Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Relatively new redirect virus

Started by doctordotcalm , Aug 11 2015 02:00 PM

Help

This topic is locked

#16
doctordotcalm

Posted 11 August 2015 - 06:08 PM

Member

Topic Starter
Member
29 posts

I can't disable security as directed because these options are not available in the systems tray in Windows 10. Will try to run Junk remover as is. May Have to sign off for the day before it is done. Hope we can pick up from here tomorrow. Thanks for all help so far.

#17
zep516

Posted 11 August 2015 - 06:15 PM

Trusted Helper

Malware Removal
8,093 posts

OK, Run it as is.

I noticed you ran adwCleaner.
Please post the log file [SO].txt file for me.
That log will be found here----> C:\AdwCleaner

If you can't find it re run AdwCleaner,
Making sure to "Run Scan" after scan finishes, Click Logfile, then click Clean. Post log.

If you're using a shortcut to open IE, delete it, and create another one. Short cuts can get infected adwCleaner would have fixed it though.

We can catch up tomorrow that's fine I get started here about 4pm EST

#18
doctordotcalm

Posted 12 August 2015 - 07:57 AM

Member

Topic Starter
Member
29 posts

Here are the results of junk remover and adware scan

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.6 (08.10.2015:1)
OS: Windows 10 Pro x64
Ran by poppag on Tue 08/11/2015 at 20:08:20.42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Tasks

Successfully deleted: [Task] C:\WINDOWS\system32\tasks\SlimCleaner Run

~~~ Registry Values

~~~ Registry Keys

~~~ Files

Successfully deleted: [File] C:\Users\poppag\Appdata\Local\9adbd540af5db8a3a88d88596ed0cb73

