Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

svcvmx virus and resource in use


  • This topic is locked This topic is locked
97 replies to this topic

#1 nity47

nity47

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:57 PM

Posted 09 August 2017 - 08:19 PM

hello All. this is the problem on my windows 10 laptop
 
 
 
these are the problems i am experiencing at the moment
1. i found this files on my computer svcvmx.exe and vmxclient
2. i cant update my windows, it gives this error code "There were some problems installing updates, but we'll try again later. If you keep seeing this and want to search the web or contact support for information, this may help: (0x80070006)"
 
3. i cant install any anti virus it says "resource in use"
4. i cant restore the computer since i cant partition or have any restore point.
5. i have tried boot loading an antivirus but it just turn on the laptop normaly without booting from flash.
 
kindly give me a feedback. Thanks 
 
 
Moved from AII to MRL at Aura's request.
NickAu

Edited by NickAu, 09 August 2017 - 09:03 PM.
Mod Edit


BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:57 PM

Posted 09 August 2017 - 08:22 PM

Hi nity47 :)

My name is Aura and I'll be assisting you with your malware issue. Since we'll be working together, you can call me Aura or Yoan, which is my real name, it's up to you! Now that we've broke the ice, I'll just ask you a few things during the time we'll be working together to clean your system and get it back to an operational state.
  • As you'll notice, the logs we are asking for here are quite lenghty, so it's normal for me to not reply exactly after you post them. This is because I need some time to analyse them and then act accordingly. However, I'll always reply within 24 hours, 48 hours at most if something unexpected happens;
  • As long as I'm assisting you on BleepingComputer, in this thread, I'll ask you to not seek assistance anywhere else for any issue related to the system we are working on. If you have an issue, question, etc. about your computer, please ask it in this thread and I'll assist you;
  • The same principle applies to any modifications you make to your system, I would like you to ask me before you do any manipulations that aren't in the instructions I posted. This is to ensure that we are operating in sync and I know exactly what's happening on your system;
  • If you aren't sure about an instruction I'm giving you, ask me about it. This is to ensure that the clean-up process goes without any issue. I'll answer you and even give you more precise instructions/explanations if you need. There's no shame in asking questions here, better be safe than sorry!;
  • If you don't reply to your thread within 3 days, I'll bump this thread to let you know that I'm waiting for you. If you don't reply after 5 days, it'll be closed. If you return after that period, you can send me a PM to get it unlocked and we'll continue where we left off;
  • Since malware can work quickly, we want to get rid of them as fast as we can, before they make unknown changes to the system. This being said, I would appreciate if you could reply to this thread within 24 hours of me posting. This way, we'll have a good clean-up rhythm and the chances of complications will be reduced;
  • I'm against any form of pirated, illegal and counterfeit software and material. So if you have any installed on your system, I'll ask you to uninstall them right now. You don't have to tell me if you indeed had some or not, I'll give you the benefit of the doubt. Plus, this would be against BleepingComputer's rules;
  • In the end, you are the one asking for assistance here. So if you wish to go a different way during the clean-up, like format and reinstall Windows, you are free to do so. I would appreciate you to let me know about it first, and if you need, I can also assist you in the process;
  • I would appreciate if you were to stay with me until the end, which means, until I declare your system clean. Just because your system isn't behaving weirdly anymore, or is running better than before, it doesn't mean that the infection is completely gone;
    This being said, I have a full time job so sometimes it'll take longer for me to reply to you. Don't worry, you'll be my first priority as soon as I get home and have time to look at your thread;
This being said, it's time to clean-up some malware, so let's get started, shall we? :)

Follow the instructions in the thread below. Make sure to download the MBAR linked in it. Let me know if you're not able to launch it and run a scan.

https://forums.malwarebytes.com/topic/198907-requested-resource-is-in-use-error-unable-to-start-malwarebytes/

If you manage to run a scan, delete everything it finds, and then copy/paste the content of the "mbar-log-TODAY'S-DATE.txt" log that is located in the MBAR folder here after.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 nity47

nity47
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:57 PM

Posted 09 August 2017 - 10:06 PM

Malwarebytes Anti-Rootkit BETA 1.9.4.1001
www.malwarebytes.org

Database version:
  main:    v2017.04.03.08
  rootkit: v2017.04.02.01

Windows 10 x64 NTFS
Internet Explorer 11.413.15063.0
Akintola :: DESKTOP-DLBUR6S [administrator]

8/9/2017 8:54:08 PM
mbar-log-2017-08-09 (20-54-08).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 314521
Time elapsed: 8 minute(s), 10 second(s)

Memory Processes Detected: 8
C:\Users\NewUser\AppData\Local\ntuserlitelist\dataup\dataup.exe (Adware.Yelloader) -> 3532 -> Delete on reboot. [3c780ce0e2c66acc528d51277f82b54b]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe (Trojan.Clicker) -> 8972 -> Delete on reboot. [aa0a31bbc8e08ea80271c70ab74928d8]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe (Trojan.Clicker) -> 8564 -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe (Trojan.Clicker) -> 6692 -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe (Trojan.Clicker) -> 7420 -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe (Trojan.Clicker) -> 3060 -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe (Trojan.Clicker) -> 7628 -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe (Trojan.Clicker) -> 6604 -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]

Memory Modules Detected: 17
C:\Users\NewUser\AppData\Local\ntuserlitelist\dataup\help_dll.dll (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\d3dcompiler_47.dll (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\dbghelp.dll (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\dbghelp.dll (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\dbghelp.dll (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\dbghelp.dll (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\dbghelp.dll (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\dbghelp.dll (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\libcef.dll (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\libcef.dll (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\libcef.dll (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\libcef.dll (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\libcef.dll (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\libcef.dll (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\libEGL.dll (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\libGLESv2.dll (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\pepflashplayer.dll (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]

Registry Keys Detected: 18
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Dataup (Adware.Yelloader) -> Delete on reboot. [3c780ce0e2c66acc528d51277f82b54b]
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\drmkpro64 (Rootkit.Agent.PUA) -> Delete on reboot. [6f45da1285235ed8ae5f12affb065da3]
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Dataup (Trojan.Clicker) -> Delete on reboot. [783cb23af3b5cb6be454720c58a910f0]
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WINDOWSMANAGEMENTSERVICE (Trojan.Clicker) -> Delete on reboot. [892bb735cbdd82b4228cfd5cde243ec2]
HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E7BC34A3-BA86-11CF-84B1-CBC2DA68BF6C} (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
HKLM\SOFTWARE\CLASSES\TYPELIB\{E7BC34A0-BA86-11CF-84B1-CBC2DA68BF6C} (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
HKLM\SOFTWARE\CLASSES\INTERFACE\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C} (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
HKLM\SOFTWARE\CLASSES\INTERFACE\{E7BC34A2-BA86-11CF-84B1-CBC2DA68BF6C} (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C} (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E7BC34A2-BA86-11CF-84B1-CBC2DA68BF6C} (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C} (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E7BC34A2-BA86-11CF-84B1-CBC2DA68BF6C} (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E7BC34A0-BA86-11CF-84B1-CBC2DA68BF6C} (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{E7BC34A0-BA86-11CF-84B1-CBC2DA68BF6C} (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
HKLM\SOFTWARE\CLASSES\NTService.Control.1 (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
HKLM\SOFTWARE\WOW6432NODE\CLASSES\NTService.Control.1 (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
HKLM\SOFTWARE\CLASSES\WOW6432NODE\NTService.Control.1 (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E7BC34A3-BA86-11CF-84B1-CBC2DA68BF6C} (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]

Registry Values Detected: 5
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|cpx (Trojan.Clicker) -> Data: "C:\Users\NewUser\AppData\Local\ntuserlitelist\cpx\cpx.exe" -starup -> Delete on reboot. [843017d5c9df5bdb1244a3b758aa639d]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|svcvmx (Trojan.Clicker) -> Data: "C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe" -starup -> Delete on reboot. [aa0a31bbc8e08ea80271c70ab74928d8]
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DATAUP|ImagePath (Trojan.Clicker) -> Data: C:\Users\NewUser\AppData\Local\ntuserlitelist\dataup\dataup.exe -> Delete on reboot. [724216d66a3eea4c6bcb37487d841be5]
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{b845433a-070d-4d0d-bfbc-2b7d914b72c6}|NameServer (Trojan.DNSChanger.ACMB2) -> Data: 82.163.143.176 82.163.142.178 -> Delete on reboot. [03b141abe6c2f2448354ed08bd460ff1]
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WINDOWSMANAGEMENTSERVICE|ImagePath (Trojan.Clicker) -> Data: C:\Users\NewUser\AppData\Local\pnhqelcx\lsrwqngl\ct.exe -> Delete on reboot. [892bb735cbdd82b4228cfd5cde243ec2]

Registry Data Items Detected: 1
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer (Trojan.DNSChanger.ACMB2) -> Bad: (82.163.143.176 82.163.142.178) Good: (8.8.8.8) -> Replace on reboot. [595b0be1c8e0221498f6bb8ca06444bc]

