1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Resolved Upgrade from WIN 7 TO win 10, browsers now lock up

Discussion in 'Windows 10' started by GRAHAM WESTON, 2016/03/29.

  1. 2016/03/29
    GRAHAM WESTON

    GRAHAM WESTON Well-Known Member Thread Starter

    Joined:
    2002/07/30
    Messages:
    371
    Likes Received:
    0
    I have taken the leap and upgraded my WIN 7 machine to WIN 10, now i have the problem where no matter what browser i use, at some stage it will lock up, some times for 3 to 4 minutes, then some times it will come good, other times the browser will just shut down. Browsers were a little slow on occasions when running WIN 7, but WIN 10 has exacerbated the situation to the point where i cannot use the internet. has anybody else had this problem. Many thanks in advance.
     
    GRAHAM WESTON,
    #1
  2. 2016/03/29
    Evan Omo

    Evan Omo Computer Support Technician Staff

    Joined:
    2006/09/10
    Messages:
    7,902
    Likes Received:
    510
    Hi Graham. Please follow steps 15-25 in my guide and post the logs here in your next reply.
     
    Evan Omo,
    #2


  3. to hide this advert.

  4. 2016/04/02
    GRAHAM WESTON

    GRAHAM WESTON Well-Known Member Thread Starter

    Joined:
    2002/07/30
    Messages:
    371
    Likes Received:
    0
    sorry for delay Evan, work has me run off my feet atm. TXT's as follows.

    MiniToolBox by Farbar Version: 07-02-2016 01
    Ran by kiungaman (administrator) on 30-03-2016 at 19:58:56
    Running from "C:\Users\kiungaman\Desktop\scan software "
    Microsoft Windows 10 Home (X64)
    Model: HP G60 Notebook PC Manufacturer: Hewlett-Packard
    Boot Mode: Normal
    ***************************************************************************

    ========================= Flush DNS: ===================================

    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    ========================= IE Proxy Settings: ==============================

    Proxy is not enabled.
    No Proxy Server is set.

    "Reset IE Proxy Settings ": IE Proxy Settings were reset.

    ========================= FF Proxy Settings: ==============================


    "Reset FF Proxy Settings ": Firefox Proxy settings were reset.

    ========================= Hosts content: =================================
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 www.1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 www.100sexlinks.com
    127.0.0.1 100sexlinks.com
    127.0.0.1 10sek.com
    127.0.0.1 www.10sek.com
    127.0.0.1 www.1-2005-search.com
    127.0.0.1 1-2005-search.com
    127.0.0.1 123fporn.info
    127.0.0.1 www.123fporn.info
    127.0.0.1 123haustiereundmehr.com
    127.0.0.1 www.123haustiereundmehr.com
    127.0.0.1 123moviedownload.com
    127.0.0.1 www.123moviedownload.com

    There are 15459 entries.

    ========================= IP Configuration: ================================

    Realtek PCIe FE Family Controller = Local Area Connection (Connected)
    Intel(R) Centrino(R) Wireless-N 1000 Driver = Wireless Network Connection (Media disconnected)


    # ----------------------------------
    # IPv4 Configuration
    # ----------------------------------
    pushd interface ipv4

    reset
    set global
    set interface interface= "Local Area Connection 5" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface= "Mobile Broadband Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface= "Local Area Connection 4" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface= "Wireless Network Connection 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface= "Local Area Connection 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface= "Local Area Connection 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface= "Wireless Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface= "Local Area Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface= "Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface= "Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


    popd
    # End of IPv4 configuration



    Windows IP Configuration

    Host Name . . . . . . . . . . . . : kiungaman-PC
    Primary Dns Suffix . . . . . . . :
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No

    Wireless LAN adapter Local Area Connection* 2:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
    Physical Address. . . . . . . . . : 00-1E-64-73-DE-25
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes

    Ethernet adapter Local Area Connection:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
    Physical Address. . . . . . . . . : 00-26-2D-B0-20-4C
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    Link-local IPv6 Address . . . . . : fe80::f553:34a7:2e8f:c395%15(Preferred)
    IPv4 Address. . . . . . . . . . . : 192.168.1.186(Preferred)
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Lease Obtained. . . . . . . . . . : Wednesday, March 30, 2016 10:42:32 AM
    Lease Expires . . . . . . . . . . : Thursday, March 31, 2016 10:42:32 AM
    Default Gateway . . . . . . . . . : 192.168.1.1
    DHCP Server . . . . . . . . . . . : 192.168.1.1
    DHCPv6 IAID . . . . . . . . . . . : 234890797
    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-F1-6A-1C-00-26-2D-B0-20-4C
    DNS Servers . . . . . . . . . . . : 192.168.1.1
    NetBIOS over Tcpip. . . . . . . . : Enabled

    Wireless LAN adapter Wireless Network Connection:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Intel(R) Centrino(R) Wireless-N 1000
    Physical Address. . . . . . . . . : 00-1E-64-73-DE-24
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    Server: router.asus.com
    Address: 192.168.1.1

    Name: google.com
    Addresses: 2404:6800:4006:807::200e
    172.217.24.78


    Pinging google.com [172.217.24.78] with 32 bytes of data:
    Reply from 172.217.24.78: bytes=32 time=68ms TTL=53
    Reply from 172.217.24.78: bytes=32 time=68ms TTL=53

    Ping statistics for 172.217.24.78:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 68ms, Maximum = 68ms, Average = 68ms
    Server: router.asus.com
    Address: 192.168.1.1

    Name: yahoo.com
    Addresses: 2001:4998:58:c02::a9
    2001:4998:44:204::a7
    2001:4998:c:a06::2:4008
    98.139.183.24
    98.138.253.109
    206.190.36.45


    Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
    Reply from 98.139.183.24: bytes=32 time=283ms TTL=44
    Reply from 98.139.183.24: bytes=32 time=286ms TTL=44

    Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 283ms, Maximum = 286ms, Average = 284ms

    Pinging 127.0.0.1 with 32 bytes of data:
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

    Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
    ===========================================================================
    Interface List
    2...00 1e 64 73 de 25 ......Microsoft Hosted Network Virtual Adapter
    15...00 26 2d b0 20 4c ......Realtek PCIe FE Family Controller
    7...00 1e 64 73 de 24 ......Intel(R) Centrino(R) Wireless-N 1000
    1...........................Software Loopback Interface 1
    ===========================================================================

    IPv4 Route Table
    ===========================================================================
    Active Routes:
    Network Destination Netmask Gateway Interface Metric
    0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.186 20
    127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
    127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
    127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    192.168.1.0 255.255.255.0 On-link 192.168.1.186 276
    192.168.1.186 255.255.255.255 On-link 192.168.1.186 276
    192.168.1.255 255.255.255.255 On-link 192.168.1.186 276
    224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
    224.0.0.0 240.0.0.0 On-link 192.168.1.186 276
    255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    255.255.255.255 255.255.255.255 On-link 192.168.1.186 276
    ===========================================================================
    Persistent Routes:
    None

    IPv6 Route Table
    ===========================================================================
    Active Routes:
    If Metric Network Destination Gateway
    1 306 ::1/128 On-link
    15 276 fe80::/64 On-link
    15 276 fe80::f553:34a7:2e8f:c395/128
    On-link
    1 306 ff00::/8 On-link
    15 276 ff00::/8 On-link
    ===========================================================================
    Persistent Routes:
    None
    ========================= Winsock entries =====================================

    Catalog5 01 C:\WINDOWS\SysWOW64\NLAapi.dll [65024] (Microsoft Corporation)
    Catalog5 02 C:\WINDOWS\SysWOW64\napinsp.dll [55808] (Microsoft Corporation)
    Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
    Catalog5 04 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
    Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23552] (Microsoft Corporation)
    Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
    x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
    x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
    x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
    x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
    x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)

    ========================= Event log errors: ===============================

    Application errors:
    ==================
    Error: (03/30/2016 07:48:33 PM) (Source: SideBySide) (User: )
    Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1 ".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
    Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

    Error: (03/30/2016 03:51:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: kiungaman-PC)
    Description: Activation of app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge failed with error: -2147024891 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (03/30/2016 03:50:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: kiungaman-PC)
    Description: Package Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{be0e01da-a7c7-40d0-a336-d8789aa3fdaf} was terminated because it took too long to suspend.

    Error: (03/30/2016 03:50:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: kiungaman-PC)
    Description: Package Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge was terminated because it took too long to suspend.

    Error: (03/30/2016 03:39:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: kiungaman-PC)
    Description: Package Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{9e75ecfa-05e6-4d9d-99f7-2df9c8b420c5} was terminated because it took too long to suspend.

    Error: (03/30/2016 03:35:02 PM) (Source: Application Error) (User: )
    Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10586.20, time stamp: 0x56540c35
    Faulting module name: edgehtml.dll, version: 11.0.10586.162, time stamp: 0x56cd3d95
    Exception code: 0x8000ffff
    Fault offset: 0x00000000004be12a
    Faulting process id: 0x788
    Faulting application start time: 0xmicrosoftedgecp.exe0
    Faulting application path: microsoftedgecp.exe1
    Faulting module path: microsoftedgecp.exe2
    Report Id: microsoftedgecp.exe3
    Faulting package full name: microsoftedgecp.exe4
    Faulting package-relative application ID: microsoftedgecp.exe5

    Error: (03/30/2016 10:19:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: kiungaman-PC)
    Description: Package Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{aad09841-4357-4832-a36d-9e58d93daecd} was terminated because it took too long to suspend.

    Error: (03/30/2016 12:00:58 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: kiungaman-PC)
    Description: Package Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge was terminated because it took too long to suspend.

    Error: (03/28/2016 04:06:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: kiungaman-PC)
    Description: Package Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{cbdc42d8-e872-4a72-915f-39abe42ed98e} was terminated because it took too long to suspend.

    Error: (03/28/2016 04:05:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: kiungaman-PC)
    Description: Package Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge was terminated because it took too long to suspend.


    System errors:
    =============
    Error: (03/30/2016 03:51:39 PM) (Source: DCOM) (User: kiungaman-PC)
    Description: "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca5MicrosoftEdgeUnavailableUnavailable

    Error: (03/30/2016 12:38:51 PM) (Source: DCOM) (User: kiungaman-PC)
    Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}kiungaman-PCkiungamanS-1-5-21-3374131861-1103260440-2687298924-1000LocalHost (Using LRPC)Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewyS-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795

    Error: (03/30/2016 10:48:41 AM) (Source: Service Control Manager) (User: )
    Description: The Delivery Optimization service hung on starting.

    Error: (03/30/2016 10:45:58 AM) (Source: Service Control Manager) (User: )
    Description: The Dropbox Update Service (dbupdate) service failed to start due to the following error:
    %%1053

    Error: (03/30/2016 10:45:58 AM) (Source: Service Control Manager) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the dbupdate service to connect.

    Error: (03/30/2016 10:42:42 AM) (Source: Service Control Manager) (User: )
    Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:
    %%1058

    Error: (03/30/2016 10:41:09 AM) (Source: Service Control Manager) (User: )
    Description: The WWAN AutoConfig service terminated with the following error:
    %%997

    Error: (03/30/2016 10:41:03 AM) (Source: Service Control Manager) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Sync Host_2139b service to connect.

    Error: (03/30/2016 10:41:03 AM) (Source: Service Control Manager) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_2139b service to connect.

    Error: (03/30/2016 10:40:53 AM) (Source: Service Control Manager) (User: )
    Description: The User Data Access_2139b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.


    Microsoft Office Sessions:
    =========================

    CodeIntegrity Errors:
    ===================================
    Date: 2016-03-27 17:56:16.927
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

    Date: 2016-03-24 03:04:29.712
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

    Date: 2016-03-21 23:51:52.412
    Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

    Date: 2016-03-21 23:51:52.212
    Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

    Date: 2016-03-21 23:51:52.042
    Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

    Date: 2016-03-21 23:51:51.849
    Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

    Date: 2016-03-21 23:51:51.752
    Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

    Date: 2016-03-21 23:51:51.623
    Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

    Date: 2016-03-21 23:51:49.597
    Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

    Date: 2016-03-21 23:51:48.477
    Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.


    =========================== Installed Programs ============================

    µTorrent (HKCU\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.)
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
    Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
    Avast Premier (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
    CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
    Canon MG2100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series) (Version: - )
    Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
    Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.10.3.23 - Canon Inc.)
    Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.0.6 - Canon Inc.)
    Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
    CanoScan Toolbox Ver4.9 (HKLM-x32\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version: - )
    CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
    CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5118 - CDBurnerXP)
    Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.60.50 - Conexant)
    Cucusoft Auto Update 1.0.5 (HKLM\...\CucusoftAutoUpdate_is1) (Version: - )
    Cucusoft Net Guard 2.3.4.1 (HKLM\...\CucusoftNetGuard_is1) (Version: - Cucusoft, Inc.)
    CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.)
    D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
    Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 2.05 - NCH Software)
    Dropbox (HKLM-x32\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
    Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.27.35 - Dropbox, Inc.) Hidden
    erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
    ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
    e-tax 2015 (HKLM-x32\...\{9D19C250-CE9A-4BF0-91C8-031665D54D16}) (Version: 2.10.541 - Australian Taxation Office)
    Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
    Free Screen Capture (HKLM-x32\...\{B5803DCA-1A6F-48BA-9401-D4599122D7D7}) (Version: 1.0.0 - Free Picture Solutions)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
    Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
    Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.5 - Google Inc.) Hidden
    Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
    HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.2.8.17 - Hewlett-Packard Company)
    Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
    iSpy (64 bit) (HKLM\...\{8816AA23-70B3-487A-800A-F69216267144}) (Version: 6.3.3 - iSpy)
    Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
    Join Me (HKLM-x32\...\{72FD5F2E-1F7A-4E9B-8838-29E842E178CD}) (Version: 2.0.3.0 - ZTE)
    Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
    Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
    MFC RunTime files (HKLM-x32\...\{70C592EC-AE9B-4734-928B-676E824FB41E}) (Version: 1.0.0 - Extensoft) Hidden
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office Small Business 2007 (HKLM-x32\...\SMALLBUSINESSR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Mobile Broadband Manager (HKLM-x32\...\{7DB11606-D621-4D3B-A7F7-25466A423AAF}) (Version: 3.11.20330.0 - Telstra) Hidden
    Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MyHarmony (HKCU\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
    OpenOffice 4.1.1 (HKLM-x32\...\{86F2B095-3998-41D5-833D-1C5075300950}) (Version: 4.11.9775 - Apache Software Foundation)
    oPlayer (HKLM-x32\...\{AA1B7F27-A49D-4D7F-9755-570AF5597160}) (Version: 1.0.30 - object)
    PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.1 - Tracker Software Products Ltd)
    PhotoPad Image Editor (HKLM-x32\...\PhotoPad) (Version: 2.69 - NCH Software)
    SafeZone Stable 1.46.1990.139 (HKLM-x32\...\SafeZone 1.46.1990.139) (Version: 1.46.1990.139 - Avast Software) Hidden
    Screen Capturer (HKLM-x32\...\Screen Capturer) (Version: 1.0.4.42 - ScreenCapturer.com)
    SearchDVS (HKLM-x32\...\{F0B6A46E-635B-4D37-8F5F-E543F54C3D5B}) (Version: - )
    Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
    Sony PC Companion 2.10.251 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.251 - Sony)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.0.7.0 - Synaptics)
    System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
    Telstra Mobile Broadband Manager (HKLM-x32\...\Mobile Broadband Manager) (Version: 3.11.20330.0 - Telstra)
    Telstra USB+Wi-Fi Hostless Modem (HKLM-x32\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.2 - ZTE Corporation)
    Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.6.0f2 - Unity Technologies ApS)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
    Yawcam 0.4.1 (HKLM-x32\...\{8FE96B14-E1F9-47BF-8BA1-A81467CD259B}_is1) (Version: - )
    ZTE Handset USB Driver (HKLM\...\{01D42BF0-ED08-463f-8A28-99EB6FEE962B}) (Version: - ZTE Corporation)
    ZTE Handset USB Driver (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2104.1.02B06 - ZTE Corporation)
    ZTE LTE Device USB Driver (HKLM\...\{00C1EF09-B5B7-4082-B1F4-C35CE7A7FCA9}) (Version: - ZTE Corporation)

    ========================= Devices: ================================


    ========================= Memory info: ===================================

    Percentage of memory in use: 48%
    Total physical RAM: 3999.19 MB
    Available physical RAM: 2074.55 MB
    Total Virtual: 8095.19 MB
    Available Virtual: 5839.14 MB

    ========================= Partitions: =====================================

    1 Drive c: (test) (Fixed) (Total:698.2 GB) (Free:272.62 GB) NTFS

    ========================= Users: ========================================

    User accounts for \\KIUNGAMAN-PC

    Administrator DefaultAccount Guest
    kiungaman


    **** End of log ****

    # AdwCleaner v5.036 - Logfile created 26/02/2016 at 23:36:31
    # Updated 22/02/2016 by Xplode
    # Database : 2016-02-24.1 [Server]
    # Operating system : Windows 7 Home Premium Service Pack 1 (x64)
    # Username : kiungaman - KIUNGAMAN-PC
    # Running from : C:\Users\kiungaman\Downloads\adwcleaner_5.036.exe
    # Option : Cleaning
    # Support : http://toolslib.net/forum

    ***** [ Services ] *****


    ***** [ Folders ] *****


    ***** [ Files ] *****


    ***** [ DLLs ] *****


    ***** [ Shortcuts ] *****


    ***** [ Scheduled tasks ] *****

    [-] Task Deleted : Microsoft\Windows\Multimedia\SMupdate3
    [-] Task Deleted : Microsoft\Windows\Maintenance\SMupdate2

    ***** [ Registry ] *****

    [-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [iWebar-bg.exe]
    [-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [Object Browser-bg.exe]
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
    [-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3034f97f-ed90-4bda-9de4-12e3578df9d3}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{360ced99-50f6-4a9d-abf0-9fe2656ec0dd}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3034f97f-ed90-4bda-9de4-12e3578df9d3}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{360ced99-50f6-4a9d-abf0-9fe2656ec0dd}
    [-] Key Deleted : HKLM\SOFTWARE\Universal
    [-] Key Deleted : HKU\.DEFAULT\Software\VNT
    [-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\Object Browser
    [-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\iWebar
    [-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Object Browser

    ***** [ Web browsers ] *****


    *************************

    :: "Tracing" keys removed
    :: Winsock settings cleared

    *************************

    C:\AdwCleaner\AdwCleaner[C1].txt - [4446 bytes] - [26/02/2016 23:36:31]
    C:\AdwCleaner\AdwCleaner[R0].txt - [11847 bytes] - [22/05/2014 20:59:47]
    C:\AdwCleaner\AdwCleaner[R1].txt - [20859 bytes] - [14/09/2014 20:09:01]
    C:\AdwCleaner\AdwCleaner[R2].txt - [1686 bytes] - [26/09/2014 23:11:35]
    C:\AdwCleaner\AdwCleaner[R3].txt - [1194 bytes] - [26/09/2014 23:33:15]
    C:\AdwCleaner\AdwCleaner[R4].txt - [1848 bytes] - [30/09/2014 22:43:26]
    C:\AdwCleaner\AdwCleaner[R5].txt - [1374 bytes] - [05/10/2014 21:10:17]
    C:\AdwCleaner\AdwCleaner[R6].txt - [2984 bytes] - [20/04/2015 23:54:14]
    C:\AdwCleaner\AdwCleaner[S0].txt - [11204 bytes] - [22/05/2014 21:01:23]
    C:\AdwCleaner\AdwCleaner[S1].txt - [22792 bytes] - [14/09/2014 20:21:09]
    C:\AdwCleaner\AdwCleaner[S2].txt - [1757 bytes] - [26/09/2014 23:14:57]
    C:\AdwCleaner\AdwCleaner[S3].txt - [1919 bytes] - [30/09/2014 22:44:44]
    C:\AdwCleaner\AdwCleaner[S4].txt - [1436 bytes] - [05/10/2014 21:13:55]
    C:\AdwCleaner\AdwCleaner[S5].txt - [2931 bytes] - [20/04/2015 23:56:09]

    ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5472 bytes] ##########
    # AdwCleaner v5.107 - Logfile created 30/03/2016 at 20:28:54
    # Updated 28/03/2016 by Xplode
    # Database : 2016-03-30.1 [Server]
    # Operating system : Windows 10 Home (x64)
    # Username : kiungaman - KIUNGAMAN-PC
    # Running from : C:\Users\kiungaman\Desktop\scan software\AdwCleaner (1).exe
    # Option : Clean
    # Support : http://toolslib.net/forum

    ***** [ Services ] *****


    ***** [ Folders ] *****


    ***** [ Files ] *****


    ***** [ DLLs ] *****


    ***** [ Shortcuts ] *****


    ***** [ Scheduled tasks ] *****

    [-] Task Deleted : Microsoft\Windows\Multimedia\SMupdate3
    [-] Task Deleted : Microsoft\Windows\Maintenance\SMupdate2

    ***** [ Registry ] *****

    [-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dx82u1pulx6jk.cloudfront.net
    [-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dx82u1pulx6jk.cloudfront.net

    ***** [ Web browsers ] *****


    *************************

    :: "Tracing" keys deleted
    :: Winsock settings cleared

    *************************

    C:\AdwCleaner\AdwCleaner[C1].txt - [6848 bytes] - [26/02/2016 23:36:31]
    C:\AdwCleaner\AdwCleaner[R0].txt - [11847 bytes] - [22/05/2014 20:59:47]
    C:\AdwCleaner\AdwCleaner[R1].txt - [20859 bytes] - [14/09/2014 20:09:01]
    C:\AdwCleaner\AdwCleaner[R2].txt - [1686 bytes] - [26/09/2014 23:11:35]
    C:\AdwCleaner\AdwCleaner[R3].txt - [1194 bytes] - [26/09/2014 23:33:15]
    C:\AdwCleaner\AdwCleaner[R4].txt - [1848 bytes] - [30/09/2014 22:43:26]
    C:\AdwCleaner\AdwCleaner[R5].txt - [1374 bytes] - [05/10/2014 21:10:17]
    C:\AdwCleaner\AdwCleaner[R6].txt - [2984 bytes] - [20/04/2015 23:54:14]
    C:\AdwCleaner\AdwCleaner[S0].txt - [11204 bytes] - [22/05/2014 21:01:23]
    C:\AdwCleaner\AdwCleaner[S1].txt - [25074 bytes] - [14/09/2014 20:21:09]
    C:\AdwCleaner\AdwCleaner[S2].txt - [1757 bytes] - [26/09/2014 23:14:57]
    C:\AdwCleaner\AdwCleaner[S3].txt - [1919 bytes] - [30/09/2014 22:44:44]
    C:\AdwCleaner\AdwCleaner[S4].txt - [1436 bytes] - [05/10/2014 21:13:55]
    C:\AdwCleaner\AdwCleaner[S5].txt - [2931 bytes] - [20/04/2015 23:56:09]

    ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7874 bytes] ##########

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.0.4 (03.14.2016)
    Operating System: Windows 10 Home x64
    Ran by kiungaman (Administrator) on Wed 03/30/2016 at 21:23:20.74
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    File System: 0




    Registry: 0





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Wed 03/30/2016 at 21:46:33.13
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Deleted ->> Registry Value Data ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62596E90-5FC5-471E-A46-3A4986F0C6D9}\ ->> AppName : 10ea0e04-ff58-4b83-a969-b45cc77ad60d-2.exe-codedownloader.exe
    Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMMediaPlayerOnArrival\ ->> Provider : iMesh
    Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMMediaPlayerOnArrival\ ->> Provider : iMesh
    Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mysearchdialcdn.com
    Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sweetpacks.com
    Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\mysearchdialcdn.com
    Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\sweetpacks.com
    Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\imesh
    Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\imesh

    ~ ZHPCleaner v2016.3.28.47 by Nicolas Coolman (2016/03/28)
    ~ Run by kiungaman (Administrator) (30/03/2016 23:08:15)
    ~ Site : http://www.nicolascoolman.com
    ~ Facebook : https://www.facebook.com/nicolascoolman1
    ~ State version : Version OK
    ~ Type : Repair
    ~ Report : C:\Users\kiungaman\Desktop\ZHPCleaner.txt
    ~ Quarantine : C:\Users\kiungaman\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
    ~ UAC : Activate
    ~ Boot Mode : Normal (Normal boot)
    Windows 10 Home, 64-bit (Build 10586)


    ---\\ Services (0)
    ~ No malicious or unnecessary items found.


    ---\\ Browser internet (0)
    ~ No malicious or unnecessary items found.


    ---\\ Hosts file (1)
    ~ The hosts file is legitimate (15516)


    ---\\ Scheduled automatic tasks. (0)
    ~ No malicious or unnecessary items found.


    ---\\ Explorer ( File, Folder) (10)
    MOVED file: C:\Users\kiungaman\Downloads\appmanagersetup_2.0_b4_292.exe =>.Superfluous.WellKnownMedia
    MOVED folder: C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpfmidcdnfpaamdaobjiiamaihdigaoj =>Hijacker.Browser [ "update_url" : "https://clients2.google.com/servic]
    MOVED folder: C:\WINDOWS\Installer\MSI49B4.tmp- =>Empty
    MOVED folder: C:\WINDOWS\Installer\MSIA392.tmp- =>Empty
    MOVED folder: C:\WINDOWS\Installer\MSIB56E.tmp- =>Empty
    MOVED folder: C:\WINDOWS\Installer\MSIDB12.tmp- =>Empty
    MOVED folder: C:\WINDOWS\Installer\MSIE495.tmp- =>Empty
    MOVED folder: C:\WINDOWS\Installer\MSIE6C7.tmp- =>Empty
    MOVED folder: C:\WINDOWS\Installer\MSIE8BC.tmp- =>Empty
    MOVED folder: C:\WINDOWS\Installer\MSIEB2D.tmp- =>Empty


    ---\\ Registry ( Key, Value, Data) (12)
    DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kpfmidcdnfpaamdaobjiiamaihdigaoj [] =>Hijacker.Browser
    DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iMesh [ "C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe" --lightmode (Not File)] =>.Superfluous.iMesh
    DELETED key*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F697971-9FC-4C7F-88E0-862DC63F9C8} [C:\Program Files (x86)\iWebar (Not File)] =>PUP.Optional.CrossRider
    DELETED key*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3034f97f-ed90-4bda-9de4-12e3578df9d3} [C:\Program Files (x86)\Object Browser (Not File)] =>PUP.Optional.ObjectBrowser
    DELETED key*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32EBDCE3-4A77-4CD9-91DB-57886046B948} [C:\Program Files (x86)\Object Browser (Not File)] =>PUP.Optional.ObjectBrowser
    DELETED key*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5786997A-4258-4B91-85CB-BB29939617F} [C:\Program Files (x86)\iWebar (Not File)] =>PUP.Optional.CrossRider
    DELETED key*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58DCA91E-23E2-4038-B9D3-57CD9BB588B1} [C:\Program Files (x86)\Object Browser (Not File)] =>PUP.Optional.ObjectBrowser
    DELETED key*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62596E90-5FC5-471E-A46-3A4986F0C6D9} [C:\Program Files (x86)\Object Browser (Not File)] =>PUP.Optional.ObjectBrowser
    DELETED key*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5FFAEC3-99AA-45E4-9052-B21683D1F49} [C:\Program Files (x86)\Object Browser (Not File)] =>PUP.Optional.ObjectBrowser
    DELETED key*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B0D2EABA-6F75-47B8-8D61-AEEAF166DEA2} [C:\Program Files (x86)\iWebar (Not File)] =>PUP.Optional.CrossRider
    DELETED key*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDEEE87-666-4D58-98A8-462665B69CE8} [C:\Program Files (x86)\Object Browser (Not File)] =>PUP.Optional.ObjectBrowser
    DELETED key*: [X64] HKLM\SOFTWARE\Classes\Applications\iMeshSetup-r393-n-bi.exe [] =>.Superfluous.iMesh


    ---\\ Summary of the elements found (6)
    http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.WellKnownMedia
    http://www.nicolascoolman.fr/?p=4664 =>Hijacker.Browser [ "update_url" : "https://clients2.google.com/servic]
    http://www.nicolascoolman.fr/hijacker-browser/ =>Hijacker.Browser
    http://www.nicolascoolman.fr/?p=427 =>.Superfluous.iMesh
    http://www.nicolascoolman.fr/?p=180 =>PUP.Optional.CrossRider
    http://www.nicolascoolman.fr/pup-objectbrowser/ =>PUP.Optional.ObjectBrowser


    ---\\ Other deletions. (15)
    ~ Registry Keys Tracing deleted (15)
    ~ Remove the old reports ZHPCleaner. (0)


    ---\\ Result of repair
    ~ Repair carried out successfully
    ~ Browser not found (Opera Software)


    ---\\ Statistics
    ~ Items scanned : 31699
    ~ Items found : 0
    ~ Items cancelled : 0
    ~ Items repaired : 22


    ~ End of clean in 00h00mn50s
    ===================
    ZHPCleaner-[R]-30032016-23_09_05.txt
    ZHPCleaner--30032016-23_03_34.txt
     
    GRAHAM WESTON,
    #3
  5. 2016/04/02
    GRAHAM WESTON

    GRAHAM WESTON Well-Known Member Thread Starter

    Joined:
    2002/07/30
    Messages:
    371
    Likes Received:
    0
    Code:
    HitmanPro 3.7.13.258
www.hitmanpro.com

   Computer name . . . . : KIUNGAMAN-PC
   Windows . . . . . . . : 10.0.0.10586.X64/2
   User name . . . . . . : kiungaman-PC\kiungaman
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Paid (1095 days left)

   Scan date . . . . . . : 2016-03-30 23:38:44
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 6m 8s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : Yes

   Threats . . . . . . . : 19
   Traces  . . . . . . . : 214

   Objects scanned . . . : 2,013,423
   Files scanned . . . . : 55,116
   Remnants scanned  . . : 537,908 files / 1,420,399 keys

Malware _____________________________________________________________________

   C:\Users\kiungaman\AppData\Roaming\ZHP\Quarantine\kpfmidcdnfpaamdaobjiiamaihdigaoj\2_0\1399311.dll -> Deleted
      Size . . . . . . . : 2,382,144 bytes
      Age  . . . . . . . : 0.0 days (2016-03-30 22:52:56)
      Entropy  . . . . . : 5.9
      SHA-256  . . . . . : EECD8D6A064A420A0DCF2C21E31FF56C2A5413131C12231ADEBA0E3E05A8F12D
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0
      Forensic Cluster
         -3.1s C:\Users\kiungaman\AppData\Roaming\ZHP\ZHPCleaner.txt
         -3.1s C:\Users\kiungaman\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
         -3.0s C:\Users\kiungaman\AppData\Roaming\ZHP\Quarantine\
         -3.0s C:\Users\kiungaman\AppData\Roaming\ZHP\Quarantine\hosts
          0.0s C:\Users\kiungaman\AppData\Roaming\ZHP\Quarantine\kpfmidcdnfpaamdaobjiiamaihdigaoj\2_0\
          0.0s C:\Users\kiungaman\AppData\Roaming\ZHP\Quarantine\kpfmidcdnfpaamdaobjiiamaihdigaoj\2_0\1399311.dll
          0.1s C:\Users\kiungaman\AppData\Roaming\ZHP\Quarantine\kpfmidcdnfpaamdaobjiiamaihdigaoj\2_0\background.js
          0.1s C:\Users\kiungaman\AppData\Roaming\ZHP\Quarantine\kpfmidcdnfpaamdaobjiiamaihdigaoj\2_0\background.html
          0.1s C:\Users\kiungaman\AppData\Roaming\ZHP\Quarantine\kpfmidcdnfpaamdaobjiiamaihdigaoj\2_0\icon_128.png
          0.1s C:\Users\kiungaman\AppData\Roaming\ZHP\Quarantine\kpfmidcdnfpaamdaobjiiamaihdigaoj\2_0\manifest.json

   C:\Windows\SysWOW64\qmmod\ccp_fanfi.dll -> PendingDelete
      Size . . . . . . . : 362,816 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:54)
      Entropy  . . . . . : 6.5
      SHA-256  . . . . . : 0CB0241EF73255B41B4A5C7844ED56E0A7284D0E91A4C65EE83F14A6DA7BC8D8
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\Director_ckmilhiyu.dll -> PendingDelete
      Size . . . . . . . : 2,533,696 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:55)
      Entropy  . . . . . : 6.6
      SHA-256  . . . . . : E6A4F5C8EEB35C58DE46C72CB001BFC80A431B5E121359965E65FB00048ABE8D
      Version  . . . . . : 8.2.24.1135
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\dprx_cbgfsolzl.dll -> PendingDelete
      Size . . . . . . . : 284,992 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:54)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : 26E789F3075D7DE4B7F97CFD24A61A7EA2E0805CAEFE026612D8529F4720E9C7
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\mca_nclbu.dll -> PendingDelete
      Size . . . . . . . : 538,944 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:54)
      Entropy  . . . . . : 6.6
      SHA-256  . . . . . : D149FDBEFB184E6EFCDE5BE44C5291E26215609F18442817D70D5CC998264F51
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\mcapp_bkaiggdje.dll -> PendingDelete
      Size . . . . . . . : 239,936 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:55)
      Entropy  . . . . . : 6.2
      SHA-256  . . . . . : 23F3F485C33DC747F03EDB54ECEABF272954C7358C9EE3E336C45EA9F032AAD6
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\mcff_swusketgz.dll -> PendingDelete
      Size . . . . . . . : 563,520 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:55)
      Entropy  . . . . . : 6.6
      SHA-256  . . . . . : 168A7CC39CEF73CB2B433C9FF21A9EB46E875EC4DD919AFB36F1845B46D69597
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\mcgc_lreoi.dll -> PendingDelete
      Size . . . . . . . : 3,316,032 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:54)
      Entropy  . . . . . : 6.3
      SHA-256  . . . . . : BB17AF8E0757C3537F17690089114DF2C902C0B3B30AA5912B3F07AEB7294D61
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\mcie_uuqwqxnci.dll -> PendingDelete
      Size . . . . . . . : 2,971,968 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:55)
      Entropy  . . . . . : 6.2
      SHA-256  . . . . . : C8A8ACB66EB53CA82C31385BE3588468F63F38B4E04D9CF283001C0751607872
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\mck_rnepv.dll -> PendingDelete
      Size . . . . . . . : 2,812,224 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:54)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 4ED4B0D36EB6C5A0E4312F60E5B9935F264F7661DF8BA3F455E8D7D4D67DA2EB
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\mclmd_epoacytkt.dll -> PendingDelete
      Size . . . . . . . : 248,128 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:54)
      Entropy  . . . . . : 6.3
      SHA-256  . . . . . : 3DDE5A2B16ABAC0870937439C413B2FA08BFF81774F9250C08E9446F834BF0D6
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\mcmsg_cahutsjcy.dll -> PendingDelete
      Size . . . . . . . : 231,744 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:55)
      Entropy  . . . . . : 6.3
      SHA-256  . . . . . : CCED4C27813C0B7FB9FB7CF4C0FEC129BAB63DD1FDD28947108458DC570EBB4A
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\mcoexp_eweghlofd.dll -> PendingDelete
      Size . . . . . . . : 313,664 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:55)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : 8308DE776E78D2771FF87E3D81FE253E40F5CB2C37D3C26D413F6D3292C442D1
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\mcsc_wbfnpsfde.dll -> PendingDelete
      Size . . . . . . . : 2,767,168 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:55)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : BFD35DB81AF40D8E1F270AEC08B4A219C76D739EE5BC7C027991395A24CDEB9D
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\mcsky_ggyphutqp.dll -> PendingDelete
      Size . . . . . . . : 1,386,816 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:54)
      Entropy  . . . . . : 6.3
      SHA-256  . . . . . : 4EA8F65DB05C7C4DE3116233F8E227F8C0CF4F32D61A44FD86440CA463B458D0
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\mcy_tebsx.dll -> PendingDelete
      Size . . . . . . . : 231,744 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:54)
      Entropy  . . . . . : 6.2
      SHA-256  . . . . . : 79EC49F61E8A24003CCC60AB9676E4410F282E130E3B9E50A3BD577FF693E176
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Bitdefender  . . . : Gen:Variant.Application.Keylogger.WebWatcher.18
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\proxy.dll -> PendingDelete
      Size . . . . . . . : 313,664 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:54)
      Entropy  . . . . . : 6.5
      SHA-256  . . . . . : 79E186BB65541311E18BABB7FF6044A61F9CA9FE811DF470316A09404EB5901C
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 101.0

   C:\Windows\SysWOW64\qmmod\shim_idadgtlsp.dll -> PendingDelete
      Size . . . . . . . : 276,800 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:55)
      Entropy  . . . . . : 6.3
      SHA-256  . . . . . : BD01532D198EEE7E842C668A2759762CC6246DD1E40386A7C0C0FDF5EE8D8F9F
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Bitdefender  . . . : Gen:Variant.Application.Keylogger.WebWatcher.12
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 101.0

   c:\windows\syswow64\qmmod\svcboot_acqoscbus.dll -> PendingDelete
      Size . . . . . . . : 239,936 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:58)
      Entropy  . . . . . : 6.3
      SHA-256  . . . . . : F9CC702278079FB100268E17938B442F7614D6283D3B8484C4203D51AB377B92
      RSA Key Size . . . : 2048
      Service  . . . . . : svcboot_acqoscbus
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 104.0
      Startup
         HKLM\SYSTEM\CurrentControlSet\Services\svcboot_acqoscbus\
     
    GRAHAM WESTON,
    #4
  6. 2016/04/02
    GRAHAM WESTON

    GRAHAM WESTON Well-Known Member Thread Starter

    Joined:
    2002/07/30
    Messages:
    371
    Likes Received:
    0
    Potential Unwanted Programs _________________________________________________

    HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}\ (CouponBar) -> Deleted
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\SMupdate2\ (SearchModulePlus) -> Deleted
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Multimedia\SMupdate3\ (SearchModulePlus) -> Deleted
    HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}\ (CouponBar) -> Deleted
    HKU\S-1-5-21-3374131861-1103260440-2687298924-1000\SOFTWARE\Classes\*\ShellEx\ContextMenuHandlers\SysMenuExt\ (YTDownloader) -> Deleted
    HKU\S-1-5-21-3374131861-1103260440-2687298924-1000_Classes\*\ShellEx\ContextMenuHandlers\SysMenuExt\ (YTDownloader) -> PendingDelete

