Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Various malware problems


  • Please log in to reply
13 replies to this topic

#1 sara_designs

sara_designs

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:01:18 AM

Posted 25 August 2015 - 05:37 PM

Security Check by Screen317 Results

 

 Results of screen317's Security Check version 1.008  

 Windows 7 Service Pack 1 x64 (UAC is enabled)  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
 Windows Firewall Disabled!  
Quick Heal Internet Security   
 Antivirus out of date!
`````````Anti-malware/Other Utilities Check:`````````
 Duplicate Cleaner Pro 3.2.5  
 Java 8 Update 60  
 Adobe Reader XI  
 Mozilla Firefox (3.6.15) Firefox out of Date!
 Google Chrome (44.0.2403.155) 
 Google Chrome (44.0.2403.157) 
````````Process Check: objlist.exe by Laurent````````
 Quick Heal Quick Heal Internet Security onlinent.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 3% 
````````````````````End of Log``````````````````````
 
 
================
 
 
Malwarebytes AntiMalware results
 
mbam-check result log version:     2.1.1.1001
========================================
 
User Account type:                 Administrator
OS:                                Windows 7 Service Pack 1 Service Pack 1 64 bit Operating System
Current Version and Build:         6.1.7601.0 
Malwarebytes Anti-Malware:         2.1.8.1057
Installed On:                      2015/08/26
Malware Database:                  2015.08.25.06
Rootkit Database:                  2015.08.16.01
Remediation Database:              2015.08.25.01
IP Database:                       2015.07.24.03
Domain Database:                   2015.07.24.02
License:                           Trial
Malware Protection:                4 (The service is running.)
Malicious Website Protection:      4 (The service is running.)
Chameleon:                         0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
Log Created:                       2015/08/26 02:44:04
Compatibility Flag Settings:
=================================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exeREG_SZ VISTARTM
 
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
SeaToolsforWindows.exe        REG_SZ RUNASADMIN
 
Malwarebytes Anti-Malware Shell Extension Block Check:
======================================================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:
 
MBAM Startup Entries: 
=====================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
Malwarebytes Anti-Malware (cleanup)REG_SZ "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
 
Malwarebytes Anti-Malware Service and Driver Status:
=======================================================
 
--------------Driver File Info:--------------
C:\Windows\system32\drivers\mbam.sys
File Size: 25816     BYTES FileVersion: 0.1.15.0 MD5: [a8d28d5b3e2a528d1ef0e338e44f2820]
C:\Windows\system32\drivers\mwac.sys
File Size: 63704     BYTES FileVersion: 1.0.6.0 MD5: [ae757332ea130e94e646621cc695b52a]
C:\Windows\system32\drivers\mbamswissarmy.sys
File Size: 113880    BYTES FileVersion: 0.2.22.0 MD5: [8f22037d3f5a6bb676525d825a1388b9]
C:\Windows\system32\drivers\mbamchameleon.sys
File Size: 109272    BYTES FileVersion: 1.1.20.0 MD5: [e681ce4ae5c09651d53cb4387ca3560e]
 
--------------MBAMProtector:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
--------------MBAMService:--------------
Type:                   16
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
--------------MBAMScheduler:--------------
Type:                   16
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
--------------MBAMChameleon:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A
 
 
--------------MBAMWebAccessControl:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
Required Dependencies:
======================
 
--------------BFE:--------------
Type:                   32
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
DisplayName                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1001
Group                         REG_SZ NetworkProvider
ImagePath                     REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
Description                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1002
ObjectName                    REG_SZ NT AUTHORITY\LocalService
ErrorControl                  REG_DWORD 1
Start                         REG_DWORD 2
Type                          REG_DWORD 32
DependOnService               REG_MULTI_SZ RpcSs
 
ServiceSidType                REG_DWORD 3
RequiredPrivileges            REG_MULTI_SZ SeAuditPrivilege
 
FailureActions                REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters
ServiceDll                    REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll
ServiceDllUnloadOnStop        REG_DWORD 1
ServiceMain                   REG_SZ BfeServiceMain
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime\Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Filter
{b02a4013-b6b5-4859-9168-1e3299e43b24}REG_BINARY Binary Data
 
{d870c96c-75ee-46a6-8a02-8e4401a73423}REG_BINARY Binary Data
 
{8b50e2ec-7cf0-4b71-b42e-5b0536f6cab8}REG_BINARY Binary Data
 
{4137b143-2770-43d4-91a2-55bb0a069830}REG_BINARY Binary Data
 
{3180114b-8338-4740-9a16-444134ad62f4}REG_BINARY Binary Data
 
{17043d46-fac2-4561-bca1-0c7a05e95f5f}REG_BINARY Binary Data
 
{567d3836-3f5b-4067-b9c4-952f677010a2}REG_BINARY Binary Data
 
{4e718c57-c397-4221-9fbb-14fd51701d6a}REG_BINARY Binary Data
 
{3a90a266-1519-4d23-911b-e84cd0f02ab8}REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Provider
{decc16ca-3f33-4346-be1e-8fb4ae0f3d62}REG_BINARY Binary Data
 
{4b153735-1049-4480-aab4-d1b9bdc03710}REG_BINARY Binary Data
 
{1bebc969-61a5-4732-a177-847a0817862a}REG_BINARY Binary Data
 
{aa6a7d87-7f8f-4d2a-be53-fda555cd5fe3}REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\SubLayer
{b3cdd441-af90-41ba-a745-7c6008ff2300}REG_BINARY Binary Data
 
{b3cdd441-af90-41ba-a745-7c6008ff2301}REG_BINARY Binary Data
 
{b3cdd441-af90-41ba-a745-7c6008ff2302}REG_BINARY Binary Data
 
{9ba30013-c84e-47e5-ac6e-1e1aed72fa69}REG_BINARY Binary Data
 
--------------fltmgr:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
AttachWhenLoaded              REG_DWORD 1
DisplayName                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001
Group                         REG_SZ FSFilter Infrastructure
ImagePath                     REG_EXPAND_SZ system32\drivers\fltmgr.sys
Description                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000
ErrorControl                  REG_DWORD 3
Start                         REG_DWORD 0
Tag                           REG_DWORD 1
Type                          REG_DWORD 2
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum
0                             REG_SZ Root\LEGACY_FLTMGR\0000
Count                         REG_DWORD 1
NextInstance                  REG_DWORD 1
 
 
C:\Windows\system32\drivers\fltmgr.sys
File Size: 289664    BYTES FileVersion: 6.1.7601.17514 MD5: [da6b67270fd9db3697b20fce94950741]
C:\Windows\SysWOW64\mscomctl.ocx
File Size: 1069376   BYTES FileVersion: 6.1.98.18 MD5: [d7eef2c46a9880f21be01511024b53ab]
C:\Windows\SysWOW64\olepro32.dll
File Size: 90112     BYTES FileVersion: 6.1.7601.17514 MD5: [703ffd301ab900b047337c5d40fd6f96]
 
 
MBAM Registry Settings and License Info:
========================================
--------------Settings:--------------
Advanced: 
    AutomaticQuarantine:                                       true 
    AutostartProtection:                                       true 
    LimitedMode:                                               false 
    StartSilentMode:                                           false 
    StartupDelay:                                              -15 
ApplicationState: 
    First-Run-After-Installation:                              false 
General: 
    DaysUntilNotifyExpiration:                                 5 
    Language:                                                  en 
    RightClickAccess:                                          false 
    SilentErrors:                                              false 
Logging: 
    ExportLog:                                                 true 
Marketing: 
    LastPostScanMarketingIndex:                                1 
Notification: 
ProtectionTray: 
    DisplayMilliseconds:                                       3000 
ScanHistory: 
    Duration_Complete:                                         695303 
    Duration_Driver:                                           0 
    Duration_Filesystem:                                       646 
    Duration_Heuristics:                                       701464 
    Duration_Loading:                                          0 
    Duration_MasterBootRecord:                                 0 
    Duration_Memory:                                           40000 
    Duration_PreScan:                                          44041 
    Duration_Registry:                                         29867 
    Duration_Sector:                                           0 
    Duration_Startup:                                          24368 
    ItemCount_Complete:                                        284676 
    ItemCount_Driver:                                          0 
    ItemCount_Filesystem:                                      46999 
    ItemCount_Heuristics:                                      11015 
    ItemCount_Loading:                                         0 
    ItemCount_MasterBootRecord:                                0 
    ItemCount_Memory:                                          2797 
    ItemCount_PreScan:                                         44000 
    ItemCount_Registry:                                        595 
    ItemCount_Sector:                                          0 
    ItemCount_Startup:                                         1442 
    LastScanDateEpoch:                                         1440535434781 
    LastScanType:                                              1 (Threat Scan)
Update: 
    LastUpdate:                                                2015-08-25T20:34:50 
    NotifyInstallReady:                                        true 
    NotifyOutdatedDatabase:                                    7 
    ProxyPassword:                                              
    ProxyPort:                                                 0 
    ProxyServer:                                                
    ProxyUsername:                                              
    UseProxy:                                                  false 
    UseProxyAuthentication:                                    false 
--------------Account:--------------
  Account Status:                                              Trial 
  Expiration Time:                                             2015/09/08 20:20:37 
  Activation Time:                                             2015/08/26 01:50:33 
  Trial Used:                                                  true 
--------------Access Policies:--------------
 
Scheduler Queue:
================
 
tasks: 
    20689c47-95a6-4d7d-82c8-5929143c8c91:                       
      parameters:                                               
        AutoDelete:                                            false 
        CheckForUpdatesBeforeScanStart:                        true 
        ScanConfig:                                             
          ExportLog:                                           true 
          FileSystemOption:                                    true 
          Quarantine:                                          Prompt 
          RebootSystemWhenMalwareDetected:                     false 
          ScanArchives:                                        true 
          ScanExtra:                                           true 
          ScanHeuristic:                                       true 
          ScanMemoryObjects:                                   true 
          ScanPUM:                                             2 
          ScanPUP:                                             2 
          ScanRegistry:                                        true 
          ScanRootkits:                                        false 
          ScanSource:                                          1 
          ScanStartup:                                         true 
          ScanTargets:                                          
          ScanType:                                            1 (Threat Scan)
          Silent:                                              true 
        StartTaskFromSystemAccount:                            false 
        TaskType:                                              0 
      triggers:                                                 
        91da7431-29f5-456b-abe5-398d399a5526:                   
          dateinterval:                                        1:0:0 
          lastscheduled:                                        
          lasttriggered:                                        
          nextscheduled:                                       Thu, 27 Aug 2015 03:17:11 +0530 
          recovery:                                            23:00:00 
          start:                                               Thu, 27 Aug 2015 03:07:15 +0530 
          timeinterval:                                        00:00:00 
          type:                                                4 
          uuid:                                                91da7431-29f5-456b-abe5-398d399a5526 
      type:                                                    scan 
      uuid:                                                    20689c47-95a6-4d7d-82c8-5929143c8c91 
    6502f1e3-7a83-46c2-9841-39e1dd9dcb4f:                       
      parameters:                                               
        NotifyWhenUpdateCompletes:                             false 
        TaskType:                                              3 
      triggers:                                                 
        2c3800db-02a6-4f5d-8aea-06b3766471b9:                   
          dateinterval:                                        0:0:0 
          lastscheduled:                                        
          lasttriggered:                                        
          nextscheduled:                                       Wed, 26 Aug 2015 02:52:38.929332 +0530 
          recovery:                                            00:00:00 
          start:                                               Wed, 26 Aug 2015 02:39:48.929332 +0530 
          timeinterval:                                        01:00:00 
          type:                                                3 
          uuid:                                                2c3800db-02a6-4f5d-8aea-06b3766471b9 
      type:                                                    update 
      uuid:                                                    6502f1e3-7a83-46c2-9841-39e1dd9dcb4f 
 
Pending File Rename Operations: 
================================
If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.
 
MBAMProtector Registry Values:
==============================
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector
Type                          REG_DWORD 2
Start                         REG_DWORD 3
ErrorControl                  REG_DWORD 1
ImagePath                     REG_EXPAND_SZ \??\C:\Windows\system32\drivers\mbam.sys
Group                         REG_SZ FSFilter Anti-Virus
DependOnService               REG_MULTI_SZ FltMgr
 
WOW64                         REG_DWORD 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances
DefaultInstance               REG_SZ MBAMProtector Instance
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance
Altitude                      REG_SZ 328800
Flags                         REG_DWORD 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Parameters
PassThruFile                  REG_SZ mbampt.exe
ProductPath                   REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum
0                             REG_SZ Root\LEGACY_MBAMPROTECTOR\0000
Count                         REG_DWORD 1
NextInstance                  REG_DWORD 1
 
MBAMService Registry Values:
============================
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService
Type                          REG_DWORD 16
Start                         REG_DWORD 2
ErrorControl                  REG_DWORD 1
ImagePath                     REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
DependOnService               REG_MULTI_SZ MBAMProtector
 