Folders Detected: 106
C:\Users\NewUser\AppData\Local\llssoft\winvmx (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\GPUCache (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\Local Storage (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\Pepper Data (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\Pepper Data\Shockwave Flash (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache\7TV4K4T6 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\Pepper Data\Shockwave Flash\WritableRoot (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\DX9DDCD9 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\DX9DDCD9\cdn.stickyadstv.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\DX9DDCD9\efreader.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\DX9DDCD9\egreader.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\DX9DDCD9\macromedia.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\DX9DDCD9\macromedia.com\support (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\DX9DDCD9\macromedia.com\support\flashplayer (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\DX9DDCD9\macromedia.com\support\flashplayer\sys (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\DX9DDCD9\macromedia.com\support\flashplayer\sys\#cdn.stickyadstv.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\DX9DDCD9\macromedia.com\support\flashplayer\sys\#efreader.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\DX9DDCD9\macromedia.com\support\flashplayer\sys\#egreader.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data625 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data625\GPUCache (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\File System (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\File System\000 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\File System\000\t (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\File System\Origins (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\GPUCache (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Local Storage (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Pepper Data (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Pepper Data\Shockwave Flash (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache\ZKG78GNW (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Pepper Data\Shockwave Flash\WritableRoot (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\G6LF6NGP (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\G6LF6NGP\cdn.stickyadstv.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\G6LF6NGP\eereader.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\G6LF6NGP\efreader.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\G6LF6NGP\macromedia.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\G6LF6NGP\macromedia.com\support (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\G6LF6NGP\macromedia.com\support\flashplayer (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\G6LF6NGP\macromedia.com\support\flashplayer\sys (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\G6LF6NGP\macromedia.com\support\flashplayer\sys\#cdn.stickyadstv.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\G6LF6NGP\macromedia.com\support\flashplayer\sys\#eereader.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\G6LF6NGP\macromedia.com\support\flashplayer\sys\#efreader.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\GPUCache (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Local Storage (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Pepper Data (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Pepper Data\Shockwave Flash (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache\G9ES83HT (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Pepper Data\Shockwave Flash\WritableRoot (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\TH5RFYUZ (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\TH5RFYUZ\cdn.stickyadstv.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\TH5RFYUZ\eereader.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\TH5RFYUZ\efreader.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\TH5RFYUZ\egreader.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\TH5RFYUZ\macromedia.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\TH5RFYUZ\macromedia.com\support (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\TH5RFYUZ\macromedia.com\support\flashplayer (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\TH5RFYUZ\macromedia.com\support\flashplayer\sys (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\TH5RFYUZ\macromedia.com\support\flashplayer\sys\#cdn.stickyadstv.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\TH5RFYUZ\macromedia.com\support\flashplayer\sys\#eereader.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\TH5RFYUZ\macromedia.com\support\flashplayer\sys\#efreader.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\TH5RFYUZ\macromedia.com\support\flashplayer\sys\#egreader.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\File System (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\File System\000 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\File System\000\t (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\File System\Origins (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\GPUCache (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Local Storage (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Pepper Data (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Pepper Data\Shockwave Flash (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache\8ECVLGT8 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Pepper Data\Shockwave Flash\WritableRoot (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\ESJR55VM (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\ESJR55VM\cdn.stickyadstv.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\ESJR55VM\eereader.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\ESJR55VM\efreader.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\ESJR55VM\egreader.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\ESJR55VM\macromedia.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\ESJR55VM\macromedia.com\support (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\ESJR55VM\macromedia.com\support\flashplayer (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\ESJR55VM\macromedia.com\support\flashplayer\sys (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\ESJR55VM\macromedia.com\support\flashplayer\sys\#cdn.stickyadstv.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\ESJR55VM\macromedia.com\support\flashplayer\sys\#eereader.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\ESJR55VM\macromedia.com\support\flashplayer\sys\#efreader.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\ESJR55VM\macromedia.com\support\flashplayer\sys\#egreader.com (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\dump (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\ntuserlitelist (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\dataup (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\regtool (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\locales (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\winscr (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]

Files Detected: 739
C:\WINDOWS\SYSTEM32\drivers\ndistpr64.sys (Rootkit.Agent.PUA) -> Delete on reboot. [a1184d89fddc3c481bce6ecc1384a192]
C:\Users\NewUser\AppData\Local\ntuserlitelist\dataup\dataup.exe (Adware.Yelloader) -> Delete on reboot. [3c780ce0e2c66acc528d51277f82b54b]
C:\Windows\Temp\dataup.zip (Trojan.Clicker) -> Delete on reboot. [2094f0fc5553bd79e1b6ee907e83c838]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe (Trojan.Clicker) -> Delete on reboot. [aa0a31bbc8e08ea80271c70ab74928d8]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\Cookies (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\Cookies-journal (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\data_0 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\data_1 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\data_2 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\data_3 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\f_000001 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\f_000002 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\f_000003 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\f_000004 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\f_000005 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\f_000006 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\f_000007 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\f_000008 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\f_000009 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\f_00000a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\f_00000b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\f_00000c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\f_00000d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\f_00000e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\f_00000f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\f_000010 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\f_000011 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\f_000012 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\f_000013 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\f_000014 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\f_000017 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\index (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\Visited Links (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\GPUCache\data_0 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\GPUCache\data_1 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\GPUCache\data_2 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\GPUCache\data_3 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\GPUCache\index (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\DX9DDCD9\macromedia.com\support\flashplayer\sys\settings.sol (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\DX9DDCD9\macromedia.com\support\flashplayer\sys\#cdn.stickyadstv.com\settings.sol (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\DX9DDCD9\macromedia.com\support\flashplayer\sys\#efreader.com\settings.sol (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data602\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\DX9DDCD9\macromedia.com\support\flashplayer\sys\#egreader.com\settings.sol (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_00000b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Cookies (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Cookies-journal (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\data_0 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\data_1 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\data_2 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\data_3 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000001 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000002 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000003 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000004 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000005 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000006 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000007 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000008 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000009 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_00000a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_00000c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_00000d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_00000e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_00000f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000010 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000011 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000012 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000013 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000014 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000015 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000016 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000017 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000018 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000019 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_00001a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_00001b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_00001c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_00001d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_00001e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_00001f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000020 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000021 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000022 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000023 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000024 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000025 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000026 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000027 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\f_000028 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\index (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Visited Links (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\File System\Origins\000003.log (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\File System\Origins\CURRENT (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\File System\Origins\LOCK (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\File System\Origins\LOG (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\File System\Origins\MANIFEST-000001 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\GPUCache\data_0 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\GPUCache\data_1 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\GPUCache\data_2 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\GPUCache\data_3 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\GPUCache\index (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Local Storage\http_widgets.outbrain.com_0.localstorage (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Local Storage\http_widgets.outbrain.com_0.localstorage-journal (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Local Storage\http_www.vh1.com_0.localstorage (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Local Storage\http_www.vh1.com_0.localstorage-journal (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\G6LF6NGP\macromedia.com\support\flashplayer\sys\settings.sol (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\G6LF6NGP\macromedia.com\support\flashplayer\sys\#cdn.stickyadstv.com\settings.sol (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\G6LF6NGP\macromedia.com\support\flashplayer\sys\#eereader.com\settings.sol (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data638\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\G6LF6NGP\macromedia.com\support\flashplayer\sys\#efreader.com\settings.sol (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Cookies (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Cookies-journal (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\data_0 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\data_1 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\data_2 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\data_3 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000001 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000002 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000003 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000004 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000005 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000006 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000007 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000008 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000009 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00000a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00000b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00000c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00000e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00000f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000010 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000011 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000012 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000013 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000014 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000015 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000016 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000017 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000018 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000019 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00001a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00001b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00001c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00001d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00001e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00001f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000020 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000022 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000023 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000024 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000025 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000026 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000027 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000028 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000029 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00002a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00002b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00002c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00002d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00002e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00002f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000030 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000031 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000032 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000033 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000034 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000036 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000037 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000038 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000039 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00003a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00003b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00003c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00003d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00003e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00003f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000040 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000041 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000042 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000043 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000044 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000045 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000046 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000047 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000048 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00004a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00004b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00004c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00004d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00004e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00004f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000050 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000051 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000052 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000053 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000054 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000055 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000056 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000057 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000058 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000059 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00005a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00005b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00005c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00005e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00005f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000060 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000061 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000062 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000063 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000064 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000065 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000066 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000067 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000068 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000069 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00006a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00006b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00006c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00006d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00006e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00006f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000070 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00000d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000021 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000035 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000049 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00005d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000071 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000085 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000099 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000ad (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000c1 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000d5 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000e9 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000fd (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000114 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000128 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00013c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000150 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000164 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000178 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000072 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000073 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000074 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000075 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000076 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000077 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000078 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000079 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00007a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00007b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00007c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00007d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00007e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00007f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000080 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000081 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000082 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000083 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000084 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000086 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000087 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000089 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00008a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00008b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00008c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00008d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00008e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00008f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000090 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000091 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000092 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000093 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000094 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000095 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000096 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000097 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000098 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00009a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00009b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00009c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00009d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00009e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00009f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000a0 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000a1 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000a2 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000a3 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000a4 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000a5 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000a6 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000a7 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000a8 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000a9 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000aa (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000ab (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000ac (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000ae (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000af (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000b0 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000b1 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000b2 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000b3 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000b4 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000b5 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000b6 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000b8 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000b9 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000ba (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000bb (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000bc (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000bd (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000be (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000bf (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000c0 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000c2 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000c3 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000c4 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000c5 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000c6 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000c7 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000c8 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000ca (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000cb (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000cc (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000cd (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000ce (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000cf (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000d0 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000d1 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000d2 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000d3 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000d4 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000d6 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000d7 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000d8 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000d9 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000da (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000db (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000dc (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000dd (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000de (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000df (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000e0 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000e1 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000e2 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000e3 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000e4 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000e5 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000e6 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000e7 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000e8 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000ea (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000eb (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000ec (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000ed (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000ee (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000ef (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000f0 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000f1 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000f2 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000f3 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000f4 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000f5 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000f6 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000f7 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000f8 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000f9 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000fa (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000fb (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000fc (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000fe (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_0000ff (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000101 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000103 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000105 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000106 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000107 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000108 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000109 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00010a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00010b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00010c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00010d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00010e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00010f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000110 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000111 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000112 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000113 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000115 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000116 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000117 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000118 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000119 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00011a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00011b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00011c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00011d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00011e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00011f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000120 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000121 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000122 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000123 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000124 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000125 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000126 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000127 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000129 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00012a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00012b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00012c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00012d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00012e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00012f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000130 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000131 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000132 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000133 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000134 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000135 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000136 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000137 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000138 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000139 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00013a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00013b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00013d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00013e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00013f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000140 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000141 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000142 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000143 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000144 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000145 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000146 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000147 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000148 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000149 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00014a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00014b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00014c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00014d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00014e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00014f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000151 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000152 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000153 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000154 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000155 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000156 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000157 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000158 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000159 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00015a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00015b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00015c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00015d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00015e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00015f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000160 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000161 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000162 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000163 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000165 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000166 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000167 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000168 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000169 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00016a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00016b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00016c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00016d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00016e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00016f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000170 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000171 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000172 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000173 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000174 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000175 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000176 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000177 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000179 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00017a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00017b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00017c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00017d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00017e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00017f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000180 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000181 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000182 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000183 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000184 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000185 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000186 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000187 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000188 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000189 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00018a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00018b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00018c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00018d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00018e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_00018f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000190 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000191 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000192 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000193 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000194 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\f_000195 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\index (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Visited Links (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\GPUCache\data_0 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\GPUCache\data_1 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\GPUCache\data_2 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\GPUCache\data_3 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\GPUCache\index (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Local Storage\http_connexity.net_0.localstorage (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Local Storage\https_connexity.net_0.localstorage (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Local Storage\https_connexity.net_0.localstorage-journal (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Local Storage\https_disqus.com_0.localstorage (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Local Storage\https_disqus.com_0.localstorage-journal (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Local Storage\https_ec-ns.sascdn.com_0.localstorage (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Local Storage\https_ec-ns.sascdn.com_0.localstorage-journal (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Local Storage\http_cdn.krxd.net_0.localstorage (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Local Storage\http_cdn.krxd.net_0.localstorage-journal (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Local Storage\http_connexity.net_0.localstorage-journal (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Local Storage\http_nflfilms.nfl.com_0.localstorage (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Local Storage\http_nflfilms.nfl.com_0.localstorage-journal (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Local Storage\http_www.billboard.com_0.localstorage (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Local Storage\http_www.billboard.com_0.localstorage-journal (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Local Storage\http_www.complex.com_0.localstorage (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Local Storage\http_www.complex.com_0.localstorage-journal (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Local Storage\http_www.dailymail.co.uk_0.localstorage (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Local Storage\http_www.dailymail.co.uk_0.localstorage-journal (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\TH5RFYUZ\macromedia.com\support\flashplayer\sys\settings.sol (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\TH5RFYUZ\macromedia.com\support\flashplayer\sys\#cdn.stickyadstv.com\settings.sol (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\TH5RFYUZ\macromedia.com\support\flashplayer\sys\#eereader.com\settings.sol (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\TH5RFYUZ\macromedia.com\support\flashplayer\sys\#efreader.com\settings.sol (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data660\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\TH5RFYUZ\macromedia.com\support\flashplayer\sys\#egreader.com\settings.sol (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Cookies (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Cookies-journal (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\data_0 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\data_1 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\data_2 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\data_3 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000001 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000002 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000003 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000004 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000005 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000006 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000007 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000008 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000009 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00000a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00000b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00000c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00000e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00000f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000010 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000011 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000012 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000013 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000014 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000015 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000016 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000017 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000018 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00001a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00001b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00001c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00001d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00001e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00001f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000020 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000021 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000023 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000024 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000025 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000026 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000027 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000028 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000029 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00002a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00002b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00002c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00002d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00002e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00002f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000030 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000031 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000032 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000033 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000034 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000035 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000037 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000038 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000039 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00003a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00003b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00003c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00003d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00003e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00003f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000040 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000041 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000042 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000043 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000044 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000045 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000046 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000047 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000048 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000049 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00004b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00004c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00004d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00004e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00004f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000050 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000051 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000052 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000053 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000054 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000055 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000056 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000057 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000058 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000059 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00005a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00005b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00005c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00005d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00005f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000060 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000061 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000062 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000063 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000064 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000065 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000066 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000067 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000068 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000069 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00006a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00006b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00006c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00006d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00006e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00006f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000070 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000071 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00000d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000022 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000036 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00004a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00005e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000072 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000073 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000074 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000075 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000076 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000077 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000078 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000079 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00007a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00007b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00007c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00007d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00007e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00007f (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000080 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000081 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000082 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000083 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000084 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000085 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000086 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000087 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000088 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_000089 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00008a (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00008b (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00008c (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00008d (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\f_00008e (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\index (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Visited Links (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\File System\Origins\000003.log (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\File System\Origins\CURRENT (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\File System\Origins\LOCK (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\File System\Origins\LOG (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\File System\Origins\MANIFEST-000001 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\GPUCache\data_0 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\GPUCache\data_1 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\GPUCache\data_2 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\GPUCache\data_3 (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\GPUCache\index (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Local Storage\https_www.mysocialbook.com_0.localstorage (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Local Storage\https_www.mysocialbook.com_0.localstorage-journal (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Local Storage\http_widgets.outbrain.com_0.localstorage (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Local Storage\http_widgets.outbrain.com_0.localstorage-journal (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Local Storage\http_www.lemonde.fr_0.localstorage (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Local Storage\http_www.lemonde.fr_0.localstorage-journal (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
c:\users\newuser\appdata\local\llssoft\winvmx\data662\pepper data\shockwave flash\1457.tmp (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
c:\users\newuser\appdata\local\llssoft\winvmx\data662\pepper data\shockwave flash\3b29.tmp (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\ESJR55VM\egreader.com\analytics.sol (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\ESJR55VM\macromedia.com\support\flashplayer\sys\settings.sol (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\ESJR55VM\macromedia.com\support\flashplayer\sys\#cdn.stickyadstv.com\settings.sol (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\ESJR55VM\macromedia.com\support\flashplayer\sys\#eereader.com\settings.sol (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\ESJR55VM\macromedia.com\support\flashplayer\sys\#efreader.com\settings.sol (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\llssoft\winvmx\data662\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\ESJR55VM\macromedia.com\support\flashplayer\sys\#egreader.com\settings.sol (Trojan.Clicker.D) -> Delete on reboot. [9b19bf2d297f171f398b419d5ca4aa56]
C:\Users\NewUser\AppData\Local\ntuserlitelist\dataup\dataup.ini (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\dataup\help_dll.dll (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\dataup\NTSVC.ocx (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\regtool\regtool.exe (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\cef.pak (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\cef_100_percent.pak (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\cef_200_percent.pak (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\cef_extensions.pak (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\d3dcompiler_47.dll (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\dbghelp.dll (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\debug.log (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\icudtl.dat (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\libcef.dll (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\libEGL.dll (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\libGLESv2.dll (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\natives_blob.bin (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\pepflashplayer.dll (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\snapshot_blob.bin (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\widevinecdm.dll (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\widevinecdmadapter.dll (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\locales\en-US.pak (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]
C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\locales\zh-CN.pak (Trojan.Clicker) -> Delete on reboot. [cfe5ec002385bf779b0816318b778977]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
 