    Cookies _____________________________________________________________________

    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:abmr.net
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:adaptv.advertising.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:addthis.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:adgrx.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:adnxs.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.deliverimp.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.fdma-media.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:adsrvr.org
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:adsymptotic.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechjp.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:agkn.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:basebanner.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:bidr.io
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:bidswitch.net
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:bluekai.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:chango.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:contextweb.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:crwdcntrl.net
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:demdex.net
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:dmtry.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:dpm.demdex.net
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:everesttech.net
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:flashtalking.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:gwallet.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:imrworldwide.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:kontera.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:lijit.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:liverail.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:mathtag.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:nexac.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:eek:penx.net
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:eek:wneriq.net
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:pagefair.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:pixel.rubiconproject.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:pubmatic.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:rfihub.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:rhythmxchange.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:rlcdn.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:rtbidder.net
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:rubiconproject.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:scorecardresearch.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:simpli.fi
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:sitescout.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:tapad.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:tidaltv.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:turn.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:w55c.net
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:wtp101.com
    C:\Users\kiungaman\AppData\Local\Microsoft\Windows\INetCookies\Low\RF8JGD3T.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\0I2C3TNM.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\123JV1Z2.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\13Q2ETQ0.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\1FHWNIWS.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\1N18GJWV.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\1P63VPGW.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\1PLPG5DK.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\22UFK538.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\24KAGGAU.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\2K38NCL0.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\2KT3KLE5.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\2LH1ORRN.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\2UUFL76C.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\3400D10E.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\3BLG5H62.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\3NX43V8U.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\4BG16CPN.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\5I3MGEJI.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\62EW3LC6.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\630ERE8R.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\6NBQ8GP2.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\6TIDP7U2.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\6YPPFRFV.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\7DGJUSNU.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\7PR46X3H.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\7Y1PNE0L.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\92GH35V6.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\9GNSRH88.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\BVMEL1XZ.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\BYZXET3M.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\C61CZKC0.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\C7MFO97X.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\C8LHSOVL.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\CQU7QNJJ.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\DEI2OKL1.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\DG9CUWTO.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\EEHJVBW4.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\F38CDIKF.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\FL9INMUC.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\FV2ZLMSS.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\G8M3G27Z.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\IH8P2R7X.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\KBHOY301.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\KBR6HMPK.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\KEHAG38M.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\KNZUVGMB.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\L7W1UOYP.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\LRCMU22B.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\MMCRJNWI.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\MYZ5Q94Y.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\N3T75F5D.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\NLJX9RHS.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\NX56JWEA.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\O1TBZ044.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\OKGCPKRY.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\OS990OGN.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\P13Y0YXC.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\QA3PHJTE.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\QKX2QZ1G.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\QOMM6EB8.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\RGI4DJWW.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\RHDBBSQ3.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\RTDZ4XKF.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\S0OX691S.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\S1GIHN36.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\S510LRHG.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\T0Y3LU0F.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\U5GQC2WD.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\ULG1TX53.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\UNEXKNNF.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\UXKEAFSH.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VTVVBF92.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\WKJRFTJO.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\X83TD268.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\XYOIFBQQ.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\Y56MXD6I.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\YALCOAJG.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\YMI6OE52.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\ZSNJX32P.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\0LT8JFUC.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\8K2E9IPQ.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\9ACPZTXS.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\LK5HKI6K.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\NYM3IA61.txt


    [/code]
     
    GRAHAM WESTON,
    #5
  7. 2016/04/02
    GRAHAM WESTON

    GRAHAM WESTON Well-Known Member Thread Starter

    Joined:
    2002/07/30
    Messages:
    371
    Likes Received:
    0
    Code:
    HitmanPro 3.7.13.258
www.hitmanpro.com

   Computer name . . . . : KIUNGAMAN-PC
   Windows . . . . . . . : 10.0.0.10586.X64/2
   User name . . . . . . : kiungaman-PC\kiungaman
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Paid (1095 days left)

   Scan date . . . . . . : 2016-03-30 23:38:44
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 6m 8s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : Yes

   Threats . . . . . . . : 19
   Traces  . . . . . . . : 214

   Objects scanned . . . : 2,013,423
   Files scanned . . . . : 55,116
   Remnants scanned  . . : 537,908 files / 1,420,399 keys

Malware _____________________________________________________________________

   C:\Users\kiungaman\AppData\Roaming\ZHP\Quarantine\kpfmidcdnfpaamdaobjiiamaihdigaoj\2_0\1399311.dll -> Deleted
      Size . . . . . . . : 2,382,144 bytes
      Age  . . . . . . . : 0.0 days (2016-03-30 22:52:56)
      Entropy  . . . . . : 5.9
      SHA-256  . . . . . : EECD8D6A064A420A0DCF2C21E31FF56C2A5413131C12231ADEBA0E3E05A8F12D
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0
      Forensic Cluster
         -3.1s C:\Users\kiungaman\AppData\Roaming\ZHP\ZHPCleaner.txt
         -3.1s C:\Users\kiungaman\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
         -3.0s C:\Users\kiungaman\AppData\Roaming\ZHP\Quarantine\
         -3.0s C:\Users\kiungaman\AppData\Roaming\ZHP\Quarantine\hosts
          0.0s C:\Users\kiungaman\AppData\Roaming\ZHP\Quarantine\kpfmidcdnfpaamdaobjiiamaihdigaoj\2_0\
          0.0s C:\Users\kiungaman\AppData\Roaming\ZHP\Quarantine\kpfmidcdnfpaamdaobjiiamaihdigaoj\2_0\1399311.dll
          0.1s C:\Users\kiungaman\AppData\Roaming\ZHP\Quarantine\kpfmidcdnfpaamdaobjiiamaihdigaoj\2_0\background.js
          0.1s C:\Users\kiungaman\AppData\Roaming\ZHP\Quarantine\kpfmidcdnfpaamdaobjiiamaihdigaoj\2_0\background.html
          0.1s C:\Users\kiungaman\AppData\Roaming\ZHP\Quarantine\kpfmidcdnfpaamdaobjiiamaihdigaoj\2_0\icon_128.png
          0.1s C:\Users\kiungaman\AppData\Roaming\ZHP\Quarantine\kpfmidcdnfpaamdaobjiiamaihdigaoj\2_0\manifest.json

   C:\Windows\SysWOW64\qmmod\ccp_fanfi.dll -> PendingDelete
      Size . . . . . . . : 362,816 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:54)
      Entropy  . . . . . : 6.5
      SHA-256  . . . . . : 0CB0241EF73255B41B4A5C7844ED56E0A7284D0E91A4C65EE83F14A6DA7BC8D8
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\Director_ckmilhiyu.dll -> PendingDelete
      Size . . . . . . . : 2,533,696 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:55)
      Entropy  . . . . . : 6.6
      SHA-256  . . . . . : E6A4F5C8EEB35C58DE46C72CB001BFC80A431B5E121359965E65FB00048ABE8D
      Version  . . . . . : 8.2.24.1135
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\dprx_cbgfsolzl.dll -> PendingDelete
      Size . . . . . . . : 284,992 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:54)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : 26E789F3075D7DE4B7F97CFD24A61A7EA2E0805CAEFE026612D8529F4720E9C7
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\mca_nclbu.dll -> PendingDelete
      Size . . . . . . . : 538,944 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:54)
      Entropy  . . . . . : 6.6
      SHA-256  . . . . . : D149FDBEFB184E6EFCDE5BE44C5291E26215609F18442817D70D5CC998264F51
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\mcapp_bkaiggdje.dll -> PendingDelete
      Size . . . . . . . : 239,936 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:55)
      Entropy  . . . . . : 6.2
      SHA-256  . . . . . : 23F3F485C33DC747F03EDB54ECEABF272954C7358C9EE3E336C45EA9F032AAD6
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\mcff_swusketgz.dll -> PendingDelete
      Size . . . . . . . : 563,520 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:55)
      Entropy  . . . . . : 6.6
      SHA-256  . . . . . : 168A7CC39CEF73CB2B433C9FF21A9EB46E875EC4DD919AFB36F1845B46D69597
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\mcgc_lreoi.dll -> PendingDelete
      Size . . . . . . . : 3,316,032 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:54)
      Entropy  . . . . . : 6.3
      SHA-256  . . . . . : BB17AF8E0757C3537F17690089114DF2C902C0B3B30AA5912B3F07AEB7294D61
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\mcie_uuqwqxnci.dll -> PendingDelete
      Size . . . . . . . : 2,971,968 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:55)
      Entropy  . . . . . : 6.2
      SHA-256  . . . . . : C8A8ACB66EB53CA82C31385BE3588468F63F38B4E04D9CF283001C0751607872
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\mck_rnepv.dll -> PendingDelete
      Size . . . . . . . : 2,812,224 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:54)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 4ED4B0D36EB6C5A0E4312F60E5B9935F264F7661DF8BA3F455E8D7D4D67DA2EB
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\mclmd_epoacytkt.dll -> PendingDelete
      Size . . . . . . . : 248,128 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:54)
      Entropy  . . . . . : 6.3
      SHA-256  . . . . . : 3DDE5A2B16ABAC0870937439C413B2FA08BFF81774F9250C08E9446F834BF0D6
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\mcmsg_cahutsjcy.dll -> PendingDelete
      Size . . . . . . . : 231,744 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:55)
      Entropy  . . . . . : 6.3
      SHA-256  . . . . . : CCED4C27813C0B7FB9FB7CF4C0FEC129BAB63DD1FDD28947108458DC570EBB4A
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\mcoexp_eweghlofd.dll -> PendingDelete
      Size . . . . . . . : 313,664 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:55)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : 8308DE776E78D2771FF87E3D81FE253E40F5CB2C37D3C26D413F6D3292C442D1
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\mcsc_wbfnpsfde.dll -> PendingDelete
      Size . . . . . . . : 2,767,168 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:55)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : BFD35DB81AF40D8E1F270AEC08B4A219C76D739EE5BC7C027991395A24CDEB9D
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\mcsky_ggyphutqp.dll -> PendingDelete
      Size . . . . . . . : 1,386,816 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:54)
      Entropy  . . . . . : 6.3
      SHA-256  . . . . . : 4EA8F65DB05C7C4DE3116233F8E227F8C0CF4F32D61A44FD86440CA463B458D0
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\mcy_tebsx.dll -> PendingDelete
      Size . . . . . . . : 231,744 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:54)
      Entropy  . . . . . : 6.2
      SHA-256  . . . . . : 79EC49F61E8A24003CCC60AB9676E4410F282E130E3B9E50A3BD577FF693E176
      Product
      Publisher
      Description
      Version  . . . . . : 8.2.24.1135
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Bitdefender  . . . : Gen:Variant.Application.Keylogger.WebWatcher.18
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 98.0

   C:\Windows\SysWOW64\qmmod\proxy.dll -> PendingDelete
      Size . . . . . . . : 313,664 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:54)
      Entropy  . . . . . : 6.5
      SHA-256  . . . . . : 79E186BB65541311E18BABB7FF6044A61F9CA9FE811DF470316A09404EB5901C
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 101.0

   C:\Windows\SysWOW64\qmmod\shim_idadgtlsp.dll -> PendingDelete
      Size . . . . . . . : 276,800 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:55)
      Entropy  . . . . . : 6.3
      SHA-256  . . . . . : BD01532D198EEE7E842C668A2759762CC6246DD1E40386A7C0C0FDF5EE8D8F9F
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Bitdefender  . . . : Gen:Variant.Application.Keylogger.WebWatcher.12
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 101.0

   c:\windows\syswow64\qmmod\svcboot_acqoscbus.dll -> PendingDelete
      Size . . . . . . . : 239,936 bytes
      Age  . . . . . . . : 449.0 days (2015-01-07 00:43:58)
      Entropy  . . . . . : 6.3
      SHA-256  . . . . . : F9CC702278079FB100268E17938B442F7614D6283D3B8484C4203D51AB377B92
      RSA Key Size . . . : 2048
      Service  . . . . . : svcboot_acqoscbus
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Monitor.Win32.WebWatcher.gen
      Fuzzy  . . . . . . : 104.0
      Startup
         HKLM\SYSTEM\CurrentControlSet\Services\svcboot_acqoscbus\
     
    GRAHAM WESTON,
    #6
  8. 2016/04/02
    GRAHAM WESTON

    GRAHAM WESTON Well-Known Member Thread Starter

    Joined:
    2002/07/30
    Messages:
    371
    Likes Received:
    0
    Potential Unwanted Programs _________________________________________________

    HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}\ (CouponBar) -> Deleted
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\SMupdate2\ (SearchModulePlus) -> Deleted
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Multimedia\SMupdate3\ (SearchModulePlus) -> Deleted
    HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}\ (CouponBar) -> Deleted
    HKU\S-1-5-21-3374131861-1103260440-2687298924-1000\SOFTWARE\Classes\*\ShellEx\ContextMenuHandlers\SysMenuExt\ (YTDownloader) -> Deleted
    HKU\S-1-5-21-3374131861-1103260440-2687298924-1000_Classes\*\ShellEx\ContextMenuHandlers\SysMenuExt\ (YTDownloader) -> PendingDelete

    Cookies _____________________________________________________________________

    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:abmr.net
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:adaptv.advertising.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:addthis.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:adgrx.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:adnxs.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.deliverimp.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.fdma-media.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:adsrvr.org
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:adsymptotic.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechjp.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:agkn.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:basebanner.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:bidr.io
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:bidswitch.net
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:bluekai.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:chango.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:contextweb.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:crwdcntrl.net
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:demdex.net
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:dmtry.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:dpm.demdex.net
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:everesttech.net
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:flashtalking.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:gwallet.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:imrworldwide.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:kontera.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:lijit.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:liverail.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:mathtag.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:nexac.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:eek:penx.net
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:eek:wneriq.net
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:pagefair.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:pixel.rubiconproject.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:pubmatic.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:rfihub.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:rhythmxchange.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:rlcdn.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:rtbidder.net
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:rubiconproject.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:scorecardresearch.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:simpli.fi
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:sitescout.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:tapad.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:tidaltv.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:turn.com
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:w55c.net
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cookies:wtp101.com
    C:\Users\kiungaman\AppData\Local\Microsoft\Windows\INetCookies\Low\RF8JGD3T.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\0I2C3TNM.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\123JV1Z2.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\13Q2ETQ0.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\1FHWNIWS.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\1N18GJWV.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\1P63VPGW.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\1PLPG5DK.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\22UFK538.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\24KAGGAU.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\2K38NCL0.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\2KT3KLE5.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\2LH1ORRN.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\2UUFL76C.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\3400D10E.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\3BLG5H62.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\3NX43V8U.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\4BG16CPN.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\5I3MGEJI.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\62EW3LC6.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\630ERE8R.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\6NBQ8GP2.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\6TIDP7U2.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\6YPPFRFV.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\7DGJUSNU.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\7PR46X3H.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\7Y1PNE0L.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\92GH35V6.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\9GNSRH88.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\BVMEL1XZ.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\BYZXET3M.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\C61CZKC0.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\C7MFO97X.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\C8LHSOVL.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\CQU7QNJJ.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\DEI2OKL1.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\DG9CUWTO.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\EEHJVBW4.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\F38CDIKF.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\FL9INMUC.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\FV2ZLMSS.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\G8M3G27Z.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\IH8P2R7X.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\KBHOY301.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\KBR6HMPK.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\KEHAG38M.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\KNZUVGMB.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\L7W1UOYP.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\LRCMU22B.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\MMCRJNWI.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\MYZ5Q94Y.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\N3T75F5D.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\NLJX9RHS.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\NX56JWEA.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\O1TBZ044.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\OKGCPKRY.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\OS990OGN.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\P13Y0YXC.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\QA3PHJTE.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\QKX2QZ1G.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\QOMM6EB8.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\RGI4DJWW.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\RHDBBSQ3.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\RTDZ4XKF.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\S0OX691S.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\S1GIHN36.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\S510LRHG.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\T0Y3LU0F.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\U5GQC2WD.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\ULG1TX53.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\UNEXKNNF.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\UXKEAFSH.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VTVVBF92.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\WKJRFTJO.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\X83TD268.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\XYOIFBQQ.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\Y56MXD6I.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\YALCOAJG.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\YMI6OE52.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\ZSNJX32P.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\0LT8JFUC.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\8K2E9IPQ.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\9ACPZTXS.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\LK5HKI6K.txt
    C:\Users\kiungaman\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\NYM3IA61.txt


    [/code]
     
    GRAHAM WESTON,
    #7
  9. 2016/04/02
    GRAHAM WESTON

    GRAHAM WESTON Well-Known Member Thread Starter

    Joined:
    2002/07/30
    Messages:
    371
    Likes Received:
    0
    Zoek.exe v5.0.0.1 Updated 31-December-2015
    Tool run by kiungaman on Thu 03/31/2016 at 0:21:19.08.
    Microsoft Windows 10 Home 10.0.10586 x64
    Running in: Normal Mode Internet Access Detected
    Launched: C:\Users\kiungaman\Desktop\zoek.exe [Scan all users] [Script inserted]

    ==== System Restore Info ======================

    3/31/2016 12:25:14 AM Zoek.exe System Restore Point Created Successfully.

    ==== Empty Folders Check ======================

    C:\PROGRA~2\MSXML 4.0 deleted successfully
    C:\Program Files\HitmanPro deleted successfully
    C:\PROGRA~3\Comms deleted successfully
    C:\PROGRA~3\SoftwareDistribution deleted successfully
    C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully
    C:\Users\kiungaman\AppData\Local\ActiveSync deleted successfully
    C:\Users\kiungaman\AppData\Local\CutePDF Writer deleted successfully
    C:\Users\kiungaman\AppData\Local\EmieBrowserModeList deleted successfully
    C:\Users\kiungaman\AppData\Local\EmieSiteList deleted successfully
    C:\Users\kiungaman\AppData\Local\EmieUserList deleted successfully
    C:\Users\kiungaman\AppData\Local\NetworkTiles deleted successfully
    C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully

    ==== Deleting CLSID Registry Keys ======================

    HKEY_USERS\S-1-5-21-3374131861-1103260440-2687298924-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{360ced99-50f6-4a9d-abf0-9fe2656ec0dd} deleted successfully

    ==== Deleting CLSID Registry Values ======================


    ==== Installed Programs ======================

    æTorrent
    Adobe Acrobat Reader DC
    Adobe Flash Player 21 NPAPI
    Adobe Refresh Manager
    Avast Premier
    CameraHelperMsi
    Canon MG2100 series MP Drivers
    Canon MP Navigator EX 5.0
    Canon Utilities CameraWindow DC 8
    Canon Utilities ImageBrowser EX
    Canon Utilities PhotoStitch
    CanoScan Toolbox Ver4.9
    CCleaner
    CDBurnerXP
    Conexant HD Audio
    Cucusoft Auto Update 1.0.5
    Cucusoft Net Guard 2.3.4.1
    CutePDF Writer 3.0
    D3DX10
    Debut Video Capture Software
    Dropbox
    Dropbox Update Helper
    e-tax 2015
    erLT
    Extended Asian Language font pack for Adobe Acrobat Reader DC
    Free Screen Capture
    Google Chrome
    Google Earth
    Google Earth Pro
    Google Update Helper
    HP Customer Experience Enhancements
    HP Support Solutions Framework
    Intel(R) Graphics Media Accelerator Driver
    iSpy (64 bit)
    Java 8 Update 60
    Java Auto Updater
    Join Me
    Junk Mail filter update
    Logitech Webcam Software
    LWS Facebook
    LWS Gallery
    LWS Help_main
    LWS Launcher
    LWS Motion Detection
    LWS Pictures And Video
    LWS Twitter
    LWS Webcam Software
    LWS WLM Plugin
    LWS YouTube Plugin
    Malwarebytes Anti-Malware version 2.2.0.1024
    MFC RunTime files
    Microsoft .NET Framework 4.5.2
    Microsoft Application Error Reporting
    Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x64)
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Office 64-bit Components 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared 64-bit MUI (English) 2007
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Small Business 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Mobile Broadband Manager
    Mozilla Firefox 42.0 (x86 en-US)
    Mozilla Maintenance Service
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MyHarmony
    OpenOffice 4.1.1
    oPlayer
    PDF-Viewer
    PhotoPad Image Editor
    SafeZone Stable 1.46.1990.139
    Screen Capturer
    SearchDVS
    Security Update for Microsoft Office 2007 suites (KB2596650) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687409) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2881067) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2956110) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB3085549) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB3085616) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB3085620) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB3114742) 32-Bit Edition
    Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3114745) 32-Bit Edition
    Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3114900) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB3114741) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
    Security Update for Microsoft Office Outlook 2007 (KB2880510) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB3114429) 32-Bit Edition
    Security Update for Microsoft Office Publisher 2007 (KB2880506) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB3114901) 32-Bit Edition
    SkypeT 7.2
    Sony PC Companion 2.10.251
    Synaptics Pointing Device Driver
    System Requirements Lab for Intel
    Telstra Mobile Broadband Manager
    Telstra USB+Wi-Fi Hostless Modem
    Unity Web Player
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2965286) 32-Bit Edition
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 Help (KB963677)
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB3114894) 32-Bit Edition
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Publisher 2007 Help (KB963667)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    VLC media player
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Mail
    Windows Live MIME IFilter
    Windows Live Photo Common
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Yawcam 0.4.1
    ZTE Handset USB Driver
    ZTE LTE Device USB Driver

    ==== Running Processes ======================

    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Program Files\AVAST Software\Avast\afwServ.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\Cucusoft\AutoUpdate\AutoUpdateSrvc.exe
    C:\Program Files\Cucusoft\NetGuard\BandwidthGuardSrvc.sys
    C:\Program Files\Cucusoft\NetGuard\SysMsgProxySrvc.sys
    C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
    C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
    C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    C:\Users\kiungaman\Desktop\zoek.exe
    C:\WINDOWS\SysWOW64\cmd.exe
    C:\WINDOWS\SysWOW64\cmd.exe
    C:\WINDOWS\SysWOW64\cmd.exe

    ==== Deleting Services ======================


    ==== FireFox Fix ======================

    ProfilePath: C:\Users\KIUNGA~1\AppData\Roaming\Mozilla\Firefox\Profiles\7dnco16s.default

    user.js not found
    ---- FireFox user.js and prefs.js backups ----

    prefs_20160331_0108_.backup

    ==== Batch Command(s) Run By Tool======================

    Resetting Global, OK!
    Resetting Interface, OK!
    Resetting Unicast Address, OK!
    Resetting Neighbor, OK!
    Resetting Path, OK!
    Resetting , failed.
    Access is denied.

