.1.2 (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\WinDirStat) (Version:  - )
WinDirStat 1.1.2 (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\WinDirStat) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.0 - ASUS)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Wolfram Mathematica 8 for Students (M-WIN-G 8.0.4 2615565) (HKLM\...\M-WIN-G 8.0.4 2615565_is1) (Version: 8.0.4 - Wolfram Research, Inc.)
Wolfram Mathematica 9 (M-WIN-L 9.0.0 3868239) (HKLM\...\M-WIN-L 9.0.0 3868239_is1) (Version: 9.0.0 - Wolfram Research, Inc.)

于远程连接的 Windows Live Mesh ActiveX 控件(简体中文) (HKLM-x32\...\{F992409C-9D10-4AE2-BAEB-B5409AD3785E}) (Version: 15.4.5722.2 - Microsoft Corporation)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Mysterial\AppData\Local\Citrix\GoToMeeting\1468\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Mysterial\AppData\Local\Citrix\GoToMeeting\1468\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

09-05-2015 00:10:02 Windows Update
09-05-2015 01:18:08 Removed AVG 2015
09-05-2015 02:40:03 Installed AVG 2015
09-05-2015 02:48:50 Installed AVG 2015
09-05-2015 02:50:28 Installed AVG 2015
09-05-2015 02:51:59 Removed AVG 2015
09-05-2015 03:03:57 Installed AVG 2015
09-05-2015 03:05:50 Installed AVG 2015
09-05-2015 03:07:01 Removed AVG 2015
09-05-2015 03:50:28 Installed AVG 2015
09-05-2015 03:51:00 Installed AVG 2015
09-05-2015 03:52:34 Removed AVG 2015
09-05-2015 03:56:55 Installed AVG 2015
09-05-2015 03:57:16 Installed AVG 2015

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 10:34 - 2015-05-08 17:40 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03C8C646-18FD-416B-A2E7-39645B64A3DB} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-12-22] (ASUSTek Computer Inc.)
Task: {11CF55CF-E89A-416F-A95C-BCE861C487BD} - System32\Tasks\NAT Host => C:\Users\Mysterial\Downloads\Adobe Photoshop Lightroom 6.0+patch Painter\adobe patch.exe
Task: {16224B89-02BA-4F8D-A09E-1DB7D660C611} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2011-10-03] (ASUS)
Task: {1FBDE22D-E7CC-4637-8F1F-86897CD865C3} - System32\Tasks\Update\Google Update => Chrome.exe
Task: {24AD4BF9-7164-4FFC-9F64-824E5DE631AC} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.)
Task: {25F1D6B4-1C5C-4D8D-AE8A-3223CEF3B94B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2C5CEA3C-447A-4643-8CEE-87D16F47105A} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2011-11-15] (ASUS)
Task: {46807BCC-A9A6-4DD2-BD9F-952FF6ECEBD9} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {66AD6E04-4EF6-424C-9EEB-E7ACCB555C80} - System32\Tasks\AIRecoveryRemind => C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe [2012-03-09] (ASUSTek Computer Inc.)
Task: {6B552DD2-C459-4957-A6C2-E9E2E1D67FE6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {6CC34DEA-1273-43B9-A894-5E98D567B8A5} - System32\Tasks\G2MUpdateTask-S-1-5-21-2102144433-2307754193-2593861232-1001 => C:\Users\Mysterial\AppData\Local\Citrix\GoToMeeting\2553\g2mupdate.exe [2015-04-13] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {745470AC-B787-4278-9238-6EB1782527CA} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {7B1B67C8-8612-495E-A0D1-B0DEC04131A3} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {BA72EC51-ABF4-4DFE-B5E0-CF74B02CA0B2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {C1A0D7A9-30B0-420D-9DBB-19863B0EB8AD} - System32\Tasks\{9F94ED28-4D50-4E0D-B79C-34A4A0EE3EA1} => C:\Users\Mysterial\Downloads\Adobe Photoshop Lightroom 6.0+patch Painter\adobe patch.exe
Task: {C62526E6-8B63-4EF4-B336-AB83CA1254B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {C6582978-BCC8-4658-8030-D515A0656491} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {EFF61F5D-511A-4CDB-AE79-7A87E137335E} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-01-09] (ASUSTeK Computer Inc.)
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2102144433-2307754193-2593861232-1001.job => C:\Users\Mysterial\AppData\Local\Citrix\GoToMeeting\2553\g2mupdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2012-02-29 08:01 - 2014-11-13 05:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-10-18 12:29 - 2010-09-17 16:52 - 00047104 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
2011-10-18 12:29 - 2010-09-17 16:52 - 00042496 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
2011-10-18 12:29 - 2010-09-17 16:52 - 00731136 _____ () C:\Program Files\Trend Micro\AMSP\sqlite3.dll
2011-04-28 18:06 - 2010-09-17 16:32 - 00288864 _____ () C:\Program Files\Trend Micro\UniClient\plugins\LUADLL.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-27 00:01 - 2005-04-22 13:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll
2010-05-25 19:53 - 2010-05-25 19:53 - 02139400 _____ () C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-07-15 12:44 - 2010-07-15 12:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2014-05-08 20:10 - 2012-01-20 14:55 - 00678400 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2012-06-18 23:24 - 2012-06-18 23:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2012-03-21 18:19 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2009-03-02 10:08 - 2009-03-02 10:08 - 00003584 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\LogicNP.PropSheetExtensionHelper_x64.dll
2014-05-08 20:10 - 2012-01-29 16:55 - 00657920 _____ () C:\Program Files\TeraCopy\TeraCopy64.dll
2010-07-14 16:11 - 2010-07-14 16:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-02-29 08:00 - 2014-11-13 08:20 - 00010952 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2012-02-06 19:32 - 2012-02-06 19:32 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-08-21 01:57 - 2010-08-21 01:57 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-21 01:57 - 2010-08-21 01:57 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2015-05-09 03:31 - 2015-05-09 03:31 - 00043008 _____ () c:\Users\Mysterial\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqct4gf.dll
2015-03-05 05:45 - 2015-03-05 05:45 - 00750080 _____ () C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-05 05:45 - 2015-03-05 05:45 - 00047616 _____ () C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-05 05:45 - 2015-03-05 05:45 - 00865280 _____ () C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-05 05:45 - 2015-03-05 05:45 - 00200704 _____ () C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Daddy\Documents\RE_ B_E(Ch)Ec.eml:OECustomProperty
AlternateDataStreams: C:\Users\Mysterial\Documents\Exchange:com.dropbox.attributes

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\hola.org -> hxxp://hola.org


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Mysterial\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Mysterial\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2102144433-2307754193-2593861232-1010-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Guest with network\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2102144433-2307754193-2593861232-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Guest.Mysterial-PC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Trend Micro Titanium => C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe -set Silent "1" SplashURL ""

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{195329F7-49B7-47FA-BF4D-5FC738502C34}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{07A99DB6-FEB6-432B-8B6A-F700E24B99BC}] => (Allow) LPort=2869
FirewallRules: [{F1C3E909-19A2-4A13-9284-721D2B7BC942}] => (Allow) LPort=1900
FirewallRules: [{BF0F0FA6-8F7E-48A5-B40A-3F1AD3E9A295}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{9311E0C9-43C4-48F1-BFA3-46CC37CA7E24}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{45F7146F-FCAD-4923-BEA3-F9F817BC0500}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{8ED957C1-709D-43F7-A981-854408810C59}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{1AB4FA6A-7A39-4571-B349-1712428BBCA7}] => (Allow) C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{50DDB97B-DF95-4B7A-81E8-F56FBD76D733}] => (Allow) C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{8DB04BC5-09B2-40B6-9ED8-8A2E813A239E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{933598E0-BC25-4AE5-90E5-99BDB448242F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6A91CC37-936C-4D4E-8DD0-DFC1803D4B01}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3B253E37-9DB7-413B-AA4F-D53F17BF5524}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{B9B78CBD-2904-46DE-9D6D-F3167228BB52}C:\users\mysterial\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\mysterial\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{C642A1F9-831F-44DC-8F9C-B0745BB1CA3B}C:\users\mysterial\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\mysterial\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{C9DE51DB-B2C2-4345-AC26-42F2AC7A138A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EEBB3722-D5B4-46E1-9301-9BEA4C21B7C8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1AE451FC-EC3B-40A5-8C8D-4D8928F71EF7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{37D15FA5-D122-4AC7-8C12-D5F381954680}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{2C5DC505-4D14-48C8-814E-6FBA1DB78A0B}C:\program files (x86)\garena plus\room\garena_room.exe] => (Allow) C:\program files (x86)\garena plus\room\garena_room.exe
FirewallRules: [UDP Query User{5D832C03-E659-435F-B68E-7124151296A0}C:\program files (x86)\garena plus\room\garena_room.exe] => (Allow) C:\program files (x86)\garena plus\room\garena_room.exe
FirewallRules: [TCP Query User{94D0833A-1292-431B-BB6B-74709E43D86C}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{E39EA63E-72CC-4A57-8751-AEE58E378CBD}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [TCP Query User{A084DE9F-FE3D-446C-BF29-1BEFC546763D}C:\program files (x86)\steam\steamapps\mysterial91\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mysterial91\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{645CC79E-C2A1-4F45-B77A-8C5B47BC2130}C:\program files (x86)\steam\steamapps\mysterial91\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mysterial91\team fortress 2\hl2.exe
FirewallRules: [{8C01D5DA-69DF-4B2D-BBA8-B7DF002D3BC8}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\8.0\Mathematica.exe
FirewallRules: [{49C13F7A-F2AA-4672-AA81-21EBB2C1DE48}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\8.0\Mathematica.exe
FirewallRules: [{2610FC94-8E60-4C46-A9A0-44FDB8A5BB3C}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\8.0\MathKernel.exe
FirewallRules: [{270BD644-FCA4-452A-81E6-EFC33D2B3456}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\8.0\MathKernel.exe
FirewallRules: [{4DA746FA-2989-47D3-AF3E-4A58235B0B4A}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\8.0\math.exe
FirewallRules: [{E4E1DFFD-FA04-43B7-8124-9C5EBEC0EC73}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\8.0\math.exe
FirewallRules: [TCP Query User{127DB33D-2185-4C19-883F-7CED8962F2E1}C:\program files (x86)\steam\steamapps\mysterial91\counter-strike source\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mysterial91\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{59A31009-5F08-4D4B-AAB6-5013AA2F89C7}C:\program files (x86)\steam\steamapps\mysterial91\counter-strike source\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mysterial91\counter-strike source\hl2.exe
FirewallRules: [TCP Query User{8E88C0DD-8CAF-47DC-AC57-57CB8AC45D42}C:\users\mysterial\appdata\local\temp\e007.tmp\kmservice.exe] => (Allow) C:\users\mysterial\appdata\local\temp\e007.tmp\kmservice.exe
FirewallRules: [UDP Query User{682B9537-3DA2-4637-AB8B-98B48F516A68}C:\users\mysterial\appdata\local\temp\e007.tmp\kmservice.exe] => (Allow) C:\users\mysterial\appdata\local\temp\e007.tmp\kmservice.exe
FirewallRules: [TCP Query User{8830E76F-9CA0-44F9-8233-0FC62C8B9431}C:\program files (x86)\r.g. mechanics\assassin's creed iii\ac3sp.exe] => (Block) C:\program files (x86)\r.g. mechanics\assassin's creed iii\ac3sp.exe
FirewallRules: [UDP Query User{5559C4BA-4C49-4D7E-A456-9909831C67B8}C:\program files (x86)\r.g. mechanics\assassin's creed iii\ac3sp.exe] => (Block) C:\program files (x86)\r.g. mechanics\assassin's creed iii\ac3sp.exe
FirewallRules: [TCP Query User{1E72D359-05A9-4160-B74F-9B3A84BBA95B}C:\users\mysterial\desktop\batman arkham asylum\binaries\shippingpc-bmgame.exe] => (Block) C:\users\mysterial\desktop\batman arkham asylum\binaries\shippingpc-bmgame.exe
FirewallRules: [UDP Query User{EAE37B8D-8B06-4CC0-8F58-D6D4365A8851}C:\users\mysterial\desktop\batman arkham asylum\binaries\shippingpc-bmgame.exe] => (Block) C:\users\mysterial\desktop\batman arkham asylum\binaries\shippingpc-bmgame.exe
FirewallRules: [TCP Query User{A9A39489-4D3F-4C34-AB0F-01998E352A6A}C:\program files (x86)\batman arkham asylum\binaries\shippingpc-bmgame.exe] => (Block) C:\program files (x86)\batman arkham asylum\binaries\shippingpc-bmgame.exe
FirewallRules: [UDP Query User{B4B580C8-963C-4EDB-804F-68933C68F11C}C:\program files (x86)\batman arkham asylum\binaries\shippingpc-bmgame.exe] => (Block) C:\program files (x86)\batman arkham asylum\binaries\shippingpc-bmgame.exe
FirewallRules: [TCP Query User{EC0AFF66-976B-4766-AB4B-AE420DDB1E4C}C:\program files (x86)\batman arkham asylum\binaries\shippingpc-bmgame.exe] => (Block) C:\program files (x86)\batman arkham asylum\binaries\shippingpc-bmgame.exe
FirewallRules: [UDP Query User{8DE1240A-7FD6-4F2B-AF9F-ED7C2C772C09}C:\program files (x86)\batman arkham asylum\binaries\shippingpc-bmgame.exe] => (Block) C:\program files (x86)\batman arkham asylum\binaries\shippingpc-bmgame.exe
FirewallRules: [{8636731D-D8D3-4D0B-9620-8048C853A592}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\9.0\Mathematica.exe
FirewallRules: [{37AFCA2E-6083-4127-BE3C-91504CCF7E41}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\9.0\Mathematica.exe
FirewallRules: [{CE720DA9-DE1E-413F-A507-29B4BBD7778D}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\9.0\MathKernel.exe
FirewallRules: [{2F7DE23E-DEDB-495F-8CDF-66C6F4DBE906}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\9.0\MathKernel.exe
FirewallRules: [{B61D3FA5-1E1E-4C86-98D6-6CE4BA52B8BC}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\9.0\math.exe
FirewallRules: [{D48E23C6-9161-45E3-917A-2D152D13A24A}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\9.0\math.exe
FirewallRules: [{9493098D-9E6C-420A-AF1D-8CFBAC4D7B9C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BCB2A16F-4720-48C2-B12E-7A94181C0696}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{5E5149D5-0C4B-4C2C-8D62-324E3D61B06C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{023B550B-8AC5-412E-B84F-7C7A34630425}] => (Allow) C:\Program Files (x86)\Google\Google Talk\googletalk.exe
FirewallRules: [{DA00DB8A-4216-4F37-9F59-A732DA11ED2D}] => (Allow) C:\Program Files (x86)\Google\Google Talk\googletalk.exe
FirewallRules: [{EEBCE00E-194B-4423-B0C5-5310C4D33B1E}] => (Allow) C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\VeohWebPlayer.exe
FirewallRules: [{7564E2EB-DC92-4DB4-BD3D-526ACD296939}] => (Allow) C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\VeohWebPlayer.exe
FirewallRules: [{8555DB9B-70BF-46BC-9A95-90409F9BFC84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{32B84388-2A44-4C40-ACEF-7806146E8585}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [TCP Query User{7A1880DF-2D9A-4F58-899D-38AF8B81BE0E}C:\program files\imagej\imagej.exe] => (Allow) C:\program files\imagej\imagej.exe
FirewallRules: [UDP Query User{FEB47DFB-3FB2-4C7C-88D1-4E22E6CCB1BF}C:\program files\imagej\imagej.exe] => (Allow) C:\program files\imagej\imagej.exe
FirewallRules: [TCP Query User{70C6EBBF-E399-4274-8D86-22E538838480}C:\program files (x86)\assassins creed iv black flag\ac4bfmp.exe] => (Allow) C:\program files (x86)\assassins creed iv black flag\ac4bfmp.exe
FirewallRules: [UDP Query User{B24769FD-F98A-4E44-BE32-BF96E8D772DB}C:\program files (x86)\assassins creed iv black flag\ac4bfmp.exe] => (Allow) C:\program files (x86)\assassins creed iv black flag\ac4bfmp.exe
FirewallRules: [{69B91EF0-882B-4016-BF1C-B3C512EAB808}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{875B4E1A-03D0-410B-B6DB-094868551D89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{12E8F8AD-B97B-4653-89E9-5E8DA82AC65D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{DB83794E-9924-43A8-A614-CB593C4E25BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{A62782B8-7F72-45DB-B6E1-1F58D01FE4A9}] => (Allow) C:\Users\Mysterial\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{74133B99-D66C-4050-978A-1924D4719709}] => (Allow) C:\Users\Mysterial\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{B69A2F27-1AD4-4B7B-9BE9-6216732C852C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{563EA3FB-647E-4BD4-A894-71527A289B06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{5D2A4A21-0278-4C44-A585-A6611C09E089}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{C3C889E1-39F1-46CD-AED6-A0D141550798}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{0F37293B-0211-4EB2-BB9C-34C6F3D5F8E6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0D469555-EB1C-4E90-90FC-F0824C92746C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{3E3C6ABA-EC3B-4450-9FD1-D0EED6105DF3}D:\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) D:\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{B520F00B-FE31-4556-B272-3BDB5B958A6A}D:\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) D:\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [TCP Query User{CAEE738D-CD33-4C73-9A9F-E41B5B738D41}C:\users\mysterial\desktop\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) C:\users\mysterial\desktop\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{D0CF9E97-C227-47F9-B62B-50F07165284E}C:\users\mysterial\desktop\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) C:\users\mysterial\desktop\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [TCP Query User{1097C1D3-0401-457E-9659-3543E5EEDDC5}C:\users\mysterial\appdata\local\temp\e5c5.tmp\kmservice.exe] => (Allow) C:\users\mysterial\appdata\local\temp\e5c5.tmp\kmservice.exe
FirewallRules: [UDP Query User{1C6E9329-E6B6-42AA-A005-BA1F38D25AF2}C:\users\mysterial\appdata\local\temp\e5c5.tmp\kmservice.exe] => (Allow) C:\users\mysterial\appdata\local\temp\e5c5.tmp\kmservice.exe
FirewallRules: [{4E2E2AB0-8A05-4BB1-8F35-959B6B38D94C}] => (Allow) C:\Program Files (x86)\Activision\Prototype\prototypef.exe
FirewallRules: [{E1EB63A5-BD23-4DD1-8E95-B09E892C1DD7}] => (Allow) C:\Program Files (x86)\Activision\Prototype\prototypef.exe
FirewallRules: [{F390446A-7337-4EB6-BC31-B668D3433979}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{640E89F4-EAA8-4B7D-8CC8-3661AB834989}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{87CA4CFB-2647-4A95-8ECB-F7E57066E2AA}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{78FF07DA-D55B-4CD9-9350-A164829299E0}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{5B868860-AACB-44B4-9159-C286C13809C8}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{D7D2F3EE-526B-444D-A522-CA38C48D7B8F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [TCP Query User{F4B632E7-5A1F-4BD5-8F8C-27696ACE2551}C:\users\mysterial\downloads\prototype 2 pc full game + radnet dlc ^^nosteam^^\prototype 2\prototype2.exe] => (Allow) C:\users\mysterial\downloads\prototype 2 pc full game + radnet dlc ^^nosteam^^\prototype 2\prototype2.exe
FirewallRules: [UDP Query User{2C7EAEC3-71B9-4F16-8D40-A346599C2901}C:\users\mysterial\downloads\prototype 2 pc full game + radnet dlc ^^nosteam^^\prototype 2\prototype2.exe] => (Allow) C:\users\mysterial\downloads\prototype 2 pc full game + radnet dlc ^^nosteam^^\prototype 2\prototype2.exe
FirewallRules: [TCP Query User{2DA88BF7-D558-4185-9FD2-094579E7E752}C:\users\mysterial\downloads\prototype 2 pc full game + radnet dlc ^^nosteam^^\prototype 2\prototype2.exe] => (Allow) C:\users\mysterial\downloads\prototype 2 pc full game + radnet dlc ^^nosteam^^\prototype 2\prototype2.exe
FirewallRules: [UDP Query User{6A3E9F04-5533-44A4-A291-D9295527BFDE}C:\users\mysterial\downloads\prototype 2 pc full game + radnet dlc ^^nosteam^^\prototype 2\prototype2.exe] => (Allow) C:\users\mysterial\downloads\prototype 2 pc full game + radnet dlc ^^nosteam^^\prototype 2\prototype2.exe
FirewallRules: [TCP Query User{DD8EF7A6-5013-4997-8BC6-101386EAA031}C:\python34\python.exe] => (Allow) C:\python34\python.exe
FirewallRules: [UDP Query User{45A65A70-E5CA-4D28-8798-7AAC9AD860F1}C:\python34\python.exe] => (Allow) C:\python34\python.exe
FirewallRules: [{F31424FB-0004-4E64-8928-628751AE2369}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{02A6E149-9AE5-4BDF-8036-6BF4100B41AA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{AEAE16BA-C536-4B74-B376-E8E6E07365D4}C:\users\mysterial\appdata\roaming\mozilla\firefox\profiles\0ladad7a.default\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe] => (Allow) C:\users\mysterial\appdata\roaming\mozilla\firefox\profiles\0ladad7a.default\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe
FirewallRules: [UDP Query User{29B425D6-7B3E-4818-9D66-C1720E000C5D}C:\users\mysterial\appdata\roaming\mozilla\firefox\profiles\0ladad7a.default\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe] => (Allow) C:\users\mysterial\appdata\roaming\mozilla\firefox\profiles\0ladad7a.default\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe
FirewallRules: [TCP Query User{CCF5A863-2A7C-4B55-861D-ED904ED53D20}C:\users\mysterial\appdata\local\temp\1390.tmp\kmservice.exe] => (Allow) C:\users\mysterial\appdata\local\temp\1390.tmp\kmservice.exe
FirewallRules: [UDP Query User{E5BDA8F6-E08A-4C25-AB05-A8E65E6FCAF0}C:\users\mysterial\appdata\local\temp\1390.tmp\kmservice.exe] => (Allow) C:\users\mysterial\appdata\local\temp\1390.tmp\kmservice.exe
FirewallRules: [{D768DA46-55D9-4AA5-9BE8-8FAD2239FC99}] => (Allow) C:\Program Files (x86)\Brother\Brmfl05c\FAXRX.exe
FirewallRules: [{87ADE892-C326-4E54-A4CE-A26F18A97E8F}] => (Allow) C:\Program Files (x86)\Brother\Brmfl05c\FAXRX.exe
FirewallRules: [{4C5780C0-4054-4BD9-946D-A9A0A252509A}] => (Allow) LPort=54925
FirewallRules: [{C5B94F90-2901-482E-A15E-55063458580D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{E5B4E74A-52D0-40D2-B36C-C433F86812DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{5BB637FF-F4DF-4244-8612-E136376D7D03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{0DDBB95B-D4EB-4BA6-BFBB-51B144383B8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{56698A94-6AF9-4E75-B0CC-51AFAF6E7309}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0A9ECD77-CF0F-4DC3-B708-58325E1EEEF1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{300CAD3C-2982-426F-84C0-9ECB4F00FEE6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{C9353CB1-E96A-4FA7-BDD8-E2DB0EC8BBA0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{AF28351E-0FC4-4F38-9B5D-03F3C4B271C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EC98A30B-77CE-4BFA-BDAC-56DB20A9585D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{2F2FC348-6968-47D0-A53B-491C882B21C3}C:\users\mysterial\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\mysterial\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{A964383C-D1B4-47A0-BAAC-AF0B7A242F39}C:\users\mysterial\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\mysterial\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [TCP Query User{5C2EC121-CC11-4F22-924B-32EA3DA79991}C:\users\mysterial\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\mysterial\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{9C29C240-17F0-49B9-80BF-05FD2B88606D}C:\users\mysterial\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\mysterial\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [{26BD793A-DA13-4D12-8815-B0CE426E1BAF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FDEBABE9-7171-4CB7-B511-971F1E1782A8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0BEF97D9-5E50-4792-8F23-27E98D2C9A1E}] => (Allow) C:\Program Files\Hola\app\hola_svc.exe
FirewallRules: [{1F8E2558-7E69-4416-A95A-F09AE1F3DB86}] => (Allow) C:\Program Files\Hola\app\hola_svc.exe
FirewallRules: [{C728EA62-8B9D-41F2-8EDA-557808F3C4A4}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9020B7CE-64C0-4A1D-9D6B-A55225A7CE15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{EEECB435-99E7-425E-B720-B8D9EAEBC96B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{820C97D4-ED29-4BEB-8F26-A280905DDCD4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{AAC6F0BD-801F-44CB-A774-4A04B66129DC}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{3CD323F5-C4C0-4E34-B1F8-9C68E7E4A9E6}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{8AC54CB7-1A20-4FB1-8FE3-C8A4EF58C9C2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{159F2713-EF53-4CF5-9FEE-3C18D965B2D0}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{87229E88-7DF5-4450-BD6B-9DFB04668FA6}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{62517DA3-C3DD-483B-BC56-D282F1E8AF2F}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{9680B5C3-7C0D-4F53-857C-835AE8C141F1}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{15B01675-BB4B-49C8-AFCF-4BB97A8F96BD}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