#4 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:57 PM

Posted 10 August 2017 - 07:01 AM

Awesome :) Now you should be able to install and run a scan with Malwarebytes.

j1Bynr2.pngMalwarebytes - Clean Mode
  • Download and install the free version of Malwarebytes
    Note: If you have Malwarebytes already installed, you don't need to install it again. Simply start from the next bullet point;
  • Once Malwarebytes is installed, launch it and let it update his database. You might have to click on the little arrow by Scan Status in the middle right pane for it to do so;
  • Once the database update is complete, click on the Scan tab, then select the Threat Scan button and click on Start Scan;
  • Let the scan run, the time required to complete the scan depends of your system and computer specs;
  • Once the scan is complete, make sure that the first checkbox at the top is checked (which will automatically check every detected item), then click on the Quarantine Selected button;
    • If it asks you to restart your computer to complete the removal, do so;
  • Click on Export Summary after the deletion (in the bottom-left corner) and select Copy to Clipboard. Paste the content in your next reply;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#5 nity47

nity47
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:57 PM

Posted 10 August 2017 - 09:19 AM

hello, i was able to scan and quarantine the threats but i couldnt find the export summary after restarting the computer.



#6 nity47

nity47
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:57 PM

Posted 10 August 2017 - 09:37 AM

hello i tried to scan the second time. this was the scan summary

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 8/10/17
Scan Time: 9:34 AM
Log File:
Administrator: Yes

-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.160
Update Package Version: 1.0.2552
License: Trial

-System Information-
OS: Windows 10 (Build 15063.413)
CPU: x64
File System: NTFS
User: DESKTOP-DLBUR6S\Akintola

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 365985
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 0 min, 51 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)



#7 nity47

nity47
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:57 PM

Posted 10 August 2017 - 09:46 AM

this is the link to the quarantines list.

 

 

https://www.4shared.com/office/JI9uBOb2ca/quarantine.html

 

Thanks



#8 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:57 PM

Posted 10 August 2017 - 09:52 AM

Open Malwarebytes and click on the Report tab. From there, select the latest Scan entry and double-click on it (find the one with all the detections). In the new window that will open, click on the Export button followed by Copy to clipboard and paste (Ctrl + V) it here.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#9 nity47

nity47
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:57 PM

Posted 10 August 2017 - 10:20 AM

here is it

 

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 8/10/17
Scan Time: 9:08 AM
Log File:
Administrator: Yes

-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.160
Update Package Version: 1.0.2552
License: Trial

-System Information-
OS: Windows 10 (Build 15063.413)
CPU: x64
File System: NTFS
User: DESKTOP-DLBUR6S\Akintola