WOW64                         REG_DWORD 1
ObjectName                    REG_SZ LocalSystem
Description                   REG_SZ Malwarebytes Anti-Malware service
DelayedAutostart              REG_DWORD 0
 
MBAMScheduler Registry Values:
==============================
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler
Type                          REG_DWORD 16
Start                         REG_DWORD 2
ErrorControl                  REG_DWORD 1
ImagePath                     REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
WOW64                         REG_DWORD 1
ObjectName                    REG_SZ LocalSystem
Description                   REG_SZ Malwarebytes Anti-Malware scheduler
 
Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
===============================================================================
 
--------------TERMService:--------------
Type:                   32
State:                  1 (The service is not running.) (State is stopped)
WIN32_EXIT_CODE:        1077
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
TermService Start is set to: 3 (Manual Startup)
 
Proxy Status: No proxy is Set
 
LAN Settings:
=============
 
only 'Automatically detect settings' is selected
 
SystemPartition:
================
 
HKEY_LOCAL_MACHINE\SYSTEM\Setup\
SystemPartition REG_SZ \Device\HarddiskVolume1
 
Balloon Tips Status:
====================
 
Enabled
 
Time Format Settings:
=====================
 
Should be:
h:mm:ss tt
AM 
PM 
:
 
Currently:
REG_SZ h:mm:ss tt
REG_SZ AM
REG_SZ PM
REG_SZ :
 
Language and Regional Settings:
===============================
 
ACP: Language is English (United States)
MACCP: Language is English (United States)
OEMCP: Language is English (United States)
 
Startup Folders for Error_Expanding_Variables Check:
====================================================
 
All Users Startup Folder Exists.
Current User's Startup Folder Exists.
 
 
Context Menu Entries:
=====================
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
List of MBAM Related Directories:
=================================
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\
7z.dll                                   File Size: 920888    BYTES FileVersion:  9.20.0.0       MD5: [90cc5c5c5347eee0909d5bbbe4ea4321]
changes.txt                             File Size: 3003      BYTES FileVersion:  N/A            MD5: [17b6dc5b45f9558ea11ee7b95da9b684]
cloud-enumeration.dll                   File Size: 286008    BYTES FileVersion:  1.0.0.0        MD5: [932c98b79d8dc1409d6c74efd715135e]
cloud.dll                               File Size: 351544    BYTES FileVersion:  1.0.0.0        MD5: [5d383e601d77e4e82b64c6c3e4b823b3]
license.rtf                             File Size: 235316    BYTES FileVersion:  N/A            MD5: [5980b191ffe5d53bfef600b97ad533b5]
master.conf                             File Size: 1258      BYTES FileVersion:  N/A            MD5: [9702ca5e82d3756c6d8af34a2ababaea]
mbam.dll                                 File Size: 602936    BYTES FileVersion:  1.0.37.0       MD5: [a3043182dcef5612c928517985bd545a]
mbam.exe                                 File Size: 6554424   BYTES FileVersion:  2.3.55.0       MD5: [abff2b3a80aa5348be5e43efd6b415d1]
mbamcore.dll                             File Size: 1971512   BYTES FileVersion:  1.3.11.0       MD5: [51b5bea5015b2e37c4f4d496441f8369]
mbamdor.exe                             File Size: 54072     BYTES FileVersion:  1.0.1.0        MD5: [a994a921e954ba55bea4cc8767f64e0f]
mbamext.dll                             File Size: 310584    BYTES FileVersion:  3.0.6.0        MD5: [7a4c3c98cc41d06e26cc4cc5d9d06200]
mbampt.exe                               File Size: 39736     BYTES FileVersion:  1.0.0.0        MD5: [f872caff0cc1fe69d55cbb10c087a00a]
mbamresearch.exe                         File Size: 1947960   BYTES FileVersion:  1.1.0.0        MD5: [7fb4e7cfabfdc99b88165ecfc0c532c5]
mbamscheduler.exe                       File Size: 1871160   BYTES FileVersion:  3.1.3.0        MD5: [301e3fdfcf33640bb8763ba444bc5093]
mbamservice.exe                         File Size: 1133880   BYTES FileVersion:  3.2.13.0       MD5: [83c982a395d00baff6515fb38424ea76]
mbamsrv.dll                             File Size: 3841336   BYTES FileVersion:  2.1.2.0        MD5: [b3273340603058e7e89964abeea0aa4b]
msvcp100.dll                             File Size: 421688    BYTES FileVersion:  10.0.40219.325 MD5: [650f2286252c8854ac5846940d181d3a]
msvcr100.dll                             File Size: 774456    BYTES FileVersion:  10.0.40219.325 MD5: [005f96c221719c03671c0262a4a93521]
Qt5Core.dll                             File Size: 4645688   BYTES FileVersion:  5.4.1.0        MD5: [a8fceb6261751b709a84ce4a3726439f]
Qt5Gui.dll                               File Size: 4639032   BYTES FileVersion:  5.4.1.0        MD5: [cdfa353db0a56a394b1fd8346c905069]
Qt5Network.dll                           File Size: 672056    BYTES FileVersion:  5.4.1.0        MD5: [e4fd655cc85eb6063a8cef66f4e5ed55]
Qt5Widgets.dll                           File Size: 4473656   BYTES FileVersion:  5.4.1.0        MD5: [5a48fe8fc8b20960713e172a83cca0f5]
Third-party-notices.txt                 File Size: 70041     BYTES FileVersion:  N/A            MD5: [915ab4fe416654fbc412019a0a1002ac]
unins000.dat                             File Size: 30525     BYTES FileVersion:  N/A            MD5: [45f36f9e1cb7b5154201b853a68b0fa7]
unins000.exe                             File Size: 718037    BYTES FileVersion:  51.52.0.0      MD5: [d2796ecf50731e696f0c065d24c0827a]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon\Windows
chameleon.chm                           File Size: 235882    BYTES FileVersion:  N/A            MD5: [c4190b71f037714aa77aba294434ba5b]
firefox.com                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
firefox.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
firefox.pif                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
firefox.scr                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
iexplore.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
mbam-chameleon.com                       File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
mbam-chameleon.exe                       File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
mbam-chameleon.pif                       File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
mbam-chameleon.scr                       File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
mbam-killer.exe                         File Size: 1496888   BYTES FileVersion:  3.0.13.0       MD5: [10ddd12d628a5388865f2ae25019dd76]
rundll32.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
svchost.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
windows.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
winlogon.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\imageformats
qgif.dll                                 File Size: 28472     BYTES FileVersion:  5.4.1.0        MD5: [8858629a544c7c0536c35561040a2d78]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Languages
lang_ar.qm                               File Size: 87320     BYTES FileVersion:  N/A            MD5: [7a7c7e14fcf3f14d6b269295e877750c]
lang_bg.qm                               File Size: 109563    BYTES FileVersion:  N/A            MD5: [654b95c228a72131aca7cb26e964dcf9]
lang_ca.qm                               File Size: 92640     BYTES FileVersion:  N/A            MD5: [533208d2306e5ad1e5972650f69d8c22]
lang_cs.qm                               File Size: 105006    BYTES FileVersion:  N/A            MD5: [508844d9e9aa364aa53bc77adf4f42a8]
lang_da.qm                               File Size: 88045     BYTES FileVersion:  N/A            MD5: [e3bc3cdfcf360d319319299d8cd66506]
lang_de.qm                               File Size: 133736    BYTES FileVersion:  N/A            MD5: [9b6c6a0d6bc188c1d86ea9342b8035da]
lang_el.qm                               File Size: 126414    BYTES FileVersion:  N/A            MD5: [3d112a79eca581d1775fd96b3c5870bb]
lang_en.qm                               File Size: 2849      BYTES FileVersion:  N/A            MD5: [d495fecf1db29d41317196416d5ea6c2]
lang_es.qm                               File Size: 132948    BYTES FileVersion:  N/A            MD5: [455f47414f13f8942ee6652dd194c46a]
lang_et.qm                               File Size: 107454    BYTES FileVersion:  N/A            MD5: [ef9d8fcc151759a2cf100afe2889d5e5]
lang_fi.qm                               File Size: 89336     BYTES FileVersion:  N/A            MD5: [09f12751811f8c1a46f6308ab1968ff7]
lang_fr.qm                               File Size: 136774    BYTES FileVersion:  N/A            MD5: [581b5833e2fa89003ff8349390323790]
lang_he.qm                               File Size: 98616     BYTES FileVersion:  N/A            MD5: [a9cb152f93da040fb9451d750f359c3e]
lang_hu.qm                               File Size: 108619    BYTES FileVersion:  N/A            MD5: [042e132aa420bb7807dc6ea150d21c84]
lang_id.qm                               File Size: 105573    BYTES FileVersion:  N/A            MD5: [1352510fd6296523d239363d90d493ad]
lang_it.qm                               File Size: 129004    BYTES FileVersion:  N/A            MD5: [993c14184487084aedf79471b337606b]
lang_ja.qm                               File Size: 73730     BYTES FileVersion:  N/A            MD5: [e1ae65ac342628156abb2cdc36508929]
lang_ko.qm                               File Size: 85538     BYTES FileVersion:  N/A            MD5: [e495736a22b566cd27cef405507c0b55]
lang_lt.qm                               File Size: 90775     BYTES FileVersion:  N/A            MD5: [2605701cc94ca4ee2ef0be3aaa617d64]
lang_lv.qm                               File Size: 90647     BYTES FileVersion:  N/A            MD5: [c9dda1e18b4869c60b8df14907dd5e46]
lang_nl.qm                               File Size: 128186    BYTES FileVersion:  N/A            MD5: [193e199cefe0429da41d564af35786e7]
lang_no.qm                               File Size: 118156    BYTES FileVersion:  N/A            MD5: [a7a243c9ac9e1efc71f8cdeb8c6ed4bf]
lang_pl.qm                               File Size: 128623    BYTES FileVersion:  N/A            MD5: [9e4c6ca1532843c77ddb07b8a1bcac08]
lang_pt_BR.qm                           File Size: 131550    BYTES FileVersion:  N/A            MD5: [418b8766d7e7a2a4806ed4d97d18e80f]
lang_pt_PT.qm                           File Size: 131702    BYTES FileVersion:  N/A            MD5: [34f70f2a89733552373fa935200c2a0a]
lang_ro.qm                               File Size: 90440     BYTES FileVersion:  N/A            MD5: [24bf3ee283cf5a3fd4c93bba6c9fc12b]
lang_ru.qm                               File Size: 132186    BYTES FileVersion:  N/A            MD5: [08e1303dba20e8e1957ae1de2ccb4550]
lang_sk.qm                               File Size: 89139     BYTES FileVersion:  N/A            MD5: [82ddef8ec6d13b1d4601e7104243ecc9]
lang_sl.qm                               File Size: 107472    BYTES FileVersion:  N/A            MD5: [c8e3fae6ae3980aec292baa6cb8eac89]
lang_sv.qm                               File Size: 105939    BYTES FileVersion:  N/A            MD5: [646ad8e20658650d4d1daa63b5abb9b6]
lang_tr.qm                               File Size: 88788     BYTES FileVersion:  N/A            MD5: [6c4e9b16e496ab46d4a1d3333d972762]
lang_vi.qm                               File Size: 105393    BYTES FileVersion:  N/A            MD5: [d1b2c9264ef72792b53255d4dfeb3098]
lang_zh_TW.qm                           File Size: 87358     BYTES FileVersion:  N/A            MD5: [1ebfe79770cf695df897750b3c2d5a08]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\platforms
qwindows.dll                             File Size: 928568    BYTES FileVersion:  5.4.1.0        MD5: [15d93b1f5171eacf7724b2f728a064c4]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Plugins
fixdamage.exe                           File Size: 821560    BYTES FileVersion:  1.1.0.1010     MD5: [57da74e5d020877f0aa23133081a1d5c]
 
C:\Users\Dell\AppData\Roaming\Malwarebytes\Malwarebytes Anti-Malware
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware
actions.ref                             File Size: 2538      BYTES FileVersion:  N/A            MD5: [efaa292576cd277eba30345910625034]
akadomains.ref                           File Size: 594620    BYTES FileVersion:  N/A            MD5: [339b0d80bd8d8d93b7b328318c0656f5]
akaips.ref                               File Size: 283420    BYTES FileVersion:  N/A            MD5: [9b72372775650a2d5631562dec4677b7]
cleanup.dat                             File Size: 46121     BYTES FileVersion:  N/A            MD5: [803cbc4c8cd63146d1d200a7bcb4f54d]
cleanup.dll                             File Size: 1971512   BYTES FileVersion:  1.3.11.0       MD5: [51b5bea5015b2e37c4f4d496441f8369]
domains.ref                             File Size: 94        BYTES FileVersion:  N/A            MD5: [da07da8abeb59d060bc709b28e62bb94]
exclusions.dat                           File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
ips.ref                                 File Size: 35        BYTES FileVersion:  N/A            MD5: [c78acab9f50caa91df2cc3302080c012]
mbamdor.exe                             File Size: 54072     BYTES FileVersion:  1.0.1.0        MD5: [a994a921e954ba55bea4cc8767f64e0f]
rules.ref                               File Size: 10114798  BYTES FileVersion:  N/A            MD5: [eebb75c9e53184471cf98a98747c0a83]
swissarmy.ref                           File Size: 25954     BYTES FileVersion:  N/A            MD5: [2c81587c27a36ed4925f2942c7a56053]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration
build.conf                               File Size: 4608      BYTES FileVersion:  N/A            MD5: [2cdcae0cd6f3ad2054d1aba1f40f245d]
database.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
gatekeeper.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
license.conf                             File Size: 1472      BYTES FileVersion:  N/A            MD5: [fc70eb478b2e65beaddf6f8c1ae18f12]
manifest.conf                           File Size: 3385      BYTES FileVersion:  N/A            MD5: [683d0dec2c04ac494e8f4b3c23218dce]
marketing.conf                           File Size: 10950     BYTES FileVersion:  N/A            MD5: [5ad3a72e5b10c37dde91af5b50bb5d94]
net.conf                                 File Size: 6904      BYTES FileVersion:  N/A            MD5: [47dd33b3364d6de9b55e6b519af26f0c]
notifications.conf                       File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
scheduler.conf                           File Size: 1975      BYTES FileVersion:  N/A            MD5: [4e72221ed7164b98a44376a6db07d67c]
settings.conf                           File Size: 2064      BYTES FileVersion:  N/A            MD5: [d0c2e3c8a5e8e90ef4456ff66db403e9]
statistics.conf                         File Size: 513       BYTES FileVersion:  N/A            MD5: [3ded5d8621377d16760885dd7a10d40b]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration\Restore
build.conf                               File Size: 4194      BYTES FileVersion:  N/A            MD5: [402aa68f7a914337069a7a826a856503]
database.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
gatekeeper.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
license.conf                             File Size: 23        BYTES FileVersion:  N/A            MD5: [0ec01df616b565180556881d8042255b]
manifest.conf                           File Size: 2836      BYTES FileVersion:  N/A            MD5: [12da8707e6aa5c2dfafca55395a8bdbd]
marketing.conf                           File Size: 11105     BYTES FileVersion:  N/A            MD5: [4bbcad9dd8e558eb9996d32f37cd25e2]
net.conf                                 File Size: 6133      BYTES FileVersion:  N/A            MD5: [78d9d986b84b11f36330303a86a2be82]
notifications.conf                       File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
scheduler.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
settings.conf                           File Size: 1725      BYTES FileVersion:  N/A            MD5: [5454026126dac24f6e96eeb0c64123d3]
statistics.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
mbam-log-2015-08-26 (02-13-46).xml       File Size: 76074     BYTES FileVersion:  N/A            MD5: [843fd1ef0723f0663525f97e8e5e85f0]
protection-log-2015-08-26.xml           File Size: 5973      BYTES FileVersion:  N/A            MD5: [96685bb6e1328eac345fc1d51754ee8a]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine
0026067958.data                         File Size: 706       BYTES FileVersion:  N/A            MD5: [6daeb999aeb4843a349b0925c927702a]