==================== Faulty Device Manager Devices =============

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/09/2015 03:59:52 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"1".
Dependent Assembly UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/09/2015 03:52:29 AM) (Source: MsiInstaller) (EventID: 11317) (User: Mysterial-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1317. SA_Error1317: StandardAction(0xC0070525): An error occurred while attempting to create the directory: C:\ProgramData\AVG2015\log

Error: (05/09/2015 03:33:05 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"1".
Dependent Assembly UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/09/2015 03:06:52 AM) (Source: MsiInstaller) (EventID: 11317) (User: Mysterial-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1317. SA_Error1317: StandardAction(0xC0070525): An error occurred while attempting to create the directory: C:\ProgramData\AVG2015\Antispam

Error: (05/09/2015 03:01:39 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"1".
Dependent Assembly UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/09/2015 02:51:43 AM) (Source: MsiInstaller) (EventID: 11317) (User: Mysterial-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1317. SA_Error1317: StandardAction(0xC0070525): An error occurred while attempting to create the directory: C:\ProgramData\AVG2015\Antispam

Error: (05/09/2015 02:45:34 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"1".
Dependent Assembly UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/09/2015 02:40:19 AM) (Source: MsiInstaller) (EventID: 11317) (User: Mysterial-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1317. SA_Error1317: StandardAction(0xC0070525): An error occurred while attempting to create the directory: C:\Program Files (x86)\AVG\AVG2015

Error: (05/09/2015 02:40:03 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary AVG TDI Driver.

System Error:
The system cannot find the file specified.
.

Error: (05/09/2015 02:40:03 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary AVG Anti-Rootkit Driver.

System Error:
The system cannot find the file specified.
.


System errors:
=============
Error: (05/09/2015 04:54:13 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (05/09/2015 03:31:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater3.2.0 service failed to start due to the following error:
%%2

Error: (05/09/2015 03:31:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMService service failed to start due to the following error:
%%5

Error: (05/09/2015 03:00:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater3.2.0 service failed to start due to the following error:
%%2

Error: (05/09/2015 03:00:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMService service failed to start due to the following error:
%%5

Error: (05/09/2015 02:43:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater3.2.0 service failed to start due to the following error:
%%2

Error: (05/09/2015 02:43:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMService service failed to start due to the following error:
%%5

Error: (05/09/2015 01:21:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AVG WatchDog service failed to start due to the following error:
%%5

Error: (05/08/2015 11:16:09 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (05/08/2015 05:55:33 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Acronis OS Selector activator service hung on starting.


Microsoft Office Sessions:
=========================
Error: (05/09/2015 03:59:52 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

Error: (05/09/2015 03:52:29 AM) (Source: MsiInstaller) (EventID: 11317) (User: Mysterial-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1317. SA_Error1317: StandardAction(0xC0070525): An error occurred while attempting to create the directory: C:\ProgramData\AVG2015\log(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (05/09/2015 03:33:05 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

Error: (05/09/2015 03:06:52 AM) (Source: MsiInstaller) (EventID: 11317) (User: Mysterial-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1317. SA_Error1317: StandardAction(0xC0070525): An error occurred while attempting to create the directory: C:\ProgramData\AVG2015\Antispam(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (05/09/2015 03:01:39 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

Error: (05/09/2015 02:51:43 AM) (Source: MsiInstaller) (EventID: 11317) (User: Mysterial-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1317. SA_Error1317: StandardAction(0xC0070525): An error occurred while attempting to create the directory: C:\ProgramData\AVG2015\Antispam(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (05/09/2015 02:45:34 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

Error: (05/09/2015 02:40:19 AM) (Source: MsiInstaller) (EventID: 11317) (User: Mysterial-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1317. SA_Error1317: StandardAction(0xC0070525): An error occurred while attempting to create the directory: C:\Program Files (x86)\AVG\AVG2015(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (05/09/2015 02:40:03 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary AVG TDI Driver.

System Error:
The system cannot find the file specified.

Error: (05/09/2015 02:40:03 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary AVG Anti-Rootkit Driver.

System Error:
The system cannot find the file specified.


CodeIntegrity Errors:
===================================
  Date: 2015-05-08 17:23:16.845
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-05-08 17:23:16.829
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™ i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 68%
Total physical RAM: 7968.06 MB
Available physical RAM: 2541.17 MB
Total Pagefile: 15934.31 MB
Available Pagefile: 10984.28 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:603.76 GB) (Free:101.35 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: E3102A4B)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=603.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=69.9 GB) - (Type=05)

==================== End Of Log ============================



#8 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:08 PM

Posted 14 May 2015 - 07:45 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/575624 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#9 Mysterial

Mysterial
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:08 AM

Posted 14 May 2015 - 02:20 PM

As per Helpbot's instructions, below is the FRST log. I do not have a Windows CD/DVD.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2015 01
Ran by Mysterial (administrator) on MYSTERIAL-PC on 15-05-2015 03:16:24
Running from C:\Users\Mysterial\Desktop
Loaded Profiles: Mysterial (Available profiles: Mysterial & Guest with network & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
() C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Dropbox, Inc.) C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(RaMMicHaeL) C:\Users\Mysterial\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Microsoft Corporation) C:\Windows\winsxs\amd64_microsoft-windows-taskmgr_31bf3856ad364e35_6.1.7601.17514_none_7288349cbfd37b08\taskmgr.exe
(Hola Networks Ltd.) C:\Users\Mysterial\AppData\Local\Hola\firefox\app\hola_plugin.exe
(BitTorrent Inc.) C:\Users\Mysterial\AppData\Roaming\BitTorrent\BitTorrent.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-07-21] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-03] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [984224 2011-10-29] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2011-10-29] (Atheros Commnucations)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [197152 2011-02-10] (Trend Micro Inc.)
HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe --silent
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745232 2015-04-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\RunOnce: [AvgRemover] => C:\AVG_Remover\utils\remover.exe [3681088 2015-05-09] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\Run: [7 Taskbar Tweaker] => C:\Users\Mysterial\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe [382976 2015-04-08] (RaMMicHaeL)
HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\Run: [BitTorrent] => C:\Users\Mysterial\AppData\Roaming\BitTorrent\BitTorrent.exe [1696104 2015-05-12] (BitTorrent Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2014-11-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2014-11-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2011-10-18]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
Startup: C:\Users\Guest with network\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk [2013-11-21]
ShortcutTarget: Intel® Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\Users\Mysterial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-08]
ShortcutTarget: Dropbox.lnk -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg.dll [2010-07-21] (Trend Micro Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-15] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe64.dll [2011-03-25] (Trend Micro Inc.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll [2010-07-21] (Trend Micro Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-10-29] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-12-10] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-15] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll [2011-03-25] (Trend Micro Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-12-10] (Adobe Systems Incorporated)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-12-10] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-15] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-15] (Microsoft Corporation)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe64.dll [2011-03-25] (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll [2011-03-25] (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg.dll [2010-07-21] (Trend Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll [2010-07-21] (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{6DB33BBE-AEDD-4B11-BFC9-18E99A5114FE}: [NameServer] 165.21.83.88,165.21.100.88