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 365875
Threats Detected: 67
Threats Quarantined: 67
Time Elapsed: 0 min, 58 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 35
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, Quarantined, [1040], [332494],1.0.2552
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, Quarantined, [1040], [332494],1.0.2552
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, Quarantined, [1040], [332494],1.0.2552
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}, Quarantined, [1040], [327206],1.0.2552
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\INTERFACE\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}, Quarantined, [1040], [327206],1.0.2552
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\INTERFACE\{BD51A48E-EB5F-4454-8774-EF962DF64546}, Quarantined, [1040], [327206],1.0.2552
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}, Quarantined, [1040], [327206],1.0.2552
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{BD51A48E-EB5F-4454-8774-EF962DF64546}, Quarantined, [1040], [327206],1.0.2552
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}, Quarantined, [1040], [327206],1.0.2552
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BD51A48E-EB5F-4454-8774-EF962DF64546}, Quarantined, [1040], [327206],1.0.2552
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}, Quarantined, [1040], [327206],1.0.2552
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}, Quarantined, [1040], [327206],1.0.2552
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}, Quarantined, [1040], [327206],1.0.2552
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}, Quarantined, [1040], [327205],1.0.2552
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\REI_AxControl.ReiEngine, Quarantined, [1040], [327205],1.0.2552
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\REI_AxControl.ReiEngine.1, Quarantined, [1040], [327205],1.0.2552
PUP.Optional.Reimage, HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10ECCE17-29B5-4880-A8F5-EAD298611484}, Quarantined, [1040], [327205],1.0.2552
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\REI_AxControl.DLL, Quarantined, [1040], [327193],1.0.2552
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, Quarantined, [22], [260247],1.0.2552
PUP.Optional.Reimage, HKLM\SOFTWARE\REIMAGE\Reimage Repair, Quarantined, [1040], [336077],1.0.2552
PUP.Optional.PSScriptLoad.ACMB2, HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\CONSOLE\TASKENG.EXE, Quarantined, [3930], [424291],1.0.2552
PUP.Optional.InterStat, HKU\S-1-5-21-2753109269-1302524837-3123449966-1001_Classes\APPLICATIONS\interstat.exe, Quarantined, [1384], [261503],1.0.2552
PUP.Optional.Reimage, HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\Reimage - Windows Problem Relief., Quarantined, [1040], [327203],1.0.2552
PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Quarantined, [558], [236865],1.0.2552
PUP.Optional.Conduit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Quarantined, [558], [236865],1.0.2552
PUP.Optional.Conduit, HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Quarantined, [558], [236865],1.0.2552
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, Quarantined, [22], [260247],1.0.2552
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\REI_AxControl.DLL, Quarantined, [1040], [327193],1.0.2552
PUP.Optional.PSScriptLoad.ACMB2, HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE, Quarantined, [3930], [424307],1.0.2552
PUP.Optional.Reimage, HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\SOFTWARE\Reimage, Quarantined, [1040], [357494],1.0.2552
PUP.Optional.Reimage, HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\SOFTWARE\REIMAGE\PC REPAIR, Quarantined, [1040], [327204],1.0.2552
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\REI_AxControl.DLL, Quarantined, [1040], [327193],1.0.2552
Adware.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\11598763487076930564, Quarantined, [1685], [424293],1.0.2552
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{abc75a7d}, Quarantined, [22], [260250],1.0.2552
PUP.Optional.WindowService, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowService, Quarantined, [636], [391768],1.0.2552

Registry Value: 7
PUP.Optional.PSScriptLoad.ACMB2, HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\CONSOLE\TASKENG.EXE|WINDOWPOSITION, Quarantined, [3930], [424291],1.0.2552
PUP.Optional.Conduit, HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, Quarantined, [558], [236865],1.0.2552
PUP.Optional.Conduit, HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TOPRESULTURL, Quarantined, [558], [236865],1.0.2552
PUP.Optional.PSScriptLoad.ACMB2, HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_WINDOWSPOWERSHELL_V1.0_POWERSHELL.EXE|WINDOWPOSITION, Quarantined, [3930], [424290],1.0.2552
PUP.Optional.PSScriptLoad.ACMB2, HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE|WINDOWPOSITION, Quarantined, [3930], [424307],1.0.2552
PUP.Optional.Reimage, HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\SOFTWARE\REIMAGE\PC REPAIR|QUITMESSAGE, Quarantined, [1040], [327204],1.0.2552
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{abc75a7d}|1, Quarantined, [22], [260250],1.0.2552

Registry Data: 7
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, Replaced, [22], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer, Replaced, [22], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{326e41d1-ab93-47ed-a214-afcec1393aa8}|NameServer, Replaced, [22], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{48beedaa-8292-4094-9e44-aff97e072d25}|NameServer, Replaced, [22], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{7ed62ea6-9169-4d4f-b4f1-33b2a4aab407}|NameServer, Replaced, [22], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{7ed62ea6-9169-4d4f-b4f1-33b2a4aab407}|DhcpNameServer, Replaced, [22], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{b845433a-070d-4d0d-bfbc-2b7d914b72c6}|DhcpNameServer, Replaced, [22], [-1],0.0.0

Data Stream: 0
(No malicious items detected)

Folder: 7
PUP.Optional.BitsInstall.BITSRST, C:\PROGRAMDATA\{034f30de-212c-1}, Quarantined, [8227], [407180],1.0.2552
PUP.Optional.BitsInstall.BITSRST, C:\PROGRAMDATA\{05683459-112c-0}, Quarantined, [8227], [407180],1.0.2552
PUP.Optional.BitsInstall.BITSRST, C:\PROGRAMDATA\{349d5cbe-712c-0}, Quarantined, [8227], [407180],1.0.2552
Adware.NetAdapter, C:\Users\NewUser\AppData\Roaming\devnull\NetAdapterUpdate 2.7.0\install\B768EFA, Quarantined, [3905], [398043],1.0.2552
Adware.NetAdapter, C:\Users\NewUser\AppData\Roaming\devnull\NetAdapterUpdate 2.7.0\install, Quarantined, [3905], [398043],1.0.2552
Adware.NetAdapter, C:\USERS\NEWUSER\APPDATA\ROAMING\devnull\NetAdapterUpdate 2.7.0, Quarantined, [3905], [398043],1.0.2552
PUP.Optional.S5Mark, C:\PROGRAM FILES (X86)\S5, Quarantined, [1011], [383706],1.0.2552

File: 11
Adware.NetAdapter, C:\Users\NewUser\AppData\Roaming\devnull\NetAdapterUpdate 2.7.0\install\B768EFA\NetAdapterUpdate_setup.msi, Quarantined, [3905], [398043],1.0.2552
Adware.Yelloader, C:\PROGRAM FILES (X86)\S5\U.EXE, Quarantined, [1351], [421875],1.0.2552
Adware.InstallMonster, C:\USERS\NEWUSER\APPDATA\LOCAL\TEMP\UNHACKME-8.ZIP, Quarantined, [120], [417100],1.0.2552
Trojan.SmartService, C:\WINDOWS\SYSTEM32\TPRDPW64.EXE, Quarantined, [8607], [420471],1.0.2552
PUP.Optional.Reimage, C:\$RECYCLE.BIN\S-1-5-21-2753109269-1302524837-3123449966-1001\$RD1NH2F.EXE, Quarantined, [1040], [331559],1.0.2552
Adware.Yelloader, C:\USERS\NEWUSER\APPDATA\LOCAL\KLFZM\VNXIP, Quarantined, [1351], [404612],1.0.2552
Adware.InstallMonster, C:\USERS\NEWUSER\APPDATA\LOCAL\TEMP\UNHACKME-8-1.ZIP, Quarantined, [120], [417100],1.0.2552
PUP.Optional.FullTab, C:\USERS\NEWUSER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_fulltab.com_0.localstorage, Quarantined, [2025], [376100],1.0.2552
PUP.Optional.FullTab, C:\USERS\NEWUSER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_fulltab.com_0.localstorage-journal, Quarantined, [2025], [376100],1.0.2552
PUP.Optional.NewTabTV, C:\USERS\NEWUSER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_newtabtv.com_0.localstorage, Quarantined, [2359], [359416],1.0.2552
PUP.Optional.NewTabTV, C:\USERS\NEWUSER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_newtabtv.com_0.localstorage-journal, Quarantined, [2359], [359416],1.0.2552

Physical Sector: 0
(No malicious items detected)


(end)



#10 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:57 PM

Posted 10 August 2017 - 10:58 AM

Awesome, thank you :) Now let's do a sweep with AdwCleaner and JRT.

zcMPezJ.pngAdwCleaner - Fix Mode
  • Download AdwCleaner and move it to your Desktop;
  • Right-click on AdwCleaner.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Accept the EULA (I accept), then click on Scan;
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean button. This will kill all active processes;
    V7SD4El.png
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it;
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply;
iT103hr.pngJunkware Removal Tool (JRT)
  • Download Junkware Removal Tool (JRT) and move it to your Desktop;
  • Right-click on JRT.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Press on any key to launch the scan and let it complete;
    tLsXbWy.png
    Credits : BleepingComputer.com
  • Once the scan is complete, a log will open. Please copy/paste the content of the output log in your next reply;
Your next reply(ies) should therefore contain:
  • Copy/pasted AdwCleaner clean log;
  • Copy/pasted JRT log;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#11 nity47

nity47
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:57 PM

Posted 10 August 2017 - 11:39 AM

# AdwCleaner 7.0.1.0 - Logfile created on Thu Aug 10 16:23:56 2017
# Updated on 2017/05/08 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

Deleted: WCAssistantService


***** [ Folders ] *****

Deleted: C:\ProgramData\lavasoft\web companion
Deleted: C:\ProgramData\Application Data\lavasoft\web companion
Deleted: C:\Program Files (x86)\lavasoft\web companion
Deleted: C:\Users\All Users\lavasoft\web companion
Deleted: C:\Users\NewUser\AppData\Roaming\lavasoft\web companion
Deleted: C:\Users\NewUser\AppData\Roaming\devnull
Deleted: C:\Users\NewUser\AppData\Local\llssoft
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion


***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cmptch.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\reimageplus.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\reimageplus.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.cmptch.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\utop.it
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.reimageplus.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.reimageplus.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\d16fk4ms6rqz1v.cloudfront.net
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\d16fk4ms6rqz1v.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\akamaihd.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cdncache-a.akamaihd.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\chrome.en.softonic.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\en.softonic.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\utop.it
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\windows-10.en.softonic.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\akamaihd.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cdncache-a.akamaihd.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\chrome.en.softonic.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\en.softonic.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\utop.it
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\windows-10.en.softonic.com
Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
Deleted: [Key] - HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\Software\Lavasoft\Web Companion
Deleted: [Key] - HKCU\Software\Lavasoft\Web Companion
Deleted: [Value] - HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Interstat
Deleted: [Value] - HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted: [Value] - HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted: [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted: [Key] - HKLM\SOFTWARE\Reimage


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [7530 B] - [2017/8/10 16:22:20]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by Akintola (Administrator) on Thu 08/10/2017 at 11:34:19.48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1

Successfully deleted: C:\ProgramData\mntemp (File)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 08/10/2017 at 11:36:12.29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#12 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:57 PM

Posted 10 August 2017 - 11:41 AM

Good :) Now let's run a scan with FRST to see if there are any remnants left to remove.