    Resetting , OK!
    Restart the computer to complete this action.


    ==== Deleting Files \ Folders ======================

    C:\Users\kiungaman\.android deleted
    C:\PROGRA~2\SearchDVS deleted
    C:\Users\kiungaman\AppData\Local\Unity deleted
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search Devices deleted
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
    C:\Users\kiungaman\AppData\LocalLow\Unity deleted
    C:\Users\KIUNGA~1\AppData\Roaming\Mozilla\Firefox\Profiles\7dnco16s.default\Yahoo Inc deleted
    "C:\Users\kiungaman\AppData\Local\{AAD69CC5-93A5-4213-B186-49FED7B1402D}" deleted

    ==== System Specs ======================

    Windows: Windows Version 6.2 (Build 9200)
    Memory (RAM): 4000 MB
    CPU Info: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
    CPU Speed: 2103.1 MHz
    Sound Card: Speakers (Conexant Pebble High |
    Display Adapters: Mobile Intel(R) 4 Series Express Chipset Family (Microsoft Corporation - WDDM 1.1) | Mobile Intel(R) 4 Series Express Chipset Family (Microsoft Corporation - WDDM 1.1)
    Monitors: 1x; Generic PnP Monitor |
    Screen Resolution: 1366 X 768 - 32 bit
    Network: Network Present
    Network Adapters: Intel(R) Centrino(R) Wireless-N 1000 | Realtek PCIe FE Family Controller | Microsoft Hosted Network Virtual Adapter
    CD / DVD Drives: 1x (D: | ) D: hp DVDRAM GT20L
    Ports: COM3 LPT Port NOT Present.
    Mouse: 5 Button Wheel Mouse Present
    Hard Disks: C: 698.2GB
    Hard Disks - Free: C: 271.5GB
    Manufacturer *: Hewlett-Packard
    BIOS Info: AT/AT COMPATIBLE | 10/14/09 | HPQOEM - 1
    Time Zone: E. Australia Standard Time
    Motherboard *: Hewlett-Packard 3612
    Country: United States
    Language: ENU

    ==== System Specs (Software) ======================

    Default Browser: Google Chrome 49.0.2623.87
    Internet Explorer Version: 11.162.10586.0
    Mozilla Firefox version: 42.0 (x86 en-US)
    Google Chrome version: 49.0.2623.87
    Adobe Reader version: 15.10.20056.167417
    Sun Java version: 1.8.0_60 (32-bit)
    Sun Java version: 1.8.0_60 (64-bit)
    Flash Player version: 21.0.0.197