0026067958.quar                         File Size: 1579520   BYTES FileVersion:  N/A            MD5: [2f9f2d3f192d5c88ba47893019e4397c]
0109239658.data                         File Size: 732       BYTES FileVersion:  N/A            MD5: [6ded8cb426a4369ff75d7a7cee458148]
0109239658.quar                         File Size: 68608     BYTES FileVersion:  N/A            MD5: [0f4ea30cbe6cfe6de2d072f6613b5942]
0125818162.data                         File Size: 710       BYTES FileVersion:  N/A            MD5: [fe3da799d0adca3ad129d8e7133e734b]
0282319920.data                         File Size: 710       BYTES FileVersion:  N/A            MD5: [0aed66cc0ad474aa99f265a620035999]
0282319920.quar                         File Size: 1680      BYTES FileVersion:  N/A            MD5: [fc12a63544241f8f05f5ad4937475d5f]
0494504062.data                         File Size: 716       BYTES FileVersion:  N/A            MD5: [65175db38df246386036c9fe7dcfe3ea]
0494504062.quar                         File Size: 761856    BYTES FileVersion:  N/A            MD5: [5d53ad607d419b10a8b981c80e6f6b4b]
0570920561.data                         File Size: 860       BYTES FileVersion:  N/A            MD5: [1ae9f22279158b96d9eb79c98c57fcfc]
0602657749.data                         File Size: 741       BYTES FileVersion:  N/A            MD5: [b24fdc81a9240d64d5d79e687755718c]
0602657749.quar                         File Size: 209920    BYTES FileVersion:  N/A            MD5: [19da658f602861caaaa6199d258f2d2f]
0621091504.data                         File Size: 710       BYTES FileVersion:  N/A            MD5: [baa2f51f6062c9961f1b09c43835bc5f]
0621091504.quar                         File Size: 1660      BYTES FileVersion:  N/A            MD5: [d88c0b6fd8c4592116b64892048bf174]
0661973929.data                         File Size: 714       BYTES FileVersion:  N/A            MD5: [38057a8cd20c9ddc7a4d30a449a461e3]
0661973929.quar                         File Size: 155648    BYTES FileVersion:  N/A            MD5: [5eb9ef78312eff1026faa0d8add3a21e]
0697878360.data                         File Size: 728       BYTES FileVersion:  N/A            MD5: [d3c5f306cb5c21aa145cf787e00eeba5]
0697878360.quar                         File Size: 46080     BYTES FileVersion:  N/A            MD5: [9aa1722a20e30eaf565d4c3f86436581]
0799468462.data                         File Size: 708       BYTES FileVersion:  N/A            MD5: [d6241d23d8b66502fe6259debd6f17af]
0799468462.quar                         File Size: 595279    BYTES FileVersion:  N/A            MD5: [e03f7fef106ea9f3084b487e35fb7c33]
0887037479.data                         File Size: 710       BYTES FileVersion:  N/A            MD5: [d1828e302228e67a904f4bfb04d49d24]
1037759659.data                         File Size: 733       BYTES FileVersion:  N/A            MD5: [f43174fdab98972d2e9e0b5d0390950e]
1037759659.quar                         File Size: 32768     BYTES FileVersion:  N/A            MD5: [ac900843a59afdbb3033b53055bdb651]
1120765175.data                         File Size: 705       BYTES FileVersion:  N/A            MD5: [84481ad0a416372a43df021e611f1270]
1120765175.quar                         File Size: 14021696  BYTES FileVersion:  N/A            MD5: [22236f031a27d0448a7347e783bdb671]
1165549884.data                         File Size: 717       BYTES FileVersion:  N/A            MD5: [7fd69131a428f6cee5c4e14df319491c]
1165549884.quar                         File Size: 155648    BYTES FileVersion:  N/A            MD5: [644336bc960e3c04066f45c1a6ec93c7]
1290059418.data                         File Size: 741       BYTES FileVersion:  N/A            MD5: [8a505a022ebdd2ae7d8421029e76c380]
1290059418.quar                         File Size: 161792    BYTES FileVersion:  N/A            MD5: [654bc56b7cbc2d9b31b1d39f2e515893]
1325960290.data                         File Size: 726       BYTES FileVersion:  N/A            MD5: [ad515c6e1e99a08560f3de60bff8502f]
1325960290.quar                         File Size: 46080     BYTES FileVersion:  N/A            MD5: [57c479b10d2e28745371bdddcc034ff8]
1347505260.data                         File Size: 966       BYTES FileVersion:  N/A            MD5: [b995208b567839532ba4794dfc28e32e]
1371768493.data                         File Size: 732       BYTES FileVersion:  N/A            MD5: [2dfb33f0d06d1500f77b6b6e2674bbe0]
1371768493.quar                         File Size: 68608     BYTES FileVersion:  N/A            MD5: [0f4ea30cbe6cfe6de2d072f6613b5942]
1453416899.data                         File Size: 729       BYTES FileVersion:  N/A            MD5: [b88837b877fbf85434f472e3ccf03525]
1453416899.quar                         File Size: 220672    BYTES FileVersion:  N/A            MD5: [d438943f7c03b1c79f7558ac21242c1f]
1491056365.data                         File Size: 725       BYTES FileVersion:  N/A            MD5: [90213a703e28dec045e0a53c022d3e89]
1491056365.quar                         File Size: 488       BYTES FileVersion:  N/A            MD5: [c33b0b1fe11a3b1bcf722626103acc8f]
1539611851.data                         File Size: 728       BYTES FileVersion:  N/A            MD5: [7a14b2924ed5eabf69980910a92fc2d3]
1539611851.quar                         File Size: 46080     BYTES FileVersion:  N/A            MD5: [9aa1722a20e30eaf565d4c3f86436581]
1566849742.data                         File Size: 720       BYTES FileVersion:  N/A            MD5: [dd83cf7386f9c62af41e7b68790cac0d]
1566849742.quar                         File Size: 595279    BYTES FileVersion:  N/A            MD5: [e03f7fef106ea9f3084b487e35fb7c33]
1664187162.data                         File Size: 705       BYTES FileVersion:  N/A            MD5: [a1e0ca71234d019e06d8dcda408181e7]
1664187162.quar                         File Size: 14177368  BYTES FileVersion:  N/A            MD5: [6244c03ee7c9e330507cd779377f3973]
1676693339.data                         File Size: 795       BYTES FileVersion:  N/A            MD5: [0e7338eecfdce847c11ab9073ee80455]
1677867026.data                         File Size: 842       BYTES FileVersion:  N/A            MD5: [c262019e86b670dc7e2110634f0ea52f]
1755943031.data                         File Size: 714       BYTES FileVersion:  N/A            MD5: [a7e58f894812ca813f201d1edba73d81]
1755943031.quar                         File Size: 1293056   BYTES FileVersion:  N/A            MD5: [42c5542f29e608b97078e47f7be51aa5]
1758149295.data                         File Size: 708       BYTES FileVersion:  N/A            MD5: [2dec11cc1b26f9fa28a2cac4c80faa6b]
1820547168.data                         File Size: 733       BYTES FileVersion:  N/A            MD5: [a1cf0ccc614c3220d0c1e856a8d9c7cd]
1820547168.quar                         File Size: 32768     BYTES FileVersion:  N/A            MD5: [ac900843a59afdbb3033b53055bdb651]
1961619670.data                         File Size: 795       BYTES FileVersion:  N/A            MD5: [143875e802ca10fc8d696968304a8155]
1963768352.data                         File Size: 717       BYTES FileVersion:  N/A            MD5: [518bcbef924f41cfc02075b4b52a6abe]
2013218061.data                         File Size: 716       BYTES FileVersion:  N/A            MD5: [e34834696415467866a97b46d1c97bf6]
2013218061.quar                         File Size: 761856    BYTES FileVersion:  N/A            MD5: [5d53ad607d419b10a8b981c80e6f6b4b]
2025138676.data                         File Size: 717       BYTES FileVersion:  N/A            MD5: [b9044f6210bcb52d191380f5a5307913]
2025138676.quar                         File Size: 1252396   BYTES FileVersion:  N/A            MD5: [1fb9b4aca7abc8520bcf8c927edb9f6c]
2100201626.data                         File Size: 733       BYTES FileVersion:  N/A            MD5: [e87186aaf1de15bcb458cfa3de122e1b]
2100201626.quar                         File Size: 32768     BYTES FileVersion:  N/A            MD5: [ac900843a59afdbb3033b53055bdb651]
2110688563.data                         File Size: 733       BYTES FileVersion:  N/A            MD5: [59505aa4a4823b58d37f1a4c47cb2611]
2110688563.quar                         File Size: 32768     BYTES FileVersion:  N/A            MD5: [ac900843a59afdbb3033b53055bdb651]
2215167452.data                         File Size: 706       BYTES FileVersion:  N/A            MD5: [f33708b3cf3094efe19e1cbf77a9dda7]
2215167452.quar                         File Size: 1246720   BYTES FileVersion:  N/A            MD5: [a7f1fb9b627b73d0e471e45cd27996ec]
2221496781.data                         File Size: 733       BYTES FileVersion:  N/A            MD5: [fdffdb3cdbc3782256ef009be9b10027]
2221496781.quar                         File Size: 33480     BYTES FileVersion:  N/A            MD5: [2196f1ef2315aece2aa147600ccd26d0]
2276255902.data                         File Size: 712       BYTES FileVersion:  N/A            MD5: [247e69611d8ae696a25c3e68c98e16dc]
2276255902.quar                         File Size: 1         BYTES FileVersion:  N/A            MD5: [8277e0910d750195b448797616e091ad]
2285090973.data                         File Size: 729       BYTES FileVersion:  N/A            MD5: [0a1b7c8cc91381299142bdfff269ca2e]
2285090973.quar                         File Size: 220672    BYTES FileVersion:  N/A            MD5: [945c6a258f9c7163cd248f9af5708481]
2343010135.data                         File Size: 721       BYTES FileVersion:  N/A            MD5: [1f0727326e13fe9be92812d37dfecb14]
2343010135.quar                         File Size: 595279    BYTES FileVersion:  N/A            MD5: [e03f7fef106ea9f3084b487e35fb7c33]
2345280439.data                         File Size: 705       BYTES FileVersion:  N/A            MD5: [bf7e44a61604387c17e1974cd0d39089]
2345280439.quar                         File Size: 14021696  BYTES FileVersion:  N/A            MD5: [22236f031a27d0448a7347e783bdb671]
2360289208.data                         File Size: 722       BYTES FileVersion:  N/A            MD5: [94ff297a4c2d64a8663b683d4ee992fd]
2360289208.quar                         File Size: 22528     BYTES FileVersion:  N/A            MD5: [5ef1d871629713cb5285aa6aa5708ca2]
2554232651.data                         File Size: 720       BYTES FileVersion:  N/A            MD5: [5f6c4f65318c61d2d6697873f88054cb]
2554232651.quar                         File Size: 68608     BYTES FileVersion:  N/A            MD5: [0f4ea30cbe6cfe6de2d072f6613b5942]
2569646949.data                         File Size: 733       BYTES FileVersion:  N/A            MD5: [b556566bb2b07198ee0a7e30b7adb6e2]
2569646949.quar                         File Size: 209920    BYTES FileVersion:  N/A            MD5: [19da658f602861caaaa6199d258f2d2f]
2570504124.data                         File Size: 741       BYTES FileVersion:  N/A            MD5: [21c51eb3aba04457a1194b9e2d70eab8]
2570504124.quar                         File Size: 357888    BYTES FileVersion:  N/A            MD5: [91ae649af76fe9ef2a91b5b9e81d06cc]
2596847807.data                         File Size: 728       BYTES FileVersion:  N/A            MD5: [689875a7c516eb3296bd878b7b883d27]
2596847807.quar                         File Size: 46080     BYTES FileVersion:  N/A            MD5: [9aa1722a20e30eaf565d4c3f86436581]
2681740289.data                         File Size: 716       BYTES FileVersion:  N/A            MD5: [1695ee75492acd8eac566983a8a5f59a]
2681740289.quar                         File Size: 761856    BYTES FileVersion:  N/A            MD5: [5d53ad607d419b10a8b981c80e6f6b4b]
2746670597.data                         File Size: 714       BYTES FileVersion:  N/A            MD5: [2dac317b5eea1ba459a651f0687ca527]
2746670597.quar                         File Size: 155648    BYTES FileVersion:  N/A            MD5: [5eb9ef78312eff1026faa0d8add3a21e]
2750932021.data                         File Size: 727       BYTES FileVersion:  N/A            MD5: [6b5bf2f0e49da24d35fcaec14400cc50]
2750932021.quar                         File Size: 862       BYTES FileVersion:  N/A            MD5: [ae3fdc65c9a9c50ac91ea275215466db]
2790547479.data                         File Size: 711       BYTES FileVersion:  N/A            MD5: [629c13f5aae9172b867b0fc32834f82e]
2790547479.quar                         File Size: 6334      BYTES FileVersion:  N/A            MD5: [fde13f01c11561e76a403590f3e5637c]
2817729122.data                         File Size: 736       BYTES FileVersion:  N/A            MD5: [961c18e6128bca48ec6b4156a0bfd6c4]
2817729122.quar                         File Size: 48784     BYTES FileVersion:  N/A            MD5: [de490ecd55dd330a148ae6a0e77e5d2b]
2875228486.data                         File Size: 875       BYTES FileVersion:  N/A            MD5: [5aa51f53c86f224dea0c80c46c95d5d5]
2877472226.data                         File Size: 710       BYTES FileVersion:  N/A            MD5: [4cf35e8775a0957c37e805b6e748fa71]
2877472226.quar                         File Size: 520       BYTES FileVersion:  N/A            MD5: [dcbc8ecb86c6b90fd6a012d008fb0ca1]
3020998939.data                         File Size: 790       BYTES FileVersion:  N/A            MD5: [867d8c4a5bedc3c99f403301700e9d69]
3113091031.data                         File Size: 729       BYTES FileVersion:  N/A            MD5: [ba44e27ca7252cefdb638773bcca5558]
3113091031.quar                         File Size: 220672    BYTES FileVersion:  N/A            MD5: [d438943f7c03b1c79f7558ac21242c1f]
3143101191.data                         File Size: 702       BYTES FileVersion:  N/A            MD5: [9b95d90252804dffefe33a44acb262f5]
3143101191.quar                         File Size: 1680      BYTES FileVersion:  N/A            MD5: [fc12a63544241f8f05f5ad4937475d5f]
3255166148.data                         File Size: 745       BYTES FileVersion:  N/A            MD5: [951b921ed17349c506f73cd37f7aa7ea]
3255166148.quar                         File Size: 526       BYTES FileVersion:  N/A            MD5: [ca171e95956e37390636cd2d9d209249]
3399097362.data                         File Size: 726       BYTES FileVersion:  N/A            MD5: [113a7a864e4225e5ee36262fc09efef8]
3399097362.quar                         File Size: 46080     BYTES FileVersion:  N/A            MD5: [57c479b10d2e28745371bdddcc034ff8]
3409514552.data                         File Size: 799       BYTES FileVersion:  N/A            MD5: [17eaa2d2e9994aa9acdf299ab61ae84b]
3409514552.quar                         File Size: 1172      BYTES FileVersion:  N/A            MD5: [01291592418f087aea91d633219072c1]
3447887632.data                         File Size: 701       BYTES FileVersion:  N/A            MD5: [707c46930c6cb62797916cfc6ab0f17d]
3512311643.data                         File Size: 741       BYTES FileVersion:  N/A            MD5: [dd1c4e2b250ce34f36879f20d077693a]
3512311643.quar                         File Size: 807760    BYTES FileVersion:  N/A            MD5: [179003cfe7bab9f7073afca2cb78d9ee]
3602008585.data                         File Size: 840       BYTES FileVersion:  N/A            MD5: [e9e52e9730cc0f455ba79787e7a6770f]
3714843505.data                         File Size: 721       BYTES FileVersion:  N/A            MD5: [b3a88e048e07b3b10fd1b89b99c79042]
3714843505.quar                         File Size: 708264    BYTES FileVersion:  N/A            MD5: [88033a657757c39174129b759f6d11fe]
4021694815.data                         File Size: 752       BYTES FileVersion:  N/A            MD5: [4af7e2e68d157429a662383ee00b6a50]
4021694815.quar                         File Size: 688       BYTES FileVersion:  N/A            MD5: [2ee90934e69c9dde1c0edc5edabb06f6]
4064719362.data                         File Size: 714       BYTES FileVersion:  N/A            MD5: [a41bc856ca35b2d8c045afa07c59b7c0]
4064719362.quar                         File Size: 155648    BYTES FileVersion:  N/A            MD5: [5eb9ef78312eff1026faa0d8add3a21e]
4178495352.data                         File Size: 722       BYTES FileVersion:  N/A            MD5: [ceb14619c34f3ad4135c2122c0b96776]
4178495352.quar                         File Size: 22528     BYTES FileVersion:  N/A            MD5: [58a31a2f9bd6570bfd09c2550d1f4403]
4190756530.data                         File Size: 717       BYTES FileVersion:  N/A            MD5: [2eef5b59efaa8a0579f39bc60642f322]
4190756530.quar                         File Size: 311296    BYTES FileVersion:  N/A            MD5: [c14dc9f9ae50d74d63ef60587884122a]
4231741722.data                         File Size: 726       BYTES FileVersion:  N/A            MD5: [65b2c2e867f3bec36474b563fc1cc848]
4231741722.quar                         File Size: 46080     BYTES FileVersion:  N/A            MD5: [57c479b10d2e28745371bdddcc034ff8]