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Scan mode
Follow the instructions below to download and execute a scan on your system with FRST, and provide the logs in your next reply.
  • Download the right version of FRST for your system:
  • Move the executable (FRST.exe or FRST64.exe) on your Desktop;
  • Right-click on the executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Accept the disclaimer by clicking on Yes, and FRST will then do a back-up of your Registry which should take a few seconds;
  • Make sure the Addition.txt box is checked;
  • Click on the Scan button;
    KSJwAxg.png
  • On completion, two message box will open, saying that the results were saved to FRST.txt and Addition.txt, then open two Notepad files;
  • Copy and paste the content of both FRST.txt and Addition.txt in your next reply;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#13 nity47

nity47
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:57 PM

Posted 10 August 2017 - 11:50 AM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-08-2017
Ran by Akintola (administrator) on DESKTOP-DLBUR6S (10-08-2017 11:48:04)
Running from C:\Users\NewUser\Desktop
Loaded Profiles: Akintola (Available Profiles: Akintola)
Platform: Windows 10 Home Version 1703 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki120732.inf_amd64_63d56bbca5d03c0a\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki120732.inf_amd64_63d56bbca5d03c0a\IntelCpHDCPSvc.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(HP Inc.) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki120732.inf_amd64_63d56bbca5d03c0a\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM64.EXE [223488 2016-06-06] (Realtek Semiconductor Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9213440 2017-04-17] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Session] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-04-17] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc.)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324488 2016-08-10] (HP)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-08-03] (Dropbox, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3380632 2011-06-23] (Tonec Inc.)
HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\...\Run: [OfficeSyncProcess] => "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\...\Policies\Explorer\DisallowRun: [1] Mshta.exe
HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\...\Policies\Explorer\DisallowRun: [2] powershell.exe
HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\...\Policies\Explorer\DisallowRun: [3] bitsadmin.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2017-06-17]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{B90CB0DE-2E60-41C4-9857-466EB98192BF}\HPlogo_blue.ico ()
Startup: C:\Users\NewUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HP Orbit.lnk [2017-07-07]
ShortcutTarget: HP Orbit.lnk -> C:\Program Files\HP\HP Orbit\HPOrbit.exe (HP)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 4.2.2.2 10.0.14.90 10.0.10.90
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{326e41d1-ab93-47ed-a214-afcec1393aa8}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{48beedaa-8292-4094-9e44-aff97e072d25}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{7ed62ea6-9169-4d4f-b4f1-33b2a4aab407}: [DhcpNameServer] 8.8.8.8 4.2.2.2 10.0.14.90 10.0.10.90
Tcpip\..\Interfaces\{a68c791b-53e5-11e7-a7fc-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{b845433a-070d-4d0d-bfbc-2b7d914b72c6}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{b845433a-070d-4d0d-bfbc-2b7d914b72c6}: [DhcpNameServer] 8.8.8.8

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2753109269-1302524837-3123449966-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2011-05-30] (Internet Download Manager, Tonec Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-04-07] (HP Inc.)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2011-05-30] (Internet Download Manager, Tonec Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-04-07] (HP Inc.)