    ==== Files Recently Created / Modified ======================

    ====== C:\WINDOWS ====
    2016-03-20 00:12:42 BAB034DBF3E695C68516D449CA952631 10449 ----a-w- C:\WINDOWS\diagerr.xml
    2016-03-20 00:12:42 692CA5EBC9E0CEF0A8D0BE4DF7400CEE 9528 ----a-w- C:\WINDOWS\diagwrn.xml
    ====== C:\Users\KIUNGA~1\AppData\Local\Temp ====
    ====== Java Cache =====
    ====== C:\WINDOWS\SysWOW64 =====
    2016-03-30 11:52:23 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 ----a-w- C:\WINDOWS\SysWOW64\subinacl.exe
    2016-03-20 19:20:35 EC21FC40C74206DAB19F1A8F9132EFAB 890368 ----a-w- C:\WINDOWS\SysWOW64\AppxPackaging.dll
    2016-03-20 19:20:35 E3C2853C8F2EED113646F07D62D08C9E 503296 ----a-w- C:\WINDOWS\SysWOW64\SettingSync.dll
    2016-03-20 19:20:35 C8F351BE29CEA63BC5EE5A175576B7F3 1105920 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
    2016-03-20 19:20:35 C86784A6F08E733BE19D62C82182FA7D 266752 ----a-w- C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
    2016-03-20 19:20:35 C117F577BB0CC6545EA181FBB3FACE99 980352 ----a-w- C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
    2016-03-20 19:20:35 B65549A1CDB2C827AD022A3F35994FCF 2180136 ----a-w- C:\WINDOWS\SysWOW64\mfcore.dll
    2016-03-20 19:20:35 B073C14F8B76DF8652415488C22F10A1 670928 ----a-w- C:\WINDOWS\SysWOW64\mfds.dll
    2016-03-20 19:20:35 AF209F751EB761084CEFE2CF10E1CE8D 895080 ----a-w- C:\WINDOWS\SysWOW64\mfsrcsnk.dll
    2016-03-20 19:20:35 A7583A49B0F4A91E5B2E154C3582DF82 420928 ----a-w- C:\WINDOWS\SysWOW64\msvproc.dll
    2016-03-20 19:20:35 A34EDEA5F401143A0190642EABA28518 709688 ----a-w- C:\WINDOWS\SysWOW64\mfsvr.dll
    2016-03-20 19:20:35 A19A2DDCC69FF16B5FB68AD4F02B564A 480256 ----a-w- C:\WINDOWS\SysWOW64\MCRecvSrc.dll
    2016-03-20 19:20:35 964DE3052B6A869EFBC86930DD51E8BD 379392 ----a-w- C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
    2016-03-20 19:20:35 8C2E49ACD2A820A3FA7C598B811F3803 450912 ----a-w- C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
    2016-03-20 19:20:35 888D41F5EFD6995491326C0DEEA2124A 713824 ----a-w- C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
    2016-03-20 19:20:35 5D676C1C350EA4976B888804444932CE 2061312 ----a-w- C:\WINDOWS\SysWOW64\MFMediaEngine.dll
    2016-03-20 19:20:35 49CF99392314B7CAD65DE8A05ABFE30D 882720 ----a-w- C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
    2016-03-20 19:20:35 463DA1563BB9C1849527967BA80C1810 287712 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
    2016-03-20 19:20:35 0C39C1CC2ABC5D88D586EA0D86E79EEE 2793472 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.dll
    2016-03-20 19:20:35 05B15BD9C92BE52F35A2295B22C5D892 168448 ----a-w- C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
    2016-03-20 19:20:32 B315EB17077EF082A79922D4EA47DBF4 163328 ----a-w- C:\WINDOWS\SysWOW64\fwbase.dll
    2016-03-20 19:20:32 9DEB4C56FAAB147839BF68B6C28A38FC 164864 ----a-w- C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
    2016-03-20 19:20:32 8BD7A79F9A8FF011B89A61C8AC796988 502112 ----a-w- C:\WINDOWS\SysWOW64\NetSetupEngine.dll
    2016-03-20 19:20:32 7734BD0E9C8ED7DC48F559A67D0A79F4 20480 ----a-w- C:\WINDOWS\SysWOW64\wfapigp.dll
    2016-03-20 19:20:32 550ECFF3C3808065169BFEA6C2B7837C 400896 ----a-w- C:\WINDOWS\SysWOW64\winspool.drv
    2016-03-20 19:20:32 162CB5DE3BAB5A029E658180A2E0673A 2919320 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll
    2016-03-20 19:20:32 160CC95D34D62B6A72F9E4E3EE52EBCC 369664 ----a-w- C:\WINDOWS\SysWOW64\FirewallAPI.dll
    2016-03-20 19:20:29 AD1B282BDE4A19D7CE2D405409DBB8D0 1497088 ----a-w- C:\WINDOWS\SysWOW64\WMPDMC.exe
    2016-03-20 19:20:28 780795062541AF34415CCCE4072FBBB8 12586496 ----a-w- C:\WINDOWS\SysWOW64\wmp.dll
    2016-03-20 19:20:27 22269B90E92BECDEB3D67EBE1DDB378E 3666432 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll
    2016-03-20 19:20:26 D641F5B6C115C334FD990827979028F3 18677760 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll
    2016-03-20 19:20:24 00CE414BA74B576960B559C8C2674106 19339776 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll
    2016-03-20 19:20:23 FABAF2C5E74BA9ADC07D28BB03F5C32A 349696 ----a-w- C:\WINDOWS\SysWOW64\NetSetupShim.dll
    2016-03-20 19:20:23 F40196C743D54C56C7C2CCDD6FDE262E 572272 ----a-w- C:\WINDOWS\SysWOW64\taskschd.dll
    2016-03-20 19:20:23 E83DA16178E4E97B572900803183419D 1542816 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll
    2016-03-20 19:20:23 CA57FE09C1255009C9AC1462B7D7264D 957608 ----a-w- C:\WINDOWS\SysWOW64\ole32.dll
    2016-03-20 19:20:23 AA20E6BCDC5A617F4333EE5EEE3CC79E 5661696 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll
    2016-03-20 19:20:23 9DB69A637142A6C72DF22706CF2F6F7B 31744 ----a-w- C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
    2016-03-20 19:20:23 97E96ABEBCB6CF556406781C47C5282A 78848 ----a-w- C:\WINDOWS\SysWOW64\asycfilt.dll
    2016-03-20 19:20:23 8CE4D365EF60DA0A098757371DD43752 88576 ----a-w- C:\WINDOWS\SysWOW64\olepro32.dll
    2016-03-20 19:20:23 7BB6C35792323E4761AC6624E2D42397 12125696 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll
    2016-03-20 19:20:23 76B9CA3DF18D9E116051652EB4CD2FF2 9919488 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll
    2016-03-20 19:20:23 5A98CF000F5202776E4A58438AB2E070 4412928 ----a-w- C:\WINDOWS\SysWOW64\ExplorerFrame.dll
    2016-03-20 19:20:23 4591BC3EC5FD8336642F8B94EABD4D4F 187744 ----a-w- C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
    2016-03-20 19:20:23 42248856CC8A2AE6642B5D1B170EAB35 450560 ----a-w- C:\WINDOWS\SysWOW64\SyncController.dll
    2016-03-20 19:20:23 2D0C2AB110A51895D9D1E875201013DE 1557768 ----a-w- C:\WINDOWS\SysWOW64\KernelBase.dll
    2016-03-20 19:20:23 2BECAD7E55AB723F361254477270ED2F 1707520 ----a-w- C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
    2016-03-20 19:20:23 197948552BE23DACBEF10ECC8168FD11 29696 ----a-w- C:\WINDOWS\SysWOW64\LaunchWinApp.exe
    2016-03-20 19:20:23 100E983F59F3BF3A3F8BFA327CF9B438 157184 ----a-w- C:\WINDOWS\SysWOW64\WiFiDisplay.dll
    2016-03-20 19:20:23 0C60922D59461C8D1B0A2AA3CF493438 21124344 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll
    2016-03-20 19:20:10 EB5DBA11B7C79B28A759AF12F03A17BB 769536 ----a-w- C:\WINDOWS\SysWOW64\ContactApis.dll
    2016-03-20 19:20:10 E34395496B11CF5C8C5B6D2E438BFA43 18944 ----a-w- C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
    2016-03-20 19:20:10 93B7ED5F44D9C3FB0A74C059E1B9E68B 89088 ----a-w- C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
    2016-03-20 19:20:10 75B5C1588D3703F44004D3EB2BD358AD 129024 ----a-w- C:\WINDOWS\SysWOW64\CallHistoryClient.dll
    2016-03-20 19:20:10 620737C11CD32E03299E0B60BC896230 552960 ----a-w- C:\WINDOWS\SysWOW64\AppointmentApis.dll
    2016-03-20 19:20:10 5A212173FC0622865F409B16ED77C9DF 98304 ----a-w- C:\WINDOWS\SysWOW64\AppointmentActivation.dll
    2016-03-20 19:20:10 56315A6A6598E701BB0A5F506DA6143E 200704 ----a-w- C:\WINDOWS\SysWOW64\cemapi.dll
    2016-03-20 19:20:10 4B9DE8EAA2E16C34E018749F325BAEFF 949248 ----a-w- C:\WINDOWS\SysWOW64\Unistore.dll
    2016-03-20 19:20:10 43AE8C9F7D031AB3DBEADA4C17D8C682 150528 ----a-w- C:\WINDOWS\SysWOW64\VCardParser.dll
    2016-03-20 19:20:10 3B1F2F6F89F3F4ED75C5FADDB2E7CFE1 56320 ----a-w- C:\WINDOWS\SysWOW64\POSyncServices.dll
    2016-03-20 19:20:10 39E7BAB659A6AB4419A908E578BE7029 56320 ----a-w- C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
    2016-03-20 19:20:10 395F9E50709FAE503C339047207E46CF 540160 ----a-w- C:\WINDOWS\SysWOW64\ChatApis.dll
    2016-03-20 19:20:10 392434472351B2DA0499AEC962E988CE 37888 ----a-w- C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
    2016-03-20 19:20:10 3547D79A60007624BFEBAFCAE158E992 169984 ----a-w- C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
    2016-03-20 19:20:10 31657EDEEA6039E71C708BDA61AB62D5 37888 ----a-w- C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
    2016-03-20 19:20:10 2C84609F09FD003FA955567D395EEA8A 575488 ----a-w- C:\WINDOWS\SysWOW64\EmailApis.dll
    2016-03-20 19:20:10 259517866C369BCC5990292BCB57E709 223744 ----a-w- C:\WINDOWS\SysWOW64\ExSMime.dll
    2016-03-20 19:20:10 242708810A22D373904539EDF39FFAD1 196608 ----a-w- C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
    2016-03-20 19:20:10 1AEBF2230422716D8CE1BEBCBAE961D3 48128 ----a-w- C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
    2016-03-20 19:20:09 FC90756CB632C0E4AC0D6A60AF2DF9AD 585216 ----a-w- C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
    2016-03-20 19:20:09 F7447D7EDE2E9F4FEC87143F5CC021F5 65536 ----a-w- C:\WINDOWS\SysWOW64\wininetlui.dll
    2016-03-20 19:20:09 EBD26D676238C0B3938AFF925043576F 394752 ----a-w- C:\WINDOWS\SysWOW64\werui.dll
    2016-03-20 19:20:09 E43400F37F8F0FA9281FEB64E3D7F72B 754176 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncCore.dll
    2016-03-20 19:20:09 DD73501C379ABF585DC7CC1765BE8E2E 303104 ----a-w- C:\WINDOWS\SysWOW64\atmfd.dll
    2016-03-20 19:20:09 DB6C9645A16676FDE0D730CB05D8F6E1 1443328 ----a-w- C:\WINDOWS\SysWOW64\SRHInproc.dll
    2016-03-20 19:20:09 D8DA5B9D54225B46242011154C9E417A 133632 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
    2016-03-20 19:20:09 D1817C1F148C21EC4403186D731DF042 540752 ----a-w- C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2016-03-20 19:20:09 CF342DCC0B8053DCABA7C5D30BE4B5C3 1500672 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll
    2016-03-20 19:20:09 CE9B87CDE4D7BCEA229D676720E28C6B 1859960 ----a-w- C:\WINDOWS\SysWOW64\CoreUIComponents.dll
    2016-03-20 19:20:09 CA2EA5401563387162E61444AE15AF59 53248 ----a-w- C:\WINDOWS\SysWOW64\profext.dll
    2016-03-20 19:20:09 C9B1E5A2FE0C7BF75B8B751311331EB4 2604032 ----a-w- C:\WINDOWS\SysWOW64\CertEnroll.dll
    2016-03-20 19:20:09 C97B5BEADC79FFC5DAF1C9011CAE796B 5242496 ----a-w- C:\WINDOWS\SysWOW64\windows.storage.dll
    2016-03-20 19:20:09 C406A5FDC8A1ECF2A9632F302B7D0EC3 294752 ----a-w- C:\WINDOWS\SysWOW64\msv1_0.dll
    2016-03-20 19:20:09 C23A52581FEA6CD49A49160BFA794BF7 6952088 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2016-03-20 19:20:09 C012CE3AB0120D01C75EDBB869AC463E 523752 ----a-w- C:\WINDOWS\SysWOW64\dxgi.dll
    2016-03-20 19:20:09 B014F98BEE810D5BF9F8C1C75F0EAD92 489984 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.dll
    2016-03-20 19:20:09 AC42505CBCEE5825BB2695C34E43B1D0 184832 ----a-w- C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
    2016-03-20 19:20:09 A8EF9AEDACF24908E12E910BF3977DC9 703840 ----a-w- C:\WINDOWS\SysWOW64\WWAHost.exe
    2016-03-20 19:20:09 A43688711B5DA91ED9FC159BB8F8AF14 646656 ----a-w- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
    2016-03-20 19:20:09 9B60985A87BA2FED9F57DA30F191098E 315904 ----a-w- C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
    2016-03-20 19:20:09 978D6640C869D7FA4FCDD877E4A5C2C7 93696 ----a-w- C:\WINDOWS\SysWOW64\fontsub.dll
    2016-03-20 19:20:09 952D6065F133D9525B399E6274CFE027 793600 ----a-w- C:\WINDOWS\SysWOW64\SRH.dll
    2016-03-20 19:20:09 88D538838692B2D66514301CCB37B4E7 83456 ----a-w- C:\WINDOWS\SysWOW64\InputLocaleManager.dll
    2016-03-20 19:20:09 856AD15FD2D187EA8435564A135C85C0 228352 ----a-w- C:\WINDOWS\SysWOW64\deviceaccess.dll
    2016-03-20 19:20:09 7F0A9630C78E3783680CC9620C4E09C0 6740992 ----a-w- C:\WINDOWS\SysWOW64\mstscax.dll
    2016-03-20 19:20:09 7A2A3BAAA05C8124D95B2915E904F900 141664 ----a-w- C:\WINDOWS\SysWOW64\wermgr.exe
    2016-03-20 19:20:09 6FA3485DB4DE58EE9E73597CAC493AB4 37376 ----a-w- C:\WINDOWS\SysWOW64\atmlib.dll
    2016-03-20 19:20:09 6DFDAD2B0EA3385069276DF547F4CAC8 2186864 ----a-w- C:\WINDOWS\SysWOW64\d3d11.dll
    2016-03-20 19:20:09 6DA0B412C0DD9DDB5382527488A5AD2E 237056 ----a-w- C:\WINDOWS\SysWOW64\thumbcache.dll
    2016-03-20 19:20:09 65D0043F608A12AF75ED37A65AFB906B 342528 ----a-w- C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
    2016-03-20 19:20:09 64B0C2833EB2501DAE37C0A9700BF48F 45568 ----a-w- C:\WINDOWS\SysWOW64\jsproxy.dll
    2016-03-20 19:20:09 594B272EA8C34067CD74AAE90EFFBE88 1626624 ----a-w- C:\WINDOWS\SysWOW64\dwmcore.dll
    2016-03-20 19:20:09 4D2E3D6BC01E7A5E9C6F9AFDBFAF98BB 220064 ----a-w- C:\WINDOWS\SysWOW64\sqmapi.dll
    2016-03-20 19:20:09 44F1D7984F8B7739EF7EF50DEC6B41B9 2229760 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll
    2016-03-20 19:20:09 3BFCD46B7D67D0B137BD54C2BE644C4A 161280 ----a-w- C:\WINDOWS\SysWOW64\InstallAgent.exe
    2016-03-20 19:20:09 38EE252AD45EB7D6834F718B9487D3F9 538736 ----a-w- C:\WINDOWS\SysWOW64\wer.dll
    2016-03-20 19:20:09 3249EA75874EE3DD3FCBA141656DF210 713728 ----a-w- C:\WINDOWS\SysWOW64\netlogon.dll
    2016-03-20 19:20:09 1ECA3CCBC61038D780FC179C9CB5F0CA 1944576 ----a-w- C:\WINDOWS\SysWOW64\InputService.dll
    2016-03-20 19:20:09 15E75D27F0C67A7A21D5A514601F0E5A 135168 ----a-w- C:\WINDOWS\SysWOW64\AppxSip.dll
    2016-03-20 19:20:09 05B81C404A34101E1DC17C0D9A67EA32 5321728 ----a-w- C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
    2016-03-20 19:20:09 053E2D136DB8A4743E4C40D5D979834B 200704 ----a-w- C:\WINDOWS\SysWOW64\DisplayManager.dll
    2016-03-20 19:04:24 BA8742F10E0737E814C166FCB1930698 114688 ----a-w- C:\WINDOWS\SysWOW64\CNC_AQU.dll
    2016-03-20 19:04:24 394B4D8622681D86D8224278A2A2E86E 63744 ----a-w- C:\WINDOWS\SysWOW64\CNC1751D.TBL
    2016-03-20 19:04:24 23588DC94FBBA00CE056FBF349AB2026 323584 ----a-w- C:\WINDOWS\SysWOW64\CNC_AQL.dll
    2016-03-20 19:04:23 D16CF34B17899F90A8FCF2A3F77B4A27 15872 ----a-w- C:\WINDOWS\SysWOW64\CNHMCA.dll
    2016-03-20 19:00:00 F432E0E5B0958F4982D40EB622FBD7FC 35480 ----a-w- C:\WINDOWS\SysWOW64\TsWpfWrp.exe
    2016-03-20 19:00:00 BF9CAA33ADD4C21C118148B5CFC5494B 778936 ----a-w- C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
    2016-03-20 19:00:00 6F391E9286733CC6B34FC0FAB23B8DF3 103120 ----a-w- C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2016-03-20 02:31:03 54CFBC46B064972BB4334788DC743B49 36746 ----a-w- C:\WINDOWS\SysWOW64\license.rtf
    2016-03-20 01:43:35 FC98FE7BF1E5FC006DA4F9F084901A54 965390 ----a-w- C:\WINDOWS\SysWOW64\PerfStringBackup.INI
    ====== C:\WINDOWS\SysWOW64\drivers =====
    ====== C:\WINDOWS\Sysnative =====
    2016-03-20 19:20:35 FEBBA212353E4FA90C6164AA970B772F 536256 ----a-w- C:\WINDOWS\Sysnative\AudioSes.dll
    2016-03-20 19:20:35 EB05F5368F8BBF75157B87FD1F689167 2581504 ----a-w- C:\WINDOWS\Sysnative\MFMediaEngine.dll
    2016-03-20 19:20:35 D79FFE2219AE3BA3B871BA2D39B16519 1152328 ----a-w- C:\WINDOWS\Sysnative\mfasfsrcsnk.dll
    2016-03-20 19:20:35 D12D3DD397A35EF06CDF41C1A9E3EE45 613376 ----a-w- C:\WINDOWS\Sysnative\SettingSync.dll
    2016-03-20 19:20:35 C9BFE1D6420BFADB249162039C321F63 1131520 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Audio.dll
    2016-03-20 19:20:35 C3F15E167CB84E2E6027AF17D49D5904 372224 ----a-w- C:\WINDOWS\Sysnative\MDEServer.exe
    2016-03-20 19:20:35 BD70B866034C1366D74CCBB5CA97395E 2544264 ----a-w- C:\WINDOWS\Sysnative\mfcore.dll
    2016-03-20 19:20:35 BC767AD01E4DAFD08C21D5D07CC290C9 567808 ----a-w- C:\WINDOWS\Sysnative\MCRecvSrc.dll
    2016-03-20 19:20:35 9C4C3EB6A2371A2038E2BB3A9D54CDE0 498448 ----a-w- C:\WINDOWS\Sysnative\MFCaptureEngine.dll
    2016-03-20 19:20:35 9610CE53A9ED0789C8B669A5F86008F7 1054208 ----a-w- C:\WINDOWS\Sysnative\audiosrv.dll
    2016-03-20 19:20:35 92F74BF86088520654BD5636A69E37F1 848168 ----a-w- C:\WINDOWS\Sysnative\mfsvr.dll
    2016-03-20 19:20:35 751F5B6AF16546162E06211AF1FC2979 794888 ----a-w- C:\WINDOWS\Sysnative\mfds.dll
    2016-03-20 19:20:35 6E76BB89EED6C2BD7B1E7B5F9A1C41F0 320000 ----a-w- C:\WINDOWS\Sysnative\MSFlacDecoder.dll
    2016-03-20 19:20:35 6E0BFE7FAFAC7B5D0C13062D5884B135 369912 ----a-w- C:\WINDOWS\Sysnative\audiodg.exe
    2016-03-20 19:20:35 669F733F85FEBE6F7438C66CBF7FD3FD 1062480 ----a-w- C:\WINDOWS\Sysnative\mfmp4srcsnk.dll
    2016-03-20 19:20:35 63F861960D2EA541831072D88E08EABA 3425792 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.dll
    2016-03-20 19:20:35 48E90F12346EE70764CEE435826ABD31 493568 ----a-w- C:\WINDOWS\Sysnative\mfmkvsrcsnk.dll
    2016-03-20 19:20:35 468D29ECE0AD7700B790A20FA2765313 408120 ----a-w- C:\WINDOWS\Sysnative\AUDIOKSE.dll
    2016-03-20 19:20:35 42BF7FA295F453618104B5A50BEE105B 275456 ----a-w- C:\WINDOWS\Sysnative\AudioEndpointBuilder.dll
    2016-03-20 19:20:35 350CFCC870E30BEE151F3DFB83BD0178 1017032 ----a-w- C:\WINDOWS\Sysnative\mfsrcsnk.dll
    2016-03-20 19:20:35 28343B7C30E6AF073B02288EB579D984 476728 ----a-w- C:\WINDOWS\Sysnative\msvproc.dll
    2016-03-20 19:20:35 218CEC10714AF029BF4D8BCE600AD1DA 819648 ----a-w- C:\WINDOWS\Sysnative\mfmpeg2srcsnk.dll
    2016-03-20 19:20:32 F9B6E75F16F92CB79F68DA3ABCB576E0 989536 ----a-w- C:\WINDOWS\Sysnative\SecConfig.efi
    2016-03-20 19:20:32 F6B9E6CB351D86A0C318B37E14B97656 196608 ----a-w- C:\WINDOWS\Sysnative\fwpolicyiomgr.dll
    2016-03-20 19:20:32 E9B10E704AD5B1BA5E531809C89A085B 93184 ----a-w- C:\WINDOWS\Sysnative\wpninprc.dll
    2016-03-20 19:20:32 C3D11EE0D07D6CAF9F8D4073B9F5579E 557056 ----a-w- C:\WINDOWS\Sysnative\PsmServiceExtHost.dll
    2016-03-20 19:20:32 AA97AC06BFA15DA23C7C9C145A226C2D 25600 ----a-w- C:\WINDOWS\Sysnative\wfapigp.dll
    2016-03-20 19:20:32 9AE80C03EA83537F17B286ECBBA13D43 184320 ----a-w- C:\WINDOWS\Sysnative\fwbase.dll
    2016-03-20 19:20:32 6A5290128257BC733107E7819648CA76 526336 ----a-w- C:\WINDOWS\Sysnative\FirewallAPI.dll
    2016-03-20 19:20:32 5C6B3AFF685A17163315276E86CE173E 696160 ----a-w- C:\WINDOWS\Sysnative\NetSetupEngine.dll
    2016-03-20 19:20:32 553F19DC6F3F73545CB17FCD7A8AE37B 870912 ----a-w- C:\WINDOWS\Sysnative\MPSSVC.dll
    2016-03-20 19:20:32 47323DE2A684895004CE63EC66FB4AB4 401408 ----a-w- C:\WINDOWS\Sysnative\sharemediacpl.dll
    2016-03-20 19:20:32 3D58D04A9269CE21B61960544A05573D 204288 ----a-w- C:\WINDOWS\Sysnative\NetSetupSvc.dll
    2016-03-20 19:20:29 C78D43083400B8FAE408FEB1E99F9DA8 1847808 ----a-w- C:\WINDOWS\Sysnative\WMPDMC.exe
    2016-03-20 19:20:27 E0932D924DA7C363F40E5B90DC9D2669 129536 ----a-w- C:\WINDOWS\Sysnative\flvprophandler.dll
    2016-03-20 19:20:27 40D666AEFB8775F25AA403EDB5D2414E 4894208 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll
    2016-03-20 19:20:27 3E80E2B0C0010154CC504DC51BE21968 14252544 ----a-w- C:\WINDOWS\Sysnative\wmp.dll
    2016-03-20 19:20:26 3ED081A1F371E63BC6DA0327E1E51D22 22376960 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll
    2016-03-20 19:20:24 408E62A03168C0016B986C80ECFD088C 24600576 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll
    2016-03-20 19:20:23 F01ADB9BD13B60B6AB9538447F901921 365568 ----a-w- C:\WINDOWS\Sysnative\atmfd.dll
    2016-03-20 19:20:23 EB850DDF36D7462F1ADC1B6A329CE266 7835648 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll
    2016-03-20 19:20:23 EA30B6E587862DF15E35525C60CCAFA9 838144 ----a-w- C:\WINDOWS\Sysnative\uDWM.dll
    2016-03-20 19:20:23 BF0B4D43097A7FEFE3F7F9EEC13C31FB 764928 ----a-w- C:\WINDOWS\Sysnative\Chakradiag.dll
    2016-03-20 19:20:23 A74CEC306AB99D74559F7075EDB60A9B 451584 ----a-w- C:\WINDOWS\Sysnative\werui.dll
    2016-03-20 19:20:23 96B060E7FDDD6E2902282C12C3BFD6AE 630632 ----a-w- C:\WINDOWS\Sysnative\fontdrvhost.exe
    2016-03-20 19:20:23 7185B16516478DF0061C2561C1B072CE 228352 ----a-w- C:\WINDOWS\Sysnative\wsqmcons.exe
    2016-03-20 19:20:23 68B34C3558BEE0F6B822FA603E9AE441 258280 ----a-w- C:\WINDOWS\Sysnative\sqmapi.dll
    2016-03-20 19:20:23 54E585CFCD208E460A70D1356CD489BE 13382656 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll
    2016-03-20 19:20:23 52623F9ED4D00357F3874DD31BB232FD 45568 ----a-w- C:\WINDOWS\Sysnative\atmlib.dll
    2016-03-20 19:20:23 2C8130AFF9C3F0E99DE4B52A0A187CB3 118272 ----a-w- C:\WINDOWS\Sysnative\fontsub.dll
    2016-03-20 19:20:23 2989A5B700D1C706ED496CCA75DCFA67 7533568 ----a-w- C:\WINDOWS\Sysnative\mstscax.dll
    2016-03-20 19:20:23 2985697A74DE409D53C6ACD2CD30FDAA 1818696 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll
    2016-03-20 19:20:23 186BAF9C9F422E6B784E4C990585E2E3 673792 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.dll
    2016-03-20 19:20:23 0088614FE67298E6996AD19B05AE90C7 1997328 ----a-w- C:\WINDOWS\Sysnative\KernelBase.dll
    2016-03-20 19:20:22 FF07BE14ED82E218C3EEE7C986118A2E 307712 ----a-w- C:\WINDOWS\Sysnative\usbmon.dll
    2016-03-20 19:20:22 F8083C536BEDE61AFB4069D8A8C16DA7 456704 ----a-w- C:\WINDOWS\Sysnative\ipnathlp.dll
    2016-03-20 19:20:22 F3FE9C939D684607118E306B98CEBBBC 22564328 ----a-w- C:\WINDOWS\Sysnative\shell32.dll
    2016-03-20 19:20:22 F0D97E9816795E1AAA17396ABD2660C4 4827136 ----a-w- C:\WINDOWS\Sysnative\ExplorerFrame.dll
    2016-03-20 19:20:22 E9A0D466F6D8EC349DB526146618BCB6 606720 ----a-w- C:\WINDOWS\Sysnative\wcmsvc.dll
    2016-03-20 19:20:22 D20C52607024BD08A88CF1CA6B339C9B 517632 ----a-w- C:\WINDOWS\Sysnative\winspool.drv
    2016-03-20 19:20:22 D1241DFC397FA8CCFB4BB4B63AAD31AC 755712 ----a-w- C:\WINDOWS\Sysnative\spoolsv.exe
    2016-03-20 19:20:22 A80237F337639402450C5F6CE9B75C94 474624 ----a-w- C:\WINDOWS\Sysnative\NetSetupShim.dll
    2016-03-20 19:20:22 A78E76034D230AFE6B74B57BAF8C8BF2 27648 ----a-w- C:\WINDOWS\Sysnative\WiFiConfigSP.dll
    2016-03-20 19:20:22 91038CB7820CFB27E7C9D10320307301 1390080 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Shell.dll
    2016-03-20 19:20:22 8AF0CBE3FC6129C42D7A2A73B681F226 1118208 ----a-w- C:\WINDOWS\Sysnative\localspl.dll
    2016-03-20 19:20:22 84ADBF35DAF6404148AE85973BE26D59 48640 ----a-w- C:\WINDOWS\Sysnative\wfdprov.dll
    2016-03-20 19:20:22 717FDDACE38C314CA5A517E12162CC6D 216576 ----a-w- C:\WINDOWS\Sysnative\QuickActionsDataModel.dll
    2016-03-20 19:20:22 6CA51117CDDB89DB6AE9F196B01C3491 389992 ----a-w- C:\WINDOWS\Sysnative\wlanapi.dll
    2016-03-20 19:20:22 610D0502400BDAFD4BB8EA10713234C7 74240 ----a-w- C:\WINDOWS\Sysnative\SMSRouter.dll
    2016-03-20 19:20:22 6072C7DB85FD3FE8D308EE44865C04DE 305664 ----a-w- C:\WINDOWS\Sysnative\wifiprofilessettinghandler.dll
    2016-03-20 19:20:22 557496EE056CEF8D1D569D2663BC701F 988160 ----a-w- C:\WINDOWS\Sysnative\SharedStartModel.dll
    2016-03-20 19:20:22 53AC4B2658807691D2A485EE0F8A50E9 463360 ----a-w- C:\WINDOWS\Sysnative\wlansec.dll
    2016-03-20 19:20:22 453740989239803FE363FF8B40EA2E08 2295808 ----a-w- C:\WINDOWS\Sysnative\wlansvc.dll
    2016-03-20 19:20:22 417D1526811D9646A7E8779209F11361 1213440 ----a-w- C:\WINDOWS\Sysnative\wwansvc.dll
    2016-03-20 19:20:22 3F8466CC13D1F614C8FAC24B1C030D59 214528 ----a-w- C:\WINDOWS\Sysnative\Windows.Devices.Scanners.dll
    2016-03-20 19:20:22 0ED8556CB47EC7689D0046791F3427AE 26112 ----a-w- C:\WINDOWS\Sysnative\wlansvcpal.dll
    2016-03-20 19:20:22 0D7BB44BFFFA4E153F4EA1E05522D2C3 37376 ----a-w- C:\WINDOWS\Sysnative\LaunchWinApp.exe
    2016-03-20 19:20:22 09918925526BC0B5B823CF1A2473D909 412672 ----a-w- C:\WINDOWS\Sysnative\wlanmsm.dll
    2016-03-20 19:20:22 043051E7D39381BC1DCA5B25236BBA72 11545600 ----a-w- C:\WINDOWS\Sysnative\twinui.dll
    2016-03-20 19:20:11 F2232A78D975E8F1B99DAC4873CBDC89 414720 ----a-w- C:\WINDOWS\Sysnative\bcastdvr.exe
    2016-03-20 19:20:11 F07301C282AA222C33F8C28B4F545275 591872 ----a-w- C:\WINDOWS\Sysnative\SmsRouterSvc.dll
    2016-03-20 19:20:11 E7588419770BDDB510741F734D290E27 1318912 ----a-w- C:\WINDOWS\Sysnative\wifinetworkmanager.dll
    2016-03-20 19:20:11 AE46FC3FC01DA2DC876D75776F5943B0 86528 ----a-w- C:\WINDOWS\Sysnative\AppCapture.dll
    2016-03-20 19:20:11 A9073B21B807C28A5A2246BB1440E823 1030416 ----a-w- C:\WINDOWS\Sysnative\winresume.efi
    2016-03-20 19:20:11 9BE5ECE2F17B3BEDE6FDE1175BD23266 376536 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.MediaControl.dll
    2016-03-20 19:20:11 9822B613AEB1CF24E05EFEE748160637 25088 ----a-w- C:\WINDOWS\Sysnative\irmon.dll
    2016-03-20 19:20:11 6817CD1A33EB94CDE8FBBCB7E3C4E469 1317640 ----a-w- C:\WINDOWS\Sysnative\winload.efi
    2016-03-20 19:20:11 5125BB69518578E5EDC4117BABF2A687 874968 ----a-w- C:\WINDOWS\Sysnative\winresume.exe
    2016-03-20 19:20:11 29C0CB42B16F323AB8003A73B7E81DD5 1141504 ----a-w- C:\WINDOWS\Sysnative\winload.exe
    2016-03-20 19:20:10 FB2FBCF8AD0DF4F8A50B1639F0256D83 555520 ----a-w- C:\WINDOWS\Sysnative\SyncController.dll
    2016-03-20 19:20:10 EEA1E99FBC7D91A1A271012F2B4567BB 60416 ----a-w- C:\WINDOWS\Sysnative\PimIndexMaintenanceClient.dll
    2016-03-20 19:20:10 EBD07BD20B5E0E92A398566EF8720F79 31232 ----a-w- C:\WINDOWS\Sysnative\seclogon.dll
    2016-03-20 19:20:10 EA195B8BC11C1CDB313CFD456EFFA0E9 997376 ----a-w- C:\WINDOWS\Sysnative\schedsvc.dll
    2016-03-20 19:20:10 E78793375E53690605E4441078CCBF84 87552 ----a-w- C:\WINDOWS\Sysnative\AppxSysprep.dll
    2016-03-20 19:20:10 E4AFFF129D51A779B75164CB6D077FC1 1831936 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll
    2016-03-20 19:20:10 E432FCF8572682126C3362AA856DC4AE 221184 ----a-w- C:\WINDOWS\Sysnative\PhoneCallHistoryApis.dll
    2016-03-20 19:20:10 DD877B48C28AB34197AD88902971B81D 45056 ----a-w- C:\WINDOWS\Sysnative\UserDataLanguageUtil.dll
    2016-03-20 19:20:10 DD57E9F1482E1A9BD2514F6D017DF58A 258560 ----a-w- C:\WINDOWS\Sysnative\UserDataAccountApis.dll
    2016-03-20 19:20:10 DAFECF80513C6E6892BBEBB48D555A31 115712 ----a-w- C:\WINDOWS\Sysnative\srpapi.dll
    2016-03-20 19:20:10 DAB53783AD08864E873A6B7B874D1783 3671888 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll
    2016-03-20 19:20:10 D4170CA7268AEDE7DE43EE54D7C8F639 256512 ----a-w- C:\WINDOWS\Sysnative\accountaccessor.dll
    2016-03-20 19:20:10 D169A4C1EDA2F63545628420014F2FE3 808800 ----a-w- C:\WINDOWS\Sysnative\WWAHost.exe
    2016-03-20 19:20:10 CB902A15DD21B363FECA5DCCF34F5C57 1224704 ----a-w- C:\WINDOWS\Sysnative\Unistore.dll
    2016-03-20 19:20:10 C6856D20BE1DB90407C9154B0EC319B9 77824 ----a-w- C:\WINDOWS\Sysnative\provpackageapidll.dll
    2016-03-20 19:20:10 BE8C62B0B7BBA8F1152A6A7FCF248404 915456 ----a-w- C:\WINDOWS\Sysnative\configurationclient.dll
    2016-03-20 19:20:10 B6877446C93D3110E56C90CF13CBEC89 45568 ----a-w- C:\WINDOWS\Sysnative\UserDataTypeHelperUtil.dll
    2016-03-20 19:20:10 B58CE40AC84F1B068A2004400E68245B 87040 ----a-w- C:\WINDOWS\Sysnative\MDMAppInstaller.exe
    2016-03-20 19:20:10 B37F21B4C25BF10605A196791F93E324 360448 ----a-w- C:\WINDOWS\Sysnative\vaultsvc.dll
    2016-03-20 19:20:10 9A3D731707AC0059E0ACBD4E8CDF46E6 1731584 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll
    2016-03-20 19:20:10 9972A886D911234F833A265D5D641D30 587776 ----a-w- C:\WINDOWS\Sysnative\bisrv.dll
    2016-03-20 19:20:10 9953FA89A4E3BC33296DAFB1ACFDC62F 617984 ----a-w- C:\WINDOWS\Sysnative\StorSvc.dll
    2016-03-20 19:20:10 98112F9B965646D338896FD7B13BB32E 1173344 ----a-w- C:\WINDOWS\Sysnative\aeinv.dll
    2016-03-20 19:20:10 96BAB1499995B85B91C312BA5114CA03 1322248 ----a-w- C:\WINDOWS\Sysnative\ole32.dll
    2016-03-20 19:20:10 95D2BD6AC94FB337AF69F8AFE056BEBE 147808 ----a-w- C:\WINDOWS\Sysnative\wermgr.exe
    2016-03-20 19:20:10 907B65AD953EA159B573A0BCC82F6DB0 243712 ----a-w- C:\WINDOWS\Sysnative\cemapi.dll
    2016-03-20 19:20:10 8EC4F381818F8A073DEC52C6D1ED9C76 86016 ----a-w- C:\WINDOWS\Sysnative\DeviceEnroller.exe
    2016-03-20 19:20:10 83012CF88DF6EC835B2308941B47CA8A 7474528 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe
    2016-03-20 19:20:10 80021DC2AF64B92F3FA8935C0D5C81D7 69632 ----a-w- C:\WINDOWS\Sysnative\wininetlui.dll
    2016-03-20 19:20:10 7E81E3E0D7F83BFE3C3975020B6C7F12 163840 ----a-w- C:\WINDOWS\Sysnative\TimeBrokerServer.dll
    2016-03-20 19:20:10 7C20F3EC0BA5ACB8ED40CDEF41B0AC56 779384 ----a-w- C:\WINDOWS\Sysnative\taskschd.dll
    2016-03-20 19:20:10 7BD715D15060E0B6E4AF222CA7120BD1 69632 ----a-w- C:\WINDOWS\Sysnative\EnterpriseDesktopAppMgmtCSP.dll
    2016-03-20 19:20:10 77B2F9C522467B1FC8770028D09534DB 91648 ----a-w- C:\WINDOWS\Sysnative\asycfilt.dll
    2016-03-20 19:20:10 7489ACBF86C3774E7EF0DC8C7616B07E 641536 ----a-w- C:\WINDOWS\Sysnative\enterprisecsps.dll
    2016-03-20 19:20:10 70BA4CAAC5D621DCE88082DA0B1FF014 23552 ----a-w- C:\WINDOWS\Sysnative\ExtrasXmlParser.dll
    2016-03-20 19:20:10 703430E9FFF072334B247B5E88428331 288768 ----a-w- C:\WINDOWS\Sysnative\vaultcli.dll
    2016-03-20 19:20:10 6F9775D843AA4595A3F60A60829B11A9 1098752 ----a-w- C:\WINDOWS\Sysnative\dosvc.dll
    2016-03-20 19:20:10 6E04BBE242E2889B37300C4DF5CE1126 3449168 ----a-w- C:\WINDOWS\Sysnative\WSService.dll
    2016-03-20 19:20:10 69B6B69C95E1FBDC796F5B2019A8B24D 791744 ----a-w- C:\WINDOWS\Sysnative\generaltel.dll
    2016-03-20 19:20:10 6855984AA46D2452A7C518787E1F2643 1996288 ----a-w- C:\WINDOWS\Sysnative\ActiveSyncProvider.dll
    2016-03-20 19:20:10 6807A6D971AA7A26245397ADDFE3B5D8 2755584 ----a-w- C:\WINDOWS\Sysnative\wininet.dll
    2016-03-20 19:20:10 61C99C1A4BB5EE14563ED321A859ACB6 726528 ----a-w- C:\WINDOWS\Sysnative\ChatApis.dll
    2016-03-20 19:20:10 5D88798FC34BB61C74256CDD66BDD205 318976 ----a-w- C:\WINDOWS\Sysnative\domgmt.dll
    2016-03-20 19:20:10 56027D21265759F4EADD0555E7915D9A 957952 ----a-w- C:\WINDOWS\Sysnative\SRH.dll
    2016-03-20 19:20:10 5548D83C60E37CBB1B451A1108D4142C 513888 ----a-w- C:\WINDOWS\Sysnative\devinv.dll
    2016-03-20 19:20:10 4C3A93515CA70A7017CBA3A6A95CF080 121856 ----a-w- C:\WINDOWS\Sysnative\AppointmentActivation.dll
    2016-03-20 19:20:10 45FDB4ACF680DF92D6510F77E7FF3E7F 713568 ----a-w- C:\WINDOWS\Sysnative\invagent.dll
    2016-03-20 19:20:10 3DF25A56F18D2AB4CF58C1300C8CD323 2158592 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll
    2016-03-20 19:20:10 39D5E08E69BFC5CBFA94EE09656D6427 1713664 ----a-w- C:\WINDOWS\Sysnative\SRHInproc.dll
    2016-03-20 19:20:10 3932940E0DB7A31B00A415F6B3D3E242 700416 ----a-w- C:\WINDOWS\Sysnative\AppointmentApis.dll
    2016-03-20 19:20:10 333F190DFAE2E1EE500234B78ADDA297 640472 ----a-w- C:\WINDOWS\Sysnative\wer.dll
    2016-03-20 19:20:10 2DDEA2BEDD3169F483C9BE610ADFE8B1 8705672 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Protection.PlayReady.dll
    2016-03-20 19:20:10 2BCCAEB08EAF8C5D6BD024B3F020D0EA 790528 ----a-w- C:\WINDOWS\Sysnative\EmailApis.dll
    2016-03-20 19:20:10 28CFFDB411375B2BBB0EBF295ABAEF29 382464 ----a-w- C:\WINDOWS\Sysnative\wuuhext.dll
    2016-03-20 19:20:10 2362BCA98EAF8CE0487664467F720861 178176 ----a-w- C:\WINDOWS\Sysnative\psmsrv.dll
    2016-03-20 19:20:10 215C9C65601378F56BEECDECBD1EF4AE 216416 ----a-w- C:\WINDOWS\Sysnative\AppxAllUserStore.dll
    2016-03-20 19:20:10 21098276051C6BEBBA7C8EB79AAF4E22 938496 ----a-w- C:\WINDOWS\Sysnative\ContactApis.dll
    2016-03-20 19:20:10 20E6B1B1F23615B5CF21AC3CE0A2E227 52224 ----a-w- C:\WINDOWS\Sysnative\jsproxy.dll
    2016-03-20 19:20:10 1A0945D67F0499600E7B43A69210EC5B 41984 ----a-w- C:\WINDOWS\Sysnative\TimeBrokerClient.dll
    2016-03-20 19:20:10 04F7878E7017105AB782353231561749 252928 ----a-w- C:\WINDOWS\Sysnative\PimIndexMaintenance.dll
    2016-03-20 19:20:10 023338E1DA5B6E5C2EFC7E5ADA7929C5 685568 ----a-w- C:\WINDOWS\Sysnative\scapi.dll
    2016-03-20 19:20:10 020AD2DA67F206DC160053F88454A0D4 111616 ----a-w- C:\WINDOWS\Sysnative\UserDataTimeUtil.dll
    2016-03-20 19:20:09 FF1FF1A83425C77D1CAFF9EC7AFA8C1F 108544 ----a-w- C:\WINDOWS\Sysnative\InputLocaleManager.dll
    2016-03-20 19:20:09 FF0F6AAD313DCD878D2ECF1BA0B32478 2624512 ----a-w- C:\WINDOWS\Sysnative\InputService.dll
    2016-03-20 19:20:09 FBC8C56814642A7CA88ACBCA8DD1121F 145408 ----a-w- C:\WINDOWS\Sysnative\dssvc.dll
     