4245362264.data                         File Size: 724       BYTES FileVersion:  N/A            MD5: [79fa223dc7557fffa65c7e5425e4c9de]
4245362264.quar                         File Size: 48        BYTES FileVersion:  N/A            MD5: [1c30a153c0cca91debd5485dffab7ec6]
4262039186.data                         File Size: 696       BYTES FileVersion:  N/A            MD5: [770e388c8ffeb82932d483379a2f664b]
4262039186.quar                         File Size: 591360    BYTES FileVersion:  N/A            MD5: [134825b5d4b4f0b0834ff476760e6a8a]
4270379315.data                         File Size: 705       BYTES FileVersion:  N/A            MD5: [e72aa198c57f0c89bfb9d717f36437de]
4270379315.quar                         File Size: 14177368  BYTES FileVersion:  N/A            MD5: [6244c03ee7c9e330507cd779377f3973]
4289608101.data                         File Size: 745       BYTES FileVersion:  N/A            MD5: [1adbcd6576ae951763b07ccb7572f284]
4289608101.quar                         File Size: 33480     BYTES FileVersion:  N/A            MD5: [2196f1ef2315aece2aa147600ccd26d0]
4293445366.data                         File Size: 722       BYTES FileVersion:  N/A            MD5: [19b16870e03622277887d93b9d0d5cef]
4293445366.quar                         File Size: 22528     BYTES FileVersion:  N/A            MD5: [58a31a2f9bd6570bfd09c2550d1f4403]
4333556162.data                         File Size: 720       BYTES FileVersion:  N/A            MD5: [f1778db536d40f172403d983010d191d]
4333556162.quar                         File Size: 68608     BYTES FileVersion:  N/A            MD5: [0f4ea30cbe6cfe6de2d072f6613b5942]
4340895873.data                         File Size: 763       BYTES FileVersion:  N/A            MD5: [0c1c01bc35b54690521aef87b65901fe]
4340895873.quar                         File Size: 702       BYTES FileVersion:  N/A            MD5: [2da90158cb3630012af2cf860dae12c5]
4418746168.data                         File Size: 795       BYTES FileVersion:  N/A            MD5: [351a3290a114cf209675bc176ed478a8]
4419687586.data                         File Size: 708       BYTES FileVersion:  N/A            MD5: [0003f4e42e4261179c8aa18c1aaad3c7]
4419687586.quar                         File Size: 1246720   BYTES FileVersion:  N/A            MD5: [a7f1fb9b627b73d0e471e45cd27996ec]
4486459113.data                         File Size: 709       BYTES FileVersion:  N/A            MD5: [e7076dc061181f089455ad5155673f60]
4486459113.quar                         File Size: 327168    BYTES FileVersion:  N/A            MD5: [eab6f73f6ecde9a827941c45c4c45914]
4578620164.data                         File Size: 709       BYTES FileVersion:  N/A            MD5: [183bc67075743bc7c083a8e05f98eb29]
4578620164.quar                         File Size: 595279    BYTES FileVersion:  N/A            MD5: [e03f7fef106ea9f3084b487e35fb7c33]
4719394674.data                         File Size: 970       BYTES FileVersion:  N/A            MD5: [2588097e5eda52c6bc5986584c625b11]
4771603929.data                         File Size: 751       BYTES FileVersion:  N/A            MD5: [06163b6cef12615667ae904fbf884dca]
4771603929.quar                         File Size: 684       BYTES FileVersion:  N/A            MD5: [cd6bec4797153f31433a6362c509d1d3]
4801027017.data                         File Size: 688       BYTES FileVersion:  N/A            MD5: [ece351843cf272191007c6d9b9846e3a]
4801027017.quar                         File Size: 591360    BYTES FileVersion:  N/A            MD5: [134825b5d4b4f0b0834ff476760e6a8a]
4869863130.data                         File Size: 713       BYTES FileVersion:  N/A            MD5: [0c435e44039e2534e260a1c0d493eded]
4869863130.quar                         File Size: 532       BYTES FileVersion:  N/A            MD5: [b7c69cbda98f7a25a326014322384cc1]
4910943700.data                         File Size: 733       BYTES FileVersion:  N/A            MD5: [7129ee6c1b212e071d74f78fdc474c53]
4910943700.quar                         File Size: 32768     BYTES FileVersion:  N/A            MD5: [ac900843a59afdbb3033b53055bdb651]
4916014678.data                         File Size: 742       BYTES FileVersion:  N/A            MD5: [19ac317a2160d98271fe54c9c0647dba]
4916014678.quar                         File Size: 66105     BYTES FileVersion:  N/A            MD5: [f8805c2478fe96df675013cb6c1372a7]
4995044181.data                         File Size: 751       BYTES FileVersion:  N/A            MD5: [d6b4cbdb73424c1e75af1d3b0b14784c]
4995044181.quar                         File Size: 684       BYTES FileVersion:  N/A            MD5: [b8db697d1c7981ec0b93c9965b3a3b41]
5009416819.data                         File Size: 928       BYTES FileVersion:  N/A            MD5: [0a65e252f2c20ceeccda1c64336826d3]
5079555758.data                         File Size: 714       BYTES FileVersion:  N/A            MD5: [2d903187512cf5998fe5f599967a09fb]
5079555758.quar                         File Size: 1293218   BYTES FileVersion:  N/A            MD5: [6d3d84820b0a821c88e2922301da782c]
5127962416.data                         File Size: 710       BYTES FileVersion:  N/A            MD5: [9977e80a212117ae69f5c4f04410583a]
5127962416.quar                         File Size: 1246720   BYTES FileVersion:  N/A            MD5: [a7f1fb9b627b73d0e471e45cd27996ec]
5321349435.data                         File Size: 705       BYTES FileVersion:  N/A            MD5: [70e19abbf5a638bb3af434672bb27f22]
5321349435.quar                         File Size: 1362000   BYTES FileVersion:  N/A            MD5: [b1412e6ed585eb21330f926e8cfeacad]
5386711064.data                         File Size: 809       BYTES FileVersion:  N/A            MD5: [f00d8ded52d14edda48873e211812dd1]
5386711064.quar                         File Size: 780       BYTES FileVersion:  N/A            MD5: [185d30e11dd057400f71147ea2fe9708]
5396521612.data                         File Size: 736       BYTES FileVersion:  N/A            MD5: [c0d51c444c404a3402891b5dded27b6d]
5396521612.quar                         File Size: 690       BYTES FileVersion:  N/A            MD5: [2bb50e4a373b907154f3538b8a164126]
5440380407.data                         File Size: 829       BYTES FileVersion:  N/A            MD5: [6350d13bf5df62e4d2cc299de9e264db]
5482877044.data                         File Size: 717       BYTES FileVersion:  N/A            MD5: [d570daf8912195afb0e1ed151d247e9c]
5482877044.quar                         File Size: 155648    BYTES FileVersion:  N/A            MD5: [644336bc960e3c04066f45c1a6ec93c7]
5523396845.data                         File Size: 729       BYTES FileVersion:  N/A            MD5: [b3473ab06e118f9db684888225312170]
5523396845.quar                         File Size: 220672    BYTES FileVersion:  N/A            MD5: [d438943f7c03b1c79f7558ac21242c1f]
5536914373.data                         File Size: 693       BYTES FileVersion:  N/A            MD5: [080e9dbdc39afc9e76258ee0e254ea7f]
5554844062.data                         File Size: 717       BYTES FileVersion:  N/A            MD5: [293ddcab6180507b03c7121d2be15d15]
5554844062.quar                         File Size: 1246720   BYTES FileVersion:  N/A            MD5: [a7f1fb9b627b73d0e471e45cd27996ec]
5571587543.data                         File Size: 748       BYTES FileVersion:  N/A            MD5: [af57fa2e5b0f685e7a9512654a558e25]
5571587543.quar                         File Size: 672       BYTES FileVersion:  N/A            MD5: [a42338394d18e46121d8be1266d38e00]
5591325719.data                         File Size: 710       BYTES FileVersion:  N/A            MD5: [186a8ebfe956c97a0e0ba6bf0239a44b]
5591325719.quar                         File Size: 520       BYTES FileVersion:  N/A            MD5: [10ad102742ff3cceb506412fdf9b905f]
5722398783.data                         File Size: 1016      BYTES FileVersion:  N/A            MD5: [23ea4f6cfa4542125c8c0ca22d4be12a]
5780138267.data                         File Size: 741       BYTES FileVersion:  N/A            MD5: [fcd4edf1d5553ba734add349803ff8f8]
5780138267.quar                         File Size: 368640    BYTES FileVersion:  N/A            MD5: [3e03372664f1783a3325cc381bf45af2]
5801715070.data                         File Size: 712       BYTES FileVersion:  N/A            MD5: [2aac6ed0da864944d7f4344088a7f8e0]
5801715070.quar                         File Size: 1         BYTES FileVersion:  N/A            MD5: [8277e0910d750195b448797616e091ad]
5920765983.data                         File Size: 701       BYTES FileVersion:  N/A            MD5: [eab6e5cabd998b2b2be1c0e3ddca2bc8]
5975513261.data                         File Size: 720       BYTES FileVersion:  N/A            MD5: [bc79e5a95142c3eb1148ece659f801b4]
5975513261.quar                         File Size: 68608     BYTES FileVersion:  N/A            MD5: [0f4ea30cbe6cfe6de2d072f6613b5942]
6149698629.data                         File Size: 728       BYTES FileVersion:  N/A            MD5: [99dde975c4bd8284e67c098c6c8d6da3]
6149698629.quar                         File Size: 46080     BYTES FileVersion:  N/A            MD5: [9aa1722a20e30eaf565d4c3f86436581]
6200977188.data                         File Size: 841       BYTES FileVersion:  N/A            MD5: [63103d8a49e2e0f8822988dc997df225]
6208599398.data                         File Size: 714       BYTES FileVersion:  N/A            MD5: [57cf0c3db2a40c180473428b53f0561d]
6208599398.quar                         File Size: 1579520   BYTES FileVersion:  N/A            MD5: [2f9f2d3f192d5c88ba47893019e4397c]
6404548545.data                         File Size: 717       BYTES FileVersion:  N/A            MD5: [f211a2ad28a0b369f39e198e68ee89dc]
6404548545.quar                         File Size: 1252396   BYTES FileVersion:  N/A            MD5: [c78a862ebac913c1753613fc98cacb6e]
6666289923.data                         File Size: 728       BYTES FileVersion:  N/A            MD5: [8d1ef0072db64a211fc7fc281691e92e]
6685089034.data                         File Size: 726       BYTES FileVersion:  N/A            MD5: [b433a77c9ac95348cb70a8a2921f3bbc]
6685089034.quar                         File Size: 46080     BYTES FileVersion:  N/A            MD5: [57c479b10d2e28745371bdddcc034ff8]
6692338680.data                         File Size: 982       BYTES FileVersion:  N/A            MD5: [081ad430d083eef852efeee1739f7663]
6696741370.data                         File Size: 705       BYTES FileVersion:  N/A            MD5: [e29607d02f39fa40a70a4cd91525222f]
6696741370.quar                         File Size: 1517648   BYTES FileVersion:  N/A            MD5: [9f2c744093c8ea52258b10a60fe78561]
6742638139.data                         File Size: 762       BYTES FileVersion:  N/A            MD5: [c37173970eb69e4d9695d49ab84f24a0]
6742638139.quar                         File Size: 1034      BYTES FileVersion:  N/A            MD5: [97198722a1792a8ad13acc2e7f918323]
6744385878.data                         File Size: 722       BYTES FileVersion:  N/A            MD5: [5a1d2665217f9cb39b5e5e7e74cd8824]
6744385878.quar                         File Size: 22528     BYTES FileVersion:  N/A            MD5: [5ef1d871629713cb5285aa6aa5708ca2]
6801655952.data                         File Size: 701       BYTES FileVersion:  N/A            MD5: [2f488a2772138c3c447631b27c8a4b5e]
6830042479.data                         File Size: 945       BYTES FileVersion:  N/A            MD5: [28aed098a825cabcc854bd9dd7e57d77]
7090431042.data                         File Size: 733       BYTES FileVersion:  N/A            MD5: [7d9c22af0c9f4ff61e8c0976a3385936]
7090431042.quar                         File Size: 161792    BYTES FileVersion:  N/A            MD5: [654bc56b7cbc2d9b31b1d39f2e515893]
7177822606.data                         File Size: 721       BYTES FileVersion:  N/A            MD5: [204941aa29a0a2970f987cebe8911da1]
7177822606.quar                         File Size: 708264    BYTES FileVersion:  N/A            MD5: [88033a657757c39174129b759f6d11fe]
7225270616.data                         File Size: 721       BYTES FileVersion:  N/A            MD5: [9240650b1efc3f14f3f5c51e92ef4ad3]
7225270616.quar                         File Size: 708264    BYTES FileVersion:  N/A            MD5: [88033a657757c39174129b759f6d11fe]
7274889189.data                         File Size: 722       BYTES FileVersion:  N/A            MD5: [c539e19699093cf2cf99159e06f247f1]
7274889189.quar                         File Size: 22528     BYTES FileVersion:  N/A            MD5: [fb537ac85e1b13733acb657c34ffdc8e]
7352250915.data                         File Size: 720       BYTES FileVersion:  N/A            MD5: [d04e08d050b75a19543f0aab2c4f3801]
7352250915.quar                         File Size: 68608     BYTES FileVersion:  N/A            MD5: [0f4ea30cbe6cfe6de2d072f6613b5942]
7368749901.data                         File Size: 732       BYTES FileVersion:  N/A            MD5: [f4dfe79d5663a7ef1b544f2c9bb68c81]
7368749901.quar                         File Size: 68608     BYTES FileVersion:  N/A            MD5: [0f4ea30cbe6cfe6de2d072f6613b5942]
7383570124.data                         File Size: 842       BYTES FileVersion:  N/A            MD5: [7325acf24a5c8fb1bd1719ad30c6d2cd]
7442413632.data                         File Size: 714       BYTES FileVersion:  N/A            MD5: [7305f321a6569ebe68b3e26dffeb7710]
7442413632.quar                         File Size: 155648    BYTES FileVersion:  N/A            MD5: [5eb9ef78312eff1026faa0d8add3a21e]
7582316894.data                         File Size: 727       BYTES FileVersion:  N/A            MD5: [bd967351cbc5759032d44d4e86048ca2]
7582316894.quar                         File Size: 862       BYTES FileVersion:  N/A            MD5: [797d792c9e05d8cc03d1f3d852c463c2]
7612043443.data                         File Size: 705       BYTES FileVersion:  N/A            MD5: [74ee9bb0519b6398a161b04512e53e72]
7612043443.quar                         File Size: 1518672   BYTES FileVersion:  N/A            MD5: [a3c3d8d5b134ff8fa8f0fb564442101f]
7637371807.data                         File Size: 716       BYTES FileVersion:  N/A            MD5: [3f82a26a0e56a49a854feee4b9087668]
7637371807.quar                         File Size: 761856    BYTES FileVersion:  N/A            MD5: [c28d44a186051be77dafca86b4d83a81]
7643568038.data                         File Size: 708       BYTES FileVersion:  N/A            MD5: [f6e0815cfa866121ea19499c37fc4329]
7680819371.data                         File Size: 714       BYTES FileVersion:  N/A            MD5: [81401f26c8b9f262d9e9eaea1e499f3a]
7680819371.quar                         File Size: 155648    BYTES FileVersion:  N/A            MD5: [5eb9ef78312eff1026faa0d8add3a21e]
7904171304.data                         File Size: 711       BYTES FileVersion:  N/A            MD5: [fd14bc9f6a82b01f977af5c65b6dd40c]
7904171304.quar                         File Size: 1579520   BYTES FileVersion:  N/A            MD5: [2f9f2d3f192d5c88ba47893019e4397c]
7926855911.data                         File Size: 725       BYTES FileVersion:  N/A            MD5: [4c35992cebb49cff1b0983c438cd1553]
7926855911.quar                         File Size: 1579520   BYTES FileVersion:  N/A            MD5: [2f9f2d3f192d5c88ba47893019e4397c]
7941852824.data                         File Size: 723       BYTES FileVersion:  N/A            MD5: [2fb30043462774c975cd5eb7029ac969]
7941852824.quar                         File Size: 1579520   BYTES FileVersion:  N/A            MD5: [2f9f2d3f192d5c88ba47893019e4397c]
8024448089.data                         File Size: 717       BYTES FileVersion:  N/A            MD5: [700268ae6d46fbcd46296add01246058]
8024448089.quar                         File Size: 155648    BYTES FileVersion:  N/A            MD5: [644336bc960e3c04066f45c1a6ec93c7]
8135169621.data                         File Size: 717       BYTES FileVersion:  N/A            MD5: [6a5f44c9a0736a5490034f8aee115f55]
8135169621.quar                         File Size: 155648    BYTES FileVersion:  N/A            MD5: [644336bc960e3c04066f45c1a6ec93c7]
8158487571.data                         File Size: 717       BYTES FileVersion:  N/A            MD5: [4f2b59f0e56231c1c78becc9340c8486]
8158487571.quar                         File Size: 155648    BYTES FileVersion:  N/A            MD5: [644336bc960e3c04066f45c1a6ec93c7]
8180496614.data                         File Size: 685       BYTES FileVersion:  N/A            MD5: [68d1b5d3b07f4a12012f8fc14b080b71]
8223646189.data                         File Size: 710       BYTES FileVersion:  N/A            MD5: [223b6be671bce41d9cb8ebbe1f2489c6]
8280244166.data                         File Size: 720       BYTES FileVersion:  N/A            MD5: [b846bf5d7684377e60fd36284d08d756]