FireFox:
========
FF DefaultProfile: x76drcog.default
FF ProfilePath: C:\Users\NewUser\AppData\Roaming\Mozilla\Firefox\Profiles\x76drcog.default [2017-08-10]
FF Extension: (Firefox Search Test) - C:\Users\NewUser\AppData\Roaming\Mozilla\Firefox\Profiles\x76drcog.default\Extensions\firefoxsearchtest@mozilla.com.xpi [2017-08-05]
FF Extension: (Click-to-Play staged rollout) - C:\Program Files\Mozilla Firefox\browser\features\clicktoplay-rollout@mozilla.org.xpi [2017-08-03] [not signed]
FF Extension: (Follow-on Search Telemetry) - C:\Program Files\Mozilla Firefox\browser\features\followonsearch@mozilla.com.xpi [2017-08-03] [not signed]
FF Extension: (Shield Recipe Client) - C:\Program Files\Mozilla Firefox\browser\features\shield-recipe-client@mozilla.org.xpi [2017-08-03] [not signed]
FF HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\NewUser\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\NewUser\AppData\Roaming\IDM\idmmzcc5 [2017-07-07] [not signed]
FF HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\NewUser\AppData\Roaming\IDM\idmmzcc5
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/u/0/#inbox","hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&redirect=CPC
CHR DefaultSearchKeyword: Default -> askwebsearch
CHR DefaultSuggestURL: Default -> hxxp://ss.search.ask.com/ss?li=ff&sstype=prefix&limit=10&hl=en&q={searchTerms}
CHR Profile: C:\Users\NewUser\AppData\Local\Google\Chrome\User Data\Default [2017-08-10]
CHR Extension: (YouTube) - C:\Users\NewUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-05]
CHR Extension: (No Name) - C:\Users\NewUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2017-08-05]
CHR Extension: (Gmail) - C:\Users\NewUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-05]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 cphs; C:\Windows\System32\DriverStore\FileRepository\ki120732.inf_amd64_63d56bbca5d03c0a\IntelCpHeciSvc.exe [303064 2017-02-13] (Intel Corporation)
R2 cplspcon; C:\Windows\System32\DriverStore\FileRepository\ki120732.inf_amd64_63d56bbca5d03c0a\IntelCpHDCPSvc.exe [480216 2017-02-13] (Intel Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-07-11] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-07-11] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [49992 2017-08-03] (Dropbox, Inc.)
R2 esifsvc; C:\Windows\system32\Intel\DPTF\esif_uf.exe [2215168 2016-08-13] (Intel Corporation)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed]
R2 HP Orbit Service; C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe [3421616 2017-06-20] (HP Inc.)
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-04] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321896 2017-07-06] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc.)
R2 igfxCUIService2.0.0.0; C:\Windows\System32\DriverStore\FileRepository\ki120732.inf_amd64_63d56bbca5d03c0a\igfxCUIService.exe [341976 2017-02-13] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [177440 2016-09-14] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [322560 2017-04-17] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [266848 2016-12-27] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [71232 2016-08-13] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [66624 2016-08-13] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [350272 2016-08-13] (Intel Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77376 2017-06-27] ()
R3 HID_PCI; C:\Windows\System32\drivers\HID_PCI.sys [31328 2016-08-10] (Intel)
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [89912 2016-08-29] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [129032 2017-04-13] (Intel Corporation)
R3 igfx; C:\Windows\System32\DriverStore\FileRepository\ki120732.inf_amd64_63d56bbca5d03c0a\igdkmd64.sys [11060184 2017-02-13] (Intel Corporation)
R3 ISH; C:\Windows\System32\drivers\ISH.sys [143984 2016-09-19] (Intel)
R3 ISH_BusDriver; C:\Windows\System32\drivers\ISH_BusDriver.sys [80496 2016-08-18] (Intel)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [188352 2017-08-10] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [101784 2017-08-10] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [45472 2017-08-10] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [253856 2017-08-10] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [93600 2017-08-10] (Malwarebytes)
R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [7218176 2017-03-18] (Intel Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3119360 2016-06-06] (Realtek Semiconductor Corp.)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [72792 2016-12-27] (Synaptics Incorporated)
R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [40008 2015-06-09] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [32832 2016-08-10] (HP)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-08-09] (Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-10 11:48 - 2017-08-10 11:48 - 000016291 _____ C:\Users\NewUser\Desktop\FRST.txt
2017-08-10 11:47 - 2017-08-10 11:48 - 000000000 ____D C:\FRST
2017-08-10 11:46 - 2017-08-10 11:46 - 002381824 _____ (Farbar) C:\Users\NewUser\Desktop\FRST64.exe
2017-08-10 11:36 - 2017-08-10 11:36 - 000000611 _____ C:\Users\NewUser\Desktop\JRT.txt
2017-08-10 11:35 - 2017-08-10 11:23 - 000007156 _____ C:\Users\NewUser\Desktop\AdwCleaner[C0].txt
2017-08-10 11:31 - 2017-08-10 11:31 - 001790024 _____ (Malwarebytes) C:\Users\NewUser\Desktop\JRT.exe
2017-08-10 11:24 - 2017-08-10 11:24 - 000000000 ___HD C:\ProgramData\temp
2017-08-10 11:23 - 2017-08-10 11:23 - 000007530 _____ C:\Users\NewUser\Desktop\AdwCleaner[S0]ggg.txt
2017-08-10 11:21 - 2017-08-10 11:23 - 000000000 ____D C:\AdwCleaner
2017-08-10 11:19 - 2017-08-10 11:19 - 008185288 _____ (Malwarebytes) C:\Users\NewUser\Desktop\AdwCleaner.exe
2017-08-10 08:58 - 2017-08-10 11:24 - 000101784 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-08-10 08:58 - 2017-08-10 11:24 - 000093600 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-08-10 08:58 - 2017-08-10 11:24 - 000045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-08-10 08:58 - 2017-08-10 08:58 - 000188352 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-08-10 08:58 - 2017-08-10 08:58 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-08-10 08:58 - 2017-08-10 08:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-08-10 08:58 - 2017-08-10 08:58 - 000000000 ____D C:\Program Files\Malwarebytes
2017-08-10 08:58 - 2017-06-27 12:06 - 000077376 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-08-10 08:57 - 2017-08-10 08:57 - 065033984 _____ (Malwarebytes ) C:\Users\NewUser\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251(1).exe
2017-08-09 22:02 - 2017-08-09 22:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-08-09 20:54 - 2017-08-10 11:24 - 000253856 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-08-09 20:54 - 2017-08-10 09:11 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-08-09 20:54 - 2017-08-10 08:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-08-09 20:51 - 2017-08-09 21:58 - 000000000 ____D C:\Users\NewUser\Desktop\mbar
2017-08-09 20:51 - 2017-08-09 20:51 - 016564750 _____ (Malwarebytes Corp.) C:\Users\NewUser\Downloads\mbar-1.09.4.1001.exe
2017-08-09 20:50 - 2017-08-09 20:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-08-09 20:50 - 2017-08-09 20:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-09 20:49 - 2017-08-09 20:49 - 000245928 _____ (Mozilla) C:\Users\NewUser\Downloads\Firefox Installer.exe
2017-08-09 20:07 - 2017-08-10 11:48 - 000510274 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-08-09 20:07 - 2017-08-09 20:45 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-08-09 20:07 - 2017-08-09 20:27 - 000330269 _____ C:\Windows\ZAM.krnl.trace
2017-08-09 20:07 - 2017-08-09 20:07 - 006589840 _____ (Zemana Ltd. ) C:\Users\NewUser\Downloads\Zemana.AntiMalware.Setup.exe
2017-08-09 20:07 - 2017-08-09 20:07 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2017-08-09 20:07 - 2017-08-09 20:07 - 000000000 ____D C:\Users\NewUser\AppData\Local\Zemana
2017-08-09 19:39 - 2017-08-09 19:39 - 000000849 _____ C:\Users\NewUser\Desktop\mail for virus.txt
2017-08-09 17:41 - 2017-08-09 17:41 - 001524823 _____ C:\Users\NewUser\Desktop\svcv remolval.pdf
2017-08-08 20:21 - 2017-08-08 20:21 - 000656608 _____ (PC Drivers HeadQuarters LP) C:\Users\NewUser\Downloads\DriverSupport.exe
2017-08-08 20:20 - 2017-08-09 17:42 - 000000376 _____ C:\Windows\Tasks\HPCeeScheduleForAkintola.job
2017-08-08 20:20 - 2017-08-08 20:20 - 000003280 _____ C:\Windows\System32\Tasks\HPCeeScheduleForAkintola
2017-08-08 19:30 - 2017-08-08 19:32 - 000925696 _____ C:\Users\NewUser\Downloads\Install_Setup_Crack(1).iso
2017-08-08 19:30 - 2017-08-08 19:30 - 000925696 _____ C:\Users\NewUser\Downloads\Install_Setup_Crack.iso
2017-08-08 19:23 - 2017-08-08 19:23 - 000954368 _____ C:\Users\NewUser\Downloads\Un_Me 890 Registration Code with Crack Full Free Downloadzip.iso
2017-08-08 19:00 - 2017-08-08 19:00 - 000000000 ____D C:\ProgramData\RegRun
2017-08-08 18:59 - 2017-08-09 20:55 - 000000000 ____D C:\Program Files (x86)\UnHackMe
2017-08-08 18:59 - 2017-08-09 17:57 - 000000000 ____D C:\Users\NewUser\Documents\RegRun2
2017-08-08 18:59 - 2017-08-08 18:59 - 000000002 RSHOT C:\Windows\winstart.bat
2017-08-08 18:59 - 2017-08-08 18:59 - 000000002 RSHOT C:\Windows\SysWOW64\CONFIG.NT
2017-08-08 18:59 - 2017-08-08 18:59 - 000000002 RSHOT C:\Windows\SysWOW64\AUTOEXEC.NT
2017-08-08 13:54 - 2017-08-10 11:24 - 081264640 _____ C:\Windows\system32\config\SOFTWARE
2017-08-08 13:51 - 2017-08-08 13:54 - 000000000 ____D C:\Windows\Microsoft Antimalware
2017-08-08 11:02 - 2017-08-08 11:10 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2017-08-08 11:01 - 2017-08-08 11:01 - 000000000 ____D C:\Windows\pss
2017-08-08 10:45 - 2017-08-08 10:45 - 065033984 _____ (Malwarebytes ) C:\Users\NewUser\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-08-07 23:17 - 2017-08-07 23:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-08-07 23:16 - 2017-08-07 23:16 - 000000000 ____D C:\Windows\PCHEALTH
2017-08-07 23:16 - 2017-08-07 23:16 - 000000000 ____D C:\Program Files (x86)\Microsoft Works
2017-08-07 23:16 - 2017-08-07 23:16 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2017-08-07 23:15 - 2017-08-07 23:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2017-08-07 23:14 - 2017-08-07 23:16 - 000000000 ____D C:\Windows\SHELLNEW
2017-08-07 23:14 - 2017-08-07 23:16 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-08-07 23:14 - 2017-08-07 23:14 - 000000000 __RHD C:\MSOCache
2017-08-05 10:17 - 2017-08-05 10:17 - 000000000 ____D C:\Users\NewUser\Desktop\windows 7
2017-08-05 10:03 - 2017-08-08 20:01 - 000001908 _____ C:\Windows\diagwrn.xml
2017-08-05 10:03 - 2017-08-08 20:01 - 000001908 _____ C:\Windows\diagerr.xml
2017-08-05 10:03 - 2017-08-05 10:10 - 000000000 ____D C:\$WINDOWS.~BT
2017-08-05 09:35 - 2017-08-05 10:03 - 000000000 ____D C:\ESD
2017-08-05 09:34 - 2017-08-05 09:34 - 000000000 ___HD C:\$Windows.~WS
2017-08-05 09:33 - 2017-08-05 09:33 - 000376528 _____ (Microsoft Corporation) C:\Users\NewUser\Downloads\RefreshWindowsTool.exe
2017-08-05 09:10 - 2017-08-05 09:10 - 048935220 _____ (Igor Pavlov) C:\Users\NewUser\Downloads\chrome64_48.0.2564.109.exe
2017-08-05 09:10 - 2016-02-08 23:04 - 000000000 ____D C:\Users\NewUser\Downloads\Chrome64_48.0.2564.109
2017-08-05 09:08 - 2016-09-13 19:25 - 000000000 ____D C:\Users\NewUser\Downloads\chrome64_53.0.2785.116
2017-08-05 09:07 - 2017-08-05 09:07 - 046866154 _____ (Igor Pavlov) C:\Users\NewUser\Downloads\chrome64_53.0.2785.116.exe
2017-08-05 08:10 - 2017-08-05 08:10 - 001130328 _____ (Google Inc.) C:\Users\NewUser\Downloads\ChromeSetup (1).exe
2017-08-05 08:08 - 2017-08-05 08:08 - 001130328 _____ (Google Inc.) C:\Users\NewUser\Downloads\ChromeSetup.exe
2017-08-05 08:05 - 2017-08-09 20:13 - 000000954 _____ C:\Users\NewUser\Desktop\Google Chrome.lnk
2017-08-05 08:05 - 2017-08-05 08:05 - 000000000 ____D C:\Users\NewUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2017-08-05 00:47 - 2017-08-05 00:47 - 000001471 _____ C:\Users\NewUser\Desktop\Netflix.lnk
2017-08-05 00:22 - 2017-08-10 11:38 - 000000000 ____D C:\Users\NewUser\AppData\LocalLow\Mozilla
2017-08-05 00:22 - 2017-08-09 20:50 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-08-05 00:22 - 2017-08-09 20:50 - 000000993 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-08-05 00:22 - 2017-08-09 20:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-08-05 00:22 - 2017-08-05 00:35 - 000000000 ____D C:\Users\NewUser\AppData\Local\Mozilla
2017-08-05 00:22 - 2017-08-05 00:22 - 000000000 ____D C:\Users\NewUser\AppData\Roaming\Mozilla
2017-08-04 23:12 - 2017-08-08 13:28 - 000000000 ____D C:\Users\NewUser\AppData\Local\ElevatedDiagnostics
2017-08-03 20:43 - 2017-08-03 20:43 - 000049992 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-08-03 20:43 - 2017-08-03 20:43 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-08-03 20:43 - 2017-08-03 20:43 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-08-03 20:43 - 2017-08-03 20:43 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-08-01 19:23 - 2017-08-08 20:08 - 000004606 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-08-01 19:23 - 2017-08-08 20:08 - 000004422 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-07-18 19:07 - 2017-07-19 09:24 - 000000000 ____D C:\Users\NewUser\Desktop\muzik
2017-07-17 21:04 - 2017-07-17 21:04 - 000000000 ____D C:\Users\NewUser\Desktop\ps catlogue
2017-07-13 21:44 - 2017-08-07 23:05 - 000000000 ____D C:\Users\NewUser\AppData\Roaming\vlc
2017-07-13 21:44 - 2017-07-13 21:44 - 000001143 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-07-13 21:44 - 2017-07-13 21:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-07-13 21:44 - 2017-07-13 21:44 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2017-07-12 09:26 - 2017-07-12 14:06 - 000003013 _____ C:\Users\NewUser\Desktop\portvision.txt
2017-07-11 23:30 - 2017-03-28 14:18 - 002404190 _____ C:\Users\NewUser\Desktop\Portvision User guide.pdf
2017-07-11 19:57 - 2017-07-11 23:30 - 000002826 _____ C:\Users\NewUser\Desktop\portv.txt
2017-07-11 19:32 - 2017-08-02 19:39 - 000000000 ___RD C:\Users\NewUser\Dropbox
2017-07-11 19:32 - 2017-07-11 19:32 - 000001303 _____ C:\Users\NewUser\Desktop\Dropbox.lnk
2017-07-11 19:29 - 2017-07-11 19:29 - 000000000 ____D C:\Users\NewUser\AppData\Roaming\Dropbox
2017-07-11 19:27 - 2017-07-11 19:28 - 082538920 _____ (Dropbox, Inc.) C:\Users\NewUser\Downloads\Dropbox 29.4.20.exe
2017-07-11 19:26 - 2017-08-09 22:02 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-07-11 19:25 - 2017-07-15 10:08 - 000000942 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-07-11 19:25 - 2017-07-15 10:08 - 000000938 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-07-11 19:25 - 2017-07-12 13:12 - 000000000 ____D C:\Users\NewUser\AppData\Local\Dropbox
2017-07-11 19:25 - 2017-07-11 19:26 - 000004002 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2017-07-11 19:25 - 2017-07-11 19:26 - 000003770 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2017-07-11 19:25 - 2017-07-11 19:25 - 000000000 ____D C:\ProgramData\Dropbox
2017-07-11 19:24 - 2017-07-11 19:25 - 000690080 _____ (Dropbox, Inc.) C:\Users\NewUser\Downloads\DropboxInstaller.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-10 11:29 - 2017-06-17 20:25 - 001789462 _____ C:\Windows\system32\PerfStringBackup.INI
2017-08-10 11:24 - 2017-06-17 23:19 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-08-10 11:24 - 2017-03-18 06:40 - 000786432 _____ C:\Windows\system32\config\BBI
2017-08-10 11:23 - 2017-07-07 22:10 - 000000000 ____D C:\Users\NewUser\AppData\Roaming\Lavasoft
2017-08-10 11:23 - 2017-07-07 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2017-08-10 11:23 - 2017-07-07 22:10 - 000000000 ____D C:\ProgramData\Lavasoft
2017-08-10 11:23 - 2017-07-07 22:10 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2017-08-10 11:18 - 2017-06-17 23:19 - 000000000 ____D C:\Windows\system32\SleepStudy
2017-08-10 09:11 - 2017-07-09 13:50 - 000000000 ____D C:\Users\NewUser\AppData\Local\klfzm
2017-08-10 09:11 - 2017-07-07 21:26 - 000000000 ____D C:\Users\NewUser\AppData\Roaming\DMCache
2017-08-10 09:11 - 2017-06-17 23:19 - 000406496 _____ C:\Windows\system32\FNTCACHE.DAT
2017-08-10 08:52 - 2017-07-07 20:45 - 000004172 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{12BE31AC-5AB4-49CE-B9C0-3BD21CFAC1AE}
2017-08-09 20:14 - 2017-06-17 23:21 - 000000000 ____D C:\Users\NewUser
2017-08-09 20:13 - 2017-07-09 13:50 - 000000000 ____D C:\Users\NewUser\AppData\Local\pnhqelcx
2017-08-09 16:56 - 2017-03-18 16:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-09 16:56 - 2017-03-18 16:03 - 000000000 ____D C:\Windows\AppReadiness
2017-08-08 20:08 - 2017-03-18 16:03 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-08-08 20:08 - 2017-03-18 16:03 - 000000000 ____D C:\Windows\system32\Macromed
2017-08-08 18:59 - 2017-07-07 21:26 - 000000000 ____D C:\Users\NewUser\Downloads\Compressed
2017-08-08 18:48 - 2017-06-17 23:22 - 000000000 ____D C:\Users\NewUser\AppData\Local\Packages
2017-08-08 13:28 - 2017-06-18 00:18 - 000000000 ____D C:\Windows\Panther
2017-08-08 13:28 - 2017-03-18 16:01 - 000000000 ____D C:\Windows\INF
2017-08-08 12:18 - 2017-06-17 20:29 - 000000000 ____D C:\Intel
2017-08-08 12:09 - 2017-06-17 20:29 - 000000000 __SHD C:\Users\NewUser\IntelGraphicsProfiles
2017-08-08 11:39 - 2017-07-08 09:10 - 000000000 __SHD C:\[Smad-Cage]
2017-08-08 10:32 - 2017-03-18 16:03 - 000000000 ____D C:\Windows\LiveKernelReports
2017-08-07 23:16 - 2017-07-07 20:55 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-08-07 23:15 - 2017-07-07 20:54 - 000000000 ____D C:\Program Files\Microsoft Office
2017-08-07 23:15 - 2017-03-18 16:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-08-07 23:14 - 2017-03-18 16:03 - 000000167 _____ C:\Windows\win.ini
2017-08-07 23:08 - 2017-03-18 16:03 - 000000000 ____D C:\Program Files\Common Files\System
2017-08-06 19:50 - 2017-06-17 21:14 - 000000372 _____ C:\Windows\Tasks\HPCeeScheduleForNewUser.job
2017-08-06 16:50 - 2017-06-17 21:14 - 000003272 _____ C:\Windows\System32\Tasks\HPCeeScheduleForNewUser
2017-08-05 08:09 - 2017-07-07 22:06 - 000000000 ____D C:\Users\NewUser\AppData\Local\Google
2017-08-05 00:27 - 2017-06-17 20:30 - 000000000 ____D C:\Program Files (x86)\Intel
2017-08-04 22:47 - 2017-07-07 22:06 - 000000000 ____D C:\Program Files (x86)\Google
2017-08-04 20:16 - 2017-07-07 22:25 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-08-01 19:24 - 2017-07-07 22:24 - 000000000 ____D C:\Users\NewUser\AppData\Local\Adobe
2017-07-23 23:06 - 2017-06-17 20:30 - 000000000 ____D C:\Program Files (x86)\HP
2017-07-23 23:05 - 2017-06-17 20:46 - 000000000 ____D C:\SWSetup
2017-07-12 21:56 - 2017-06-20 15:36 - 000000000 ____D C:\Users\NewUser\AppData\Roaming\Skype
2017-07-12 21:56 - 2017-06-17 20:38 - 000000000 ____D C:\Users\NewUser\AppData\Local\Comms
2017-07-11 19:43 - 2017-07-07 22:25 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-07-11 05:56 - 2017-07-07 20:54 - 000000000 ____D C:\Users\NewUser\AppData\Local\Microsoft Help