    GRAHAM WESTON,
    #8
  10. 2016/04/02
    GRAHAM WESTON

    GRAHAM WESTON Well-Known Member Thread Starter

    Joined:
    2002/07/30
    Messages:
    371
    Likes Received:
    0
    32BB00E526E67EF 852480 ----a-w- C:\WINDOWS\Sysnative\Windows.ApplicationModel.Store.dll
    2016-03-20 19:20:09 F7526C133AC265F283012E9CD751F873 625000 ----a-w- C:\WINDOWS\Sysnative\ClipSVC.dll
    2016-03-20 19:20:09 F66EEB5365413D4B968C5B51D25F88B8 141560 ----a-w- C:\WINDOWS\Sysnative\AuthHost.exe
    2016-03-20 19:20:09 EAB4B1DD5E18EE57853ACD0156AE92E6 199168 ----a-w- C:\WINDOWS\Sysnative\InstallAgent.exe
    2016-03-20 19:20:09 E1D8055043DF089DB8ADB67C21DF2CC4 70656 ----a-w- C:\WINDOWS\Sysnative\POSyncServices.dll
    2016-03-20 19:20:09 DEFF4C7B937F60923980D4BB7D1724B8 274944 ----a-w- C:\WINDOWS\Sysnative\ExSMime.dll
    2016-03-20 19:20:09 CD8C4364BC6040C0226638EF37E13CBB 161280 ----a-w- C:\WINDOWS\Sysnative\CallHistoryClient.dll
    2016-03-20 19:20:09 C64B693DF26EB7BFF25F9BAD8B54D571 649216 ----a-w- C:\WINDOWS\Sysnative\ngcsvc.dll
    2016-03-20 19:20:09 C62ACC8B1B1136464583F871EBB4ACE1 1946624 ----a-w- C:\WINDOWS\Sysnative\dwmcore.dll
    2016-03-20 19:20:09 BEF109D45139E2646C116DD9B6E53E3C 847360 ----a-w- C:\WINDOWS\Sysnative\netlogon.dll
    2016-03-20 19:20:09 BAEFEFB04D7F9A554C029FBA52A02BB8 652392 ----a-w- C:\WINDOWS\Sysnative\dxgi.dll
    2016-03-20 19:20:09 B8CBDF64077D764D26E6E0255270B7BF 224256 ----a-w- C:\WINDOWS\Sysnative\PackageStateRoaming.dll
    2016-03-20 19:20:09 B174232356859EBB0CF8FA950119DA1E 159232 ----a-w- C:\WINDOWS\Sysnative\DeviceCensus.exe
    2016-03-20 19:20:09 AFAF7063071A1124985A63382B2BC34C 161792 ----a-w- C:\WINDOWS\Sysnative\AppxSip.dll
    2016-03-20 19:20:09 A407435633C74CB1D6911DC05A90D939 2912256 ----a-w- C:\WINDOWS\Sysnative\CertEnroll.dll
    2016-03-20 19:20:09 A34D9229F8D3A7164247213C9A283DB0 189952 ----a-w- C:\WINDOWS\Sysnative\WiFiDisplay.dll
    2016-03-20 19:20:09 A249C98D869623F1AF0DB4BCFFF6D2A8 68096 ----a-w- C:\WINDOWS\Sysnative\UserDataPlatformHelperUtil.dll
    2016-03-20 19:20:09 9CB84B6398F10BCF0CE357F2C7B6056D 286720 ----a-w- C:\WINDOWS\Sysnative\deviceaccess.dll
    2016-03-20 19:20:09 8CDC28FB78253481353A882FA3139FBB 2654872 ----a-w- C:\WINDOWS\Sysnative\CoreUIComponents.dll
    2016-03-20 19:20:09 8465AF051B7C887C0D163AB939FDF570 358752 ----a-w- C:\WINDOWS\Sysnative\msv1_0.dll
    2016-03-20 19:20:09 7C6B51E0233814D401905289AFD27BC5 1390592 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys
    2016-03-20 19:20:09 797497201A406D6CFDB72FE0545F990C 6972416 ----a-w- C:\WINDOWS\Sysnative\Windows.Data.Pdf.dll
    2016-03-20 19:20:09 7890990143812A452858058BBD52149F 297472 ----a-w- C:\WINDOWS\Sysnative\thumbcache.dll
    2016-03-20 19:20:09 722FA682ED9EA8B85FA843A5C8F39E61 2273792 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll
    2016-03-20 19:20:09 7118498F6E48758A2EF5A7D1982E2B62 1139712 ----a-w- C:\WINDOWS\Sysnative\XblGameSave.dll
    2016-03-20 19:20:09 6D31FB3E4263749BD994B3895322D799 982016 ----a-w- C:\WINDOWS\Sysnative\AppxPackaging.dll
    2016-03-20 19:20:09 5CBB046266CD7CD1593354C93BCDBE91 870400 ----a-w- C:\WINDOWS\Sysnative\modernexecserver.dll
    2016-03-20 19:20:09 5B5F518D6487FDCC9C40A74D3C72B8EE 828928 ----a-w- C:\WINDOWS\Sysnative\Windows.AccountsControl.dll
    2016-03-20 19:20:09 5B50521452D87A439A87B1EAEBC138C7 208896 ----a-w- C:\WINDOWS\Sysnative\storewuauth.dll
    2016-03-20 19:20:09 597AA6F5B21B1B15C87982FAFD1555EE 6607080 ----a-w- C:\WINDOWS\Sysnative\windows.storage.dll
    2016-03-20 19:20:09 50007CDB0F9801A7186F3E81D3377D12 2773096 ----a-w- C:\WINDOWS\Sysnative\d3d11.dll
    2016-03-20 19:20:09 497EB340D13433E8FE53625103E0C2D0 146432 ----a-w- C:\WINDOWS\Sysnative\AuthBroker.dll
    2016-03-20 19:20:09 46D84D62993CEB88542EFA438F4D6E82 167936 ----a-w- C:\WINDOWS\Sysnative\dafBth.dll
    2016-03-20 19:20:09 4098813724BDAC23A74DD6E75CA360CC 450560 ----a-w- C:\WINDOWS\Sysnative\Windows.Internal.Bluetooth.dll
    2016-03-20 19:20:09 405A419F4CDAC3C18F91FEDBD146C0A8 948736 ----a-w- C:\WINDOWS\Sysnative\XblAuthManager.dll
    2016-03-20 19:20:09 3EEB5260D4321F7F124955E1D228FDF2 274944 ----a-w- C:\WINDOWS\Sysnative\DisplayManager.dll
    2016-03-20 19:20:09 3CE8EBC0B1A74A7AC639C5FAFC549CCA 436736 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentClient.dll
    2016-03-20 19:20:09 32509061F29DA432B62336A4462ADEBF 3593216 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys
    2016-03-20 19:20:09 2E165E1CF278FC2B4959B825642A595B 558080 ----a-w- C:\WINDOWS\Sysnative\MBMediaManager.dll
    2016-03-20 19:20:09 2771EBB565F5C121E66060B173991D4D 1490432 ----a-w- C:\WINDOWS\Sysnative\UserDataService.dll
    2016-03-20 19:20:09 1D445E497D7BE9566D51BD60CA8B8CE7 175616 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Core.TextInput.dll
    2016-03-20 19:20:09 1D00BBEEE33FA7F64A8CBFF471968CB0 195072 ----a-w- C:\WINDOWS\Sysnative\VCardParser.dll
    2016-03-20 19:20:09 1C8474EF741ABA77E53BE94DE8E89D26 990720 ----a-w- C:\WINDOWS\Sysnative\SettingSyncCore.dll
    2016-03-20 19:20:09 15D174719872A30F2FDD6B5B1B8BA5D9 1613664 ----a-w- C:\WINDOWS\Sysnative\diagtrack.dll
    2016-03-20 19:20:09 0FEE16BB03B1A97A70121165E7414903 67584 ----a-w- C:\WINDOWS\Sysnative\profext.dll
    2016-03-20 19:20:09 04BB77409644685810DBD63D86F5720E 99328 ----a-w- C:\WINDOWS\Sysnative\ngckeyenum.dll
    2016-03-20 19:04:24 394B4D8622681D86D8224278A2A2E86E 63744 ----a-w- C:\WINDOWS\Sysnative\CNC1751D.TBL
    2016-03-20 19:04:23 E25B118D6E9E63213A09BC4C5A854CA5 302080 ----a-w- C:\WINDOWS\Sysnative\CNC_AQC.dll
    2016-03-20 19:04:23 CB8CF09BC70358283F836CF908A20A6D 112128 ----a-w- C:\WINDOWS\Sysnative\CNC_AQI.dll
    2016-03-20 19:04:23 493574E218AA18161D14EECFD572A0E8 17920 ----a-w- C:\WINDOWS\Sysnative\CNHMCA6.dll
    2016-03-20 19:04:23 2AFD59E7D575DAF78D5507D16304617D 373248 ----a-w- C:\WINDOWS\Sysnative\CNC_AQL.dll
    2016-03-20 18:59:50 E91942A0D00C6AA014B2EA33EE0ED0A3 35480 ----a-w- C:\WINDOWS\Sysnative\TsWpfWrp.exe
    2016-03-20 18:59:50 E2296A6174894682DF8F0FF29FDDCC82 1166520 ----a-w- C:\WINDOWS\Sysnative\PresentationNative_v0300.dll
    2016-03-20 18:59:49 C5FEF4B4A7FB961ECDB0AB07DBCF379E 124624 ----a-w- C:\WINDOWS\Sysnative\PresentationCFFRasterizerNative_v0300.dll
    2016-03-20 18:59:03 48E7F01CD9246CAF86702F5CB9100C9F 1087488 ----a-w- C:\WINDOWS\Sysnative\reseteng.dll
    2016-03-20 18:59:03 20B48DC4AF4492B31A756528444BDA8C 304752 ----a-w- C:\WINDOWS\Sysnative\systemreset.exe
    2016-03-20 02:31:03 54CFBC46B064972BB4334788DC743B49 36746 ----a-w- C:\WINDOWS\Sysnative\license.rtf
    2016-03-20 02:15:17 878E2D592919136A511A637A6780B66E 22744 ----a-w- C:\WINDOWS\Sysnative\emptyregdb.dat
    2016-03-20 01:43:46 037B3A0F612BE00B4D1ADA1B3EF169B5 1009628 ----a-w- C:\WINDOWS\Sysnative\PerfStringBackup.INI
    ====== C:\WINDOWS\Sysnative\drivers =====
    2016-03-30 13:38:45 D018C0E0A97905D0859DCD970BE4CE2A 49584 ----a-w- C:\WINDOWS\Sysnative\drivers\hitmanpro37.sys
    2016-03-20 19:20:35 1A490555FD330CA2764D89191177C867 285696 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb10.sys
    2016-03-20 19:20:23 58BFFEF692A47FCE3FAAEDBC8F3DCBBB 2152288 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys
    2016-03-20 19:20:23 0B3B0C1D86050355676640488FA897D3 430944 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys
    2016-03-20 19:20:22 E3C82823B22463BC38AA4F8ADA852624 104960 ----a-w- C:\WINDOWS\Sysnative\drivers\rasl2tp.sys
    2016-03-20 19:20:22 A4411C522D41707D5BCA817A5BB9E30B 114688 ----a-w- C:\WINDOWS\Sysnative\drivers\bridge.sys
    2016-03-20 19:20:10 EDDB0D726DBECDFC1DBCC6DB464E5A13 146272 ----a-w- C:\WINDOWS\Sysnative\drivers\appid.sys
    2016-03-20 19:20:09 F45665E77D11F3C1552EDBEAD1559DC8 1997152 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys
    2016-03-20 19:20:09 F279536122B83FD0D8E158AA753E1B7C 238592 ----a-w- C:\WINDOWS\Sysnative\drivers\xboxgip.sys
    2016-03-20 19:20:09 DBACD4E4FE191D0CE7C624ACA389535E 29696 ----a-w- C:\WINDOWS\Sysnative\drivers\xinputhid.sys
    2016-03-20 19:20:09 B7E1CAA9429E4C3E7E01CB35B97E1536 534368 ----a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS
    2016-03-20 19:20:09 8949F77132A4F8F3BA17C6727099F002 127840 ----a-w- C:\WINDOWS\Sysnative\drivers\USBSTOR.SYS
    2016-03-20 19:20:09 64D4F5DE44B64B8284BADE5819B5195A 394080 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys
    2016-03-20 19:20:09 469441BAE3FF8A16826FC62C51EF5E18 563552 ----a-w- C:\WINDOWS\Sysnative\drivers\acpi.sys
    2016-03-20 19:20:09 33190E86460C4FF7382848187463DC28 576864 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys
    2016-03-20 18:59:03 F871CE85AF64D81A9CB6C361CF797144 185184 ----a-w- C:\WINDOWS\Sysnative\drivers\dumpsd.sys
    2016-03-20 18:59:03 70165A0A2653FB8AFDE3D85000727F29 277856 ----a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys
    2016-03-20 13:28:26 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
    2016-03-20 08:59:59 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf
    2016-03-20 01:37:36 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_SynTP_01000.Wdf
    2016-03-19 08:44:15 FD738BAAF717D3F36B7A4B2776FF87A1 62728 ----a-w- C:\WINDOWS\Sysnative\drivers\viahsser.sys
    2016-03-19 08:44:15 374B9894D0ABCFDB1A5893D208C83C88 32136 ----a-w- C:\WINDOWS\Sysnative\drivers\viahsets.sys
    ====== C:\WINDOWS\Tasks ======
    2016-03-21 02:01:35 4DB45DC5F6B999D7F739A99B8123A5E3 4170 ----a-w- C:\WINDOWS\Sysnative\Tasks\User_Feed_Synchronization-{0BAF1A37-F45D-4028-A2CF-56C7F936BBC0}
    ====== C:\WINDOWS\Temp ======
    ======= C:\Program Files =====
    2016-03-20 19:02:14 -------- d-----w- C:\Program Files\Reference Assemblies
    2016-03-20 19:02:14 -------- d-----w- C:\Program Files\MSBuild
    2016-03-20 01:48:09 -------- d-----w- C:\Program Files\Common Files\SpeechEngines
    2016-03-20 01:38:14 -------- d-----w- C:\Program Files\CONEXANT
    2016-03-20 01:37:23 -------- d-----w- C:\Program Files\Synaptics
    ======= C:\PROGRA~2 =====
    2016-03-30 11:52:23 -------- d-----w- C:\PROGRA~2\Adware Removal Tool by TSA
    2016-03-20 19:02:14 -------- d-----w- C:\PROGRA~2\Reference Assemblies
    2016-03-20 19:02:14 -------- d-----w- C:\PROGRA~2\MSBuild
    2016-03-20 01:48:21 -------- d-----w- C:\PROGRA~2\COMMON~1\SpeechEngines
    2016-03-19 23:41:42 -------- d-----w- C:\PROGRA~2\AdwCleaner
    ======= C: =====
    2016-03-20 00:26:17 93B885ADFE0DA089CDF634904FD59F71 1 --sha-w- C:\BOOTNXT
    ====== C:\Users\kiungaman\AppData\Roaming ======
    2016-03-30 14:56:36 -------- d-----w- C:\Users\DefaultAppPool\AppData\LocalLow
    2016-03-21 04:55:07 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\DataSharing
    2016-03-20 13:46:05 -------- d-----w- C:\Users\DefaultAppPool\AppData\Local\Temp
    2016-03-20 13:46:05 -------- d-----w- C:\Users\DefaultAppPool\AppData\Local\ScreenCapture
    2016-03-20 13:46:05 -------- d-----w- C:\Users\DefaultAppPool\AppData\Local\Microsoft Help
    2016-03-20 13:46:05 -------- d-----w- C:\Users\DefaultAppPool\AppData\Local\Microsoft
    2016-03-20 13:46:05 -------- d-----w- C:\Users\DefaultAppPool\AppData\Local
    2016-03-20 13:46:04 -------- d-s---r- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
    2016-03-20 13:46:04 -------- d-----w- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
    2016-03-20 13:46:04 -------- d-----w- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
    2016-03-20 13:46:04 -------- d-----w- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
    2016-03-20 13:46:04 -------- d-----w- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
    2016-03-20 13:46:04 -------- d-----w- C:\Users\DefaultAppPool\AppData\Roaming
    2016-03-20 13:46:04 -------- d-----r- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2016-03-20 13:46:04 -------- d-----r- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2016-03-20 13:46:04 -------- d-----r- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2016-03-20 08:22:15 -------- d-----w- C:\Users\kiungaman\AppData\Local\MicrosoftEdge
    2016-03-20 05:03:16 -------- d-----w- C:\Users\kiungaman\AppData\Local\Comms
    2016-03-20 04:10:40 -------- d-----w- C:\Users\kiungaman\AppData\Local\Publishers
    2016-03-20 03:08:01 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Apps
    2016-03-20 02:34:32 -------- d-----w- C:\Users\kiungaman\AppData\Local\Packages
    2016-03-20 02:34:19 -------- d-----w- C:\Users\kiungaman\AppData\Local\TileDataLayer
    2016-03-20 02:26:05 -------- d-s---w- C:\WINDOWS\serviceprofiles\networkservice\AppData\LocalLow
    2016-03-20 02:15:35 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Packages
    2016-03-20 02:03:08 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft
    2016-03-20 01:54:53 -------- d-----w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
    2016-03-20 01:54:53 -------- d-----w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
    2016-03-20 01:54:53 -------- d-----w- C:\Users\Default\AppData\Local\ScreenCapture
    2016-03-20 01:54:53 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help
    2016-03-20 01:54:53 -------- d-----w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
    2016-03-20 01:54:53 -------- d-----w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
    2016-03-20 01:54:53 -------- d-----w- C:\Users\Default User\AppData\Local\ScreenCapture
    2016-03-20 01:54:53 -------- d-----w- C:\Users\Default User\AppData\Local\Microsoft Help
    2016-03-20 01:45:00 -------- d-s---r- C:\Users\kiungaman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
    2016-03-20 01:45:00 -------- d-----w- C:\Users\kiungaman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
    2016-03-20 01:45:00 -------- d-----w- C:\Users\kiungaman\AppData\Roaming
    2016-03-20 01:45:00 -------- d-----w- C:\Users\kiungaman\AppData\Local\Temp
    2016-03-20 01:45:00 -------- d-----w- C:\Users\kiungaman\AppData\Local\Microsoft
    2016-03-20 01:45:00 -------- d-----w- C:\Users\kiungaman\AppData\Local
    2016-03-20 01:45:00 -------- d-----r- C:\Users\kiungaman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2016-03-20 01:45:00 -------- d-----r- C:\Users\kiungaman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2016-03-20 01:45:00 -------- d-----r- C:\Users\kiungaman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2016-03-20 01:45:00 -------- d-----r- C:\Users\kiungaman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
    ====== C:\Users\kiungaman ======
    2016-03-30 13:18:05 E5F94A882F851044354B70ABA84C9A5E 11441744 ----a-w- C:\Users\kiungaman\Desktop\HitmanPro_x64.exe
    2016-03-30 13:16:48 E83007029D7FD71DBEF425EBA3C7ECEB 9741664 ----a-w- C:\Users\kiungaman\Downloads\HitmanPro_x64.exe
    2016-03-30 12:50:48 BAD693F2DDEEB64B99CA7BCA53A1F70E 2102784 ----a-w- C:\Users\kiungaman\Downloads\ZHPCleaner.exe
    2016-03-30 10:43:51 4BABA237C439E9D19D1F9C119FB1BD9B 700584 ----a-w- C:\Users\kiungaman\Downloads\Adware_Removal_Tool_by_TSA.exe
    2016-03-30 10:40:22 E91D834A4B986A8B665BF1AE78B7F4A7 1610352 ----a-w- C:\Users\kiungaman\Downloads\JRT (1).exe
    2016-03-30 10:01:34 AE9982250975C08C1F5A788E8AC92EE1 3102208 ----a-w- C:\Users\kiungaman\Downloads\AdwCleaner (1).exe
    2016-03-30 09:48:09 F794E988B53804105BF915ABDAFAFCD7 891392 ----a-w- C:\Users\kiungaman\Downloads\MiniToolBox.exe
    2016-03-23 15:42:28 E679FCF33FFB57BCABBC598AB5C18BE8 6868672 ----a-w- C:\Users\kiungaman\Downloads\ccsetup516.exe
    2016-03-20 13:46:06 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\DefaultAppPool\ntuser.ini
    2016-03-20 13:46:04 -------- d--h--w- C:\Users\DefaultAppPool\AppData
    2016-03-20 13:46:04 -------- d-----w- C:\Users\DefaultAppPool\Saved Games
    2016-03-20 13:46:04 -------- d-----w- C:\Users\DefaultAppPool\Cookies
    2016-03-20 13:46:04 -------- d-----r- C:\Users\DefaultAppPool\Videos
    2016-03-20 13:46:04 -------- d-----r- C:\Users\DefaultAppPool\Pictures
    2016-03-20 13:46:04 -------- d-----r- C:\Users\DefaultAppPool\Music
    2016-03-20 13:46:04 -------- d-----r- C:\Users\DefaultAppPool\Links
    2016-03-20 13:46:04 -------- d-----r- C:\Users\DefaultAppPool\Favorites
    2016-03-20 13:46:04 -------- d-----r- C:\Users\DefaultAppPool\Downloads
    2016-03-20 13:46:04 -------- d-----r- C:\Users\DefaultAppPool\Documents
    2016-03-20 13:46:04 -------- d-----r- C:\Users\DefaultAppPool\Desktop
    2016-03-20 04:25:20 -------- d-----r- C:\Users\kiungaman\OneDrive
    2016-03-20 02:33:56 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\kiungaman\ntuser.ini
    2016-03-20 02:03:56 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\.oracle_jre_usage
    2016-03-20 01:54:53 -------- d-----w- C:\Users\Default\Cookies
    2016-03-20 01:45:00 -------- d--h--w- C:\Users\kiungaman\AppData
    2016-03-20 01:44:07 CF2FE9C2A54AB7CC47CBFA37D33C7556 196608 ----a-w- C:\WINDOWS\serviceprofiles\networkservice\msmqlog.bak
    2016-03-20 01:44:07 55300415FE3628521E6EC6095A06F870 4194304 ----a-w- C:\WINDOWS\serviceprofiles\networkservice\msmqlog.bin
    2016-03-19 23:38:37 788FCDDD88240A85039F7F561093B118 448512 ----a-w- C:\Users\kiungaman\Downloads\TFC.exe
    2016-03-19 23:35:30 83EA34120B0F4A5C693252C41F144B1C 1527296 ----a-w- C:\Users\kiungaman\Downloads\AdwCleaner.exe
    2016-03-19 09:00:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2016-03-19 08:43:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZTE Handset USB Driver