8280244166.quar                         File Size: 68608     BYTES FileVersion:  N/A            MD5: [0f4ea30cbe6cfe6de2d072f6613b5942]
8436726799.data                         File Size: 751       BYTES FileVersion:  N/A            MD5: [27c39ab0656cd9126566ca354eada575]
8436726799.quar                         File Size: 684       BYTES FileVersion:  N/A            MD5: [466bdaf4cea64d5ae19c69dacbcb7ce3]
8459227392.data                         File Size: 769       BYTES FileVersion:  N/A            MD5: [380199478626b90040451e3949223dfc]
8459227392.quar                         File Size: 1965128   BYTES FileVersion:  N/A            MD5: [14bee309cce996b13acb6885f02a0430]
8469985038.data                         File Size: 718       BYTES FileVersion:  N/A            MD5: [9a0d3abad4add09232449f59ceacf2ef]
8469985038.quar                         File Size: 1246720   BYTES FileVersion:  N/A            MD5: [a7f1fb9b627b73d0e471e45cd27996ec]
8500117382.data                         File Size: 916       BYTES FileVersion:  N/A            MD5: [38ff7dbfe704203be7835cdb864c779a]
8738969195.data                         File Size: 732       BYTES FileVersion:  N/A            MD5: [bc48f4e7512b77f584d8a1c05c45cb34]
8738969195.quar                         File Size: 68608     BYTES FileVersion:  N/A            MD5: [0f4ea30cbe6cfe6de2d072f6613b5942]
8749315054.data                         File Size: 741       BYTES FileVersion:  N/A            MD5: [bcbe65fbc8b5a2432eb109e2fab1fb03]
8749315054.quar                         File Size: 302       BYTES FileVersion:  N/A            MD5: [f60d56fdc5d8e319d7610ca90e98ccf5]
8848033057.data                         File Size: 754       BYTES FileVersion:  N/A            MD5: [fdd40eeacd0e8aea288b7670a9891844]
8848033057.quar                         File Size: 450       BYTES FileVersion:  N/A            MD5: [bde1a6503c040dc1e02be8fe794fbda0]
8863425783.data                         File Size: 710       BYTES FileVersion:  N/A            MD5: [0362dddf710fcc1a31423bfe88743682]
8864352960.data                         File Size: 710       BYTES FileVersion:  N/A            MD5: [ad8cc8277a4a3105612a47e732fdd3a8]
8864352960.quar                         File Size: 1656      BYTES FileVersion:  N/A            MD5: [94096a8a965d17cbb0b98667bf46067f]
8890894366.data                         File Size: 726       BYTES FileVersion:  N/A            MD5: [5ced7c9234ac9de2ff9212b53a835f9a]
8890894366.quar                         File Size: 46080     BYTES FileVersion:  N/A            MD5: [57c479b10d2e28745371bdddcc034ff8]
8976086598.data                         File Size: 748       BYTES FileVersion:  N/A            MD5: [5103ace1926a456972f8f5e3d4d60ef0]
8976086598.quar                         File Size: 672       BYTES FileVersion:  N/A            MD5: [b8afba014c5a98ffe97f4d46b0dd6f19]
9202999447.data                         File Size: 705       BYTES FileVersion:  N/A            MD5: [bbb7390ff0427b0a92a527c8961cb4c2]
9202999447.quar                         File Size: 14329496  BYTES FileVersion:  N/A            MD5: [7fc20bf2e0a89dbe89494ef1daba12dd]
9210508935.data                         File Size: 729       BYTES FileVersion:  N/A            MD5: [2fc557cca36ad403f7bb21703ae00ca1]
9210508935.quar                         File Size: 220672    BYTES FileVersion:  N/A            MD5: [d438943f7c03b1c79f7558ac21242c1f]
9227595421.data                         File Size: 806       BYTES FileVersion:  N/A            MD5: [c84297dd15a42df1848bf977d1ff07bc]
9285573913.data                         File Size: 732       BYTES FileVersion:  N/A            MD5: [6db51938e9302a9a16457d906cf40ff9]
9285573913.quar                         File Size: 68608     BYTES FileVersion:  N/A            MD5: [0f4ea30cbe6cfe6de2d072f6613b5942]
9309704469.data                         File Size: 708       BYTES FileVersion:  N/A            MD5: [f73cae8eb5b0e308cbe8204be06fced6]
9309704469.quar                         File Size: 1246720   BYTES FileVersion:  N/A            MD5: [a7f1fb9b627b73d0e471e45cd27996ec]
9323803467.data                         File Size: 728       BYTES FileVersion:  N/A            MD5: [374de3425ac7377df70033e82421cda5]
9323803467.quar                         File Size: 46080     BYTES FileVersion:  N/A            MD5: [9aa1722a20e30eaf565d4c3f86436581]
9461469409.data                         File Size: 710       BYTES FileVersion:  N/A            MD5: [9a73bb1703fe767f83aebfc6faf1699f]
9533784625.data                         File Size: 725       BYTES FileVersion:  N/A            MD5: [e8727d1f93176e41f6eb60ae7588f4b3]
9533784625.quar                         File Size: 1579520   BYTES FileVersion:  N/A            MD5: [2f9f2d3f192d5c88ba47893019e4397c]
9553086519.data                         File Size: 702       BYTES FileVersion:  N/A            MD5: [0d49147c35f7f37a31ee1ed105a29ec8]
9553086519.quar                         File Size: 1656      BYTES FileVersion:  N/A            MD5: [94096a8a965d17cbb0b98667bf46067f]
9623358237.data                         File Size: 775       BYTES FileVersion:  N/A            MD5: [0f26aabfa6d48d02777b3111e6d98d4f]
9623358237.quar                         File Size: 726       BYTES FileVersion:  N/A            MD5: [9ebeab96bcc4d4d14b0eed788e207ea2]
9720630472.data                         File Size: 716       BYTES FileVersion:  N/A            MD5: [2fdf9c3d4e4b5607baa5f017aa5c833e]
9720630472.quar                         File Size: 761856    BYTES FileVersion:  N/A            MD5: [5d53ad607d419b10a8b981c80e6f6b4b]
9799032082.data                         File Size: 842       BYTES FileVersion:  N/A            MD5: [401e494c3501adcd5dc9e72474946857]
9819376544.data                         File Size: 713       BYTES FileVersion:  N/A            MD5: [a6acee8e0a55545c84872be293c348bd]
9819376544.quar                         File Size: 532       BYTES FileVersion:  N/A            MD5: [5dac122e9a17d76a3070f2e93559dac5]
9947522047.data                         File Size: 795       BYTES FileVersion:  N/A            MD5: [6b16943c1278797c856e2f0a97c8d9cd]
 
Malware Exclusions:
===================
Web Exclusions:
================
Quarantined Items:
===================
Vendor: PUP.Optional.CrossRider.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Roaming\6mfV3DEh.exe
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.153512\globalupdateCrashHandler.exe
Vendor: PUP.Optional.GlobalUpdate.A, Date: 2015/08/25 20:43:54, Type: Folder, Location: C:\Users\Dell\AppData\Local\Temp\comh.467877
Vendor: PUP.Optional.MultiPlug.A, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\comyninu
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.485258\goopdate.dll
Vendor: PUP.Optional.WombatUpdater.A, Date: 2015/08/25 20:43:54, Type: Registry Value, Location: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\Service1104.exe|{a53dd3e5-0283-4ab3-b77c-7bd1bc7550c6}.sdb
Vendor: PUP.Optional.MultiPlug.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Program Files (x86)\4C4C4544-1438521885-3710-8039-B2C04F374253\jnswF585.tmp
Vendor: PUP.Optional.MultiPlug.A, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ququcypy
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.415942\psuser.dll
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.415942\globalupdateOnDemand.exe
Vendor: PUP.Optional.InstallCore.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\nspA84.tmp
Vendor: PUP.Optional.GlobalUpdate.A, Date: 2015/08/25 20:43:54, Type: Folder, Location: C:\Users\Dell\AppData\Local\Temp\comh.485258
Vendor: PUP.Optional.GlobalUpdate.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.485258\globalupdateHelper.msi
Vendor: PUP.Optional.CrossRider.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\6590.exe
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.153512\psmachine.dll
Vendor: PUP.Optional.MultiPlug.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Program Files (x86)\4C4C4544-1438521885-3710-8039-B2C04F374253\hnsb1C68.tmp
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.485258\globalupdateBroker.exe
Vendor: PUP.Optional.CrossBrowse.A, Date: 2015/08/25 20:43:54, Type: Registry Value, Location: HKU\S-1-5-21-2052653290-1796230590-4117371104-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|GoogleChromeAutoLaunch_B8B65E3C9B37A4591D5D62F15738E56C
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.415942\globalupdateCrashHandler.exe
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.334315\npglobalupdateUpdate4.dll
Vendor: PUP.Optional.OutBrowse.A, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKU\S-1-5-21-2052653290-1796230590-4117371104-1000\SOFTWARE\OB
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.485258\globalupdateOnDemand.exe
Vendor: PUP.Optional.InstallCore.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\ICReinstall_nspA84.tmp
Vendor: PUP.Optional.CrossRider.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\6322.exe
Vendor: PUP.Optional.OutBrowse.A, Date: 2015/08/25 20:43:54, Type: Registry Value, Location: HKU\S-1-5-21-2052653290-1796230590-4117371104-1000\SOFTWARE\OB|monitype24
Vendor: PUP.Optional.MultiPlug.A, Date: 2015/08/25 20:43:54, Type: Registry Value, Location: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\hyverumu|ImagePath
Vendor: PUP.Optional.CinemaPlus.A, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\CinemaPlus-3.2cV22.08-nv
Vendor: PUP.Optional.ProtectWindowsManager.F, Date: 2015/08/25 20:43:54, Type: Folder, Location: C:\ProgramData\6WinManPro6\update
Vendor: PUP.Optional.GlobalUpdate.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.153512\globalupdateHelper.msi
Vendor: PUP.Optional.OutBrowse.A, Date: 2015/08/25 20:43:54, Type: Registry Value, Location: HKU\S-1-5-21-2052653290-1796230590-4117371104-1000\SOFTWARE\OB|monitype22
Vendor: PUP.Optional.MaxDriverUpdater.A, Date: 2015/08/25 20:43:54, Type: Folder, Location: C:\Program Files (x86)\MaxDrivrUpdater_v71.1245
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.415942\goopdate.dll
Vendor: PUP.Optional.CinemaPlus.A, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\CinemaPlus-3.2cV23.08-nv-ie
Vendor: PUP.Optional.GlobalUpdate.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.334315\globalupdateHelper.msi
Vendor: PUP.Optional.GlobalUpdate.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.467877\globalupdateHelper.msi
Vendor: PUP.Optional.CrossRider.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Roaming\2OzIiOpm.exe
Vendor: Trojan.MSIL.Dropper, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Program Files (x86)\MaxDrivrUpdater_v71.1245\MaxDrivrUpdater_Service.exe
Vendor: PUP.Optional.ProtectWindowsManager.F, Date: 2015/08/25 20:43:54, Type: File, Location: C:\ProgramData\6WinManPro6\updateconf
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.153512\npglobalupdateUpdate4.dll
Vendor: PUP.Optional.InstallCore.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\ICReinstall_nsk636B.tmp
Vendor: PUP.Optional.CrossRider.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\8032.exe
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.485258\goopdateres_en.dll
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.334315\globalupdate.exe
Vendor: Adware.ConvertAd, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Program Files (x86)\4C4C4544-1438521885-3710-8039-B2C04F374253\jnswF585.tmp
Vendor: PUP.Optional.MultiPlug.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Program Files (x86)\4C4C4544-1438521885-3710-8039-B2C04F374253\knspBCD4.tmp
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.153512\globalupdateOnDemand.exe
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.467877\goopdate.dll
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.153512\psuser.dll
Vendor: PUP.Optional.ShopperPro.F, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\ShopperPro_RASAPI32
Vendor: PUP.Optional.CinemaPlus.A, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\CinemaPlus-3.2cV23.08
Vendor: PUP.Optional.Sanbreel.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Windows\System32\drivers\{92bcf460-f3fc-4c73-8f63-31a272ed861d}Gw64.sys
Vendor: PUP.Optional.OurSurfing.ShrtCln, Date: 2015/08/25 20:43:54, Type: Registry Value, Location: HKU\S-1-5-21-2052653290-1796230590-4117371104-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName
Vendor: PUP.Optional.CinemaPlus.A, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKU\S-1-5-18\SOFTWARE\CinemaPlus-3.2cV23.08-nv
Vendor: PUP.Optional.CrossBrowse.A, Date: 2015/08/25 20:43:54, Type: Registry Value, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS|
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.415942\npglobalupdateUpdate4.dll
Vendor: Adware.ConvertAd, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\comyninu
Vendor: PUP.Optional.CinemaPlus.A, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKU\S-1-5-21-2052653290-1796230590-4117371104-1000\SOFTWARE\CinemaPlus-3.2cV23.08
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.467877\globalupdateBroker.exe
Vendor: PUP.Optional.Spigot.A, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKU\S-1-5-21-2052653290-1796230590-4117371104-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{36376F70-D704-44B2-8C24-01E7C57DD42A}
Vendor: PUP.Optional.ProtectWindowsManager.F, Date: 2015/08/25 20:43:54, Type: Folder, Location: C:\ProgramData\pWinManProp
Vendor: PUP.Optional.MultiPlug.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Program Files (x86)\4C4C4544-1438521885-3710-8039-B2C04F374253\vnsq7C30.tmp
Vendor: PUP.Optional.Package.A, Date: 2015/08/25 20:43:54, Type: Registry Value, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|Update
Vendor: PUP.Optional.WProtectManager.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\ProgramData\6WinManPro6\ProtectWindowsManager.exe
Vendor: PUP.Optional.CinemaPlus.A, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKU\S-1-5-21-2052653290-1796230590-4117371104-1000\SOFTWARE\Cinema_Plus_3.1rV31.07-nv-ie
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.485258\psuser.dll
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.467877\goopdateres_en.dll
Vendor: PUP.Optional.MyStartSearch.ShrtCln, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\nsx9C33.tmp
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.153512\globalupdateBroker.exe
Vendor: PUP.Optional.MaxDriverUpdater.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Program Files (x86)\MaxDrivrUpdater_v71.1245\upd.db
Vendor: PUP.Optional.PennyBee.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\ProgramData\EroBisis\onu3ci.dll
Vendor: PUP.Optional.CrossRider.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\9942.exe
Vendor: PUP.Optional.MaxDriverUpdater.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Program Files (x86)\MaxDrivrUpdater_v71.1245\MaxDrivrUpdater_Service.exe
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.334315\goopdateres_en.dll
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.485258\globalupdate.exe
Vendor: PUP.Optional.OurSurfing.ShrtCln, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Vendor: PUP.Optional.OutBrowse.A, Date: 2015/08/25 20:43:54, Type: Registry Value, Location: HKU\S-1-5-21-2052653290-1796230590-4117371104-1000\SOFTWARE\OB|monitype27
Vendor: PUP.Optional.CrossRider.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Roaming\Fd8J9y6maE.exe
Vendor: PUP.Optional.WombatService.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\ProgramData\Service1104\Service1104.dll
Vendor: PUP.Optional.InstallCore.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\nsk636B.tmp
Vendor: PUP.Optional.OurSurfing.ShrtCln, Date: 2015/08/25 20:43:54, Type: Registry Value, Location: HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL
Vendor: PUP.Optional.CinemaPlus.A, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKU\S-1-5-21-2052653290-1796230590-4117371104-1000\SOFTWARE\CinemaPlus-3.2cV22.08-nv-ie
Vendor: Adware.PennyBee, Date: 2015/08/25 20:43:54, Type: File, Location: C:\ProgramData\EroBisis\onu3ci.dll
Vendor: PUP.Optional.CinemaPlus.A, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKU\S-1-5-18\SOFTWARE\CinemaPlus-3.2cV23.08-nv-ie
Vendor: PUP.Optional.GlobalUpdate.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.415942\globalupdateHelper.msi
Vendor: PUP.Optional.MultiPlug.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Program Files (x86)\4C4C4544-1438521885-3710-8039-B2C04F374253\Uninstall.exe
Vendor: PUP.Optional.CinemaPlus.A, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKU\S-1-5-21-2052653290-1796230590-4117371104-1000\SOFTWARE\CinemaPlus-3.2cV24.08-nv-ie