==================== Files in the root of some directories =======

2017-05-17 11:32 - 2017-05-17 11:32 - 000125952 _____ () C:\Users\NewUser\AppData\Local\report

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-08-05 09:48

==================== End of FRST.txt ============================



#14 nity47

nity47
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:57 PM

Posted 10 August 2017 - 11:52 AM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-08-2017
Ran by Akintola (10-08-2017 11:48:28)
Running from C:\Users\NewUser\Desktop
Windows 10 Home Version 1703 (X64) (2017-06-18 04:20:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2753109269-1302524837-3123449966-500 - Administrator - Disabled)
Akintola (S-1-5-21-2753109269-1302524837-3123449966-1001 - Administrator - Enabled) => C:\Users\NewUser
DefaultAccount (S-1-5-21-2753109269-1302524837-3123449966-503 - Limited - Disabled)
Guest (S-1-5-21-2753109269-1302524837-3123449966-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Dropbox (HKLM-x32\...\Dropbox) (Version: 31.4.25 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
Free PDF to Word Converter 5.1.0.383 (HKLM\...\Free PDF to Word Converter_is1) (Version: 5.1.0.383 - Smart Soft)
Google Chrome (HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\...\Google Chrome) (Version: 19.0.1049.3 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
HP IR Camera Driver (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10586.11200 - Realtek Semiconductor Corp.)
HP JumpStart Bridge (HKLM-x32\...\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}) (Version: 1.3.0.407 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{B90CB0DE-2E60-41C4-9857-466EB98192BF}) (Version: 1.1.158.0 - HP Inc.)
HP Orbit (HKLM-x32\...\{82b971c1-85fa-4c53-ada1-4ec6be0c0c8a}) (Version: 3.5.171.271 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{05F81C27-62A5-4A0C-8519-60CB66CF87C6}) (Version: 8.4.19.3 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{183BD477-774B-4700-B40B-EE43886E74D2}) (Version: 12.7.27.15 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.)
HP Wireless Button Driver (HKLM-x32\...\{099DAD2B-56C5-4919-9F82-418C2A018CAE}) (Version: 1.1.18.1 - HP)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1030 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4590 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Intel® Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.0.21 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{3920BCB0-23AA-4D0D-93E5-404692DAF9D2}) (Version: 19.00.1621.3340 - Intel Corporation)
Intel® Integrated Sensor Solution (HKLM-x32\...\{b3782b53-1b6c-436a-b0f0-f65d83ae74d9}) (Version: 3.0.30.1119 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - )
ISS_Drivers_x64 (HKLM\...\{6F91DCD1-30DB-449C-AE79-6948BEB15825}) (Version: 3.0.30.1119 - Intel Corporation) Hidden
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 en-US)) (Version: 54.0.1 - Mozilla)
Mozilla Firefox 55.0 (x64 en-US) (HKLM\...\Mozilla Firefox 55.0 (x64 en-US)) (Version: 55.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0 - Mozilla)
ORPALIS PDF Reducer Free Edition (HKLM-x32\...\{0DDB2FC6-EE08-4E53-AA8C-A8D87FA61F0A}) (Version: 1.0.2.0 - ORPALIS)
PDF To JPG Converter 2.0.2 (HKLM-x32\...\PDF To JPG Converter_is1) (Version:  - PDF To JPG Converter)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8095 - Realtek Semiconductor Corp.)
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.11.45 - Synaptics Incorporated)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Web Companion (HKLM-x32\...\{f4a3ff5c-7baf-4aaf-920f-76824e239ac1}) (Version: 2.4.1558.3001 - Lavasoft)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\...\ChromeHTML: -> C:\Users\NewUser\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2011-05-30] (Tonec Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-03] (Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-03] (Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2005-06-07] ()
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-03] (Dropbox, Inc.)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2005-06-07] ()
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-03] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\ki120732.inf_amd64_63d56bbca5d03c0a\igfxDTCM.dll [2017-02-13] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2005-06-07] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C2B7F41-7E97-40C4-8E8C-2D0E72711F1B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {1E0494BE-B576-47E2-B937-F745988D3B7C} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel® Corporation)
Task: {1E44BFEE-CABD-401C-AB1A-E9429DDD1B2C} - System32\Tasks\HPCeeScheduleForAkintola => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-06-24] (HP Inc.)
Task: {26883ED4-F76C-4264-85E3-BDCF4CA59605} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-06-28] (HP Inc.)
Task: {2D5FFA0C-2BAA-4C55-94E5-D5EAB0B30F5A} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe
Task: {35C27691-ED2F-422E-A3C6-C4BA5EBEB24D} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-04-07] (HP Inc.)
Task: {3DC14074-2942-4FC7-8BBC-E23435ABC3E1} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-07-11] (Dropbox, Inc.)
Task: {5B69485E-6048-4F9E-9055-149B3010CE3E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-04-06] (HP Inc.)
Task: {5E3D5F68-D742-47EC-9613-C25754E1C8B3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {6FA02AFB-9642-4CF0-8880-60DB8DC6771C} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-07-11] (Dropbox, Inc.)
Task: {731CA42C-8FAF-4958-918B-C2DC0805FA84} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-04-06] (HP Inc.)
Task: {83478C3F-8800-4655-A673-B45939919E1B} - System32\Tasks\HPCeeScheduleForNewUser => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-06-24] (HP Inc.)
Task: {843603E2-F509-4EC1-98FF-9127AB326873} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_151_pepper.exe [2017-08-08] (Adobe Systems Incorporated)
Task: {84CC2E1F-EA54-4C41-927A-B57B571CB76C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {89341336-3103-4D3E-9A91-1854037A27FA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {917C57C7-565E-4234-A6F9-0CFB71AE5EAA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-08] (Adobe Systems Incorporated)
Task: {9B5EC941-CC87-4C8D-9A73-DEA7239DF52D} - \{0C080847-797E-0F78-0F11-78090F051178} -> No File <==== ATTENTION
Task: {B1ED9F27-9184-4E31-A57D-455E5CCF90DB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-04-07] (HP Inc.)
Task: {BAF1E68B-0E85-428D-9645-301F8DE7D551} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {E0CD6891-515C-4AAE-AABA-A97ABF394E8D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-04-07] (HP Inc.)
Task: {E7C14D53-7D75-4A0F-8A81-71A055075DAD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForAkintola.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForNewUser.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\NewUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Users\NewUser\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxps://launchpage.org/?uid=oTlMBKjcgxocXeuOixjNOXMcdBq6XgVq5CpwaRAOPV2nR0iUkEonzKnUUWOzXHfQ6g%3D%3D
ShortcutWithArgument: C:\Users\NewUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Uninstall Google Chrome.lnk -> C:\Users\NewUser\AppData\Local\Google\Chrome\Application\19.0.1049.3\Installer\setup.exe (Google Inc.) ->  --uninstall