FireFox:
========
FF ProfilePath: C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default
FF DefaultSearchEngine.US: Google
FF Homepage: https://www.google.com/
FF Keyword.URL:
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-05] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-05] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-08] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-11-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-11-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\9.0.0.3824406\npmathplugin.dll [2012-11-19] (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-02] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: Sony Corporation/PMCADownloader -> C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\npPMCADownloader.dll [2012-10-18] (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderHelper -> C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\PMCADownloaderHelper.exe [2012-10-18] (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderLib -> C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\PMCADownloaderLib.dll [2012-10-18] (Sony Network Entertainment International LLC)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-24] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-2102144433-2307754193-2593861232-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Mysterial\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-07-30] (Citrix Online)
FF Plugin HKU\S-1-5-21-2102144433-2307754193-2593861232-1001: @hola.org/vlc,version=1.7.712 -> C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc [2015-05-08] ()
FF Plugin HKU\S-1-5-21-2102144433-2307754193-2593861232-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mysterial\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-12-08] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2102144433-2307754193-2593861232-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-02] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Mysterial\AppData\Roaming\mozilla\plugins\npatgpc.dll [2013-09-09] (Cisco WebEx LLC)
FF SearchPlugin: C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\searchplugins\google-scholar.xml [2013-04-11]
FF SearchPlugin: C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\searchplugins\wiktionary-en.xml [2012-03-20]
FF SearchPlugin: C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\searchplugins\youtube-video-search.xml [2012-03-16]
FF Extension: British English Dictionary - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\en-GB@dictionaries.addons.mozilla.org [2012-03-20]
FF Extension: Hola Better Internet - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2015-05-12]
FF Extension: Zotero Word for Windows Integration - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\zoteroWinWordIntegration@zotero.org [2015-03-09]
FF Extension: Tumblr Post - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\{99210d54-6321-41e8-bd1b-2b4c55874efb} [2014-03-17]
FF Extension: YouTube Video and Audio Downloader - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2014-02-26]
FF Extension: YouTube ALL HTML5 - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\jid1-qj0w91o64N7Eeg@jetpack.xpi [2014-03-03]
FF Extension: RescueTime for Firefox - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\rescuetime_firefox@rescuetime.com.xpi [2014-12-03]
FF Extension: Tree Style Tab - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\treestyletab@piro.sakura.ne.jp.xpi [2015-05-08]
FF Extension: Zotero - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\zotero@chnm.gmu.edu.xpi [2013-04-09]
FF Extension: Adblock Plus - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-08-13]
FF Extension: Greasemonkey - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-10-04]
FF Extension: Sothink Web Video Downloader for Firefox - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}.xpi [2013-09-10]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-21]
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\firefoxextension
FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\firefoxextension [2012-03-28]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-03-27]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-05-10]
CHR Extension: (Google Search) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-05-10]
CHR Extension: (Hola Better Internet) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-02-14]
CHR Extension: (Bookmark Manager) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-01-28]
CHR Extension: (Don't Starve) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiledapehlkhdehbhppgmekfalnlfajc [2013-04-12]
CHR Extension: (Universe) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\igcicgpahfpikagbhofhehldknadneld [2014-11-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-07]
CHR Extension: (Skype Click to Call) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-07-17]
CHR Extension: (Go away MDA - Bypass MDA blocked sites) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\lledpflfnanamkogoclkgaggfdgoalok [2013-03-14]
CHR Extension: (Google Wallet) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR Extension: (Bastion) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohphhdkahjlioohbalmicpokoefkgid [2014-04-18]
CHR Extension: (Gmail) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-05-10]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-02-03] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2011-10-29] (Atheros Commnucations) [File not signed]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438032 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-15] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-15] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2139400 2010-05-25] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-26] (CACE Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2011-10-29] (Atheros) [File not signed]
S2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [X]
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 [X]
S2 vToolbarUpdater3.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [17536 2011-09-07] (ASUS)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [213984 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [344544 2015-03-11] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [137184 2015-04-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [291296 2015-04-07] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-09-01] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-27] (DT Soft Ltd)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-26] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [90704 2010-09-17] (Trend Micro Inc.)
R2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [144464 2010-09-17] (Trend Micro Inc.)
R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [67664 2010-09-17] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105552 2010-09-17] (Trend Micro Inc.)
R0 vidsflt61; C:\Windows\System32\DRIVERS\vsflt61.sys [142944 2012-03-16] (Acronis)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 WacHidRouter; system32\DRIVERS\wachidrouter.sys [X]
S3 wacomrouterfilter; system32\DRIVERS\wacomrouterfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-15 03:16 - 2015-05-15 03:17 - 00036624 _____ () C:\Users\Mysterial\Desktop\FRST.txt.txt
2015-05-15 03:14 - 2015-05-15 03:14 - 00000000 ____D () C:\Users\Mysterial\Desktop\FRST-OlderVersion
2015-05-15 02:45 - 2015-05-15 02:45 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{12114C30-BA59-4978-ACE3-C1DB89CD9859}
2015-05-12 22:10 - 2015-05-12 22:11 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{85C22D08-7C94-4461-8503-346E6D744A23}
2015-05-11 21:28 - 2015-05-11 21:28 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{469A639D-97FA-47B3-90CA-1C75EBD049BB}
2015-05-11 04:40 - 2015-05-11 04:40 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{3832D3DD-C696-42DA-A56B-4055CDCB351D}
2015-05-10 20:53 - 2015-05-10 21:08 - 00000000 ____D () C:\Users\Mysterial\Downloads\Interstellar (2014) IMAX Bluray 720p 5.1 BRRiP x264 AAC [Team Nanban]
2015-05-10 16:39 - 2015-05-10 16:39 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{7E646F85-F6DD-4A7D-98D5-6B19C3A432DC}
2015-05-09 19:30 - 2015-05-09 19:31 - 00000000 ____D () C:\Users\Mysterial\Documents\Traffic and Motor
2015-05-09 18:07 - 2015-05-09 18:07 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7+ Taskbar Tweaker
2015-05-09 18:07 - 2015-05-09 18:07 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\7+ Taskbar Tweaker
2015-05-09 17:19 - 2015-05-09 17:19 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{9EA00CAC-3436-482B-983C-D6BE944AE9CC}
2015-05-09 05:24 - 2015-05-09 05:24 - 00000000 ____D () C:\OETemp
2015-05-09 05:18 - 2015-05-09 05:18 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{BD6643BF-D020-404A-A522-454BF5831393}
2015-05-09 04:54 - 2015-05-09 04:54 - 00000000 ___RD () C:\Users\Mysterial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-05-09 04:00 - 2015-05-09 04:00 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\AVG2015
2015-05-09 03:59 - 2015-05-09 03:59 - 00000967 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-05-09 03:59 - 2015-05-09 03:59 - 00000967 _____ () C:\ProgramData\Desktop\AVG 2015.lnk
2015-05-09 03:59 - 2015-05-09 03:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-05-09 03:58 - 2015-05-09 03:59 - 00000000 ____D () C:\ProgramData\AVG2015
2015-05-09 03:58 - 2015-05-09 03:58 - 00000000 ___HD () C:\$AVG
2015-05-09 03:57 - 2015-05-09 03:57 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-05-09 03:48 - 2015-05-15 02:50 - 00000000 ____D () C:\ProgramData\MFAData
2015-05-09 03:48 - 2015-05-09 05:06 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\Avg2015
2015-05-09 03:48 - 2015-05-09 03:48 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\MFAData
2015-05-09 02:59 - 2015-05-09 03:30 - 00000181 _____ () C:\cleanup.bat
2015-05-09 02:55 - 2015-05-09 03:30 - 00000000 ____D () C:\AVG_BFEfix
2015-05-09 02:36 - 2015-05-09 03:30 - 00000000 ____D () C:\AVG_Remover
2015-05-09 02:35 - 2015-05-15 03:16 - 00000000 ____D () C:\FRST
2015-05-09 02:34 - 2015-05-15 03:14 - 02105856 _____ (Farbar) C:\Users\Mysterial\Desktop\FRST64.exe
2015-05-09 00:08 - 2015-05-09 00:08 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-09 00:08 - 2015-05-09 00:08 - 00001108 _____ () C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-09 00:08 - 2015-05-09 00:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-09 00:08 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-09 00:08 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-08 18:15 - 2015-05-09 06:19 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-08 18:15 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-08 16:57 - 2011-06-26 14:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-08 16:57 - 2010-11-08 01:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-08 16:57 - 2009-04-20 12:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-08 16:57 - 2000-08-31 08:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-08 16:57 - 2000-08-31 08:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-08 16:57 - 2000-08-31 08:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-08 16:57 - 2000-08-31 08:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-08 16:57 - 2000-08-31 08:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-08 16:51 - 2015-05-08 17:44 - 00000000 ____D () C:\Qoobox
2015-05-08 16:50 - 2015-05-08 17:42 - 00000000 ____D () C:\Windows\erdnt
2015-05-08 13:11 - 2015-05-08 22:59 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-08 12:22 - 2015-05-08 12:22 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-05-08 11:09 - 2015-05-09 00:08 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-08 10:41 - 2015-05-08 10:41 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\Hola
2015-05-08 10:07 - 2015-05-08 10:16 - 00000000 ____D () C:\AdwCleaner
2015-05-08 10:02 - 2015-05-08 18:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-08 01:37 - 2015-05-08 12:30 - 00000000 __SHD () C:\ProgramData\760617
2015-05-08 01:37 - 2015-05-08 01:37 - 00000000 __SHD () C:\ProgramData\760717
2015-05-08 01:28 - 2015-05-08 01:28 - 00003058 _____ () C:\Windows\System32\Tasks\{9F94ED28-4D50-4E0D-B79C-34A4A0EE3EA1}
2015-05-08 00:44 - 2015-05-08 18:35 - 00000000 ____D () C:\Windows\System32\Tasks\Update
2015-05-08 00:44 - 2015-05-08 01:32 - 00002798 _____ () C:\Windows\System32\Tasks\NAT Host
2015-05-08 00:44 - 2015-05-08 01:31 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\88B060F8-59D3-4207-85D0-DB8F6B462296
2015-05-08 00:41 - 2015-05-08 18:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photomatix Pro 5.0
2015-05-08 00:41 - 2015-05-08 18:35 - 00000000 ____D () C:\Program Files\PhotomatixPro5
2015-05-08 00:41 - 2015-05-08 00:41 - 00001783 _____ () C:\Users\Mysterial\Desktop\Photomatix Pro 5.0.5a (64-bit).lnk
2015-05-08 00:41 - 2015-05-08 00:41 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\HDRsoft
2015-05-08 00:08 - 2015-05-08 00:08 - 00000986 _____ () C:\Users\Mysterial\Desktop\Adobe Lightroom.lnk
2015-05-08 00:08 - 2015-05-08 00:08 - 00000986 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2015-05-07 23:55 - 2015-05-07 23:55 - 00001536 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2015-05-07 23:55 - 2015-05-07 23:55 - 00001524 _____ () C:\Users\Public\Desktop\Adobe Application Manager.lnk
2015-05-07 23:55 - 2015-05-07 23:55 - 00001524 _____ () C:\ProgramData\Desktop\Adobe Application Manager.lnk
2015-05-07 23:36 - 2015-05-09 19:17 - 00000000 ____D () C:\Users\Mysterial\Desktop\Photoshop Lightroom 6.0
2015-05-07 23:01 - 2015-05-07 23:02 - 24164609 ____R () C:\Users\Mysterial\Downloads\HDRsoft Photomatix Pro 5.0.5a.zip
2015-05-07 22:36 - 2015-05-09 14:28 - 00000000 ____D () C:\Users\Mysterial\Downloads\Adobe Photoshop Lightroom 6.0+patch Painter
2015-05-07 20:54 - 2015-05-07 20:55 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{44888ACE-1159-4507-AECE-D6D4CBECFEBD}
2015-05-07 07:39 - 2015-05-07 07:39 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{2335CEDC-2DEC-41FE-A632-532B0189FBAA}
2015-05-06 19:38 - 2015-05-06 19:38 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{B3D24FFA-6315-4886-B6BA-7E8677F9F52B}
2015-05-05 21:42 - 2015-05-05 21:42 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{FA3C45FF-5220-49B4-AE4B-A1F98BA41E77}
2015-05-05 06:09 - 2015-05-05 06:09 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\openvr
2015-05-05 05:16 - 2015-05-05 05:16 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{5C39F2DC-E010-4850-97F9-E3A08ACB09BC}
2015-05-04 19:52 - 2015-05-04 19:53 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{C676C862-C337-4417-BCD0-CB33AF1DFBFF}
2015-05-04 03:46 - 2015-05-04 03:46 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{446D8B17-2506-4348-B80B-327431E8D635}
2015-05-03 22:12 - 2015-05-03 22:42 - 00000000 ____D () C:\Users\Mysterial\Desktop\Lightroom Presets
2015-05-03 15:46 - 2015-05-03 15:46 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{99B39B6B-685F-446D-A051-956D183145D4}
2015-05-01 14:14 - 2015-05-01 14:14 - 00000495 _____ () C:\Users\Mysterial\Desktop\dry cabinet price list.txt
2015-05-01 02:13 - 2015-05-01 02:14 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{46444AB9-06F7-4DF4-83AD-409555BA9AC0}
2015-05-01 00:25 - 2015-05-01 00:25 - 00000000 ____D () C:\Users\Mysterial\Desktop\UROPS
2015-04-30 14:11 - 2015-04-30 14:12 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{9AC40CA8-FD4A-42B9-A81E-EA1A71F89096}
2015-04-29 15:14 - 2015-04-29 15:14 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{E9B4FD72-6F38-4E36-AC11-17FD87A44315}
2015-04-29 03:13 - 2015-04-29 03:13 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{9E68C10D-9BFF-45C0-AD6F-1C7E6928A101}
2015-04-28 15:13 - 2015-04-28 15:13 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{FD8AC1E8-64CE-49E3-9637-4E1A42DEE0FC}
2015-04-28 03:13 - 2015-04-28 03:13 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{5B9148E6-8C20-40A6-BA28-2A2A220104C5}
2015-04-27 15:13 - 2015-04-27 15:13 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{7FDD8ED1-E600-48E3-9E97-E03A88CEFFA1}
2015-04-27 03:12 - 2015-04-27 03:12 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{0B15336B-65C8-4B7F-8305-043E08C44C52}
2015-04-26 15:11 - 2015-04-26 15:11 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{ABDA1A17-85F7-44F8-BC83-FDB7EB42DFD0}
2015-04-26 03:11 - 2015-04-26 03:11 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{45CE4C16-20A7-4A71-A4FA-D8E8179146B0}
2015-04-25 15:10 - 2015-04-25 15:10 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{7BA0FE6C-4AF3-4534-8691-1CE5FFF12B09}
2015-04-25 03:09 - 2015-04-25 03:09 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{D605FB71-3DB6-472F-B624-A47A0150098B}
2015-04-24 15:08 - 2015-04-24 15:08 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{4D0B974E-9270-4471-9F58-9BCC231D1DC5}
2015-04-24 03:08 - 2015-04-24 03:08 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{3187787B-F129-46EC-BE0D-668BD6B1FA87}
2015-04-23 06:53 - 2015-04-23 06:53 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{73504FEC-7EEA-46B4-B263-605A11E6FEF6}
2015-04-22 18:52 - 2015-04-22 18:53 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{FE26B66E-CB85-4E5D-9565-BE527A99DD12}
2015-04-22 18:01 - 2015-04-22 18:02 - 00000000 ____D () C:\Users\Mysterial\Desktop\Grand Canyon
2015-04-22 17:58 - 2015-05-09 19:31 - 00000000 ____D () C:\Users\Mysterial\Documents\Work and Internship
2015-04-22 06:52 - 2015-04-22 06:52 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{62E46592-9563-4269-B154-15AFCC5955C0}
2015-04-21 18:52 - 2015-04-21 18:52 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{BFDF3ABF-7F39-4674-A347-B360456B352C}
2015-04-21 09:21 - 2015-04-02 08:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-21 09:21 - 2015-04-02 07:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-21 09:21 - 2015-03-25 11:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-21 09:21 - 2015-03-25 11:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-21 09:21 - 2015-03-25 11:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-21 09:21 - 2015-03-25 11:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-21 09:21 - 2015-03-25 11:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-21 09:21 - 2015-03-25 11:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-21 09:21 - 2015-03-25 11:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-21 09:21 - 2015-03-25 11:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-21 09:21 - 2015-03-25 11:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-21 09:21 - 2015-03-25 11:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-21 09:21 - 2015-03-25 11:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-21 09:21 - 2015-03-25 11:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-21 09:21 - 2015-03-25 11:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-21 09:21 - 2015-03-25 11:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-21 09:21 - 2015-03-25 11:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-21 09:21 - 2015-03-25 11:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-21 09:21 - 2015-03-13 12:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-21 09:21 - 2015-03-13 12:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-21 09:21 - 2015-03-13 12:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-21 09:21 - 2015-03-13 12:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-21 09:21 - 2015-03-13 12:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-21 09:21 - 2015-03-13 12:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-21 09:21 - 2015-03-13 12:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-21 09:21 - 2015-03-13 12:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-21 09:21 - 2015-03-13 12:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-21 09:21 - 2015-03-13 12:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-21 09:21 - 2015-03-13 11:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-21 09:21 - 2015-03-13 11:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-21 09:21 - 2015-03-13 11:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-21 09:21 - 2015-03-13 11:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-21 09:21 - 2015-03-13 11:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-21 09:21 - 2015-03-13 11:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-21 09:21 - 2015-03-13 11:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-21 09:21 - 2015-03-13 11:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-21 09:21 - 2015-03-13 11:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-21 09:21 - 2015-03-13 11:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-21 09:21 - 2015-03-13 11:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-21 09:21 - 2015-03-13 11:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-21 09:21 - 2015-03-13 11:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-21 09:21 - 2015-03-13 11:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-21 09:21 - 2015-03-13 11:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-21 09:21 - 2015-03-13 11:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-21 09:21 - 2015-03-13 11:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-21 09:21 - 2015-03-13 11:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-21 09:21 - 2015-03-13 11:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-21 09:21 - 2015-03-13 11:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-21 09:21 - 2015-03-13 11:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-21 09:21 - 2015-03-13 11:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-21 09:21 - 2015-03-13 11:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-21 09:21 - 2015-03-13 11:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-21 09:21 - 2015-03-13 11:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-21 09:21 - 2015-03-13 11:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-21 09:21 - 2015-03-13 11:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-21 09:21 - 2015-03-13 11:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-21 09:21 - 2015-03-13 11:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-21 09:21 - 2015-03-13 11:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-21 09:21 - 2015-03-13 11:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-21 09:21 - 2015-03-13 11:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-21 09:21 - 2015-03-13 10:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-21 09:21 - 2015-03-13 10:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-21 09:21 - 2015-03-13 10:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-21 09:21 - 2015-03-13 10:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-21 09:21 - 2015-03-13 10:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-21 09:21 - 2015-03-13 10:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-21 09:21 - 2015-03-13 10:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-21 09:21 - 2015-03-13 10:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-21 09:21 - 2015-03-13 10:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-21 09:21 - 2015-03-13 10:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-21 09:21 - 2015-03-13 10:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-21 09:21 - 2015-03-13 10:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-21 09:21 - 2015-03-13 10:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-21 09:21 - 2015-03-13 10:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-21 08:10 - 2015-04-21 08:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-21 06:52 - 2015-04-21 06:52 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{5D1193EC-726C-4675-BD6B-8D7BC50ED7EB}
2015-04-20 19:31 - 2015-05-07 09:04 - 02540864 _____ (HDRsoft Ltd ) C:\Users\Mysterial\Desktop\MergeTo32bitHDR12x64.exe
2015-04-20 18:51 - 2015-04-20 18:51 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{753DB93C-7AB1-4F34-9535-E36A67DC336B}
2015-04-20 18:13 - 2015-03-17 13:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-20 18:13 - 2015-03-17 13:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-20 18:13 - 2015-03-17 13:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-20 18:13 - 2015-03-17 13:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-20 18:13 - 2015-03-17 13:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-20 18:13 - 2015-03-17 13:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-20 18:13 - 2015-03-17 13:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-20 18:13 - 2015-03-17 13:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-20 18:13 - 2015-03-17 13:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-20 18:13 - 2015-03-17 13:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-20 18:13 - 2015-03-17 13:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-20 18:13 - 2015-03-17 13:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-20 18:13 - 2015-03-17 13:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-20 18:13 - 2015-03-17 13:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-20 18:13 - 2015-03-17 13:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-20 18:13 - 2015-03-17 12:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-20 18:13 - 2015-03-17 12:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-20 18:13 - 2015-03-17 12:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-20 18:13 - 2015-03-17 12:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-20 18:13 - 2015-03-17 12:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-20 18:13 - 2015-03-17 12:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-20 18:13 - 2015-03-17 12:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-20 18:13 - 2015-03-17 12:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-20 18:13 - 2015-03-17 12:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-20 18:13 - 2015-03-17 12:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 11:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-20 18:13 - 2015-03-17 11:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-20 18:13 - 2015-03-17 11:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 11:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 11:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 11:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-20 06:51 - 2015-04-20 06:51 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{D25B4D2F-3F6B-414C-8768-34ABEA72DCBD}
2015-04-19 19:25 - 2015-04-19 19:25 - 00001755 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-04-19 19:25 - 2015-04-19 19:25 - 00001755 _____ () C:\ProgramData\Desktop\iTunes.lnk
2015-04-19 19:25 - 2015-04-19 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-04-19 19:24 - 2015-04-19 19:25 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-04-19 19:24 - 2015-04-19 19:25 - 00000000 ____D () C:\Program Files\iTunes
2015-04-19 19:24 - 2015-04-19 19:24 - 00000000 ____D () C:\Program Files\iPod
2015-04-19 19:24 - 2015-04-19 19:24 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-04-19 19:13 - 2015-04-19 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-04-19 19:12 - 2015-03-23 11:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-19 19:12 - 2015-03-23 11:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-19 19:12 - 2015-03-23 11:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-19 19:12 - 2015-03-23 11:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-19 19:12 - 2015-03-23 11:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-19 19:12 - 2015-03-23 11:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-19 19:12 - 2015-03-23 11:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-19 19:12 - 2015-03-23 11:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-19 18:51 - 2015-04-19 18:51 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{D8D7A8BB-067B-4422-8FDD-39DB91355900}
2015-04-17 23:57 - 2015-04-17 23:57 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\Macroplant_LLC
2015-04-17 23:55 - 2015-04-18 00:11 - 00000000 ____D () C:\Program Files (x86)\iExplorer
2015-04-17 20:51 - 2015-03-10 11:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-17 20:51 - 2015-03-10 11:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-17 20:51 - 2015-03-10 11:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-17 20:51 - 2015-03-10 11:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-17 20:51 - 2015-03-05 13:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-17 20:51 - 2015-03-05 12:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-17 20:51 - 2015-03-04 12:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-17 20:51 - 2015-03-04 12:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-17 20:51 - 2015-03-04 12:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-17 20:51 - 2015-02-25 11:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-17 20:22 - 2015-04-17 20:23 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{0D1D35C1-60BC-4216-807B-317DC62ADFBD}
2015-04-15 13:06 - 2015-04-15 13:06 - 00256992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-15 03:15 - 2010-05-13 00:38 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\BitTorrent
2015-05-15 03:13 - 2012-03-27 14:58 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-15 03:07 - 2012-02-29 07:57 - 02009721 _____ () C:\Windows\WindowsUpdate.log
2015-05-15 02:54 - 2012-03-27 14:58 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-15 02:51 - 2012-03-16 18:09 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-15 02:50 - 2013-02-17 08:50 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{288C5043-7135-4EEF-AF3A-CFDC6194ADC0}
2015-05-15 02:49 - 2013-03-17 17:36 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-15 02:48 - 2014-12-10 02:25 - 00000000 ____D () C:\Users\Mysterial\Documents\Assassin's Creed Unity
2015-05-15 02:48 - 2012-07-12 16:46 - 00000387 _____ () C:\Users\Mysterial\AppData\Roaming\sp_data.sys
2015-05-15 02:45 - 2014-07-30 04:28 - 00000586 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2102144433-2307754193-2593861232-1001.job
2015-05-12 22:16 - 2009-07-14 12:51 - 00172751 _____ () C:\Windows\setupact.log
2015-05-11 02:51 - 2011-10-18 12:19 - 00129060 _____ () C:\Windows\DirectX.log
2015-05-11 02:45 - 2007-10-15 23:05 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\vlc
2015-05-10 20:48 - 2015-02-19 15:58 - 00000000 ____D () C:\Users\Mysterial\Downloads\Hola
2015-05-10 16:54 - 2009-07-14 12:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-10 16:54 - 2009-07-14 12:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-09 19:33 - 2014-12-29 13:45 - 00000000 ____D () C:\Users\Mysterial\Documents\Exchange
2015-05-09 13:22 - 2012-09-28 01:29 - 00000000 ____D () C:\Users\Mysterial\Documents\mini-KMS_Activator_v1.051
2015-05-09 13:21 - 2013-03-12 22:37 - 00000000 ____D () C:\Users\Mysterial\Downloads\Mathematica 9 Linux
2015-05-09 09:28 - 2013-12-06 16:02 - 00000000 ____D () C:\Program Files (x86)\Assassins Creed IV Black Flag
2015-05-09 08:48 - 2012-03-15 01:14 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\Dropbox
2015-05-09 08:48 - 2012-03-14 17:13 - 00000000 ___RD () C:\Users\Mysterial\Dropbox
2015-05-09 08:47 - 2012-03-15 01:16 - 00001037 _____ () C:\Users\Mysterial\Desktop\Dropbox.lnk
2015-05-09 08:47 - 2012-03-15 01:15 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-09 04:58 - 2009-07-14 13:13 - 00798054 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-09 04:54 - 2012-03-14 02:19 - 00000000 ____D () C:\Users\Mysterial\Documents\Bluetooth Folder
2015-05-09 03:31 - 2012-02-29 08:01 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-09 03:31 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-09 03:30 - 2011-10-18 11:58 - 00845738 _____ () C:\Windows\PFRO.log
2015-05-09 01:24 - 2012-03-16 21:07 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\CrashDumps
2015-05-08 21:54 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\rescache
2015-05-08 18:36 - 2014-12-03 07:29 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\RescueTime.com
2015-05-08 18:36 - 2014-09-01 00:41 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2015-05-08 18:36 - 2014-05-08 20:10 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\TeraCopy
2015-05-08 18:36 - 2013-04-25 13:22 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-05-08 18:36 - 2012-09-17 08:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-08 18:36 - 2012-07-12 15:25 - 00000000 ____D () C:\ProgramData\P4G
2015-05-08 18:36 - 2009-07-14 11:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-05-08 18:35 - 2015-04-10 06:39 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-08 18:35 - 2014-12-12 15:25 - 00000000 ____D () C:\Windows\system32\appraiser
2015-05-08 18:35 - 2014-10-22 03:54 - 00000000 ____D () C:\ProgramData\AVG2015 (corrupted permissions)
2015-05-08 18:35 - 2014-05-23 16:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-05-08 18:35 - 2014-04-19 08:58 - 00000000 ____D () C:\ProgramData\Avg_Update_0414b
2015-05-08 18:35 - 2012-03-14 02:17 - 00000000 ____D () C:\Users\Mysterial
2015-05-08 18:35 - 2011-10-18 12:30 - 00000000 ____D () C:\ProgramData\Trend Micro
2015-05-08 18:35 - 2009-07-14 15:44 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-05-08 18:35 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-05-08 18:10 - 2012-08-13 20:06 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\Deployment
2015-05-08 17:45 - 2007-05-11 18:02 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\Apps\2.0
2015-05-08 17:40 - 2009-07-14 10:34 - 00000215 _____ () C:\Windows\system.ini
2015-05-08 16:39 - 2013-11-21 12:47 - 00000000 ____D () C:\Users\Guest with network
2015-05-08 10:19 - 2012-02-29 08:13 - 00002720 _____ () C:\Windows\system32\AutoRunFilter.ini
2015-05-08 01:44 - 2008-02-17 20:12 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\Skype
2015-05-08 00:52 - 2007-04-30 22:31 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\Adobe
2015-05-08 00:08 - 2012-03-27 03:04 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-05-08 00:07 - 2015-03-01 12:54 - 00000000 ____D () C:\Program Files\Adobe
2015-05-08 00:00 - 2014-12-09 23:56 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-03 03:48 - 2013-03-23 21:08 - 00000000 ____D () C:\ProgramData\Skype
2015-05-03 03:42 - 2012-02-29 08:13 - 00001597 _____ () C:\Windows\system32\ServiceFilter.ini
2015-05-03 03:41 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\AppCompat
2015-05-01 16:08 - 2012-03-27 15:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-01 16:06 - 2011-10-18 12:17 - 00782364 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-05-01 16:01 - 2013-09-21 20:13 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-01 15:41 - 2012-12-23 13:57 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-30 14:31 - 2012-03-27 15:04 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-30 14:31 - 2012-03-27 15:04 - 00002185 _____ () C:\ProgramData\Desktop\Google Chrome.lnk
2015-04-22 18:25 - 2012-02-29 08:01 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-22 18:24 - 2014-02-09 17:24 - 00000000 ____D () C:\ProgramData\ArcSoft
2015-04-22 18:15 - 2013-09-13 11:35 - 00000000 ____D () C:\Program Files\Paint.NET
2015-04-22 18:12 - 2013-10-15 12:11 - 00000000 ____D () C:\Program Files\VCG
2015-04-22 18:08 - 2013-10-16 21:01 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-04-22 18:08 - 2013-10-16 21:01 - 00000000 ____D () C:\Program Files\Autodesk
2015-04-22 17:59 - 2014-05-20 21:33 - 00000000 ____D () C:\Users\Mysterial\Documents\CV
2015-04-19 19:24 - 2012-03-16 18:57 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-04-17 23:52 - 2014-02-12 16:35 - 00000000 ____D () C:\Users\Mysterial\Documents\Outlook Files
2015-04-17 20:59 - 2009-07-14 10:34 - 00000478 _____ () C:\Windows\win.ini