    ====== C: exe-files ==
    2016-03-30 13:45:49 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Users\kiungaman\AppData\Local\Temp\9052E9B6-92CB-4B2C-830F-34ED9801355A\DismHost.exe
    2016-03-30 13:18:32 A5EE18AD160C2A97FE62D631FADC7953 112 ----a-w- C:\$Recycle.Bin\S-1-5-21-3374131861-1103260440-2687298924-1000\$IMETM4L.exe
    2016-03-30 13:18:05 E5F94A882F851044354B70ABA84C9A5E 11441744 ----a-w- C:\Users\kiungaman\Desktop\HitmanPro_x64.exe
    2016-03-30 13:17:51 E83007029D7FD71DBEF425EBA3C7ECEB 9741664 ----a-w- C:\Users\kiungaman\Desktop\scan software\HitmanPro_x64.exe
    2016-03-30 13:16:48 E83007029D7FD71DBEF425EBA3C7ECEB 9741664 ----a-w- C:\Users\kiungaman\Downloads\HitmanPro_x64.exe
    2016-03-30 12:52:18 BAD693F2DDEEB64B99CA7BCA53A1F70E 2102784 ----a-w- C:\Users\kiungaman\AppData\Roaming\ZHP\ZHPCleaner.exe
    2016-03-30 12:51:36 BAD693F2DDEEB64B99CA7BCA53A1F70E 2102784 ----a-w- C:\$Recycle.Bin\S-1-5-21-3374131861-1103260440-2687298924-1000\$RMETM4L.exe
    2016-03-30 12:51:29 BAD693F2DDEEB64B99CA7BCA53A1F70E 2102784 ----a-w- C:\Users\kiungaman\Desktop\scan software\ZHPCleaner.exe
    2016-03-30 12:50:48 BAD693F2DDEEB64B99CA7BCA53A1F70E 2102784 ----a-w- C:\Users\kiungaman\Downloads\ZHPCleaner.exe
    2016-03-30 12:45:04 4F5F6DDA9469F39E00F4A5F8A9E709B2 106 ----a-w- C:\$Recycle.Bin\S-1-5-21-3374131861-1103260440-2687298924-1000\$IQXCJQ9.exe
    2016-03-30 12:44:59 4ABBAC4311271E0F4E6B419A021F874A 144 ----a-w- C:\$Recycle.Bin\S-1-5-21-3374131861-1103260440-2687298924-1000\$IRPEFA9.exe
    2016-03-30 11:20:25 4BABA237C439E9D19D1F9C119FB1BD9B 700584 ----a-w- C:\$Recycle.Bin\S-1-5-21-3374131861-1103260440-2687298924-1000\$RRPEFA9.exe
    2016-03-30 11:20:13 E91D834A4B986A8B665BF1AE78B7F4A7 1610352 ----a-w- C:\$Recycle.Bin\S-1-5-21-3374131861-1103260440-2687298924-1000\$RQXCJQ9.exe
    2016-03-30 10:45:28 2F9C7FDA92C346CB5AA32091536AE0CB 43520 ----a-w- C:\Users\kiungaman\AppData\Local\Temp\jrt\nfo\nircmdc.exe
    2016-03-30 10:44:24 4BABA237C439E9D19D1F9C119FB1BD9B 700584 ----a-w- C:\Users\kiungaman\Desktop\scan software\Adware_Removal_Tool_by_TSA.exe
    2016-03-30 10:43:51 4BABA237C439E9D19D1F9C119FB1BD9B 700584 ----a-w- C:\Users\kiungaman\Downloads\Adware_Removal_Tool_by_TSA.exe
    2016-03-30 10:41:19 E91D834A4B986A8B665BF1AE78B7F4A7 1610352 ----a-w- C:\Users\kiungaman\Desktop\scan software\JRT (1).exe
    2016-03-30 10:40:22 E91D834A4B986A8B665BF1AE78B7F4A7 1610352 ----a-w- C:\Users\kiungaman\Downloads\JRT (1).exe
    2016-03-30 10:02:20 AE9982250975C08C1F5A788E8AC92EE1 3102208 ----a-w- C:\Users\kiungaman\Desktop\scan software\AdwCleaner (1).exe
    2016-03-30 10:01:34 AE9982250975C08C1F5A788E8AC92EE1 3102208 ----a-w- C:\Users\kiungaman\Downloads\AdwCleaner (1).exe
    2016-03-30 09:48:54 F794E988B53804105BF915ABDAFAFCD7 891392 ----a-w- C:\Users\kiungaman\Desktop\scan software\MiniToolBox.exe
    2016-03-30 09:48:09 F794E988B53804105BF915ABDAFAFCD7 891392 ----a-w- C:\Users\kiungaman\Downloads\MiniToolBox.exe
    2016-03-24 14:03:59 25B3907F2577FD6B363BFBACB5A74B68 617536 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
    2016-03-23 15:42:28 E679FCF33FFB57BCABBC598AB5C18BE8 6868672 ----a-w- C:\Users\kiungaman\Downloads\ccsetup516.exe
    === C: other files ==
    2016-03-30 13:38:45 D018C0E0A97905D0859DCD970BE4CE2A 49584 ----a-w- C:\Windows\System32\drivers\hitmanpro37.sys
    2016-03-26 15:13:05 AB121302B99AF52970F97F7F47B4DEB9 358302 ----a-w- C:\Users\kiungaman\AppData\Roaming\uTorrent\utorrent-help.zip

    ==== Startup Registry Enabled ======================

    [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "OneDriveSetup "= "C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup "

    [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "OneDriveSetup "= "C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup "

    [HKEY_USERS\S-1-5-21-3374131861-1103260440-2687298924-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CCleaner Monitoring "= "C:\Program Files\CCleaner\CCleaner64.exe /MONITOR "
    "OneDrive "= "C:\Users\kiungaman\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background "

    [HKEY_USERS\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "OneDriveSetup "= "C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup "

    [HKEY_USERS\S-1-5-21-3374131861-1103260440-2687298924-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "Uninstall C:\Users\kiungaman\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64 "= "C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\kiungaman\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64 "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AvastUI.exe "= "C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui "
    "LWS "= "C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide "
    "SunJavaUpdateSched "= "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe "
    "Dropbox "= "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup "

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CCleaner Monitoring "= "C:\Program Files\CCleaner\CCleaner64.exe /MONITOR "
    "OneDrive "= "C:\Users\kiungaman\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background "

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "Uninstall C:\Users\kiungaman\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64 "= "C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\kiungaman\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64 "

    ==== Startup Registry Enabled x64 ======================

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SynTPEnh "= "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe "
    "IgfxTray "= "C:\Windows\system32\igfxtray.exe "
    "HotKeysCmds "= "C:\Windows\system32\hkcmd.exe "
    "Persistence "= "C:\Windows\system32\igfxpers.exe "

    ==== Startup Registry Disabled x64 ======================

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BigPondWirelessBroadbandCM]
    "key "= "SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run "
    "item "= "BigPondWirelessBroadbandCM "
    "hkey "= "HKLM "
    "command "= "\ "C:\\Program Files (x86)\\Telstra\\BigPond Wireless Broadband 2.11.21\\TelstraUCM.exe\" -tsr "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CheckNDISPort_df]
    "key "= "SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run "
    "item "= "CheckNDISPort_df "
    "hkey "= "HKLM "
    "command "= "C:\\Program Files (x86)\\Hostless Modem\\Telstra USB+Wi-Fi\\CheckNDISPort_df.exe "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CucusoftNetGuard]
    "key "= "SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run "
    "item "= "CucusoftNetGuard "
    "hkey "= "HKLM "
    "command "= "\ "C:\\Program Files\\Cucusoft\\NetGuard\\BandwidthGuard.exe\" /boot "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dropbox]
    "key "= "SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run "
    "item "= "Dropbox "
    "hkey "= "HKLM "
    "command "= "\ "C:\\Program Files (x86)\\Dropbox\\Client\\Dropbox.exe\" /systemstartup "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sony PC Companion]
    "key "= "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run "
    "item "= "Sony PC Companion "
    "hkey "= "HKCU "
    "command "= "\ "C:\\Program Files (x86)\\Sony Ericsson\\Sony Ericsson PC Companion\\PCCompanion.exe\" /Background "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent]
    "key "= "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run "
    "item "= "uTorrent "
    "hkey "= "HKCU "
    "command "= "\ "C:\\Users\\kiungaman\\AppData\\Roaming\\uTorrent\\uTorrent.exe\" /MINIMIZED "


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ImageBrowser EX Agent.lnk]
    "path "= "C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\ImageBrowser EX Agent.lnk "
    "backup "= "C:\\Windows\\pss\\ImageBrowser EX Agent.lnk.CommonStartup "
    "backupExtension "= ".CommonStartup "
    "command "= "C:\\Program Files (x86)\\Canon\\ImageBrowser EX\\MFManager.exe "
    "item "= "ImageBrowser EX Agent "