==================== Loaded Modules (Whitelisted) ==============

2017-03-18 15:58 - 2017-03-18 15:58 - 000138000 _____ () C:\Windows\SYSTEM32\inputhost.dll
2017-08-10 08:58 - 2017-06-27 12:06 - 002260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-07-07 21:31 - 2005-06-07 12:26 - 000043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2017-03-18 15:59 - 2017-03-18 21:31 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-07-23 23:06 - 2017-07-23 23:06 - 000156672 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\401c2ba169f1b95e9b4a301487581182\BRIDGECommon.ni.dll
2017-07-23 23:07 - 2017-07-23 23:07 - 000331776 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\CleanStartController\66c6826e11058869a44d222235514472\CleanStartController.ni.dll
2017-07-23 23:06 - 2017-07-23 23:06 - 000116736 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\BridgeExtension\9214ba76e4516bb55b9caa179e56aeb9\BridgeExtension.ni.dll
2017-07-23 23:07 - 2017-07-23 23:07 - 000137216 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Registratio4eabc192#\00ad1dbc9897fcce5575b098166bb979\RegistrationUtilities.ni.dll
2017-07-23 23:06 - 2017-07-23 23:06 - 000070656 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\NativeInterop\4f89ee022fde0e65b6257db384dbe4a3\NativeInterop.ni.dll
2016-09-14 22:25 - 2016-09-14 22:25 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\NewUser\Desktop\Portvision User guide.pdf:com.dropbox.attributes [168]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 16:03 - 2017-03-18 16:01 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 8.8.8.8 - 4.2.2.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "HP JumpStart Launch.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RtsCM"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "HPRadioMgr"
HKLM\...\StartupApproved\Run32: => "SMΔRT-Protection"
HKU\S-1-5-21-2753109269-1302524837-3123449966-1001\...\StartupApproved\Run: => "OfficeSyncProcess"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{423D604F-1B8A-463B-9BF0-27FB9738FF22}] => (Allow) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe
FirewallRules: [{83C7116F-901B-4B7F-819E-631C8A11511F}] => (Allow) LPort=13148
FirewallRules: [{CAC93DD6-252C-460C-8553-9A7025285FAE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4AF56ED4-63C0-4244-881A-2F507E5487EF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D3F297D8-CA41-4613-A244-DEA34E8D69AC}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶䝜湥呬批潲屳敇汮祔牢獯攮數
FirewallRules: [{E7CB44D4-9263-4302-8A64-9A6D873EDCBB}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶䝜湥呬批潲屳敇汮祔牢獯⹟硥e
FirewallRules: [{7E4B5CCC-DFCB-49D2-A07D-42F593FE026E}] => (Block) %ProgramFiles%\Adobe\lightroom.exe
FirewallRules: [{EFD84A22-2180-4945-8B93-F092E340E6EA}] => (Block) %ProgramFiles%\Adobe\lightroom.exe
FirewallRules: [{71F7B654-327B-488B-B173-478B66591B70}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F481EDC9-FC3F-430E-9CC9-658AE0CDC673}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{477CD04C-E86E-443C-A46A-55E2B9ECA2A0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{7932C240-1249-439D-B123-866909E14F20}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{71E74718-A4FB-462A-9270-0883C04678DE}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================

03-08-2017 20:43:59 adedo
05-08-2017 00:27:08 Removed Thunderbolt™ Software
07-08-2017 23:07:35 Removed Microsoft Office Professional Plus 2010
08-08-2017 13:04:37 Uninstalled with Total Uninstall "SMADAV version 11.5"
10-08-2017 11:34:20 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/09/2017 08:09:55 PM) (Source: Driver Support) (EventID: 200) (User: )
Description: Event-ID 200

Error: (08/09/2017 08:09:54 PM) (Source: Driver Support) (EventID: 100) (User: )
Description: Event-ID 100

Error: (08/09/2017 08:08:45 PM) (Source: Driver Support) (EventID: 200) (User: )
Description: Event-ID 200

Error: (08/09/2017 08:08:43 PM) (Source: Driver Support) (EventID: 100) (User: )
Description: Event-ID 100

Error: (08/09/2017 05:43:05 PM) (Source: Driver Support) (EventID: 200) (User: )
Description: Event-ID 200

Error: (08/09/2017 05:43:04 PM) (Source: Driver Support) (EventID: 100) (User: )
Description: Event-ID 100

Error: (08/08/2017 07:32:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 54.0.1.6388, time stamp: 0x5953d1f8
Faulting module name: xul.dll, version: 54.0.1.6388, time stamp: 0x5953d62e
Exception code: 0x80000003
Fault offset: 0x008a6bcb
Faulting process id: 0x4f8
Faulting application start time: 0x01d310a080cba4f6
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\Program Files (x86)\Mozilla Firefox\xul.dll
Report Id: adf90a69-a986-4310-9cd3-b789f682a31b
Faulting package full name:
Faulting package-relative application ID:

Error: (08/08/2017 01:04:36 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {e02f17b6-04ad-4c07-8508-b82c2032ecc7}

Error: (08/08/2017 11:07:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LogonUI.exe, version: 10.0.15063.0, time stamp: 0xccf07184
Faulting module name: ntdll.dll, version: 10.0.15063.0, time stamp: 0xb79b6ddb
Exception code: 0xc0000005
Fault offset: 0x000000000001445d
Faulting process id: 0x1a8
Faulting application start time: 0x01d31060317a4f59
Faulting application path: C:\Windows\system32\LogonUI.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: 848be5a9-de77-49df-8182-5d51d3773985
Faulting package full name:
Faulting package-relative application ID:

Error: (08/08/2017 12:35:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vmxclient.exe, version: 1.0.1.5, time stamp: 0x58f9c2ba
Faulting module name: libcef.dll, version: 3.2526.1373.0, time stamp: 0x587a0d9a
Exception code: 0xc00000fd
Fault offset: 0x01d1ff47
Faulting process id: 0x2638
Faulting application start time: 0x01d31007c0c4f326
Faulting application path: C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
Faulting module path: C:\Users\NewUser\AppData\Local\ntuserlitelist\svcvmx\libcef.dll
Report Id: 54067103-e559-4379-b58b-9fdec12819b1
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (08/10/2017 11:26:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
The system cannot find the file specified.

Error: (08/10/2017 11:24:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error:
The request is not supported.

Error: (08/10/2017 11:23:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP CASL Framework Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (08/10/2017 11:23:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Dynamic Application Loader Host Interface Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (08/10/2017 11:23:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP JumpStart Bridge service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (08/10/2017 11:23:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP Comm Recovery service terminated unexpectedly.  It has done this 1 time(s).

Error: (08/10/2017 11:23:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP Orbit Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (08/10/2017 11:23:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Content Protection HECI Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (08/10/2017 11:23:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (08/10/2017 11:23:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The DbxSvc service terminated unexpectedly.  It has done this 1 time(s).


CodeIntegrity:
===================================
  Date: 2017-08-10 01:35:33.286
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Windows.UI.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-08-10 00:44:07.100
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Windows.UI.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-08-09 23:59:33.537
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Windows.UI.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-08-09 23:16:43.903
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Windows.UI.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-08-09 22:33:23.665
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Windows.UI.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-08-09 22:33:03.155
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Windows.UI.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-08-09 22:16:52.830
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\WinMetadata\Windows.Graphics.winmd because the set of per-page image hashes could not be found on the system.

  Date: 2017-08-09 22:16:52.663
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Windows.UI.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-08-09 21:02:54.241
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-08 20:10:55.280
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core™ i7-7500U CPU @ 2.70GHz
Percentage of memory in use: 17%
Total physical RAM: 16262.68 MB
Available physical RAM: 13424.68 MB
Total Virtual: 17286.68 MB
Available Virtual: 14509.46 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:476.39 GB) (Free:415.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 033362DE)

Partition: GPT.

==================== End of Addition.txt ============================



#15 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:57 PM

Posted 10 August 2017 - 02:14 PM

Almost done :)

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Fix mode
Follow the instructions below to execute a fix on your system using FRST, and provide the log in your next reply.
  • Download the attached fixlist.txt file, and save it on your Desktop (or wherever your FRST.exe/FRST64.exe executable is located);
  • Right-click on the FRST executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Click on the Fix button;
    NYA5Cbr.png
  • On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad;
  • Copy and paste its content in your next reply;
Are you able to open your Task Manager by the way, or does it close right away when you do?

Attached Files


unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users