==================== Files in the root of some directories =======

2011-06-03 20:46 - 2011-06-03 20:46 - 0000000 _____ () C:\Users\Mysterial\AppData\Roaming\chrtmp
2010-01-22 15:02 - 2010-01-22 15:39 - 0000179 _____ () C:\Users\Mysterial\AppData\Roaming\Current.prx
2005-05-21 13:29 - 2011-06-03 22:05 - 0008200 ____H () C:\Users\Mysterial\AppData\Roaming\Kennethlog.dat
2011-03-22 21:49 - 2011-05-02 17:08 - 0046658 _____ () C:\Users\Mysterial\AppData\Roaming\room.dat
2011-05-31 01:52 - 2012-03-17 03:41 - 0051270 _____ () C:\Users\Mysterial\AppData\Roaming\room_v3.dat
2012-07-12 16:46 - 2015-05-15 02:48 - 0000387 _____ () C:\Users\Mysterial\AppData\Roaming\sp_data.sys
2008-05-04 21:53 - 2010-05-14 01:25 - 0023580 _____ () C:\Users\Mysterial\AppData\Roaming\UserTile.png
2012-10-24 19:38 - 2012-10-24 19:38 - 0000218 _____ () C:\Users\Mysterial\AppData\Local\.recently-used.xbel
2012-11-30 02:10 - 2013-04-21 23:20 - 0131066 _____ () C:\Users\Mysterial\AppData\Local\ars.cache
2012-11-30 02:10 - 2012-11-30 02:10 - 0878528 _____ () C:\Users\Mysterial\AppData\Local\census.cache
2013-04-12 00:00 - 2013-04-12 00:24 - 0001677 _____ () C:\Users\Mysterial\AppData\Local\Cracklock.settings
2011-03-01 23:38 - 2011-03-01 23:38 - 0000552 _____ () C:\Users\Mysterial\AppData\Local\d3d8caps.dat
2008-03-13 10:18 - 2012-02-21 06:05 - 0002032 _____ () C:\Users\Mysterial\AppData\Local\d3d9caps.dat
2013-09-10 18:01 - 2015-01-21 16:50 - 0005120 _____ () C:\Users\Mysterial\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-11-02 19:17 - 2013-04-21 23:08 - 0000036 _____ () C:\Users\Mysterial\AppData\Local\housecall.guid.cache
2013-04-04 04:28 - 2013-04-04 04:28 - 0000337 _____ () C:\Users\Mysterial\AppData\Local\Perfmon.PerfmonCfg
2014-02-07 02:19 - 2014-02-07 02:27 - 0000600 _____ () C:\Users\Mysterial\AppData\Local\PUTTY.RND
2015-02-11 13:30 - 2015-02-11 13:30 - 0002039 _____ () C:\Users\Mysterial\AppData\Local\recently-used.xbel
2013-01-21 01:14 - 2013-01-21 01:14 - 0007598 _____ () C:\Users\Mysterial\AppData\Local\Resmon.ResmonCfg
2012-02-29 08:17 - 2012-02-29 08:18 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-02-29 08:17 - 2012-02-29 08:17 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-02-29 08:16 - 2012-02-29 08:17 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some content of TEMP:
====================
C:\Users\Mysterial\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpftbono.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-08 21:42

==================== End Of Log ============================



#10 Black_Bird

Black_Bird

  • Malware Response Team
  • 228 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:08 AM

Posted 15 May 2015 - 06:31 PM

Hi!

Welcome to the Bleeping Computer Support Forums! I am Black_Bird and I will help you removing any malware that might be present on your computer.

An important WARNING to all individuals reading this topic:
All advice in this topic was given specifically for this user and this computer!! Performing instructions given by me in this topic on other computers may harm your computer's infrastructure and can cause serious damage to them!!
Please don't perform the steps given by me or other Helpers in this topic when you are not the original Topic Starter, but start your own topic with a question for help. You will get help from a trained and qualified Helper to clean up your computer from any present malware when you do so.


General rules:
  • From now on, don't use this computer anymore to access your bank account or any other serious business where you have to login for, untill I've told you your computer is clean from malware.
  • Be patient waiting for my answer. I'm doing the best I can to answer to logs as soon as possible, but I'm handling multiple topics at the same time. Please feel free to remind me of your topic by sending a link to it by private message, when I didn't get back to you after 24 hours.
  • Don't change anything on your computer in the period I'm helping you, except when I tell you to do so. So don't add/remove any software (programs, drivers, etc.) and don't change any hardware. If you really need to change something that can't wait, please inform me directly, by posting it in this topic or - if private - send me a private message containing an explanation of the changes made by you. This gives me the possibility to give you good advice.


Rules about advices from me:
  • The Helpers active on this board first got a full training in removing malware and providing support to people who got infected. Also they were trained to resolve any problems caused by malware infections. Please use the programs I provide to you only when under supervision of a trained Helper. This, because using these programs without supervision can cause damage to your computer.
  • It's possible that your virus scanner, anti-spyware program or any other malware protection program or policy tries to block one or more of the programs provided by us. If that is the case, please always allow those programs to run and/or allow the provided changes to be made. If needed to run our tools properly, temporarily disable your anti-malware programs.
  • Always Save tools provided by me to your Desktop, unless I give you other instructions. Don't ever run tools directly from the internet, because this can stop them from working properly. Also never save tools to any other locations than your Desktop.
  • If you have any problems while following my instructions, stop there and tell me the exact nature of the issue.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • You can check here if you're not sure if your computer is 32-bit or 64-bit.


Rules about posting results:
  • Always copy/paste the logfiles in your replies completely. If a logfile doesn't fit into one post, please add the logfile as an attachment instead. If this still won't work, please inform me.
  • Never change something in the logfiles!! Include them in your posts as they were provided by the tools. This way I'll get a clear view on your system's situation. If you change the logfiles, it will take more time to clean up your computer.
  • Don't post logs using CODE, QUOTE or FONT tags. Just post them as direct text.


Things I want you to do before performing the steps below:
  • Please enable your system to show hidden files: How to see hidden files in Windows.
  • Make sure you're subscribed to this topic. Click on the Follow This Topic button at the top right of this page, make sure that the Receive Notification box is checked and that it is set to Instantly.
  • Even though we do the best we can to help you, removing malware includes risks. Therefor I advise you to back-up all of your important files to a CD/DVD, external drive or flash drive. For instructions/help, take a look here.


-------------------------------------------------------------------------------------------------------------------------------------------------------
Thanks in advance for keeping above rules in mind. :)
Maybe they look like unnecessary rules, but practice teaches us they are needed to help.

Now, let's continue with the steps you need to do:
-------------------------------------------------------------------------------------------------------------------------------------------------------
 

General P2P/Piracy Warning:

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now.

 

 

1. Download RKill and save it to your Desktop.

  • Right-click RKill.exe and select Run as Administrator....
  • If a Windows Security prompt shows up, please allow the program to start.
  • The program will start immediately with it's tasks. When the program has finished, a logfile will appear.
    Please copy the contents of this logfile in your next reply.

 

2. We need to uninstall some programs from your computer.

  • Please go to Start > Control Panel.
  • In the window that opens ("Control Panel"), click Uninstall a program. A list containing all installed programs will open.
  • Please delete the following programs because they are malware related:
    • Hola™ 1.7.5 - Better Internet
  • Also I advise you to delete the following programs/toolbars as they are marked as "Potentially Unwanted Programs" (PUPs). These programs often contain bundled spyware/adware or they're known for logging your activities.
    • Bing Bar
  • When done, please close all windows and reboot your PC.

 

3. Please download to your Desktop.

  • Please make sure to put fixlist.txt in the same location as where FRST.exe/FRST64.exe is located!


4. Start Farbar Recovery Scan Tool by right-clicking it and selecting Run as Administrator.
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called fixlog.txt. Please include this logfile in your next reply.


5. Please remove fixlist.txt from your PC.

6. Please reboot your PC.

7. Start Farbar Recovery Scan Tool
  • If asked, click Yes at the Disclaimer window.
  • Click Scan once the program has opened.
  • It will create a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.


8. Please give me an update on your PC problems. Also please include the results from the following tools in your next reply:
  • RKill
  • Farbar Recovery Scan Tool - using fixlist.txt
  • Farbar Recovery Scan Tool - regular scan

 

9. Can you tell me if you live inside Singapore or if you're known with DNS-addresses that you're using which servers are from Singapore?

 

Good luck. :)


Kind regards,
Black_Bird
 

What to do when your computer is infected? Read here!

The Bleeping Computer Board Rules - The Moderating Team


If I am directly helping you on a topic and I've not replied within 24 hours please send me a Private Message with a link to your topic.


#11 Mysterial

Mysterial
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:08 AM

Posted 17 May 2015 - 02:50 AM

Hi Black_Bird!

Thank you so much for taking up my case and helping me in resolving the malware issues.

I have followed your instructions as per your post and these is what I observed that you may find helpful:

When I tried uninstalling Hola from the add/remove program in control panel, it says that it has already been uninstalled and that it would be removed from the list.

  • Bing Bar uninstalled as any other programs would
  • Rkill killed taskbar tweaker - A program I downloaded to mod the windows toolbar
  • FRST + fixlist ran pretty fast with no restart required
  • Hola is a VPN program I use, Rescuetime is a productivity tracker that logs my time spent in each application.

I'd like to bring your attention to problem 3 in the first post of this thread. A 'Microsoft Visual C++ 2010 x86 Redistributable - 10.0.4.40219' and 'Microsoft Visual C++ 2010 x64 Redistributable - 10.0.4.40219' were installed on the date of infection and is visible in the add/remove program. There is another one installed in december with the publisher as a Russian name.

Another reason for my suspicion is that a restore point with the same name was also created on the date of infection as mentioned in an earlier post, but I am not sure if this was reflected in the logs I posted above.

There is also a Windows Live Mesh ActiveX in Chinese which I don't recall installing.

I have posted the images as attachments as I don't know how to get a plaintext list of add/remove programs.
 