    ==== Task Scheduler Jobs ======================

    C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [03/25/2016 01:12 AM]
    C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job --a-------- C:\Program Files (x86)\Spybot - Search Destroy 2\SDUpdate.exe []
    C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [09/13/2015 09:15 PM]
    C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [09/13/2015 09:15 PM]
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08/28/2015 01:05 PM]
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08/28/2015 01:05 PM]
    C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job --a-------- C:\Program Files (x86)\Spybot - Search Destroy 2\SDImmunize.exe []
    C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job --a-------- C:\Program Files (x86)\Spybot - Search Destroy 2\SDScan.exe []

    ==== Other Scheduled Tasks ======================

    "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
    "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
    "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" [ "C:\Program Files\CCleaner\CCleaner.exe"]
    "C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskMachineCore" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe]
    "C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskMachineUA" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe]
    "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
    "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
    "C:\WINDOWS\SysNative\tasks\SafeZone scheduled Autoupdate 1453723220" [C:\Program Files\AVAST Software\SZBrowser\launcher.exe]
    "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{0BAF1A37-F45D-4028-A2CF-56C7F936BBC0}" [C:\WINDOWS\system32\msfeedssync.exe]
    "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe]
    "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe]

    ==== Firefox Extensions Registry ======================

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
    "sp@avast.com "= "C:\Program Files\AVAST Software\Avast\SafePrice\FF" [01/25/2016 09:54 PM]

    ==== Firefox Extensions ======================

    ProfilePath: C:\Users\KIUNGA~1\AppData\Roaming\Mozilla\Firefox\Profiles\7dnco16s.default
    - Mozilla Firefox Extension - c:\windows\syswow64\qmmod

    AppDir: C:\Program Files (x86)\Mozilla Firefox
    - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

    ==== Firefox Plugins ======================

    Profilepath: C:\Users\kiungaman\AppData\Roaming\Mozilla\Firefox\Profiles\7dnco16s.default
    8CEB45D4062BE9E6B657292346AA1BAC - c:\windows\syswow64\qmmod\npffplg_mxdjdwfbe.dll - Mozilla Firefox Plugin xxicyb
    3914DFA00A2B8FAC8E14D2084BD456B4 - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll - PDF-XChange Viewer


    ==== Chromium Look ======================

    Google Chrome Version: 46.0.2490.86

    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
    gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[01/25/2016 09:54 PM]

    Google Slides - kiungaman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
    Google Docs - kiungaman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
    Google Drive - kiungaman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
    YouTube - kiungaman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
    Google Search - kiungaman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
    Google Sheets - kiungaman\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
    Google Docs Offline - kiungaman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
    Avast Online Security - kiungaman\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
    Chrome Web Store Payments - kiungaman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
    Gmail - kiungaman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

    ==== Chromium Fix ======================

    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully

    ==== Set IE to Default ======================

    Old Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page "= "http://www.ninemsn.com.au/ "
    "Default_Page_URL "= "http://www.google.com "
    "Search Bar "= "http://www.google.com "
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Search Bar "= "http://www.google.com "
    "Start Page Redirect Cache "= "http://www.google.com "
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
    "Search Bar "= "http://www.google.com "
    "Start Page Redirect Cache "= "http://www.google.com "

    New Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Search Bar "= "http://go.microsoft.com/fwlink/?LinkId=54896 "
    "Default_Page_URL "= "http://go.microsoft.com/fwlink/?LinkId=69157 "
    "Start Page "= "http://www.ninemsn.com.au/ "
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Search Bar "= "http://go.microsoft.com/fwlink/?LinkId=54896 "
    "Start Page Redirect Cache "= "http://go.microsoft.com/fwlink/?LinkId=69157 "
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
    "Search Bar "= "http://go.microsoft.com/fwlink/?LinkId=54896 "
    "Start Page Redirect Cache "= "http://go.microsoft.com/fwlink/?LinkId=69157 "

    ==== All HKLM and HKCU SearchScopes ======================

    HKLM\SearchScopes "DefaultScope "= "{0633EE93-D776-472f-A0FF-E1416B8B2E3A} "
    HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    HKLM\Wow6432Node\SearchScopes "DefaultScope "= "{0633EE93-D776-472f-A0FF-E1416B8B2E3A} "
    HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    HKCU\SearchScopes "DefaultScope "= "{62DA448C-D1F5-48F7-9871-DD4141C7FE86} "
    HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
    HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
    HKCU\SearchScopes\{62DA448C-D1F5-48F7-9871-DD4141C7FE86} - https://www.google.com/search?q={searchTerms}

    ==== Reset IE Proxy ======================

    Value(s) before fix:
    "ProxyEnable "=dword:00000000

    Value(s) after fix:
    "ProxyEnable "=dword:00000000

    ==== Uninstall List x64 ======================

    æTorrent [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent]
    Adobe Acrobat Reader DC [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}]
    Adobe Flash Player 21 NPAPI [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI]
    Adobe Refresh Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824166751}]
    Avast Premier [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Avast]
    CameraHelperMsi [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15634701-BACE-4449-8B25-1567DA8C9FD3}]
    Canon MG2100 series MP Drivers [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series]
    Canon MP Navigator EX 5.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MP Navigator EX 5.0]
    Canon Utilities CameraWindow DC 8 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\CameraWindowDC]
    Canon Utilities ImageBrowser EX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ImageBrowser EX]
    Canon Utilities PhotoStitch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PhotoStitch]
    CanoScan Toolbox Ver4.9 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}]
    CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner]
    CDBurnerXP [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1]
    Conexant HD Audio [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CNXT_AUDIO_HDA]
    Cucusoft Auto Update 1.0.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CucusoftAutoUpdate_is1]
    Cucusoft Net Guard 2.3.4.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CucusoftNetGuard_is1]
    CutePDF Writer 3.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CutePDF Writer Installation]
    D3DX10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E09C4DB7-630C-4F06-A631-8EA7239923AF}]
    Debut Video Capture Software [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Debut]
    Dropbox [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Dropbox]
    Dropbox Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{099218A5-A723-43DC-8DB5-6173656A1E94}]
    e-tax 2015 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9D19C250-CE9A-4BF0-91C8-031665D54D16}]
    erLT [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}]
    Extended Asian Language font pack for Adobe Acrobat Reader DC [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-2530-0000-AC0F074E4100}]
    Free Screen Capture [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B5803DCA-1A6F-48BA-9401-D4599122D7D7}]
    Google Chrome [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome]
    Google Earth [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{817750FA-EC6A-485D-9901-0683AE6FFDF1}]
    Google Earth Pro [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}]
    Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}]
    Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]
    HP Customer Experience Enhancements [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C9EF1AAF-B542-41C8-A537-1142DA5D4AEC}]
    HP Support Solutions Framework [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{55065080-504F-43BB-BE00-36B80D7D39A5}]
    Intel(R) Graphics Media Accelerator Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}]
    iSpy (64 bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8816AA23-70B3-487A-800A-F69216267144}]
    Java 8 Update 60 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218060F0}]
    Join Me [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{72FD5F2E-1F7A-4E9B-8838-29E842E178CD}]
    Junk Mail filter update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}]
    Logitech Webcam Software [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D40EB009-0499-459c-A8AF-C9C110766215}]
    LWS Facebook [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}]
    LWS Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}]
    LWS Help_main [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1651216E-E7AD-4250-92A1-FB8ED61391C9}]
    LWS Launcher [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}]
    LWS Motion Detection [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71E66D3F-A009-44AB-8784-75E2819BA4BA}]
    LWS Pictures And Video [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{08610298-29AE-445B-B37D-EFBE05802967}]
    LWS Twitter [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{174A3B31-4C43-43DD-866F-73C9DB887B48}]
    LWS Webcam Software [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8937D274-C281-42E4-8CDB-A0B2DF979189}]
    LWS WLM Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9DAEA76B-E50F-4272-A595-0124E826553D}]
    LWS YouTube Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}]
    Malwarebytes Anti-Malware version 2.2.0.1024 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1]
    MFC RunTime files [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{70C592EC-AE9B-4734-928B-676E824FB41E}]
    Microsoft .NET Framework 4.5.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26784146-6E05-3FF9-9335-786C7C0FB5BE}]
    Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{25E80DAA-FD87-DCE5-202C-CC02F6673002}]
    Microsoft Office Small Business 2007 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SMALLBUSINESSR]
    Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}]
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}]
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}]
    Mobile Broadband Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7DB11606-D621-4D3B-A7F7-25466A423AAF}]
    Mozilla Firefox 42.0 (x86 en-US) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 42.0 (x86 en-US)]
    Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService]
    MSVCRT [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}]
    MSVCRT_amd64 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D0B44725-3666-492D-BEF6-587A14BD9BD9}]
    MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}]
    MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}]
    MyHarmony [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\036a0e4fc6a247ec]
    OpenOffice 4.1.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86F2B095-3998-41D5-833D-1C5075300950}]
    oPlayer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA1B7F27-A49D-4D7F-9755-570AF5597160}]
    PDF-Viewer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1]
    PhotoPad Image Editor [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PhotoPad]
    SafeZone Stable 1.46.1990.139 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SafeZone 1.46.1990.139]
    Screen Capturer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Screen Capturer]
    SearchDVS [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0B6A46E-635B-4D37-8F5F-E543F54C3D5B}]
    SkypeT 7.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}]
    Sony PC Companion 2.10.251 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}]
    Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SynTPDeinstKey]
    System Requirements Lab for Intel [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}]
    Telstra Mobile Broadband Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mobile Broadband Manager]
    Telstra USB+Wi-Fi Hostless Modem [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}]
    Unity Web Player [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer]
    VLC media player [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player]
    Windows Live Communications Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D45240D3-B6B3-4FF9-B243-54ECE3E10066}]
    Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}]
    Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite]
    Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}]
    Windows Live Installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B0F231F-CE6A-483D-AA23-77B364F75917}]
    Windows Live Language Selector [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{027E5FAB-1476-4C59-AAB4-32EF28520399}]
    Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9D56775A-93F3-44A3-8092-840E3826DE30}]
    Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C66824E4-CBB3-4851-BB3F-E8CFD6350923}]
    Windows Live MIME IFilter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DA54F80E-261C-41A2-A855-549A144F2F59}]
    Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}]
    Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D436F577-1695-4D2F-8B44-AC76C99E0002}]
    Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83C292B7-38A5-440B-A731-07070E81A64F}]
    Windows Live SOXE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{682B3E4F-696A-42DE-A41C-4C07EA1678B4}]
    Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{200FEC62-3C34-4D60-9CE8-EC372E01C08F}]
    Windows Live UX Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}]
    Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}]
    Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}]
    Windows Live Writer Resources [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}]
    Yawcam 0.4.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8FE96B14-E1F9-47BF-8BA1-A81467CD259B}_is1]
    ZTE Handset USB Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{01D42BF0-ED08-463f-8A28-99EB6FEE962B}]
    ZTE Handset USB Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D2D77DC2-8299-11D1-8949-444553540000}_is1]
    ZTE LTE Device USB Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{00C1EF09-B5B7-4082-B1F4-C35CE7A7FCA9}]

    ==== Deleting Registry Keys ======================

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion deleted successfully

    ==== HijackThis Entries ======================
     
    GRAHAM WESTON,
    #9
  11. 2016/04/02
    GRAHAM WESTON

    GRAHAM WESTON Well-Known Member Thread Starter

    Joined:
    2002/07/30
    Messages:
    371
    Likes Received:
    0
    ==== HijackThis Entries ======================

    F2 - REG:system.ini: UserInit=
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
    O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe "
    O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
    O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
    O4 - HKCU\..\Run: [OneDrive] "C:\Users\kiungaman\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
    O4 - HKCU\..\RunOnce: [Uninstall C:\Users\kiungaman\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\kiungaman\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64 "
    O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {688C8675-1834-48FA-9DEF-4755CEFB9EDE} (DVR4204 Client Control) - http://10.0.0.15/EDVR.CAB
    O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{9cded43e-bc1a-4c88-b863-fdf3f2671e93}: NameServer = 10.5.136.242 10.5.133.45
    O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
    O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
    O23 - Service: CS_AutoUpdate - Cucusoft, Inc. - C:\Program Files\Cucusoft\AutoUpdate\AutoUpdateSrvc.exe
    O23 - Service: CS_BandwidthGuard - Cucusoft, Inc. - C:\Program Files\Cucusoft\NetGuard\BandwidthGuardSrvc.sys
    O23 - Service: CS_BandwidthGuard64 - Cucusoft, Inc. - C:\Program Files\Cucusoft\NetGuard\BandwidthGuardSrvc64.sys
    O23 - Service: CS_SysMsgProxy - Cucusoft, Inc. - C:\Program Files\Cucusoft\NetGuard\SysMsgProxySrvc.sys
    O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
    O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
    O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
    O23 - Service: Sierra Wireless Card Detection Service (SwiCardDetectSvc) - Sierra Wireless, Inc. - C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe
    O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    ==== Empty IE Cache ======================

    C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Users\kiungaman\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
    C:\Users\kiungaman\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
    C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
    C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
    C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
    C:\Users\kiungaman\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
    C:\Users\kiungaman\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
    C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
    C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

    ==== Empty FireFox Cache ======================

    No FireFox Profiles found

    ==== Empty Chrome Cache ======================

    C:\Users\kiungaman\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

    ==== Empty All Flash Cache ======================

    No Flash Cache Found

    ==== Empty All Java Cache ======================

    Java Cache cleared successfully

    ==== C:\zoek_backup content ======================

    C:\zoek_backup (files=90 folders=48 119622073 bytes)

    ==== Empty Temp Folders ======================

    C:\WINDOWS\Temp will be emptied at reboot

    ==== After Reboot ======================

    ==== Empty Temp Folders ======================

    C:\WINDOWS\Temp successfully emptied
    C:\Users\KIUNGA~1\AppData\Local\Temp successfully emptied

    ==== Empty Recycle Bin ======================

    C:\$RECYCLE.BIN successfully emptied

    ==== EOF on Thu 03/31/2016 at 8:13:08.33 ======================
     
    GRAHAM WESTON,
    #10
  12. 2016/04/02
    GRAHAM WESTON

    GRAHAM WESTON Well-Known Member Thread Starter

    Joined:
    2002/07/30
    Messages:
    371
    Likes Received:
    0
    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 4/1/2016
    Scan Time: 11:23 PM
    Logfile: MBAMscan..txt
    Administrator: Yes

    Version: 2.2.1.1043
    Malware Database: v2016.04.01.03
    Rootkit Database: v2016.03.30.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 10
    CPU: x64
    File System: NTFS
    User: kiungaman

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 407566
    Time Elapsed: 1 hr, 21 min, 50 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)
     
    GRAHAM WESTON,
    #11
  13. 2016/04/02
    GRAHAM WESTON

    GRAHAM WESTON Well-Known Member Thread Starter

    Joined:
    2002/07/30
    Messages:
    371
    Likes Received:
    0
    Evan, I have attempted to upload a screen shot of the Autoruns scan, but the Pictures & albums link is not showing in my UCP. I have sent a message to the webmaster to find out what the problem is .

    Results of screen317's Security Check version 1.014 --- 12/23/15
    x64 (UAC is enabled)
    Internet Explorer 11
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    Windows Defender
    avast! Antivirus
    Antivirus up to date!
    `````````Anti-malware/Other Utilities Check:`````````
    MVPS Hosts File
    Java 8 Update 60
    Java version 32-bit out of Date!
    Adobe Flash Player 21.0.0.197
    Mozilla Firefox (42.0)
    Google Chrome (49.0.2623.110)
    Google Chrome (49.0.2623.87)
    ````````Process Check: objlist.exe by Laurent````````
    AVAST Software Avast AvastSvc.exe
    AVAST Software Avast afwServ.exe
    AVAST Software Avast AvastUI.exe
    AVAST Software Avast avBugReport.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: %
    ````````````````````End of Log``````````````````````
     
    GRAHAM WESTON,
    #12
  14. 2016/04/02
    Evan Omo

    Evan Omo Computer Support Technician Staff

    Joined:
    2006/09/10
    Messages:
    7,902
    Likes Received:
    510
    For the Autoruns screenshot just upload the image to http://imgur.com/ and post the link to the image in your next reply.
     
    Evan Omo,
    #13
  15. 2016/04/03
    Admin.

    Admin. Administrator Administrator Staff

    Joined:
    2001/12/30
    Messages:
    6,680
    Likes Received:
    104
    Pictures & albums is not an option here. As I noted in the email I send you:

    See the FAQ:

    http://www.windowsbbs.com/faq.php?faq=vb3_reading_posting#faq_vb3_attachments

    You can post attachments.
     
    Admin.,
    #14
    GRAHAM WESTON likes this.
  16. 2016/04/03
    GRAHAM WESTON

    GRAHAM WESTON Well-Known Member Thread Starter

    Joined:
    2002/07/30
    Messages:
    371
    Likes Received:
    0
    GRAHAM WESTON,
    #15
  17. 2016/04/03
    Evan Omo

    Evan Omo Computer Support Technician Staff

    Joined:
    2006/09/10
    Messages:
    7,902
    Likes Received:
    510
    Click Start< Control Panel< Uninstall a program and remove the following items:

    æTorrent
    Adobe Refresh Manager
    HP Customer Experience Enhancements
    HP Support Solutions Framework
    Java 8 Update 60
    Java Auto Updater
    Join Me
    MFC RunTime files
    Microsoft Silverlight
    MyHarmony
    oPlayer
    PDF-Viewer
    PhotoPad Image Editor
    SafeZone Stable 1.46.1990.139
    Screen Capturer
    SearchDVS
    Sony PC Companion 2.10.251
    Unity Web Player
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Mail
    Windows Live MIME IFilter
    Windows Live Photo Common
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources

    Remove either Google Chrome or Mozilla Firefox as there is no need to have Internet Explorer and 2 other Internet browsers installed. Just have Internet Explorer and Google Chrome or Mozilla Firefox on your system. Your choice on which browser you want to remove.

    Once that is done download JavaRa to your desktop and unzip it.

    • Run JavaRa.exe by right clicking on JavaRa.exe, and clicking Run as administrator, pick the language of your choice and click Select. Then click Remove Older Versions.
    • Accept any prompts.
    • Do NOT post JavaRa log.

    Reboot the computer after JavaRa completes.

    Then in Autoruns on the Logon Tab, remove the following items:

    All the items highlighted in yellow
    Synaptics Touchpad Enhancements
    Java Update Scheduler
    Microsoft OneDrive
    Windows Mail (Both Entries)
    Google Chrome

    Reboot the computer after following those steps and let me know how the browsers are working now.
     
    Evan Omo,
    #16
  18. 2016/04/07
    GRAHAM WESTON

    GRAHAM WESTON Well-Known Member Thread Starter

    Joined:
    2002/07/30
    Messages:
    371
    Likes Received:
    0
    Evan, had some difficulties with some of the items you asked to be removed. The Utorrent and screen capture I use on a regular basis, mainly work related, so i'd prefer not to remove them. Adobe refresh, HP customer experience, Jave auto updater, Safezone and unity web player I could not locate in the control panel, programs. Windows live mail is my mail client, so I do need that, so if I delete all the other windows live programs where would I stand with my email client. All other programs in your list were removed and I then ran JavaRa. I also removed FireFox. I removed items in yellow bar the Windows mail and the google chrome, as I have kept google Chrome as a web browser. The system is a little better, but google still locks up. Sorry I have not followed your instructions to the letter so far, just worried that if I do remove the google entries and windows live mail, i'll be left in a bind.
     
    GRAHAM WESTON,
    #17
  19. 2016/04/07
    Evan Omo

    Evan Omo Computer Support Technician Staff

    Joined:
    2006/09/10
    Messages:
    7,902
    Likes Received:
    510
    Since you still use Windows Live Mail, you can keep the Windows Live programs installed.

    Since the browsers are still locking up on you I would get your system checked for any additional malware infections.

    Please read this and post the requested logs in the Malware and Virus Removal Forum.
     
    Evan Omo,
    #18
  20. 2016/04/09
    GRAHAM WESTON

    GRAHAM WESTON Well-Known Member Thread Starter

    Joined:
    2002/07/30
    Messages:
    371
    Likes Received:
    0
    Thank you for all your assistance here Alex, it's greatly appreciated. I'll follow your request and post in the Malware forum.

    Regards
    Graham
     
    GRAHAM WESTON,
    #19

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...