~~~ Folders

Successfully deleted: [Folder] C:\Program Files\checker
Successfully deleted: [Folder] C:\ProgramData\google
Successfully deleted: [Folder] C:\Users\poppag\Appdata\Local\slimware utilities inc
Successfully deleted: [Folder] C:\users\Public\Documents\downloaded installers

~~~ Chrome

[C:\Users\poppag\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\poppag\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\poppag\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\poppag\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 08/11/2015 at 20:24:30.26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# AdwCleaner v4.208 - Logfile created 06/08/2015 at 19:08:16
# Updated 09/07/2015 by Xplode
# Database : 2015-08-01.1 [Server]
# Operating system : Windows 10 Pro (x64)
# Username : poppag - POPPAG-PC
# Running from : C:\Users\poppag\AppData\Local\Microsoft\Windows\INetCache\IE\NG2LOMUX\adwcleaner_4.208.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\e52d673a000054a9
Folder Deleted : C:\ProgramData\{063d99b6-9ce4-cade-063d-d99b69ce66da}
Folder Deleted : C:\ProgramData\{0f977e7f-4c01-6bfd-0f97-77e7f4c0f9fd}
Folder Deleted : C:\ProgramData\{21b9c882-76e2-c9df-21b9-9c88276e2209}

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\ef6f1757-da3a-0f29-45d4-18b1ac469036
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2970C7C-8392-4E6F-8B51-B763CF38E13C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{803C743C-7D37-4334-8BB0-B7716237AED6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A2970C7C-8392-4E6F-8B51-B763CF38E13C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FEB2313-F89B-4AC6-8153-84025604A06A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{02F878DF-E2BE-4B85-8CB4-A0D2D4E2ED7F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2AF343DD-3102-4F9D-AC95-DCA4C95382C7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3137BC14-D8D7-4B67-8FFA-2E0B2E9D541B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4CA2AC92-971B-47B1-ACB6-357B552155AC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{52C5395B-1FCD-47FA-A834-FD830701C2D5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D3DCC39-9233-4330-94E9-DA92BE49CA1A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{615FACDF-DADB-440D-AC91-8AAB0AE9E3AD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{762D463B-C45A-456D-A80D-8689C297C91E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7A6BE473-7960-44D0-BD54-D23DA76353DF}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{803F550E-BAAE-42BB-8917-64BA0006AB17}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D5BC51D-C9D3-43B9-B728-B30677B7C7E8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{991C9D8D-A789-4DB9-BDFC-5F33398B04BF}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A5ACC874-D943-483F-A2D1-14598D51F872}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0474212-0D9D-4361-90B3-B89D1A44275D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BFDE183A-C6FE-41D2-80F9-586C29210AC2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D83C83BF-3EDD-4410-ADAB-5295116DD8C7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DD260902-9420-4055-A956-9152EB4F3E6A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EB1F9F3C-5526-4DAE-BD4B-3EAA7715DA9F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F1912128-469A-4138-AA26-9699C15BB13E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F68DC16C-9C2B-455B-8853-7E4D34BAA3F4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FBA8498F-B3A0-4942-A2BF-E0CB7BC7E000}
Key Deleted : HKCU\Software\Appscion
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\SimpleFiles
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>;*.local

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.10240.16384

-\\ Google Chrome v

[C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_otbrw8_15_28&cd=2XzuyEtN2Y1L1QzuyBtD0FtC0AtCyEyB0E0AyEtD0BtC0C0AtN0D0Tzu0StCtBzzyDtN1L2XzutAtFtCtCtFtAtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyB0EtDyCyCyCzy0DtGyD0FtCzytG0DtDyDyCtGtDtA0F0AtGtA0E0EyEtA0ByBzyyE0EyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyD0EyDzytCzzyBtGtDyByByDtGyE0E0F0EtGzyyEyEtAtGtB0E0C0EtCyEyD0DyCzz0E0B2QtN0A0LzutB&cr=203131304&ir=
[C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] : hxxp://www.cassiopessa.com/?f=1&a=csp_otbrw8_15_28&cd=2XzuyEtN2Y1L1QzuyBtD0FtC0AtCyEyB0E0AyEtD0BtC0C0AtN0D0Tzu0StCtBzzyDtN1L2XzutAtFtCtCtFtAtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyB0EtDyCyCyCzy0DtGyD0FtCzytG0DtDyDyCtGtDtA0F0AtGtA0E0EyEtA0ByBzyyE0EyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyD0EyDzytCzzyBtGtDyByByDtGyE0E0F0EtGzyyEyEtAtGtB0E0C0EtCyEyD0DyCzz0E0B2QtN0A0LzutB&cr=203131304&ir=
[C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Startup_URLs] : hxxp://www.cassiopessa.com/?f=7&a=csp_otbrw8_15_28&cd=2XzuyEtN2Y1L1QzuyBtD0FtC0AtCyEyB0E0AyEtD0BtC0C0AtN0D0Tzu0StCtBzzyDtN1L2XzutAtFtCtCtFtAtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyB0EtDyCyCyCzy0DtGyD0FtCzytG0DtDyDyCtGtDtA0F0AtGtA0E0EyEtA0ByBzyyE0EyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyD0EyDzytCzzyBtGtDyByByDtGyE0E0F0EtGzyyEyEtAtGtB0E0C0EtCyEyD0DyCzz0E0B2QtN0A0LzutB&cr=203131304&ir=

-\\ Chromium v45.0.2441.0