And yes, I live in Singapore. :)

 

____________________________________________________________________________________

 

Rkill 2.7.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 05/17/2015 02:33:58 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Users\Mysterial\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe (PID: 8772) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 05/17/2015 02:36:21 PM
Execution time: 0 hours(s), 2 minute(s), and 22 seconds(s)
 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-05-2015 02
Ran by Mysterial at 2015-05-17 15:04:32 Run:1
Running from C:\Users\Mysterial\Desktop
Loaded Profiles: Mysterial (Available profiles: Mysterial & Guest with network & Guest)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe --silent
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKU\S-1-5-21-2102144433-2307754193-2593861232-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
FF Plugin HKU\S-1-5-21-2102144433-2307754193-2593861232-1001: @hola.org/vlc,version=1.7.712 -> C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc [2015-05-08] ()
FF Plugin HKU\S-1-5-21-2102144433-2307754193-2593861232-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @hola.org/vlc,version=1.7.712 -> C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc [2015-05-08] ()
FF Plugin HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF Extension: Hola Better Internet - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2015-04-24]
FF Extension: RescueTime for Firefox - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\rescuetime_firefox@rescuetime.com.xpi [2014-12-03]
CHR Extension: (Hola Better Internet) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-02-14]
C:\ProgramData\760617
C:\ProgramData\760717
IE trusted site: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\hola.org -> hxxp://hola.org
FirewallRules: [TCP Query User{8E88C0DD-8CAF-47DC-AC57-57CB8AC45D42}C:\users\mysterial\appdata\local\temp\e007.tmp\kmservice.exe] => (Allow) C:\users\mysterial\appdata\local\temp\e007.tmp\kmservice.exe
FirewallRules: [UDP Query User{682B9537-3DA2-4637-AB8B-98B48F516A68}C:\users\mysterial\appdata\local\temp\e007.tmp\kmservice.exe] => (Allow) C:\users\mysterial\appdata\local\temp\e007.tmp\kmservice.exe
FirewallRules: [TCP Query User{2F2FC348-6968-47D0-A53B-491C882B21C3}C:\users\mysterial\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\mysterial\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{A964383C-D1B4-47A0-BAAC-AF0B7A242F39}C:\users\mysterial\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\mysterial\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [TCP Query User{5C2EC121-CC11-4F22-924B-32EA3DA79991}C:\users\mysterial\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\mysterial\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{9C29C240-17F0-49B9-80BF-05FD2B88606D}C:\users\mysterial\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\mysterial\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [{0BEF97D9-5E50-4792-8F23-27E98D2C9A1E}] => (Allow) C:\Program Files\Hola\app\hola_svc.exe
FirewallRules: [{1F8E2558-7E69-4416-A95A-F09AE1F3DB86}] => (Allow) C:\Program Files\Hola\app\hola_svc.exe
C:\users\mysterial\appdata\local\temp\e007.tmp


*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\hola => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value deleted successfully.
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Key not found.
HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\Toolbar: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Value not found.
HKCR\CLSID\Toolbar: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Key not found.
HKU\S-1-5-21-2102144433-2307754193-2593861232-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\Toolbar: HKU\S-1-5-21-2102144433-2307754193-2593861232-501-{{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Value not found.
HKCR\CLSID\Toolbar: HKU\S-1-5-21-2102144433-2307754193-2593861232-501-{{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Key not found.
"HKCR\PROTOCOLS\Handler\livecall" => Key deleted successfully.
HKCR\CLSID\{828030A1-22C1-4009-854F-8E305202313F} => Key not found.
"HKCR\PROTOCOLS\Handler\msnim" => Key deleted successfully.
HKCR\CLSID\{828030A1-22C1-4009-854F-8E305202313F} => Key not found.
"HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\Software\MozillaPlugins\@hola.org/vlc,version=1.7.712" => Key deleted successfully.
FF Plugin HKU\S-1-5-21-2102144433-2307754193-2593861232-1001: @hola.org/vlc,version=1.7.712 -> C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc [2015-05-08] () not found.
"HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\Software\MozillaPlugins\wacom.com/WacomTabletPlugin" => Key deleted successfully.
C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll not found.
HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\MozillaPlugins\@hola.org/vlc,version=1.7.712 => Key not found.
FF Plugin HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @hola.org/vlc,version=1.7.712 -> C:\Users\Mysterial\AppData\Local\Hola\firefox\app\vlc [2015-05-08] () not found.
HKU\S-1-5-21-2102144433-2307754193-2593861232-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\MozillaPlugins\wacom.com/WacomTabletPlugin => Key not found.
C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll not found.
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack => Moved successfully.
C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\rescuetime_firefox@rescuetime.com.xpi => Moved successfully.
C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio => Moved successfully.
C:\ProgramData\760617 => Moved successfully.
C:\ProgramData\760717 => Moved successfully.
"HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org" => Key deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8E88C0DD-8CAF-47DC-AC57-57CB8AC45D42}C:\users\mysterial\appdata\local\temp\e007.tmp\kmservice.exe => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{682B9537-3DA2-4637-AB8B-98B48F516A68}C:\users\mysterial\appdata\local\temp\e007.tmp\kmservice.exe => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2F2FC348-6968-47D0-A53B-491C882B21C3}C:\users\mysterial\appdata\local\hola\firefox\app\hola_plugin.exe => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A964383C-D1B4-47A0-BAAC-AF0B7A242F39}C:\users\mysterial\appdata\local\hola\firefox\app\hola_plugin.exe => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5C2EC121-CC11-4F22-924B-32EA3DA79991}C:\users\mysterial\appdata\local\hola\firefox\app\hola_plugin.exe => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9C29C240-17F0-49B9-80BF-05FD2B88606D}C:\users\mysterial\appdata\local\hola\firefox\app\hola_plugin.exe => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0BEF97D9-5E50-4792-8F23-27E98D2C9A1E} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1F8E2558-7E69-4416-A95A-F09AE1F3DB86} => value deleted successfully.
"C:\users\mysterial\appdata\local\temp\e007.tmp" => File/Directory not found.

==== End of Fixlog 15:04:38 ====

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02
Ran by Mysterial (administrator) on MYSTERIAL-PC on 17-05-2015 15:17:52
Running from C:\Users\Mysterial\Desktop
Loaded Profiles: Mysterial (Available profiles: Mysterial & Guest with network & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Dropbox, Inc.) C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-07-21] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-03] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [984224 2011-10-29] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2011-10-29] (Atheros Commnucations)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [197152 2011-02-10] (Trend Micro Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\RunOnce: [AvgRemover] => C:\AVG_Remover\utils\remover.exe [3681088 2015-05-09] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\Run: [7 Taskbar Tweaker] => C:\Users\Mysterial\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe [382976 2015-04-08] (RaMMicHaeL)
HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\Run: [BitTorrent] => C:\Users\Mysterial\AppData\Roaming\BitTorrent\BitTorrent.exe [1696104 2015-05-12] (BitTorrent Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2014-11-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2014-11-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2011-10-18]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
Startup: C:\Users\Guest with network\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk [2013-11-21]
ShortcutTarget: Intel® Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\Users\Mysterial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-08]
ShortcutTarget: Dropbox.lnk -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg.dll [2010-07-21] (Trend Micro Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-15] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe64.dll [2011-03-25] (Trend Micro Inc.)
BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll [2010-07-21] (Trend Micro Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-10-29] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-12-10] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-15] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll [2011-03-25] (Trend Micro Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-12-10] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-12-10] (Adobe Systems Incorporated)
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-15] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-15] (Microsoft Corporation)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe64.dll [2011-03-25] (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll [2011-03-25] (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg.dll [2010-07-21] (Trend Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll [2010-07-21] (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{6DB33BBE-AEDD-4B11-BFC9-18E99A5114FE}: [NameServer] 165.21.83.88,165.21.100.88

FireFox:
========
FF ProfilePath: C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default
FF DefaultSearchEngine.US: Google
FF Homepage: https://www.google.com/
FF Keyword.URL:
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-05] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-05] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-08] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-11-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-11-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\9.0.0.3824406\npmathplugin.dll [2012-11-19] (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-02] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: Sony Corporation/PMCADownloader -> C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\npPMCADownloader.dll [2012-10-18] (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderHelper -> C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\PMCADownloaderHelper.exe [2012-10-18] (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderLib -> C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\PMCADownloaderLib.dll [2012-10-18] (Sony Network Entertainment International LLC)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-24] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-2102144433-2307754193-2593861232-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Mysterial\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-07-30] (Citrix Online)
FF Plugin HKU\S-1-5-21-2102144433-2307754193-2593861232-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mysterial\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-12-08] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-02] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Mysterial\AppData\Roaming\mozilla\plugins\npatgpc.dll [2013-09-09] (Cisco WebEx LLC)
FF SearchPlugin: C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\searchplugins\google-scholar.xml [2013-04-11]
FF SearchPlugin: C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\searchplugins\wiktionary-en.xml [2012-03-20]
FF SearchPlugin: C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\searchplugins\youtube-video-search.xml [2012-03-16]
FF Extension: British English Dictionary - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\en-GB@dictionaries.addons.mozilla.org [2012-03-20]
FF Extension: Zotero Word for Windows Integration - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\zoteroWinWordIntegration@zotero.org [2015-03-09]
FF Extension: Tumblr Post - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\{99210d54-6321-41e8-bd1b-2b4c55874efb} [2014-03-17]
FF Extension: YouTube Video and Audio Downloader - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2014-02-26]
FF Extension: YouTube ALL HTML5 - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\jid1-qj0w91o64N7Eeg@jetpack.xpi [2014-03-03]
FF Extension: Tree Style Tab - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\treestyletab@piro.sakura.ne.jp.xpi [2015-05-08]
FF Extension: Zotero - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\zotero@chnm.gmu.edu.xpi [2013-04-09]
FF Extension: Adblock Plus - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-08-13]
FF Extension: Greasemonkey - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-10-04]
FF Extension: Sothink Web Video Downloader for Firefox - C:\Users\Mysterial\AppData\Roaming\Mozilla\Firefox\Profiles\0ladad7a.default\Extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}.xpi [2013-09-10]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-21]
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\firefoxextension
FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\firefoxextension [2012-03-28]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-03-27]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-05-10]
CHR Extension: (Google Search) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-05-10]
CHR Extension: (Bookmark Manager) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-01-28]
CHR Extension: (Don't Starve) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiledapehlkhdehbhppgmekfalnlfajc [2013-04-12]
CHR Extension: (Universe) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\igcicgpahfpikagbhofhehldknadneld [2014-11-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-07]
CHR Extension: (Skype Click to Call) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-07-17]
CHR Extension: (Go away MDA - Bypass MDA blocked sites) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\lledpflfnanamkogoclkgaggfdgoalok [2013-03-14]
CHR Extension: (Google Wallet) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR Extension: (Bastion) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohphhdkahjlioohbalmicpokoefkgid [2014-04-18]
CHR Extension: (Gmail) - C:\Users\Mysterial\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-05-10]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-02-03] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2011-10-29] (Atheros Commnucations) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-15] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-15] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2139400 2010-05-25] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-26] (CACE Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2011-10-29] (Atheros) [File not signed]
S2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [X]
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 [X]
S2 vToolbarUpdater3.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [17536 2011-09-07] (ASUS)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-09-01] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-27] (DT Soft Ltd)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-26] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [90704 2010-09-17] (Trend Micro Inc.)
R2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [144464 2010-09-17] (Trend Micro Inc.)
R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [67664 2010-09-17] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105552 2010-09-17] (Trend Micro Inc.)
R0 vidsflt61; C:\Windows\System32\DRIVERS\vsflt61.sys [142944 2012-03-16] (Acronis)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 WacHidRouter; system32\DRIVERS\wachidrouter.sys [X]
S3 wacomrouterfilter; system32\DRIVERS\wacomrouterfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-17 15:17 - 2015-05-17 15:19 - 00031399 _____ () C:\Users\Mysterial\Desktop\FRST.txt
2015-05-17 15:14 - 2015-05-17 15:14 - 00000000 ___RD () C:\Users\Mysterial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-05-17 15:03 - 2015-05-17 15:08 - 00000398 _____ () C:\Users\Mysterial\Desktop\post.txt
2015-05-17 14:33 - 2015-05-17 14:36 - 00002300 _____ () C:\Users\Mysterial\Desktop\Rkill.txt
2015-05-17 14:32 - 2015-05-17 14:32 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Mysterial\Desktop\rkill.exe
2015-05-17 14:32 - 2015-05-17 14:32 - 00000018 _____ () C:\Users\Mysterial\Desktop\installist.txt
2015-05-17 14:15 - 2015-05-17 14:15 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{F9963FED-C287-475A-8F3A-5D3FB298A6B4}
2015-05-15 03:14 - 2015-05-17 15:04 - 00000000 ____D () C:\Users\Mysterial\Desktop\FRST-OlderVersion
2015-05-15 02:45 - 2015-05-15 02:45 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{12114C30-BA59-4978-ACE3-C1DB89CD9859}
2015-05-12 22:10 - 2015-05-12 22:11 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{85C22D08-7C94-4461-8503-346E6D744A23}
2015-05-11 21:28 - 2015-05-11 21:28 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{469A639D-97FA-47B3-90CA-1C75EBD049BB}
2015-05-11 04:40 - 2015-05-11 04:40 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{3832D3DD-C696-42DA-A56B-4055CDCB351D}
2015-05-10 20:53 - 2015-05-10 21:08 - 00000000 ____D () C:\Users\Mysterial\Downloads\Interstellar (2014) IMAX Bluray 720p 5.1 BRRiP x264 AAC [Team Nanban]
2015-05-10 16:39 - 2015-05-10 16:39 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{7E646F85-F6DD-4A7D-98D5-6B19C3A432DC}
2015-05-09 19:30 - 2015-05-09 19:31 - 00000000 ____D () C:\Users\Mysterial\Documents\Traffic and Motor
2015-05-09 18:07 - 2015-05-09 18:07 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7+ Taskbar Tweaker
2015-05-09 18:07 - 2015-05-09 18:07 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\7+ Taskbar Tweaker
2015-05-09 17:19 - 2015-05-09 17:19 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{9EA00CAC-3436-482B-983C-D6BE944AE9CC}
2015-05-09 05:24 - 2015-05-09 05:24 - 00000000 ____D () C:\OETemp
2015-05-09 05:18 - 2015-05-09 05:18 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{BD6643BF-D020-404A-A522-454BF5831393}
2015-05-09 03:57 - 2015-05-09 03:57 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-05-09 02:59 - 2015-05-09 03:30 - 00000181 _____ () C:\cleanup.bat
2015-05-09 02:55 - 2015-05-09 03:30 - 00000000 ____D () C:\AVG_BFEfix
2015-05-09 02:36 - 2015-05-09 03:30 - 00000000 ____D () C:\AVG_Remover
2015-05-09 02:35 - 2015-05-17 15:17 - 00000000 ____D () C:\FRST
2015-05-09 02:34 - 2015-05-17 15:04 - 02107392 _____ (Farbar) C:\Users\Mysterial\Desktop\FRST64.exe
2015-05-09 00:08 - 2015-05-09 00:08 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-09 00:08 - 2015-05-09 00:08 - 00001108 _____ () C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-09 00:08 - 2015-05-09 00:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-09 00:08 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-09 00:08 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-08 18:15 - 2015-05-09 06:19 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-08 18:15 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-08 16:57 - 2011-06-26 14:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-08 16:57 - 2010-11-08 01:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-08 16:57 - 2009-04-20 12:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-08 16:57 - 2000-08-31 08:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-08 16:57 - 2000-08-31 08:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-08 16:57 - 2000-08-31 08:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-08 16:57 - 2000-08-31 08:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-08 16:57 - 2000-08-31 08:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-08 16:51 - 2015-05-08 17:44 - 00000000 ____D () C:\Qoobox
2015-05-08 16:50 - 2015-05-08 17:42 - 00000000 ____D () C:\Windows\erdnt
2015-05-08 13:11 - 2015-05-08 22:59 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-08 12:22 - 2015-05-08 12:22 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-05-08 11:09 - 2015-05-09 00:08 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-08 10:41 - 2015-05-08 10:41 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\Hola
2015-05-08 10:07 - 2015-05-08 10:16 - 00000000 ____D () C:\AdwCleaner
2015-05-08 10:02 - 2015-05-08 18:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-08 01:39 - 2015-05-08 12:25 - 00000527 _____ () C:\Users\Mysterial\Desktop\05-08-2015.txt
2015-05-08 01:28 - 2015-05-08 01:28 - 00003058 _____ () C:\Windows\System32\Tasks\{9F94ED28-4D50-4E0D-B79C-34A4A0EE3EA1}
2015-05-08 00:44 - 2015-05-08 18:35 - 00000000 ____D () C:\Windows\System32\Tasks\Update
2015-05-08 00:44 - 2015-05-08 01:32 - 00002798 _____ () C:\Windows\System32\Tasks\NAT Host
2015-05-08 00:44 - 2015-05-08 01:31 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\88B060F8-59D3-4207-85D0-DB8F6B462296
2015-05-08 00:41 - 2015-05-08 18:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photomatix Pro 5.0
2015-05-08 00:41 - 2015-05-08 18:35 - 00000000 ____D () C:\Program Files\PhotomatixPro5
2015-05-08 00:41 - 2015-05-08 00:41 - 00001783 _____ () C:\Users\Mysterial\Desktop\Photomatix Pro 5.0.5a (64-bit).lnk
2015-05-08 00:41 - 2015-05-08 00:41 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\HDRsoft
2015-05-08 00:08 - 2015-05-08 00:08 - 00000986 _____ () C:\Users\Mysterial\Desktop\Adobe Lightroom.lnk
2015-05-08 00:08 - 2015-05-08 00:08 - 00000986 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2015-05-07 23:55 - 2015-05-07 23:55 - 00001536 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2015-05-07 23:55 - 2015-05-07 23:55 - 00001524 _____ () C:\Users\Public\Desktop\Adobe Application Manager.lnk
2015-05-07 23:55 - 2015-05-07 23:55 - 00001524 _____ () C:\ProgramData\Desktop\Adobe Application Manager.lnk
2015-05-07 23:36 - 2015-05-09 19:17 - 00000000 ____D () C:\Users\Mysterial\Desktop\Photoshop Lightroom 6.0
2015-05-07 23:01 - 2015-05-07 23:02 - 24164609 ____R () C:\Users\Mysterial\Downloads\HDRsoft Photomatix Pro 5.0.5a.zip
2015-05-07 22:36 - 2015-05-09 14:28 - 00000000 ____D () C:\Users\Mysterial\Downloads\Adobe Photoshop Lightroom 6.0+patch Painter
2015-05-07 20:54 - 2015-05-07 20:55 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{44888ACE-1159-4507-AECE-D6D4CBECFEBD}
2015-05-07 07:39 - 2015-05-07 07:39 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{2335CEDC-2DEC-41FE-A632-532B0189FBAA}
2015-05-06 19:38 - 2015-05-06 19:38 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{B3D24FFA-6315-4886-B6BA-7E8677F9F52B}
2015-05-05 21:42 - 2015-05-05 21:42 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{FA3C45FF-5220-49B4-AE4B-A1F98BA41E77}
2015-05-05 06:09 - 2015-05-05 06:09 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\openvr
2015-05-05 05:16 - 2015-05-05 05:16 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{5C39F2DC-E010-4850-97F9-E3A08ACB09BC}
2015-05-04 19:52 - 2015-05-04 19:53 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{C676C862-C337-4417-BCD0-CB33AF1DFBFF}
2015-05-04 03:46 - 2015-05-04 03:46 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{446D8B17-2506-4348-B80B-327431E8D635}
2015-05-03 22:12 - 2015-05-03 22:42 - 00000000 ____D () C:\Users\Mysterial\Desktop\Lightroom Presets
2015-05-03 15:46 - 2015-05-03 15:46 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{99B39B6B-685F-446D-A051-956D183145D4}
2015-05-01 14:14 - 2015-05-01 14:14 - 00000495 _____ () C:\Users\Mysterial\Desktop\dry cabinet price list.txt
2015-05-01 02:13 - 2015-05-01 02:14 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{46444AB9-06F7-4DF4-83AD-409555BA9AC0}
2015-05-01 00:25 - 2015-05-01 00:25 - 00000000 ____D () C:\Users\Mysterial\Desktop\UROPS
2015-04-30 14:11 - 2015-04-30 14:12 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{9AC40CA8-FD4A-42B9-A81E-EA1A71F89096}
2015-04-29 15:14 - 2015-04-29 15:14 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{E9B4FD72-6F38-4E36-AC11-17FD87A44315}
2015-04-29 03:13 - 2015-04-29 03:13 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{9E68C10D-9BFF-45C0-AD6F-1C7E6928A101}
2015-04-28 15:13 - 2015-04-28 15:13 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{FD8AC1E8-64CE-49E3-9637-4E1A42DEE0FC}
2015-04-28 03:13 - 2015-04-28 03:13 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{5B9148E6-8C20-40A6-BA28-2A2A220104C5}
2015-04-27 15:13 - 2015-04-27 15:13 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{7FDD8ED1-E600-48E3-9E97-E03A88CEFFA1}
2015-04-27 03:12 - 2015-04-27 03:12 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{0B15336B-65C8-4B7F-8305-043E08C44C52}
2015-04-26 15:11 - 2015-04-26 15:11 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{ABDA1A17-85F7-44F8-BC83-FDB7EB42DFD0}
2015-04-26 03:11 - 2015-04-26 03:11 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{45CE4C16-20A7-4A71-A4FA-D8E8179146B0}
2015-04-25 15:10 - 2015-04-25 15:10 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{7BA0FE6C-4AF3-4534-8691-1CE5FFF12B09}
2015-04-25 03:09 - 2015-04-25 03:09 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{D605FB71-3DB6-472F-B624-A47A0150098B}
2015-04-24 15:08 - 2015-04-24 15:08 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{4D0B974E-9270-4471-9F58-9BCC231D1DC5}
2015-04-24 03:08 - 2015-04-24 03:08 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{3187787B-F129-46EC-BE0D-668BD6B1FA87}
2015-04-23 06:53 - 2015-04-23 06:53 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{73504FEC-7EEA-46B4-B263-605A11E6FEF6}
2015-04-22 18:52 - 2015-04-22 18:53 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{FE26B66E-CB85-4E5D-9565-BE527A99DD12}
2015-04-22 18:01 - 2015-04-22 18:02 - 00000000 ____D () C:\Users\Mysterial\Desktop\Grand Canyon
2015-04-22 17:58 - 2015-05-09 19:31 - 00000000 ____D () C:\Users\Mysterial\Documents\Work and Internship
2015-04-22 06:52 - 2015-04-22 06:52 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{62E46592-9563-4269-B154-15AFCC5955C0}
2015-04-21 18:52 - 2015-04-21 18:52 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{BFDF3ABF-7F39-4674-A347-B360456B352C}
2015-04-21 09:21 - 2015-04-02 08:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-21 09:21 - 2015-04-02 07:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-21 09:21 - 2015-03-25 11:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-21 09:21 - 2015-03-25 11:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-21 09:21 - 2015-03-25 11:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-21 09:21 - 2015-03-25 11:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-21 09:21 - 2015-03-25 11:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-21 09:21 - 2015-03-25 11:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-21 09:21 - 2015-03-25 11:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-21 09:21 - 2015-03-25 11:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-21 09:21 - 2015-03-25 11:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-21 09:21 - 2015-03-25 11:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-21 09:21 - 2015-03-25 11:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-21 09:21 - 2015-03-25 11:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-21 09:21 - 2015-03-25 11:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-21 09:21 - 2015-03-25 11:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-21 09:21 - 2015-03-25 11:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-21 09:21 - 2015-03-25 11:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-21 09:21 - 2015-03-13 12:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-21 09:21 - 2015-03-13 12:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-21 09:21 - 2015-03-13 12:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-21 09:21 - 2015-03-13 12:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-21 09:21 - 2015-03-13 12:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-21 09:21 - 2015-03-13 12:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-21 09:21 - 2015-03-13 12:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-21 09:21 - 2015-03-13 12:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-21 09:21 - 2015-03-13 12:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-21 09:21 - 2015-03-13 12:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-21 09:21 - 2015-03-13 11:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-21 09:21 - 2015-03-13 11:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-21 09:21 - 2015-03-13 11:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-21 09:21 - 2015-03-13 11:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-21 09:21 - 2015-03-13 11:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-21 09:21 - 2015-03-13 11:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-21 09:21 - 2015-03-13 11:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-21 09:21 - 2015-03-13 11:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-21 09:21 - 2015-03-13 11:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-21 09:21 - 2015-03-13 11:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-21 09:21 - 2015-03-13 11:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-21 09:21 - 2015-03-13 11:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-21 09:21 - 2015-03-13 11:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-21 09:21 - 2015-03-13 11:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-21 09:21 - 2015-03-13 11:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-21 09:21 - 2015-03-13 11:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-21 09:21 - 2015-03-13 11:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-21 09:21 - 2015-03-13 11:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-21 09:21 - 2015-03-13 11:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-21 09:21 - 2015-03-13 11:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-21 09:21 - 2015-03-13 11:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-21 09:21 - 2015-03-13 11:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-21 09:21 - 2015-03-13 11:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-21 09:21 - 2015-03-13 11:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-21 09:21 - 2015-03-13 11:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-21 09:21 - 2015-03-13 11:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-21 09:21 - 2015-03-13 11:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-21 09:21 - 2015-03-13 11:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-21 09:21 - 2015-03-13 11:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-21 09:21 - 2015-03-13 11:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-21 09:21 - 2015-03-13 11:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-21 09:21 - 2015-03-13 11:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-21 09:21 - 2015-03-13 10:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-21 09:21 - 2015-03-13 10:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-21 09:21 - 2015-03-13 10:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-21 09:21 - 2015-03-13 10:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-21 09:21 - 2015-03-13 10:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-21 09:21 - 2015-03-13 10:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-21 09:21 - 2015-03-13 10:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-21 09:21 - 2015-03-13 10:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-21 09:21 - 2015-03-13 10:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-21 09:21 - 2015-03-13 10:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-21 09:21 - 2015-03-13 10:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-21 09:21 - 2015-03-13 10:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-21 09:21 - 2015-03-13 10:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-21 09:21 - 2015-03-13 10:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-21 08:10 - 2015-04-21 08:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-21 06:52 - 2015-04-21 06:52 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{5D1193EC-726C-4675-BD6B-8D7BC50ED7EB}
2015-04-20 19:31 - 2015-05-07 09:04 - 02540864 _____ (HDRsoft Ltd ) C:\Users\Mysterial\Desktop\MergeTo32bitHDR12x64.exe
2015-04-20 18:51 - 2015-04-20 18:51 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{753DB93C-7AB1-4F34-9535-E36A67DC336B}
2015-04-20 18:13 - 2015-03-17 13:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-20 18:13 - 2015-03-17 13:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-20 18:13 - 2015-03-17 13:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-20 18:13 - 2015-03-17 13:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-20 18:13 - 2015-03-17 13:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-20 18:13 - 2015-03-17 13:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-20 18:13 - 2015-03-17 13:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-20 18:13 - 2015-03-17 13:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-20 18:13 - 2015-03-17 13:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-20 18:13 - 2015-03-17 13:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-20 18:13 - 2015-03-17 13:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-20 18:13 - 2015-03-17 13:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-20 18:13 - 2015-03-17 13:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-20 18:13 - 2015-03-17 13:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-20 18:13 - 2015-03-17 13:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 13:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-20 18:13 - 2015-03-17 13:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-20 18:13 - 2015-03-17 12:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-20 18:13 - 2015-03-17 12:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-20 18:13 - 2015-03-17 12:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-20 18:13 - 2015-03-17 12:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-20 18:13 - 2015-03-17 12:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-20 18:13 - 2015-03-17 12:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-20 18:13 - 2015-03-17 12:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-20 18:13 - 2015-03-17 12:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-20 18:13 - 2015-03-17 12:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-20 18:13 - 2015-03-17 12:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-20 18:13 - 2015-03-17 12:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 11:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-20 18:13 - 2015-03-17 11:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-20 18:13 - 2015-03-17 11:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 11:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 11:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-20 18:13 - 2015-03-17 11:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-20 06:51 - 2015-04-20 06:51 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{D25B4D2F-3F6B-414C-8768-34ABEA72DCBD}
2015-04-19 19:25 - 2015-04-19 19:25 - 00001755 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-04-19 19:25 - 2015-04-19 19:25 - 00001755 _____ () C:\ProgramData\Desktop\iTunes.lnk
2015-04-19 19:25 - 2015-04-19 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-04-19 19:24 - 2015-04-19 19:25 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-04-19 19:24 - 2015-04-19 19:25 - 00000000 ____D () C:\Program Files\iTunes
2015-04-19 19:24 - 2015-04-19 19:24 - 00000000 ____D () C:\Program Files\iPod
2015-04-19 19:24 - 2015-04-19 19:24 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-04-19 19:13 - 2015-04-19 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-04-19 19:12 - 2015-03-23 11:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-19 19:12 - 2015-03-23 11:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-19 19:12 - 2015-03-23 11:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-19 19:12 - 2015-03-23 11:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-19 19:12 - 2015-03-23 11:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-19 19:12 - 2015-03-23 11:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-19 19:12 - 2015-03-23 11:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-19 19:12 - 2015-03-23 11:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-19 18:51 - 2015-04-19 18:51 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{D8D7A8BB-067B-4422-8FDD-39DB91355900}
2015-04-17 23:57 - 2015-04-17 23:57 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\Macroplant_LLC
2015-04-17 23:55 - 2015-04-18 00:11 - 00000000 ____D () C:\Program Files (x86)\iExplorer
2015-04-17 20:51 - 2015-03-10 11:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-17 20:51 - 2015-03-10 11:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-17 20:51 - 2015-03-10 11:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-17 20:51 - 2015-03-10 11:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-17 20:51 - 2015-03-05 13:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-17 20:51 - 2015-03-05 12:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-17 20:51 - 2015-03-04 12:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-17 20:51 - 2015-03-04 12:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-17 20:51 - 2015-03-04 12:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-17 20:51 - 2015-02-25 11:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-17 20:22 - 2015-04-17 20:23 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\{0D1D35C1-60BC-4216-807B-317DC62ADFBD}