Vendor: PUP.Optional.Qone8, Date: 2015/08/25 20:43:54, Type: Registry Value, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope
Vendor: PUP.Optional.CinemaPlus.A, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\CinemaPlus-3.2cV23.08-nv
Vendor: PUP.Optional.CrossRider.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Roaming\JvNa4hWHihMm.exe
Vendor: PUP.Optional.CrossRider.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\5963.exe
Vendor: PUP.Optional.OurSurfing.ShrtCln, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKU\S-1-5-21-2052653290-1796230590-4117371104-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Vendor: PUP.Optional.WombatUpdater.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Windows\AppPatch\Custom\{a53dd3e5-0283-4ab3-b77c-7bd1bc7550c6}.sdb
Vendor: PUP.Optional.OurSurfing.ShrtCln, Date: 2015/08/25 20:43:54, Type: Registry Value, Location: HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.334315\psmachine.dll
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.485258\npglobalupdateUpdate4.dll
Vendor: PUP.Optional.WombatService.A, Date: 2015/08/25 20:43:54, Type: Folder, Location: C:\ProgramData\Service1104
Vendor: PUP.Optional.CrossRider.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Roaming\j29HMh7dn8dMrLRG9qA.exe
Vendor: PUP.Optional.CinemaPlus.A, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKU\S-1-5-21-2052653290-1796230590-4117371104-1000\SOFTWARE\CinemaPlus-3.2cV22.08-nv
Vendor: PUP.Optional.CinemaPlus.A, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKU\S-1-5-18\SOFTWARE\CinemaPlus-3.2cV22.08-nv
Vendor: PUP.Optional.OurSurfing.ShrtCln, Date: 2015/08/25 20:43:54, Type: Registry Value, Location: HKU\S-1-5-21-2052653290-1796230590-4117371104-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL
Vendor: PUP.Optional.MultiPlug.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Program Files (x86)\4C4C4544-1438521885-3710-8039-B2C04F374253\rnswB891.exe
Vendor: PUP.Optional.ProtectWindowsManager.F, Date: 2015/08/25 20:43:54, Type: File, Location: C:\ProgramData\pWinManProp\updateconf
Vendor: PUP.Optional.ProtectWindowsManager.F, Date: 2015/08/25 20:43:54, Type: Folder, Location: C:\ProgramData\UWinManProU
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.467877\globalupdate.exe
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.467877\globalupdateOnDemand.exe
Vendor: PUP.Optional.OurSurfing.ShrtCln, Date: 2015/08/25 20:43:54, Type: Registry Value, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName
Vendor: PUP.Optional.CrossRider.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Roaming\W0pAMAPnoutBEVAe.exe
Vendor: PUP.Optional.CinemaPlus.A, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\CinemaPlus-3.2cV22.08-nv-ie
Vendor: PUP.Optional.MultiPlug.A, Date: 2015/08/25 20:43:54, Type: Folder, Location: C:\Program Files (x86)\4C4C4544-1438521885-3710-8039-B2C04F374253
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.334315\globalupdateBroker.exe
Vendor: PUP.Optional.OurSurfing.ShrtCln, Date: 2015/08/25 20:43:54, Type: Registry Value, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL
Vendor: PUP.Optional.CrossRider.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\5006.exe
Vendor: PUP.Optional.Crossbrowse.A, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKU\S-1-5-21-2052653290-1796230590-4117371104-1000\SOFTWARE\CLIENTS\STARTMENUINTERNET\Crossbrowse
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.415942\goopdateres_en.dll
Vendor: PUP.Optional.ProtectWindowsManager.F, Date: 2015/08/25 20:43:54, Type: Folder, Location: C:\ProgramData\6WinManPro6
Vendor: PUP.Optional.Spigot.A, Date: 2015/08/25 20:43:54, Type: Registry Value, Location: HKU\S-1-5-21-2052653290-1796230590-4117371104-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{36376F70-D704-44B2-8C24-01E7C57DD42A}|URL
Vendor: Adware.ConvertAd, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Program Files (x86)\4C4C4544-1438521885-3710-8039-B2C04F374253\hnsb1C68.tmp
Vendor: PUP.Optional.WProtectManager.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\ProgramData\pWinManProp\ProtectWindowsManager.exe
Vendor: PUP.Optional.WProtectManager.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\ProgramData\UWinManProU\ProtectWindowsManager.exe
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.153512\goopdateres_en.dll
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.153512\globalupdate.exe
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.467877\globalupdateCrashHandler.exe
Vendor: PUP.Optional.MultiPlug.A, Date: 2015/08/25 20:43:54, Type: Registry Value, Location: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ququcypy|ImagePath
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.467877\psuser.dll
Vendor: PUP.Optional.ShopperPro.F, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\ShopperPro_RASMANCS
Vendor: PUP.Optional.CrossRider.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\1214.exe
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.153512\goopdate.dll
Vendor: PUP.Optional.ProtectWindowsManager.F, Date: 2015/08/25 20:43:54, Type: Folder, Location: C:\ProgramData\pWinManProp\update
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.334315\psuser.dll
Vendor: PUP.Optional.CrossRider.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Roaming\JvNa4hWHihMmt.exe
Vendor: PUP.Optional.CrossRider.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Roaming\zoCihNPRd7qYdJUA2ctjhEcVbSf.exe
Vendor: PUP.Optional.CrossRider.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Roaming\z7NnfcOIOVPeRPaH6qWEqaepi.exe
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.415942\psmachine.dll
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.467877\psmachine.dll
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.485258\psmachine.dll
Vendor: PUP.Optional.PennyBee.A, Date: 2015/08/25 20:43:54, Type: Folder, Location: C:\ProgramData\EroBisis
Vendor: PUP.Optional.GlobalUpdate.A, Date: 2015/08/25 20:43:54, Type: Folder, Location: C:\Users\Dell\AppData\Local\Temp\comh.415942
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.415942\globalupdate.exe
Vendor: PUP.Optional.CinemaPlus.A, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKU\S-1-5-21-2052653290-1796230590-4117371104-1000\SOFTWARE\CinemaPlus-3.2cV23.08-nv-ie
Vendor: PUP.Optional.Crossrider.C, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\C51E79E2-D84A-4FEC-A584-7AA12DB7847D\C51E79E2-D84A-4FEC-A584-7AA12DB7847D.exe
Vendor: PUP.Optional.CrossRider.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Roaming\mmwgeqtjqcyj4rJLIkCy.exe
Vendor: PUP.Optional.Qone8, Date: 2015/08/25 20:43:54, Type: Registry Value, Location: HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.334315\globalupdateCrashHandler.exe
Vendor: PUP.Optional.VoPackage.A, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPackage
Vendor: PUP.Optional.WombatUpdater.A, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\SERVICE1104.EXE
Vendor: PUP.Optional.GlobalUpdate.A, Date: 2015/08/25 20:43:54, Type: Folder, Location: C:\Users\Dell\AppData\Local\Temp\comh.334315
Vendor: PUP.Optional.MultiPlug.A, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\hyverumu
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.415942\globalupdateBroker.exe
Vendor: PUP.Optional.CinemaPlus.A, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKU\S-1-5-21-2052653290-1796230590-4117371104-1000\SOFTWARE\CinemaPlus-3.2cV23.08-nv
Vendor: PUP.Optional.CrossRider.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\4606.exe
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.467877\npglobalupdateUpdate4.dll
Vendor: PUP.Optional.CrossBrowse.C, Date: 2015/08/25 20:43:54, Type: Registry Value, Location: HKU\S-1-5-21-2052653290-1796230590-4117371104-1000\SOFTWARE\CLIENTS\STARTMENUINTERNET|
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.485258\globalupdateCrashHandler.exe
Vendor: PUP.Optional.CrossRider.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Roaming\UnD795RJ6o.exe
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.334315\globalupdateOnDemand.exe
Vendor: PUP.Optional.GlobalUpdate.A, Date: 2015/08/25 20:43:54, Type: Folder, Location: C:\Users\Dell\AppData\Local\Temp\comh.153512
Vendor: PUP.Optional.CrossRider.A, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Roaming\K0goOOdO1lqRg5aQGsqwymLnIR7.exe
Vendor: Adware.ConvertAd, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\hyverumu
Vendor: PUP.Optional.OurSurfing.ShrtCln, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Vendor: PUP.Optional.ModGoog, Date: 2015/08/25 20:43:54, Type: File, Location: C:\Users\Dell\AppData\Local\Temp\comh.334315\goopdate.dll
Vendor: PUP.Optional.MultiPlug.A, Date: 2015/08/25 20:43:54, Type: Registry Value, Location: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\comyninu|ImagePath
Vendor: PUP.Optional.CinemaPlus.A, Date: 2015/08/25 20:43:54, Type: Registry Key, Location: HKU\S-1-5-18\SOFTWARE\CinemaPlus-3.2cV22.08-nv-ie
Vendor: PUP.Optional.OutBrowse.A, Date: 2015/08/25 20:43:54, Type: Registry Value, Location: HKU\S-1-5-21-2052653290-1796230590-4117371104-1000\SOFTWARE\OB|monitype20
===============================================================
END OF FILE
 
 
 
=======================
 
AdwCleaner results
 
# AdwCleaner v5.003 - Logfile created 25/08/2015 at 09:48:01
# Updated 20/08/2015 by Xplode
# Database : 2015-08-23.3 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : Dell - DELL-PC
# Running from : C:\Users\Dell\Downloads\adwcleaner_5.003.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\Program Files (x86)\globalUpdate
[-] Folder Deleted : C:\Program Files (x86)\Crossbrowse
[-] Folder Deleted : C:\Program Files (x86)\MiniLite
[!] Folder Not Deleted : C:\Program Files (x86)\Crossbrowse
[-] Folder Deleted : C:\Users\Dell\AppData\Local\Crossbrowse
[!] Folder Not Deleted : C:\Users\Dell\AppData\Local\Crossbrowse
[-] Folder Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp
[-] Folder Deleted : C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\pl6o3dfd.default\Extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com
 
***** [ Files ] *****
 
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage-journal
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\papbadoldddalgcjcicnikcfenodpghp
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\Dell\Desktop\Continue Live Installation.lnk
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
[-] Task Deleted : 5b3d166a-4534-4ef1-8098-f7828cf3a43e-1-6
[-] Task Deleted : 5b3d166a-4534-4ef1-8098-f7828cf3a43e-1-7
[-] Task Deleted : 5b3d166a-4534-4ef1-8098-f7828cf3a43e-10_user
[-] Task Deleted : 5b3d166a-4534-4ef1-8098-f7828cf3a43e-3
[-] Task Deleted : 5b3d166a-4534-4ef1-8098-f7828cf3a43e-4
[-] Task Deleted : 5b3d166a-4534-4ef1-8098-f7828cf3a43e-5
[-] Task Deleted : 5b3d166a-4534-4ef1-8098-f7828cf3a43e-5_user
[-] Task Deleted : 5b3d166a-4534-4ef1-8098-f7828cf3a43e-6
[-] Task Deleted : 5b3d166a-4534-4ef1-8098-f7828cf3a43e-7
[-] Task Deleted : 5b3d166a-4534-4ef1-8098-f7828cf3a43e-1-6
[-] Task Deleted : 5b3d166a-4534-4ef1-8098-f7828cf3a43e-1-7
[-] Task Deleted : 5b3d166a-4534-4ef1-8098-f7828cf3a43e-10_user
[-] Task Deleted : 5b3d166a-4534-4ef1-8098-f7828cf3a43e-3
[-] Task Deleted : 5b3d166a-4534-4ef1-8098-f7828cf3a43e-4
[-] Task Deleted : 5b3d166a-4534-4ef1-8098-f7828cf3a43e-5
[-] Task Deleted : 5b3d166a-4534-4ef1-8098-f7828cf3a43e-5_user
[-] Task Deleted : 5b3d166a-4534-4ef1-8098-f7828cf3a43e-6
[-] Task Deleted : 5b3d166a-4534-4ef1-8098-f7828cf3a43e-7
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Mediaplayer\Shiminclusionlist\crossbrowse.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\CRSBRWSHTML
[-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\crossbrowse.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
[-] Key Deleted : HKLM\SOFTWARE\9f760cd0-9534-447e-9140-c7ed25f4cff8
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKCU\Software\CrossBrowser
[-] Key Deleted : HKCU\Software\Crossbrowse
[-] Key Deleted : HKCU\Software\YorkNewCin
[-] Key Deleted : HKCU\Software\HighDefAction
[-] Key Deleted : HKCU\Software\ArenaHD
[!] Key Not Deleted : HKCU\Software\Crossbrowse
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : HKLM\SOFTWARE\ArenaHD
[!] Key Not Deleted : HKLM\SOFTWARE\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Crossbrowse
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Crossbrowse
[!] Key Not Deleted : [x64] HKCU\Software\CrossBrowser
[!] Key Not Deleted : [x64] HKCU\Software\Crossbrowse
[!] Key Not Deleted : [x64] HKCU\Software\YorkNewCin
[!] Key Not Deleted : [x64] HKCU\Software\HighDefAction
[!] Key Not Deleted : [x64] HKCU\Software\ArenaHD
[!] Key Not Deleted : [x64] HKCU\Software\Crossbrowse
[-] Key Deleted : [x64] HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : [x64] HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
 
***** [ Web browsers ] *****
 
 
*************************
 
:: Proxy settings cleared
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [10879 bytes] ##########
 
 
 
ESET OnlineScan : This has stuck on 96% of downloading the signature database part of instalation. Also it has "Can not get update. Is proxy configure?" written in large red letters. Though I am still running the test, haven't cancelled it yet.

Edited by Chris Cosgrove, 25 August 2015 - 06:09 PM.
Split ro separate topic


BC AdBot (Login to Remove)

 


#2 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:09:48 PM

Posted 25 August 2015 - 05:44 PM

Hello sara_designs,

 

If you have troubles with Eset, try Kaspersky:

 

Kaspersky Virus Removal Tool

Please download Kaspersky Virus Removal Tool from here.

§  Right click on KVRT.exe and select Run as Administrator.

§  Read the EULA, then select Accept.

§  Wait for Kaspersky Virus Removal Tool to initialize.

§  In the main screen, select Change parameters, place a checkmark in System drive, then click OK.

§  Click Start scan.

§  Wait for Kaspersky Virus Removal Tool to complete scanning.

§  When the scan is finished, select Neutralize all for all detected objects.

§  Close Kaspersky Virus Removal Tool when done.

Informe me if something is detected.


Edited by severac, 25 August 2015 - 05:47 PM.

I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#3 sara_designs

sara_designs
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:01:18 AM

Posted 25 August 2015 - 09:37 PM

I am getting an error msg while downloading. Its the network connection probably. It downloads but in the end while downloading it gives the error. I have Quick Heal anti virus version 16.00 (9.0.0.23), do you think it would useful for the same function ?



#4 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:09:48 PM

Posted 26 August 2015 - 02:05 AM

Hello sara,

 

Please do not send me PM, and do not post in other topics, just in this, so we can try to solve your problem.

 

I have never used Quick Heal and personally this is the first time I hear about this program.

 

Can you tell me what is the error msg? Can you download other programs?

 

Let's try this, if you can't download it from your computer, try to download from other computer and than run it.

 

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:

§  Flush DNS

§  Report IE Proxy Settings

§  Reset IE Proxy Settings

§  Report FF Proxy Settings

§  Reset FF Proxy Settings

§  List content of Hosts

§  List IP configuration

§  List Winsock Entries

§  List last 10 Event Viewer log

§  List Installed Programs

§  List Devices

§  List Users, Partitions and Memory size.

§  List Minidump Files

§  List Restore Points

Click Go and post the result (MTB.txt). A copy of MTB.txt will be saved in the same directory the tool is run.

--------

Please download Rkill (courtesy of BleepingComputer.com) to your desktop.

There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe
http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/
 

§  Double-click on the Rkill desktop icon to run the tool.

§  If using Windows Vista, 7 or 8 right-click on it and choose Run As Administrator.

§  black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.

§  If not, delete the file, then download and use the one provided in Link 2.

§  Do not reboot until instructed.

§  If the tool does not run from any of the links provided, please let me know.

If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

-----------

 

Run MBAM again:

§  On the Dashboard, click the 'Update Now >>' link.

§  After the update completes, on Settings tab, set under Detection and Protection next options: 

1. 'Scan for rootkits'

2. Non-Malware Protection, for 'PUP detections', check, 'Threat detections as malware' option.