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-17 15:17 - 2012-02-29 07:57 - 02078659 _____ () C:\Windows\WindowsUpdate.log
2015-05-17 15:15 - 2012-03-14 17:13 - 00000000 ___RD () C:\Users\Mysterial\Dropbox
2015-05-17 15:14 - 2012-03-15 01:14 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\Dropbox
2015-05-17 15:13 - 2012-03-27 14:58 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-17 15:13 - 2010-05-13 00:38 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\BitTorrent
2015-05-17 15:12 - 2012-07-12 16:46 - 00000387 _____ () C:\Users\Mysterial\AppData\Roaming\sp_data.sys
2015-05-17 15:12 - 2012-02-29 08:13 - 00002778 _____ () C:\Windows\system32\AutoRunFilter.ini
2015-05-17 15:11 - 2012-03-27 14:58 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-17 15:11 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-17 15:11 - 2009-07-14 12:51 - 00172919 _____ () C:\Windows\setupact.log
2015-05-17 15:10 - 2012-02-29 08:01 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-17 15:10 - 2011-10-18 11:58 - 00848782 _____ () C:\Windows\PFRO.log
2015-05-17 14:59 - 2009-07-14 12:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-17 14:59 - 2009-07-14 12:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-17 14:43 - 2012-03-27 15:04 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-17 14:43 - 2012-03-27 15:04 - 00002185 _____ () C:\ProgramData\Desktop\Google Chrome.lnk
2015-05-17 14:36 - 2014-07-30 04:28 - 00000586 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2102144433-2307754193-2593861232-1001.job
2015-05-17 14:20 - 2012-03-14 02:17 - 00000000 ____D () C:\Users\Mysterial
2015-05-17 14:18 - 2014-12-10 02:25 - 00000000 ____D () C:\Users\Mysterial\Documents\Assassin's Creed Unity
2015-05-15 02:51 - 2012-03-16 18:09 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-15 02:50 - 2013-02-17 08:50 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{288C5043-7135-4EEF-AF3A-CFDC6194ADC0}
2015-05-15 02:49 - 2013-03-17 17:36 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-11 02:51 - 2011-10-18 12:19 - 00129060 _____ () C:\Windows\DirectX.log
2015-05-11 02:45 - 2007-10-15 23:05 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\vlc
2015-05-10 20:48 - 2015-02-19 15:58 - 00000000 ____D () C:\Users\Mysterial\Downloads\Hola
2015-05-09 19:33 - 2014-12-29 13:45 - 00000000 ____D () C:\Users\Mysterial\Documents\Exchange
2015-05-09 13:22 - 2012-09-28 01:29 - 00000000 ____D () C:\Users\Mysterial\Documents\mini-KMS_Activator_v1.051
2015-05-09 13:21 - 2013-03-12 22:37 - 00000000 ____D () C:\Users\Mysterial\Downloads\Mathematica 9 Linux
2015-05-09 09:28 - 2013-12-06 16:02 - 00000000 ____D () C:\Program Files (x86)\Assassins Creed IV Black Flag
2015-05-09 08:47 - 2012-03-15 01:16 - 00001037 _____ () C:\Users\Mysterial\Desktop\Dropbox.lnk
2015-05-09 08:47 - 2012-03-15 01:15 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-09 04:58 - 2009-07-14 13:13 - 00798054 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-09 04:54 - 2012-03-14 02:19 - 00000000 ____D () C:\Users\Mysterial\Documents\Bluetooth Folder
2015-05-09 01:24 - 2012-03-16 21:07 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\CrashDumps
2015-05-08 21:54 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\rescache
2015-05-08 18:36 - 2014-12-03 07:29 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\RescueTime.com
2015-05-08 18:36 - 2014-09-01 00:41 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2015-05-08 18:36 - 2014-05-08 20:10 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\TeraCopy
2015-05-08 18:36 - 2013-04-25 13:22 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-05-08 18:36 - 2012-09-17 08:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-08 18:36 - 2012-07-12 15:25 - 00000000 ____D () C:\ProgramData\P4G
2015-05-08 18:36 - 2009-07-14 11:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-05-08 18:35 - 2015-04-10 06:39 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-08 18:35 - 2014-12-12 15:25 - 00000000 ____D () C:\Windows\system32\appraiser
2015-05-08 18:35 - 2014-10-22 03:54 - 00000000 ____D () C:\ProgramData\AVG2015 (corrupted permissions)
2015-05-08 18:35 - 2014-05-23 16:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-05-08 18:35 - 2014-04-19 08:58 - 00000000 ____D () C:\ProgramData\Avg_Update_0414b
2015-05-08 18:35 - 2011-10-18 12:30 - 00000000 ____D () C:\ProgramData\Trend Micro
2015-05-08 18:35 - 2009-07-14 15:44 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-05-08 18:35 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-05-08 18:10 - 2012-08-13 20:06 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\Deployment
2015-05-08 17:45 - 2007-05-11 18:02 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\Apps\2.0
2015-05-08 17:40 - 2009-07-14 10:34 - 00000215 _____ () C:\Windows\system.ini
2015-05-08 16:39 - 2013-11-21 12:47 - 00000000 ____D () C:\Users\Guest with network
2015-05-08 01:44 - 2008-02-17 20:12 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\Skype
2015-05-08 00:52 - 2007-04-30 22:31 - 00000000 ____D () C:\Users\Mysterial\AppData\Local\Adobe
2015-05-08 00:08 - 2012-03-27 03:04 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-05-08 00:07 - 2015-03-01 12:54 - 00000000 ____D () C:\Program Files\Adobe
2015-05-08 00:00 - 2014-12-09 23:56 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-03 03:48 - 2013-03-23 21:08 - 00000000 ____D () C:\ProgramData\Skype
2015-05-03 03:42 - 2012-02-29 08:13 - 00001597 _____ () C:\Windows\system32\ServiceFilter.ini
2015-05-03 03:41 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\AppCompat
2015-05-01 16:08 - 2012-03-27 15:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-01 16:06 - 2011-10-18 12:17 - 00782364 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-05-01 16:01 - 2013-09-21 20:13 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-01 15:41 - 2012-12-23 13:57 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-22 18:25 - 2012-02-29 08:01 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-22 18:24 - 2014-02-09 17:24 - 00000000 ____D () C:\ProgramData\ArcSoft
2015-04-22 18:15 - 2013-09-13 11:35 - 00000000 ____D () C:\Program Files\Paint.NET
2015-04-22 18:12 - 2013-10-15 12:11 - 00000000 ____D () C:\Program Files\VCG
2015-04-22 18:08 - 2013-10-16 21:01 - 00000000 ____D () C:\Users\Mysterial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-04-22 18:08 - 2013-10-16 21:01 - 00000000 ____D () C:\Program Files\Autodesk
2015-04-22 17:59 - 2014-05-20 21:33 - 00000000 ____D () C:\Users\Mysterial\Documents\CV
2015-04-19 19:24 - 2012-03-16 18:57 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-04-17 23:52 - 2014-02-12 16:35 - 00000000 ____D () C:\Users\Mysterial\Documents\Outlook Files
2015-04-17 20:59 - 2009-07-14 10:34 - 00000478 _____ () C:\Windows\win.ini

==================== Files in the root of some directories =======

2011-06-03 20:46 - 2011-06-03 20:46 - 0000000 _____ () C:\Users\Mysterial\AppData\Roaming\chrtmp
2010-01-22 15:02 - 2010-01-22 15:39 - 0000179 _____ () C:\Users\Mysterial\AppData\Roaming\Current.prx
2005-05-21 13:29 - 2011-06-03 22:05 - 0008200 ____H () C:\Users\Mysterial\AppData\Roaming\Kennethlog.dat
2011-03-22 21:49 - 2011-05-02 17:08 - 0046658 _____ () C:\Users\Mysterial\AppData\Roaming\room.dat
2011-05-31 01:52 - 2012-03-17 03:41 - 0051270 _____ () C:\Users\Mysterial\AppData\Roaming\room_v3.dat
2012-07-12 16:46 - 2015-05-17 15:12 - 0000387 _____ () C:\Users\Mysterial\AppData\Roaming\sp_data.sys
2008-05-04 21:53 - 2010-05-14 01:25 - 0023580 _____ () C:\Users\Mysterial\AppData\Roaming\UserTile.png
2012-10-24 19:38 - 2012-10-24 19:38 - 0000218 _____ () C:\Users\Mysterial\AppData\Local\.recently-used.xbel
2012-11-30 02:10 - 2013-04-21 23:20 - 0131066 _____ () C:\Users\Mysterial\AppData\Local\ars.cache
2012-11-30 02:10 - 2012-11-30 02:10 - 0878528 _____ () C:\Users\Mysterial\AppData\Local\census.cache
2013-04-12 00:00 - 2013-04-12 00:24 - 0001677 _____ () C:\Users\Mysterial\AppData\Local\Cracklock.settings
2011-03-01 23:38 - 2011-03-01 23:38 - 0000552 _____ () C:\Users\Mysterial\AppData\Local\d3d8caps.dat
2008-03-13 10:18 - 2012-02-21 06:05 - 0002032 _____ () C:\Users\Mysterial\AppData\Local\d3d9caps.dat
2013-09-10 18:01 - 2015-01-21 16:50 - 0005120 _____ () C:\Users\Mysterial\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-11-02 19:17 - 2013-04-21 23:08 - 0000036 _____ () C:\Users\Mysterial\AppData\Local\housecall.guid.cache
2013-04-04 04:28 - 2013-04-04 04:28 - 0000337 _____ () C:\Users\Mysterial\AppData\Local\Perfmon.PerfmonCfg
2014-02-07 02:19 - 2014-02-07 02:27 - 0000600 _____ () C:\Users\Mysterial\AppData\Local\PUTTY.RND
2015-02-11 13:30 - 2015-02-11 13:30 - 0002039 _____ () C:\Users\Mysterial\AppData\Local\recently-used.xbel
2013-01-21 01:14 - 2013-01-21 01:14 - 0007598 _____ () C:\Users\Mysterial\AppData\Local\Resmon.ResmonCfg
2012-02-29 08:17 - 2012-02-29 08:18 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-02-29 08:17 - 2012-02-29 08:17 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-02-29 08:16 - 2012-02-29 08:17 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some content of TEMP:
====================
C:\Users\Mysterial\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpd11idu.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-08 21:42

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-05-2015 02
Ran by Mysterial at 2015-05-17 15:20:59
Running from C:\Users\Mysterial\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2102144433-2307754193-2593861232-500 - Administrator - Disabled)
Guest (S-1-5-21-2102144433-2307754193-2593861232-501 - Limited - Enabled) => C:\Users\Guest.Mysterial-PC
Guest with network (S-1-5-21-2102144433-2307754193-2593861232-1010 - Limited - Enabled) => C:\Users\Guest with network
HomeGroupUser$ (S-1-5-21-2102144433-2307754193-2593861232-1009 - Limited - Enabled)
Mysterial (S-1-5-21-2102144433-2307754193-2593861232-1001 - Administrator - Enabled) => C:\Users\Mysterial

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Trend Micro Titanium Internet Security (Disabled - Out of date) {68F968AC-2AA0-091D-848C-803E83E35902}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Trend Micro Titanium Internet Security (Disabled - Out of date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7+ Taskbar Tweaker v4.5.10 (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\7 Taskbar Tweaker) (Version: 4.5.10 - RaMMicHaeL)
Acronis Disk Director Home (HKLM-x32\...\{9CCC78EF-027E-40E0-9B61-39932C65E3FE}) (Version: 11.0.216 - Acronis)
Adobe Acrobat X Professional - Middle Eastern, North African, Greek (HKLM-x32\...\{AC76BA86-1025-0000-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Amnesia - The Dark Descent  (HKLM-x32\...\{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1) (Version: 1.0.0 - Frictional Games)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.4.0 - Asmedia Technology)
Assassin`s Creed Unity / RePack by Baracuda (HKLM\...\Assassin`s Creed Unity_is1) (Version: 1.3 - )
Assassin's Creed III (HKLM-x32\...\Assassin's Creed III_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Assassin's Creed III 1.01 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.01 - Ubisoft)
Assassins Creed IV Black Flag (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.24 - ASUS)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0013 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.29 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.2 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.50 - ASUS)
ASUS Sonic Focus (HKLM-x32\...\{B0002707-4F7E-4745-88A7-852DA8A88635}) (Version: 1.0.0.5 - Synopsys )
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0040 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.25 - ASUS)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)
AsusScr_K3 Series_ENG (HKLM-x32\...\AsusScr_K3 Series_ENG) (Version: 1.0.0001 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.7.142 - ASUSTEK)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.103 - Atheros)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.8.8 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0015 - ASUS)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
BitTorrent (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\BitTorrent) (Version: 7.9.3.40299 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-8860DN (HKLM-x32\...\{9211CCBB-BEFE-4A0C-9199-D7A535DBFE5F}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version:  - Dark Byte)
Cisco WebEx Meetings (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{C57F6C71-C365-4AFF-9108-397BBAD6127F}) (Version: 1.0.204 - Citrix)
Complément Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Complemento Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Cracklock 3.9.44 (HKLM-x32\...\Cracklock_is1) (Version: 3.9.44 - William Blum)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.3.0297 - DT Soft Ltd)
Daum ½ºÅ©¸°¼¼À̹ö °íÈ­Áú¹öÀü (HKLM-x32\...\Daum Screensaver High) (Version:  - Daum Communications Corp.)
Dink Smallwood HD (remove only) (HKLM-x32\...\Dink Smallwood HD) (Version:  - )
DiskAid 6.5.4.0 (HKLM\...\DiskAid_is1) (Version: 6.5.4.0 - DigiDNA)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - )
Dropbox (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
ETDWare PS/2-X64 8.0.5.5_WHQL (HKLM\...\Elantech) (Version: 8.0.5.5 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version:  - )
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKLM-x32\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GoToMeeting 7.1.8.2553 (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\GoToMeeting) (Version: 7.1.8.2553 - CitrixOnline)
Gwyddion (HKLM-x32\...\Gwyddion) (Version: 2.30 - Gwyddion developers)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version:  - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version:  - Valve)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Icy Tower v1.5.1 (HKLM-x32\...\Icy Tower v1.5.1_is1) (Version:  - Free Lunch Design)
iFunbox (v2.7.2386.747), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.7.2386.747 - )
ImageJ 1.47v (HKLM\...\ImageJ_is1) (Version:  - NIH)
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.1.10 - ASUS)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
JabRef 2.8.1 (HKLM-x32\...\JabRef 2.8.1) (Version: 2.8.1 - JabRef Team)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.670 - Oracle)
Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\Juniper_Setup_Client) (Version: 7.4.3.36355 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LyX 2.0.5 (HKLM-x32\...\LyX205) (Version: 2.0.5 - LyX Team)
Magicka (HKLM-x32\...\Magicka_is1) (Version:  - )
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Mathematica Extras 9.0 (3824406) (HKLM\...\A-WIN-Extras 9.0.0 3824406_is1) (Version: 9.0.0 - Wolfram Research, Inc.)
Meld (HKLM-x32\...\Meld) (Version: 0.0.0.0 - Keegan Witt)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
MeshLab_64b 1.3.0 (HKLM\...\MeshLab_64b) (Version: 1.3.0 - Paolo Cignoni - Guido Ranzuglia VCG - ISTI - CNR)
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger 分享元件 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger 浏览器插件 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - English (HKLM-x32\...\Office14.OMUI.en-us) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - German/Deutsch (HKLM-x32\...\Office14.OMUI.de-de) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MiKTeX 2.9 (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
NUS (Unofficial) Timetable Builder (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\77d34e479c3193ee) (Version: 1.3.6.3 - NUS (Unofficial) Timetable Builder)
NVIDIA 3D Vision Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OANDA - MetaTrader (HKLM-x32\...\OANDA - MetaTrader) (Version: 4.00 - MetaQuotes Software Corp.)
Oracle VM VirtualBox 4.3.20 (HKLM\...\{DD8F7A7A-852F-4648-8A73-B8FC1DF5F082}) (Version: 4.3.20 - Oracle Corporation)
Photomatix Pro version 5.0.5a (HKLM\...\PhotomatixPro5x64_is1) (Version: 5.0.5a - HDRsoft Ltd)
PlayMemories Camera Apps Downloader (HKLM-x32\...\{E4B95A36-0EF2-44C6-B939-5B3DBBC34502}) (Version: 1.1.1975.475 - Sony Network Entertainment International LLC)
Plus Pack for Acronis True Image Home 2012 (HKLM-x32\...\{DDFAA49C-2B1D-4808-B43A-4AAFF0475B04}) (Version: 15.0.6154 - Acronis)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Prezi Desktop (HKLM-x32\...\{C38FC27A-C586-44F6-A47D-6193FB3024AB}) (Version: 4.2.1 - Prezi.com)
Prototype™ (HKLM-x32\...\InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}) (Version: 1.0 - Activision)
Prototype™ (x32 Version: 1.0 - Activision) Hidden
Python 3.4 Pillow-2.5.2 (64-bit) (HKLM\...\Pillow-py3.4) (Version:  - )
Python 3.4.1 (64-bit) (HKLM\...\{d54842cb-f761-30ba-881f-1ff821dc44df}) (Version: 3.4.1150 - Python Software Foundation)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6499 - Realtek Semiconductor Corp.)
RescueTime 2.10.1.1250 (HKLM-x32\...\{2505571C-03B3-4F9F-AC35-33F1CB4B5E9E}_is1) (Version:  - RescueTime.com)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{F3E80B62-3C51-4940-A434-A1F517AB8D6A}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0409-0000-0000000FF1CE}_Office14.OMUI.en-us_{840912CB-128E-4A73-9CD9-F807BC9B7684}) (Version:  - Microsoft)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
Trend Micro Titanium Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 3.1.1109 - Trend Micro Inc.)
Trend Micro Titanium Internet Security (Version: 3.00 - Trend Micro Inc.) Hidden
Unity Web Player (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Warcraft III: All Products (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\Warcraft III) (Version:  - )
WinDirStat 1.1.2 (HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\...\WinDirStat) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.0 - ASUS)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Wolfram Mathematica 8 for Students (M-WIN-G 8.0.4 2615565) (HKLM\...\M-WIN-G 8.0.4 2615565_is1) (Version: 8.0.4 - Wolfram Research, Inc.)
Wolfram Mathematica 9 (M-WIN-L 9.0.0 3868239) (HKLM\...\M-WIN-L 9.0.0 3868239_is1) (Version: 9.0.0 - Wolfram Research, Inc.)
用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文) (HKLM-x32\...\{F992409C-9D10-4AE2-BAEB-B5409AD3785E}) (Version: 15.4.5722.2 - Microsoft Corporation)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Mysterial\AppData\Local\Citrix\GoToMeeting\1468\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2102144433-2307754193-2593861232-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

09-05-2015 00:10:02 Windows Update
09-05-2015 01:18:08 Removed AVG 2015
09-05-2015 02:40:03 Installed AVG 2015
09-05-2015 02:48:50 Installed AVG 2015
09-05-2015 02:50:28 Installed AVG 2015
09-05-2015 02:51:59 Removed AVG 2015
09-05-2015 03:03:57 Installed AVG 2015
09-05-2015 03:05:50 Installed AVG 2015
09-05-2015 03:07:01 Removed AVG 2015
09-05-2015 03:50:28 Installed AVG 2015
09-05-2015 03:51:00 Installed AVG 2015
09-05-2015 03:52:34 Removed AVG 2015
09-05-2015 03:56:55 Installed AVG 2015
09-05-2015 03:57:16 Installed AVG 2015
11-05-2015 02:48:41 Installed DirectX

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 10:34 - 2015-05-08 17:40 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03C8C646-18FD-416B-A2E7-39645B64A3DB} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-12-22] (ASUSTek Computer Inc.)
Task: {11CF55CF-E89A-416F-A95C-BCE861C487BD} - System32\Tasks\NAT Host => C:\Users\Mysterial\Downloads\Adobe Photoshop Lightroom 6.0+patch Painter\adobe patch.exe
Task: {16224B89-02BA-4F8D-A09E-1DB7D660C611} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2011-10-03] (ASUS)
Task: {1FBDE22D-E7CC-4637-8F1F-86897CD865C3} - System32\Tasks\Update\Google Update => Chrome.exe
Task: {24AD4BF9-7164-4FFC-9F64-824E5DE631AC} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.)
Task: {25F1D6B4-1C5C-4D8D-AE8A-3223CEF3B94B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2C5CEA3C-447A-4643-8CEE-87D16F47105A} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2011-11-15] (ASUS)
Task: {46807BCC-A9A6-4DD2-BD9F-952FF6ECEBD9} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {66AD6E04-4EF6-424C-9EEB-E7ACCB555C80} - System32\Tasks\AIRecoveryRemind => C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe [2012-03-09] (ASUSTek Computer Inc.)
Task: {6B552DD2-C459-4957-A6C2-E9E2E1D67FE6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {6CC34DEA-1273-43B9-A894-5E98D567B8A5} - System32\Tasks\G2MUpdateTask-S-1-5-21-2102144433-2307754193-2593861232-1001 => C:\Users\Mysterial\AppData\Local\Citrix\GoToMeeting\2553\g2mupdate.exe [2015-04-13] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {745470AC-B787-4278-9238-6EB1782527CA} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {7B1B67C8-8612-495E-A0D1-B0DEC04131A3} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {BA72EC51-ABF4-4DFE-B5E0-CF74B02CA0B2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {C1A0D7A9-30B0-420D-9DBB-19863B0EB8AD} - System32\Tasks\{9F94ED28-4D50-4E0D-B79C-34A4A0EE3EA1} => C:\Users\Mysterial\Downloads\Adobe Photoshop Lightroom 6.0+patch Painter\adobe patch.exe
Task: {C62526E6-8B63-4EF4-B336-AB83CA1254B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {C6582978-BCC8-4658-8030-D515A0656491} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {EFF61F5D-511A-4CDB-AE79-7A87E137335E} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-01-09] (ASUSTeK Computer Inc.)
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2102144433-2307754193-2593861232-1001.job => C:\Users\Mysterial\AppData\Local\Citrix\GoToMeeting\2553\g2mupdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2012-02-29 08:01 - 2014-11-13 05:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-10-18 12:29 - 2010-09-17 16:52 - 00047104 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
2011-10-18 12:29 - 2010-09-17 16:52 - 00042496 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
2011-10-18 12:29 - 2010-09-17 16:52 - 00731136 _____ () C:\Program Files\Trend Micro\AMSP\sqlite3.dll
2011-04-28 18:06 - 2010-09-17 16:32 - 00288864 _____ () C:\Program Files\Trend Micro\UniClient\plugins\LUADLL.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-27 00:01 - 2005-04-22 13:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll
2010-05-25 19:53 - 2010-05-25 19:53 - 02139400 _____ () C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-07-15 12:44 - 2010-07-15 12:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2012-03-21 18:19 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2014-05-08 20:10 - 2012-01-20 14:55 - 00678400 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2012-06-18 23:24 - 2012-06-18 23:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2010-07-14 16:11 - 2010-07-14 16:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2011-12-06 19:22 - 2011-07-26 15:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-02-29 08:00 - 2014-11-13 08:20 - 00010952 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2012-02-06 19:32 - 2012-02-06 19:32 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-08-21 01:57 - 2010-08-21 01:57 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-21 01:57 - 2010-08-21 01:57 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2015-05-17 15:14 - 2015-05-17 15:14 - 00043008 _____ () c:\Users\Mysterial\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpd11idu.dll
2015-03-05 05:45 - 2015-03-05 05:45 - 00750080 _____ () C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-05 05:45 - 2015-03-05 05:45 - 00047616 _____ () C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-05 05:45 - 2015-03-05 05:45 - 00865280 _____ () C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-05 05:45 - 2015-03-05 05:45 - 00200704 _____ () C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Daddy\Documents\RE_ B_E(Ch)Ec.eml:OECustomProperty
AlternateDataStreams: C:\Users\Mysterial\Documents\Exchange:com.dropbox.attributes

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2102144433-2307754193-2593861232-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Mysterial\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Trend Micro Titanium => C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe -set Silent "1" SplashURL ""