§  Return to Dashboard, click the Scan Now >> button.

§  A Threat Scan will begin.

§  When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.

§  In most cases, a restart will be required.

§  Wait for the prompt to restart the computer to appear, than click on Yes.

§  After the restart once you are back at your desktop, open MBAM once more.

§  Click on the History tab > Application Logs.

§  Double click on the Scan Log which shows the Date and time of the scan just performed.

§  Click 'Export'.

§  Click 'Copy to Clipboard'

§  Paste the contents of the clipboard into your reply.

--------------

 

Please download Junkware Removal Tool to your desktop.

§  Shut down your protection software now to avoid potential conflicts.

§  Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".

§  The tool will open and start scanning your system.

§  Please be patient as this can take a while to complete depending on your system's specifications.

§  On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

§  Post the contents of JRT.txt into your next message.

--------


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#5 sara_designs

sara_designs
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:01:18 AM

Posted 08 September 2015 - 03:11 PM

1. Mini toolbox file

 

MiniToolBox by Farbar  Version: 25-07-2015 01

Ran by Dell (administrator) on 09-09-2015 at 00:23:07
Running from "C:\Users\Dell\Desktop"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Model: Inspiron N5010 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
        
 
 
127.0.0.1       localhost
127.0.0.1 validation.sls.microsoft.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com 
127.0.0.1 activate.adobe.com
127.0.0.1 209.34.83.73:443
127.0.0.1 209.34.83.73:43
127.0.0.1 209.34.83.73
127.0.0.1 209.34.83.67:443
127.0.0.1 209.34.83.67:43
127.0.0.1 209.34.83.67
127.0.0.1 ood.opsource.net
127.0.0.1 199.7.52.190:80
127.0.0.1 199.7.52.190
127.0.0.1 OCSP.SPO1.VERISIGN.COM
127.0.0.1 199.7.54.72:80
127.0.0.1 199.7.54.72
 
There are 81 more lines starting with "127.0.0.1"
 
========================= IP Configuration: ================================
 
DW1501 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Dell-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : local.lan
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : C0-CB-38-12-EA-5C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : local.lan
   Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
   Physical Address. . . . . . . . . : C0-CB-38-12-EA-5C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::90aa:ad44:d549:948f%12(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.14(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, September 09, 2015 12:15:24 AM
   Lease Expires . . . . . . . . . . : Wednesday, September 09, 2015 12:15:24 PM
   Default Gateway . . . . . . . . . : fe80::225:5eff:fe81:4636%12
                                       192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  MyDslModem.local.lan
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2404:6800:4009:805::200e
 216.58.196.14
 
 
Pinging google.com [216.58.196.14] with 32 bytes of data:
Reply from 216.58.196.14: bytes=32 time=46ms TTL=57
Reply from 216.58.196.14: bytes=32 time=44ms TTL=57
 
Ping statistics for 216.58.196.14:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 44ms, Maximum = 46ms, Average = 45ms
Server:  MyDslModem.local.lan
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  2001:4998:c:a06::2:4008
 2001:4998:58:c02::a9
 2001:4998:44:204::a7
 98.138.253.109
 206.190.36.45
 98.139.183.24
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=446ms TTL=51
Reply from 98.138.253.109: bytes=32 time=361ms TTL=51
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 361ms, Maximum = 446ms, Average = 403ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 17...c0 cb 38 12 ea 5c ......Microsoft Virtual WiFi Miniport Adapter
 12...c0 cb 38 12 ea 5c ......DW1501 Wireless-N WLAN Half-Mini Card
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.14     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.14    281
     192.168.1.14  255.255.255.255         On-link      192.168.1.14    281
    192.168.1.255  255.255.255.255         On-link      192.168.1.14    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.14    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.14    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12    281 ::/0                     fe80::225:5eff:fe81:4636
  1    306 ::1/128                  On-link
 12    281 fe80::/64                On-link
 12    281 fe80::90aa:ad44:d549:948f/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (09/09/2015 12:17:05 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/08/2015 12:51:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/07/2015 10:45:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/07/2015 08:07:56 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (09/07/2015 08:07:56 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (09/07/2015 12:47:06 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/05/2015 02:42:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/05/2015 12:55:28 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/04/2015 02:13:14 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/04/2015 11:16:39 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (09/09/2015 12:19:36 AM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005
 
Error: (09/09/2015 12:18:29 AM) (Source: Service Control Manager) (User: )
Description: The Online Protection System service hung on starting.
 
Error: (09/09/2015 12:16:14 AM) (Source: Service Control Manager) (User: )
Description: The MBAMScheduler service failed to start due to the following error: 
%%1053
 
Error: (09/09/2015 12:16:14 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the MBAMScheduler service to connect.
 
Error: (09/08/2015 11:51:08 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR101.
 
Error: (09/08/2015 11:51:03 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR101.
 
Error: (09/08/2015 11:50:55 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR101.
 
Error: (09/08/2015 11:45:37 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR100.
 
Error: (09/08/2015 11:45:32 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR100.
 
Error: (09/08/2015 11:45:24 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR100.
 
 
Microsoft Office Sessions:
=========================
Error: (09/09/2015 12:17:05 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/08/2015 12:51:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/07/2015 10:45:05 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/07/2015 08:07:56 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Adobe\Adobe Dreamweaver CC\Dreamweaver.exe
 
Error: (09/07/2015 08:07:56 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Adobe\Adobe Dreamweaver CC\Dreamweaver.exe
 
Error: (09/07/2015 12:47:06 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/05/2015 02:42:44 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/05/2015 12:55:28 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/04/2015 02:13:14 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/04/2015 11:16:39 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
=========================== Installed Programs ============================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.12 - Adobe Systems)
Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1210 - Adobe Systems Incorporated)
Adobe Audition CC (HKLM-x32\...\{DE1E055B-679C-42F8-B114-7B6ED0B8ED95}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Dreamweaver CC (HKLM-x32\...\{00E094E1-A852-11E2-803D-ACEA632352B4}) (Version: 13 - Adobe Systems Incorporated)
Adobe Edge Animate CC (HKLM-x32\...\{00603DFF-6EC5-4E9E-AB3A-AD4C7D61FF13}) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Edge Inspect CC (HKLM-x32\...\{67D22EA0-4601-4450-9C99-042DABB0A315}) (Version: 1.0.408 - Adobe Systems Incorporated)
Adobe Flash Player Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.0.525 - Adobe Systems Incorporated)
Adobe Flash Professional CC (HKLM-x32\...\{B56B95BF-7161-4166-8288-DB1BA9F6C9B8}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Illustrator CC (HKLM-x32\...\{F2321021-08A2-44D6-B1DF-BDB415F23EC3}) (Version: 17.0 - Adobe Systems Incorporated)
Adobe InCopy CC (HKLM-x32\...\{2606D96F-C1A3-1014-9A8F-E3561A1AC78D}) (Version: 9.0 - Adobe Systems Incorporated)
Adobe InDesign CC (HKLM-x32\...\{BC448016-6F11-1014-B0EA-97CEE6E26CB6}) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Muse (HKLM-x32\...\AdobeMuse) (Version: 7.0.314 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.3 64-bit (HKLM\...\{2DD71ACB-552D-402C-9529-7906ACB95C30}) (Version: 5.3.1 - Adobe Systems Incorporated)
Adobe Prelude CC (HKLM-x32\...\{5D73C19B-BE10-44A6-96B2-A516756ED29F}) (Version: 2.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC (HKLM-x32\...\{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}) (Version: 7.0.0 - Adobe Systems Incorporated)
Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Adobe SpeedGrade CC (HKLM-x32\...\{29AA12E9-934C-485E-A9A1-D823FEB29880}) (Version: 7.0.0 - Adobe Systems Incorporated)
airtel (HKLM-x32\...\airtel) (Version: 23.009.05.04.284 - Huawei Technologies Co.,Ltd)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Cypress TrackPad (HKLM\...\{7F2F6CC5-434B-4311-9DE2-60C7CAF50B73}_is1) (Version: 2.5.3.59 - Cypress Semiconductor, Inc.)
Dashlane (HKCU\...\Dashlane) (Version: 3.5.2.91147 - Dashlane SAS)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1107.101.209 - ALPS ELECTRIC CO., LTD.)
Duplicate Cleaner Pro 3.2.5 (HKLM-x32\...\Duplicate Cleaner Pro) (Version: 3.2.5 - DigitalVolcano Software Ltd)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FastStone Photo Resizer 3.0 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.0 - FastStone Soft.)
Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio)
Ginger (HKLM-x32\...\{1EBF9A59-F4E3-4EA7-BA97-76703C1432F6}) (Version: 3.7.35 - Ginger Software) Hidden
Ginger (HKLM-x32\...\InstallShield_{1EBF9A59-F4E3-4EA7-BA97-76703C1432F6}) (Version: 3.7.35 - Ginger Software)
globalupdate Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.0 - globalupdate Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.13 - Google Inc.) Hidden
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version:  - )
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8 - Notepad++ Team)
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.239 - Google, Inc.)
Quick File Rename Personal Edition (HKLM-x32\...\{CD5E3D9D-11DA-4134-81BE-A6BD886D6966}) (Version: 8.02.0000 - Skyjuice Software)
Quick Heal Internet Security (HKLM\...\{75DEED91-7B14-49DC-A5F3-B60E633AC4A5}) (Version: 16.00 - Quick Heal) Hidden
Quick Heal Internet Security (HKLM\...\Quick Heal Internet Security) (Version: 16.00 - Quick Heal Technologies Pvt. Ltd.)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
SeaTools for Windows 1.4.0.2 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.2 - Seagate Technology)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.2 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43879 - TeamViewer)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vuze Leap 1.3 (HKCU\...\{a9a27088-7578-499d-ad2b-67ba95a4def4}) (Version: 1.3 - Azureus Software, Inc.)
WampServer 2.5 (HKLM-x32\...\WampServer 2_is1) (Version:  - Hervé Leclerc (HeL))
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (03/24/2010 6.3.0.2501) (HKLM\...\AF09E130E2FD4D1BEFD1B9132AE624BAE0364719) (Version: 03/24/2010 6.3.0.2501 - Broadcom Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
 
========================= Devices: ================================
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*TEREDO\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: mscank
Description: mscank
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: mscank
Device ID: ROOT\LEGACY_MSCANK\0000
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 65%
Total physical RAM: 3894.7 MB
Available physical RAM: 1328.61 MB
Total Virtual: 7787.59 MB
Available Virtual: 4791.59 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:97.56 GB) (Free:35.22 GB) NTFS
2 Drive d: () (Fixed) (Total:146.48 GB) (Free:144.09 GB) NTFS
3 Drive e: () (Fixed) (Total:221.62 GB) (Free:38.06 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\DELL-PC
 
Administrator            Dell                     Guest                    
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
23-08-2015 21:49:17 Quick Heal AntiMalware Restore Point
24-08-2015 18:25:41 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
25-08-2015 04:12:19 Quick Heal AntiMalware Restore Point
28-08-2015 00:50:14 Installed Ginger
 
**** End of log ****
 
 
 
 
2. Rkill
 
Rkill 2.8.1 by Lawrence Abrams (Grinler)
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 09/09/2015 12:24:52 AM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Policies\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
 * Windows Firewall Disabled
 
   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000
 
Checking Windows Service Integrity: 
 
 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1 validation.sls.microsoft.com
  127.0.0.1 lmlicenses.wip4.adobe.com
  127.0.0.1 lm.licenses.adobe.com
  127.0.0.1 na1r.services.adobe.com
  127.0.0.1 hlrcv.stage.adobe.com
  127.0.0.1 practivate.adobe.com 
  127.0.0.1 activate.adobe.com
  127.0.0.1 209.34.83.73:443
  127.0.0.1 209.34.83.73:43
  127.0.0.1 209.34.83.73
  127.0.0.1 209.34.83.67:443
  127.0.0.1 209.34.83.67:43
  127.0.0.1 209.34.83.67
  127.0.0.1 ood.opsource.net
  127.0.0.1 199.7.52.190:80
  127.0.0.1 199.7.52.190
  127.0.0.1 OCSP.SPO1.VERISIGN.COM
  127.0.0.1 199.7.54.72:80
  127.0.0.1 199.7.54.72
  127.0.0.1 192.150.14.69
 
  20 out of 101 HOSTS entries shown.
  Please review HOSTS file for further entries.
 
Program finished at: 09/09/2015 12:25:47 AM
Execution time: 0 hours(s), 0 minute(s), and 54 seconds(s)
 
3. Scan LOG MBAM
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 9/9/2015
Scan Time: 12:28 AM
Logfile: Anti Virus Ans 2_Mamb Scan log.txt
Administrator: Yes
 
Version: 2.1.8.1057
Malware Database: v2015.09.08.05
Rootkit Database: v2015.08.16.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Dell
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 341523
Time Elapsed: 29 min, 9 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
 
 
3. Protection LOG MBAM
 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
 
Protection, 9/9/2015 12:17 AM, SYSTEM, DELL-PC, Protection, Malware Protection, Starting, 
Protection, 9/9/2015 12:17 AM, SYSTEM, DELL-PC, Protection, Malware Protection, Started, 
Protection, 9/9/2015 12:17 AM, SYSTEM, DELL-PC, Protection, Malicious Website Protection, Starting, 
Protection, 9/9/2015 12:18 AM, SYSTEM, DELL-PC, Protection, Malicious Website Protection, Started, 
Scan, 9/9/2015 12:57 AM, SYSTEM, DELL-PC, Manual, Start:9/9/2015 12:28 AM, Duration:29 min 9 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections, 
Protection, 9/9/2015 1:02 AM, SYSTEM, DELL-PC, Protection, Malware Protection, Starting, 
Protection, 9/9/2015 1:02 AM, SYSTEM, DELL-PC, Protection, Malware Protection, Started, 
Protection, 9/9/2015 1:02 AM, SYSTEM, DELL-PC, Protection, Malicious Website Protection, Starting, 
Protection, 9/9/2015 1:04 AM, SYSTEM, DELL-PC, Protection, Malicious Website Protection, Started, 
 
(end)
 
 
5. JRT.txt
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.0 (08.31.2015:1)
OS: Windows 7 Ultimate x64
Ran by Dell on Wed 09/09/2015 at  1:28:32.90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
Successfully deleted: [Task] C:\Windows\system32\tasks\BRFMJRUGIUWDCRRD
Successfully deleted: [Task] C:\Windows\Tasks\BRFMJRUGIUWDCRRD.job
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_D622EF8A2681BC7366969A9522AD93CD
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] (Default)    REG_SZ    Crossbrowse
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update Any Angle
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Users\Dell\desktop\continue live installation.lnk
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] C:\Users\Dell\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Users\Dell\Appdata\Local\installer
Successfully deleted: [Folder] C:\ProgramData\19a87fa1ec024bbcbb41931263354405
Successfully deleted: [Folder] C:\Users\Dell\Appdata\Local\23301
Successfully deleted: [Folder] C:\Users\Dell\Appdata\Local\C51E79E2-D84A-4FEC-A584-7AA12DB7847D
 
 
 
~~~ Chrome
 
Successfully deleted: [Folder] C:\Users\Dell\Appdata\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic
 
[C:\Users\Dell\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\Dell\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
gpdjojdkbbmdfjfahjcgigfpmkopogic
 
[C:\Users\Dell\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\Dell\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  gpdjojdkbbmdfjfahjcgigfpmkopogic
]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 09/09/2015 at  1:32:25.41
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#6 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:09:48 PM

Posted 08 September 2015 - 03:58 PM

Do you still have problems and which?


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#7 sara_designs

sara_designs
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:01:18 AM

Posted 08 September 2015 - 04:17 PM

While uninstalling certain programmes m getting NSIS error. It says Error launching installer.



#8 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:09:48 PM

Posted 08 September 2015 - 04:19 PM

Which programs?


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#9 sara_designs

sara_designs
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:01:18 AM

Posted 08 September 2015 - 04:20 PM

Dashlane

and also when I am trying to install vuze.



#10 sara_designs

sara_designs
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:01:18 AM

Posted 08 September 2015 - 04:25 PM

Along with NSIS error .... this is error I am getting while installing VUZE.

 

 

Exception:
 
java.lang.RuntimeException: java.lang.reflect.InvocationTargetException
at com.install4j.runtime.installer.Installer.getScreenExecutor(Unknown Source)
at com.install4j.runtime.installer.Installer.runInProcess(Unknown Source)
at com.install4j.runtime.installer.Installer.main(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at com.exe4j.runtime.LauncherEngine.launch(Unknown Source)
at com.exe4j.runtime.WinLauncher.main(Unknown Source)
at com.install4j.runtime.launcher.WinLauncher.main(Unknown Source)
Caused by: java.lang.reflect.InvocationTargetException
at java.awt.EventQueue.invokeAndWait(Unknown Source)
at java.awt.EventQueue.invokeAndWait(Unknown Source)
at javax.swing.SwingUtilities.invokeAndWait(Unknown Source)
... 10 more
Caused by: java.lang.UnsatisfiedLinkError: com.install4j.runtime.installer.platform.win32.FolderInfo.getPathFromRegistry0(Ljava/lang/String;)Ljava/lang/String;
at com.install4j.runtime.installer.platform.win32.FolderInfo.getPathFromRegistry0(Native Method)
at com.install4j.runtime.installer.platform.win32.FolderInfo.getProgramFilesDirectory(Unknown Source)
at com.install4j.runtime.installer.helper.InstallerUtil.getStandardApplicationsDirectory(Unknown Source)
at com.install4j.runtime.installer.config.InstallerConfig.getVariableValue(Unknown Source)
at com.install4j.runtime.installer.config.InstallerConfig.getDefaultResolvedInstallationDirectory(Unknown Source)
at com.install4j.runtime.installer.config.InstallerConfig.getInitialInstallationDirectory(Unknown Source)
at com.install4j.runtime.installer.config.InstallerConfig.getInstallationDirectory(Unknown Source)
at com.install4j.runtime.installer.ContextImpl.getInstallationDirectory(Unknown Source)
at com.install4j.runtime.installer.InstallerContextImpl.initUpdateInstallation(Unknown Source)
at com.install4j.runtime.installer.InstallerContextImpl.<init>(Unknown Source)
at com.install4j.runtime.installer.frontend.InstallerWizardScreenExecutor.<init>(Unknown Source)
at com.install4j.runtime.installer.Installer$2.run(Unknown Source)
at java.awt.event.InvocationEvent.dispatch(Unknown Source)
at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
at java.awt.EventQueue.access$500(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.run(Unknown Source)
 
System properties:
 
java.runtime.name=Java™ SE Runtime Environment
exe4j.moduleName=C:\Users\Dell\Downloads\2. Latest Software Downloads\For Vuze\Others\Vuze_5620_Installer64.exe
exe4j.semaphoreName=Local\c:_users_dell_downloads_2._latest_software_downloads_for_vuze_others_vuze_5620_installer64.exe
sun.boot.library.path=c:\users\dell\downloads\2. latest software downloads\for vuze\others\jre\bin
java.vm.version=25.51-b03
java.vm.vendor=Oracle Corporation
java.vendor.url=http://java.oracle.com/
exe4j.consoleCodepage=cp0
path.separator=;
java.vm.name=Java HotSpot™ 64-Bit Server VM
file.encoding.pkg=sun.io
user.country=US
user.script=
sun.os.patch.level=Service Pack 1
install4j.exeDir=C:\Users\Dell\Downloads\2. Latest Software Downloads\For Vuze\Others\
java.vm.specification.name=Java Virtual Machine Specification
user.dir=C:\Users\Dell\Downloads\2. Latest Software Downloads\For Vuze\Others
java.runtime.version=1.8.0_51-b16
java.awt.graphicsenv=sun.awt.Win32GraphicsEnvironment
java.endorsed.dirs=c:\users\dell\downloads\2. latest software downloads\for vuze\others\jre\lib\endorsed
os.arch=amd64
java.io.tmpdir=C:\Users\Dell\AppData\Local\Temp\
line.separator=
 
java.vm.specification.vendor=Oracle Corporation
user.variant=
exe4j.tempDir=C:\Users\Dell\AppData\Local\Temp\e4jC8DB.tmp_dir1441747270
os.name=Windows 7
sun.java2d.noddraw=true
sun.jnu.encoding=Cp1252
java.library.path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Users\Dell\AppData\Roaming\Dashlane\3.5.2.91147\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components;c:\users\dell\downloads\2. latest software downloads\for vuze\others\jre\bin
sun.awt.enableExtraMouseButtons=true
java.specification.name=Java Platform API Specification
java.class.version=52.0
sun.management.compiler=HotSpot 64-Bit Tiered Compilers
exe4j.isInstall4j=true
os.version=6.1
user.home=C:\Users\Dell
user.timezone=Asia/Calcutta
java.awt.printerjob=sun.awt.windows.WPrinterJob
file.encoding=Cp1252
java.specification.version=1.8
java.class.path=C:\Users\Dell\AppData\Local\Temp\e4jC8DB.tmp_dir1441747270\i4jruntime.jar;C:\Users\Dell\AppData\Local\Temp\e4jC8DB.tmp_dir1441747270\user.jar;C:\Users\Dell\AppData\Local\Temp\e4jC8DB.tmp_dir1441747270\platform.zip;
user.name=Dell
java.vm.specification.version=1.8
sun.java.command=C:\Users\Dell\Downloads\2. Latest Software Downloads\For Vuze\Others\Vuze_5620_Installer64.exe
java.home=c:\users\dell\downloads\2. latest software downloads\for vuze\others\jre
sun.arch.data.model=64
exe4j.launchName=C:\Users\Dell\Downloads\2. Latest Software Downloads\For Vuze\Others\Vuze_5620_Installer64.exe
user.language=en
java.specification.vendor=Oracle Corporation
awt.toolkit=sun.awt.windows.WToolkit
java.vm.info=mixed mode
exe4j.unextractedPosition=1980663
java.version=1.8.0_51
java.ext.dirs=c:\users\dell\downloads\2. latest software downloads\for vuze\others\jre\lib\ext;C:\Windows\Sun\Java\lib\ext
sun.boot.class.path=c:\users\dell\downloads\2. latest software downloads\for vuze\others\jre\lib\resources.jar;c:\users\dell\downloads\2. latest software downloads\for vuze\others\jre\lib\rt.jar;c:\users\dell\downloads\2. latest software downloads\for vuze\others\jre\lib\sunrsasign.jar;c:\users\dell\downloads\2. latest software downloads\for vuze\others\jre\lib\jsse.jar;c:\users\dell\downloads\2. latest software downloads\for vuze\others\jre\lib\jce.jar;c:\users\dell\downloads\2. latest software downloads\for vuze\others\jre\lib\charsets.jar;c:\users\dell\downloads\2. latest software downloads\for vuze\others\jre\lib\jfr.jar;c:\users\dell\downloads\2. latest software downloads\for vuze\others\jre\classes
install4j.appDir=C:\Users\Dell\AppData\Local\Temp\
java.vendor=Oracle Corporation
file.separator=\
sun.io.unicode.encoding=UnicodeLittle
sun.cpu.endian=little
sun.desktop=windows
sun.cpu.isalist=amd64


#11 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:09:48 PM

Posted 09 September 2015 - 04:20 AM

Try to download new install copy of that file and copy to another location and try to run from there. 


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#12 sara_designs

sara_designs
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:01:18 AM

Posted 10 September 2015 - 06:46 AM

Tried that multiple times...for VUZE.

But cant do anything about uninstalling dashlane



#13 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:09:48 PM

Posted 10 September 2015 - 08:35 AM

I don't know how to help you with that problem.

 

You are clean, no malware here. Maybe you could try to search for help in Windows 7 forum: http://www.bleepingcomputer.com/forums/f/167/windows-7/

 

Empty your temp folders using TFC (Temporary File Cleaner)

§  Please download TFC by Old Timer and save it to your desktop.
alternate download link

§  Save any unsaved work. (TFC will close ALL open programs including your browser!)

§  Double-click on TFC.exe to run it. (If you are using Vista or above, right-click on the file and choose "Run As Administrator".)

§  Click the Start button to begin the cleaning process and let it run uninterrupted to completion.

§  Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

---------

 

This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download  DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

§  Activate UAC (optional; some users prefer to keep it off)

§  Remove disinfection tools

§  Create registry backup

§  Purge System Restore

Now click "Run" and wait patiently.
Once finished, a logfile will be created. You don't have to attach it to your next reply.


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#14 sara_designs

sara_designs
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:01:18 AM

Posted 11 September 2015 - 02:48 AM

:bananas: yes this worked finally :)

 

I ran the above two programmes u mentioned.

And also ran CCleaner once after them.

Then I was able to uninstall dashlane.

Changed directory and file name for vuze installer and was able to do that also.

Thanks a tonn, really appreciate your patience and efforts.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users