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{195329F7-49B7-47FA-BF4D-5FC738502C34}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{07A99DB6-FEB6-432B-8B6A-F700E24B99BC}] => (Allow) LPort=2869
FirewallRules: [{F1C3E909-19A2-4A13-9284-721D2B7BC942}] => (Allow) LPort=1900
FirewallRules: [{BF0F0FA6-8F7E-48A5-B40A-3F1AD3E9A295}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{9311E0C9-43C4-48F1-BFA3-46CC37CA7E24}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{45F7146F-FCAD-4923-BEA3-F9F817BC0500}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{8ED957C1-709D-43F7-A981-854408810C59}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{1AB4FA6A-7A39-4571-B349-1712428BBCA7}] => (Allow) C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{50DDB97B-DF95-4B7A-81E8-F56FBD76D733}] => (Allow) C:\Users\Mysterial\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{8DB04BC5-09B2-40B6-9ED8-8A2E813A239E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{933598E0-BC25-4AE5-90E5-99BDB448242F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6A91CC37-936C-4D4E-8DD0-DFC1803D4B01}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3B253E37-9DB7-413B-AA4F-D53F17BF5524}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{B9B78CBD-2904-46DE-9D6D-F3167228BB52}C:\users\mysterial\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\mysterial\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{C642A1F9-831F-44DC-8F9C-B0745BB1CA3B}C:\users\mysterial\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\mysterial\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{C9DE51DB-B2C2-4345-AC26-42F2AC7A138A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EEBB3722-D5B4-46E1-9301-9BEA4C21B7C8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1AE451FC-EC3B-40A5-8C8D-4D8928F71EF7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{37D15FA5-D122-4AC7-8C12-D5F381954680}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{2C5DC505-4D14-48C8-814E-6FBA1DB78A0B}C:\program files (x86)\garena plus\room\garena_room.exe] => (Allow) C:\program files (x86)\garena plus\room\garena_room.exe
FirewallRules: [UDP Query User{5D832C03-E659-435F-B68E-7124151296A0}C:\program files (x86)\garena plus\room\garena_room.exe] => (Allow) C:\program files (x86)\garena plus\room\garena_room.exe
FirewallRules: [TCP Query User{94D0833A-1292-431B-BB6B-74709E43D86C}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{E39EA63E-72CC-4A57-8751-AEE58E378CBD}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [TCP Query User{A084DE9F-FE3D-446C-BF29-1BEFC546763D}C:\program files (x86)\steam\steamapps\mysterial91\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mysterial91\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{645CC79E-C2A1-4F45-B77A-8C5B47BC2130}C:\program files (x86)\steam\steamapps\mysterial91\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mysterial91\team fortress 2\hl2.exe
FirewallRules: [{8C01D5DA-69DF-4B2D-BBA8-B7DF002D3BC8}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\8.0\Mathematica.exe
FirewallRules: [{49C13F7A-F2AA-4672-AA81-21EBB2C1DE48}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\8.0\Mathematica.exe
FirewallRules: [{2610FC94-8E60-4C46-A9A0-44FDB8A5BB3C}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\8.0\MathKernel.exe
FirewallRules: [{270BD644-FCA4-452A-81E6-EFC33D2B3456}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\8.0\MathKernel.exe
FirewallRules: [{4DA746FA-2989-47D3-AF3E-4A58235B0B4A}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\8.0\math.exe
FirewallRules: [{E4E1DFFD-FA04-43B7-8124-9C5EBEC0EC73}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\8.0\math.exe
FirewallRules: [TCP Query User{127DB33D-2185-4C19-883F-7CED8962F2E1}C:\program files (x86)\steam\steamapps\mysterial91\counter-strike source\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mysterial91\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{59A31009-5F08-4D4B-AAB6-5013AA2F89C7}C:\program files (x86)\steam\steamapps\mysterial91\counter-strike source\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mysterial91\counter-strike source\hl2.exe
FirewallRules: [TCP Query User{8830E76F-9CA0-44F9-8233-0FC62C8B9431}C:\program files (x86)\r.g. mechanics\assassin's creed iii\ac3sp.exe] => (Block) C:\program files (x86)\r.g. mechanics\assassin's creed iii\ac3sp.exe
FirewallRules: [UDP Query User{5559C4BA-4C49-4D7E-A456-9909831C67B8}C:\program files (x86)\r.g. mechanics\assassin's creed iii\ac3sp.exe] => (Block) C:\program files (x86)\r.g. mechanics\assassin's creed iii\ac3sp.exe
FirewallRules: [TCP Query User{1E72D359-05A9-4160-B74F-9B3A84BBA95B}C:\users\mysterial\desktop\batman arkham asylum\binaries\shippingpc-bmgame.exe] => (Block) C:\users\mysterial\desktop\batman arkham asylum\binaries\shippingpc-bmgame.exe
FirewallRules: [UDP Query User{EAE37B8D-8B06-4CC0-8F58-D6D4365A8851}C:\users\mysterial\desktop\batman arkham asylum\binaries\shippingpc-bmgame.exe] => (Block) C:\users\mysterial\desktop\batman arkham asylum\binaries\shippingpc-bmgame.exe
FirewallRules: [TCP Query User{A9A39489-4D3F-4C34-AB0F-01998E352A6A}C:\program files (x86)\batman arkham asylum\binaries\shippingpc-bmgame.exe] => (Block) C:\program files (x86)\batman arkham asylum\binaries\shippingpc-bmgame.exe
FirewallRules: [UDP Query User{B4B580C8-963C-4EDB-804F-68933C68F11C}C:\program files (x86)\batman arkham asylum\binaries\shippingpc-bmgame.exe] => (Block) C:\program files (x86)\batman arkham asylum\binaries\shippingpc-bmgame.exe
FirewallRules: [TCP Query User{EC0AFF66-976B-4766-AB4B-AE420DDB1E4C}C:\program files (x86)\batman arkham asylum\binaries\shippingpc-bmgame.exe] => (Block) C:\program files (x86)\batman arkham asylum\binaries\shippingpc-bmgame.exe
FirewallRules: [UDP Query User{8DE1240A-7FD6-4F2B-AF9F-ED7C2C772C09}C:\program files (x86)\batman arkham asylum\binaries\shippingpc-bmgame.exe] => (Block) C:\program files (x86)\batman arkham asylum\binaries\shippingpc-bmgame.exe
FirewallRules: [{8636731D-D8D3-4D0B-9620-8048C853A592}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\9.0\Mathematica.exe
FirewallRules: [{37AFCA2E-6083-4127-BE3C-91504CCF7E41}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\9.0\Mathematica.exe
FirewallRules: [{CE720DA9-DE1E-413F-A507-29B4BBD7778D}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\9.0\MathKernel.exe
FirewallRules: [{2F7DE23E-DEDB-495F-8CDF-66C6F4DBE906}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\9.0\MathKernel.exe
FirewallRules: [{B61D3FA5-1E1E-4C86-98D6-6CE4BA52B8BC}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\9.0\math.exe
FirewallRules: [{D48E23C6-9161-45E3-917A-2D152D13A24A}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\9.0\math.exe
FirewallRules: [{9493098D-9E6C-420A-AF1D-8CFBAC4D7B9C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BCB2A16F-4720-48C2-B12E-7A94181C0696}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{5E5149D5-0C4B-4C2C-8D62-324E3D61B06C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{023B550B-8AC5-412E-B84F-7C7A34630425}] => (Allow) C:\Program Files (x86)\Google\Google Talk\googletalk.exe
FirewallRules: [{DA00DB8A-4216-4F37-9F59-A732DA11ED2D}] => (Allow) C:\Program Files (x86)\Google\Google Talk\googletalk.exe
FirewallRules: [{EEBCE00E-194B-4423-B0C5-5310C4D33B1E}] => (Allow) C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\VeohWebPlayer.exe
FirewallRules: [{7564E2EB-DC92-4DB4-BD3D-526ACD296939}] => (Allow) C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\VeohWebPlayer.exe
FirewallRules: [{8555DB9B-70BF-46BC-9A95-90409F9BFC84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{32B84388-2A44-4C40-ACEF-7806146E8585}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [TCP Query User{7A1880DF-2D9A-4F58-899D-38AF8B81BE0E}C:\program files\imagej\imagej.exe] => (Allow) C:\program files\imagej\imagej.exe
FirewallRules: [UDP Query User{FEB47DFB-3FB2-4C7C-88D1-4E22E6CCB1BF}C:\program files\imagej\imagej.exe] => (Allow) C:\program files\imagej\imagej.exe
FirewallRules: [TCP Query User{70C6EBBF-E399-4274-8D86-22E538838480}C:\program files (x86)\assassins creed iv black flag\ac4bfmp.exe] => (Allow) C:\program files (x86)\assassins creed iv black flag\ac4bfmp.exe
FirewallRules: [UDP Query User{B24769FD-F98A-4E44-BE32-BF96E8D772DB}C:\program files (x86)\assassins creed iv black flag\ac4bfmp.exe] => (Allow) C:\program files (x86)\assassins creed iv black flag\ac4bfmp.exe
FirewallRules: [{69B91EF0-882B-4016-BF1C-B3C512EAB808}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{875B4E1A-03D0-410B-B6DB-094868551D89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{12E8F8AD-B97B-4653-89E9-5E8DA82AC65D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{DB83794E-9924-43A8-A614-CB593C4E25BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{A62782B8-7F72-45DB-B6E1-1F58D01FE4A9}] => (Allow) C:\Users\Mysterial\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{74133B99-D66C-4050-978A-1924D4719709}] => (Allow) C:\Users\Mysterial\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{B69A2F27-1AD4-4B7B-9BE9-6216732C852C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{563EA3FB-647E-4BD4-A894-71527A289B06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{5D2A4A21-0278-4C44-A585-A6611C09E089}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{C3C889E1-39F1-46CD-AED6-A0D141550798}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{0F37293B-0211-4EB2-BB9C-34C6F3D5F8E6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0D469555-EB1C-4E90-90FC-F0824C92746C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{3E3C6ABA-EC3B-4450-9FD1-D0EED6105DF3}D:\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) D:\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{B520F00B-FE31-4556-B272-3BDB5B958A6A}D:\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) D:\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [TCP Query User{CAEE738D-CD33-4C73-9A9F-E41B5B738D41}C:\users\mysterial\desktop\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) C:\users\mysterial\desktop\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{D0CF9E97-C227-47F9-B62B-50F07165284E}C:\users\mysterial\desktop\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) C:\users\mysterial\desktop\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [TCP Query User{1097C1D3-0401-457E-9659-3543E5EEDDC5}C:\users\mysterial\appdata\local\temp\e5c5.tmp\kmservice.exe] => (Allow) C:\users\mysterial\appdata\local\temp\e5c5.tmp\kmservice.exe
FirewallRules: [UDP Query User{1C6E9329-E6B6-42AA-A005-BA1F38D25AF2}C:\users\mysterial\appdata\local\temp\e5c5.tmp\kmservice.exe] => (Allow) C:\users\mysterial\appdata\local\temp\e5c5.tmp\kmservice.exe
FirewallRules: [{4E2E2AB0-8A05-4BB1-8F35-959B6B38D94C}] => (Allow) C:\Program Files (x86)\Activision\Prototype\prototypef.exe
FirewallRules: [{E1EB63A5-BD23-4DD1-8E95-B09E892C1DD7}] => (Allow) C:\Program Files (x86)\Activision\Prototype\prototypef.exe
FirewallRules: [{F390446A-7337-4EB6-BC31-B668D3433979}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{640E89F4-EAA8-4B7D-8CC8-3661AB834989}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{87CA4CFB-2647-4A95-8ECB-F7E57066E2AA}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{78FF07DA-D55B-4CD9-9350-A164829299E0}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{5B868860-AACB-44B4-9159-C286C13809C8}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{D7D2F3EE-526B-444D-A522-CA38C48D7B8F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [TCP Query User{F4B632E7-5A1F-4BD5-8F8C-27696ACE2551}C:\users\mysterial\downloads\prototype 2 pc full game + radnet dlc ^^nosteam^^\prototype 2\prototype2.exe] => (Allow) C:\users\mysterial\downloads\prototype 2 pc full game + radnet dlc ^^nosteam^^\prototype 2\prototype2.exe
FirewallRules: [UDP Query User{2C7EAEC3-71B9-4F16-8D40-A346599C2901}C:\users\mysterial\downloads\prototype 2 pc full game + radnet dlc ^^nosteam^^\prototype 2\prototype2.exe] => (Allow) C:\users\mysterial\downloads\prototype 2 pc full game + radnet dlc ^^nosteam^^\prototype 2\prototype2.exe
FirewallRules: [TCP Query User{2DA88BF7-D558-4185-9FD2-094579E7E752}C:\users\mysterial\downloads\prototype 2 pc full game + radnet dlc ^^nosteam^^\prototype 2\prototype2.exe] => (Allow) C:\users\mysterial\downloads\prototype 2 pc full game + radnet dlc ^^nosteam^^\prototype 2\prototype2.exe
FirewallRules: [UDP Query User{6A3E9F04-5533-44A4-A291-D9295527BFDE}C:\users\mysterial\downloads\prototype 2 pc full game + radnet dlc ^^nosteam^^\prototype 2\prototype2.exe] => (Allow) C:\users\mysterial\downloads\prototype 2 pc full game + radnet dlc ^^nosteam^^\prototype 2\prototype2.exe
FirewallRules: [TCP Query User{DD8EF7A6-5013-4997-8BC6-101386EAA031}C:\python34\python.exe] => (Allow) C:\python34\python.exe
FirewallRules: [UDP Query User{45A65A70-E5CA-4D28-8798-7AAC9AD860F1}C:\python34\python.exe] => (Allow) C:\python34\python.exe
FirewallRules: [{F31424FB-0004-4E64-8928-628751AE2369}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{02A6E149-9AE5-4BDF-8036-6BF4100B41AA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{AEAE16BA-C536-4B74-B376-E8E6E07365D4}C:\users\mysterial\appdata\roaming\mozilla\firefox\profiles\0ladad7a.default\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe] => (Allow) C:\users\mysterial\appdata\roaming\mozilla\firefox\profiles\0ladad7a.default\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe
FirewallRules: [UDP Query User{29B425D6-7B3E-4818-9D66-C1720E000C5D}C:\users\mysterial\appdata\roaming\mozilla\firefox\profiles\0ladad7a.default\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe] => (Allow) C:\users\mysterial\appdata\roaming\mozilla\firefox\profiles\0ladad7a.default\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe
FirewallRules: [TCP Query User{CCF5A863-2A7C-4B55-861D-ED904ED53D20}C:\users\mysterial\appdata\local\temp\1390.tmp\kmservice.exe] => (Allow) C:\users\mysterial\appdata\local\temp\1390.tmp\kmservice.exe
FirewallRules: [UDP Query User{E5BDA8F6-E08A-4C25-AB05-A8E65E6FCAF0}C:\users\mysterial\appdata\local\temp\1390.tmp\kmservice.exe] => (Allow) C:\users\mysterial\appdata\local\temp\1390.tmp\kmservice.exe
FirewallRules: [{D768DA46-55D9-4AA5-9BE8-8FAD2239FC99}] => (Allow) C:\Program Files (x86)\Brother\Brmfl05c\FAXRX.exe
FirewallRules: [{87ADE892-C326-4E54-A4CE-A26F18A97E8F}] => (Allow) C:\Program Files (x86)\Brother\Brmfl05c\FAXRX.exe
FirewallRules: [{4C5780C0-4054-4BD9-946D-A9A0A252509A}] => (Allow) LPort=54925
FirewallRules: [{C5B94F90-2901-482E-A15E-55063458580D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{E5B4E74A-52D0-40D2-B36C-C433F86812DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{5BB637FF-F4DF-4244-8612-E136376D7D03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{0DDBB95B-D4EB-4BA6-BFBB-51B144383B8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{56698A94-6AF9-4E75-B0CC-51AFAF6E7309}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0A9ECD77-CF0F-4DC3-B708-58325E1EEEF1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{300CAD3C-2982-426F-84C0-9ECB4F00FEE6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{C9353CB1-E96A-4FA7-BDD8-E2DB0EC8BBA0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{AF28351E-0FC4-4F38-9B5D-03F3C4B271C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EC98A30B-77CE-4BFA-BDAC-56DB20A9585D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{26BD793A-DA13-4D12-8815-B0CE426E1BAF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FDEBABE9-7171-4CB7-B511-971F1E1782A8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C728EA62-8B9D-41F2-8EDA-557808F3C4A4}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9020B7CE-64C0-4A1D-9D6B-A55225A7CE15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{EEECB435-99E7-425E-B720-B8D9EAEBC96B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{8AC54CB7-1A20-4FB1-8FE3-C8A4EF58C9C2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{159F2713-EF53-4CF5-9FEE-3C18D965B2D0}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{9680B5C3-7C0D-4F53-857C-835AE8C141F1}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{15B01675-BB4B-49C8-AFCF-4BB97A8F96BD}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{B3500CF7-34EB-49DE-A627-281055E7A717}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/17/2015 03:15:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"1".
Dependent Assembly UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/17/2015 03:14:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program BitTorrent.exe version 7.9.3.40299 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 7dc

Start Time: 01d09070f2ed7533

Termination Time: 0

Application Path: C:\Users\Mysterial\AppData\Roaming\BitTorrent\BitTorrent.exe

Report Id: 55da841b-fc64-11e4-bdd2-742f68e68afb

Error: (05/17/2015 02:48:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"1".
Dependent Assembly UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/17/2015 02:29:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/17/2015 02:28:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/17/2015 02:27:06 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"1".
Dependent Assembly UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/17/2015 02:22:52 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/15/2015 03:39:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 999

Error: (05/15/2015 03:39:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 999

Error: (05/15/2015 03:39:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (05/17/2015 03:12:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AVG WatchDog service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/17/2015 03:12:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AVGIDSAgent service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/17/2015 03:11:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater3.2.0 service failed to start due to the following error:
%%2

Error: (05/17/2015 03:11:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMService service failed to start due to the following error:
%%5

Error: (05/17/2015 02:19:03 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (05/15/2015 02:51:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (05/15/2015 02:51:15 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (05/09/2015 04:54:13 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (05/09/2015 03:31:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater3.2.0 service failed to start due to the following error:
%%2

Error: (05/09/2015 03:31:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMService service failed to start due to the following error:
%%5


Microsoft Office Sessions:
=========================
Error: (05/17/2015 03:15:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

Error: (05/17/2015 03:14:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: BitTorrent.exe7.9.3.402997dc01d09070f2ed75330C:\Users\Mysterial\AppData\Roaming\BitTorrent\BitTorrent.exe55da841b-fc64-11e4-bdd2-742f68e68afb

Error: (05/17/2015 02:48:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"c:\program files (x86)\windows live\messenger\msnmsgr.exe

Error: (05/17/2015 02:29:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\ManagementConsole.exe

Error: (05/17/2015 02:28:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\RecoveryExpert.exe

Error: (05/17/2015 02:27:06 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

Error: (05/17/2015 02:22:52 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\systeminfo.exe

Error: (05/15/2015 03:39:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 999

Error: (05/15/2015 03:39:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 999

Error: (05/15/2015 03:39:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2015-05-08 17:23:16.845
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-05-08 17:23:16.829
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™ i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 45%
Total physical RAM: 7968.06 MB
Available physical RAM: 4343.61 MB
Total Pagefile: 15934.31 MB
Available Pagefile: 11862.28 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:603.76 GB) (Free:93.08 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: E3102A4B)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=603.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=69.9 GB) - (Type=05)

==================== End Of Log ============================

Attached Files


Edited by Mysterial, 17 May 2015 - 02:53 AM.


#12 Black_Bird

Black_Bird

  • Malware Response Team
  • 228 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:08 AM

Posted 17 May 2015 - 01:32 PM

Hi,

First I want to answer to your questions. Below those answers you can find new steps to follow up.

When I tried uninstalling Hola from the add/remove program in control panel, it says that it has already been uninstalled and that it would be removed from the list.

No problem. We will clean up the rest of it later.

Rkill killed taskbar tweaker - A program I downloaded to mod the windows toolbar

RKill did this by a heuristic analysis of this program. Nothing to worry about, the tweaking problem is known to be free of malicious activity.

Hola is a VPN program I use, Rescuetime is a productivity tracker that logs my time spent in each application.

Hola is malware itself. Please take a look here and here. I advise you to not use it again.

I'd like to bring your attention to problem 3 in the first post of this thread. A 'Microsoft Visual C++ 2010 x86 Redistributable - 10.0.4.40219' and 'Microsoft Visual C++ 2010 x64 Redistributable - 10.0.4.40219' were installed on the date of infection and is visible in the add/remove program. There is another one installed in december with the publisher as a Russian name.

These are just legit Microsoft Windows-updates. You can ignore them.

Another reason for my suspicion is that a restore point with the same name was also created on the date of infection as mentioned in an earlier post, but I am not sure if this was reflected in the logs I posted above.

This restore point was created because of the updates. Again, nothing to worry about.

There is also a Windows Live Mesh ActiveX in Chinese which I don't recall installing.

</