[C:\Users\poppag\AppData\Local\Chromium\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.cassiopesa.com/results.php?f=4&q={searchTerms}&a=csp_tight14_15_23&cd=2XzuyEtN2Y1L1QzuyBtD0FtC0AtCyEyB0E0AyEtD0BtC0C0AtN0D0Tzu0StCtByDtDtN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StA0AyCzy0FyD0FzytGtD0CtBzytGtA0A0D0AtGtAzy0DyEtGzy0AzztDtCzz0DyDyEyCzztB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyD0EyDzytCzzyBtGtDyByByDtGyE0E0F0EtGzyyEyEtAtGtB0E0C0EtCyEyD0DyCzz0E0B2QtN0A0LzuyE&cr=1298795089&ir=
[C:\Users\poppag\AppData\Local\Chromium\User Data\Default\Secure Preferences] - Deleted [Homepage] : hxxp://www.cassiopesa.com/?f=1&a=csp_tight14_15_23&cd=2XzuyEtN2Y1L1QzuyBtD0FtC0AtCyEyB0E0AyEtD0BtC0C0AtN0D0Tzu0StCtByDtDtN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StA0AyCzy0FyD0FzytGtD0CtBzytGtA0A0D0AtGtAzy0DyEtGzy0AzztDtCzz0DyDyEyCzztB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyD0EyDzytCzzyBtGtDyByByDtGyE0E0F0EtGzyyEyEtAtGtB0E0C0EtCyEyD0DyCzz0E0B2QtN0A0LzuyE&cr=1298795089&ir=&uref=chmm
[C:\Users\poppag\AppData\Local\Chromium\User Data\Default\Secure Preferences] - Deleted [Startup_URLs] : 8BB8DBC1D7CA5C58F821C38254FB2B9C874F8EE9B9905B57DE48C731C6C91837"},"software_reporter":{"prompt_seed":"D12521B12F27ED8D55846D6FE25154BD22242084A3546A89F2435F0D6575A92E","prompt_version":"565C7DC33789AA140A0FFC230B569B2F592F494FD1FE1EF8BAEA97F43DB5B49E"},"sync":{"remaining_rollback_tries":"330199A48C5F90321D74BF4A3B8CAD4B7FF7FA5817F414DCBE4E6C2F52FBDA56"}},"super_mac":"5EAC04E09D5F5104C6850166222EF3A7B347F50EE0726DB5590458F0F7621DD7"},"search_provider_overrides":[{"encoding":"UTF-8","favicon_url":"hxxp://www.cassiopesa.com/favicon.ico

*************************

AdwCleaner[R0].txt - [7039 bytes] - [06/08/2015 19:05:53]
AdwCleaner[S0].txt - [6914 bytes] - [06/08/2015 19:08:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6973 bytes] ##########

I'll check back in after 4 est

#19
doctordotcalm

Posted 12 August 2015 - 02:03 PM

Member

Topic Starter
Member
29 posts

I'm back

#20
zep516

Posted 12 August 2015 - 02:05 PM

Trusted Helper

Malware Removal
8,093 posts

Does the Malwarebytes show clean ? Perhaps we should run it once more, and also try resetting the IE 11 Home page manually, unless you have done that already.

You can skip the download part since you already have malwarebytes installed.

Please download Malwarebytes Anti-Malware to your desktop.
Double-click mbam-setup-version.exe and follow the prompts to install the program.
Launch Malwarebytes Anti-Malware
Then click Finish.
If an update is found, you will be prompted to download and install the latest version.
Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
When the scan is complete , make sure that that all Threats are selected, and click Remove Selected.
Reboot your computer if prompted.

Posting the Malwarebytes log.

After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the Scan Log which shows the Date and time of the scan just performed.
Click 'Export'.
Click 'Text file (*.txt)'
In the Save File dialog box which appears, click on Desktop.
In the File name: box type a name for your scan log.
A message box named 'File Saved' should appear stating "Your file has been successfully exported".
Click Ok
post that saved log to your next reply.

If the problem is not resolved yet, we will reset IE 11 to default value
To do that
See Here
Check the box next to "Delete personal settings" [optional]. I would do that too.

Thanks
Joe

#21
doctordotcalm

Posted 12 August 2015 - 03:53 PM

Member

Topic Starter
Member
29 posts

Here is the MB log. I deleted the 11 errors and rebooted. Also tried Hijackthis and restricting access to the rouge site which is hxxt://www.your-home-page.net . I also have reset ie to default states several times. This is a bear!

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 8/12/2015
Scan Time: 4:47 PM
Logfile: mbscanlog.txt
Administrator: Yes

Version: 2.1.8.1057
Malware Database: v2015.08.12.05
Rootkit Database: v2015.08.06.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: poppag

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 378959
Time Elapsed: 39 min, 17 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.GSafe.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GSAFE, Quarantined, [8b6a8a7de7a41e18ed0a9d14cf35768a],
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2317217915-3030507882-558724183-1000\SOFTWARE\OB, Quarantined, [7382c83f5e2d4ee88464278a4fb5f40c],

Registry Values: 9
PUP.Optional.GSafe.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GSAFE|Publisher, GENCO LABS LLC, Quarantined, [8b6a8a7de7a41e18ed0a9d14cf35768a]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2317217915-3030507882-558724183-1000\SOFTWARE\OB|monitype10, 7/9/15 11:39:30, Quarantined, [7382c83f5e2d4ee88464278a4fb5f40c]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2317217915-3030507882-558724183-1000\SOFTWARE\OB|monitype15, 7/9/15 11:39:30, Quarantined, [4da887805734a19570788928c53f8b75]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2317217915-3030507882-558724183-1000\SOFTWARE\OB|monitype16, 7/9/15 11:41:44, Quarantined, [81749f683457d165895ffab78e76837d]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2317217915-3030507882-558724183-1000\SOFTWARE\OB|monitype6, 7/20/15 17:16:1, Quarantined, [817409fe27644ee8feeab5fc38cc847c]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2317217915-3030507882-558724183-1000\SOFTWARE\OB|monitype20, 7/20/15 17:15:50, Quarantined, [21d4c740fc8f92a4e5031c952cd81ce4]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2317217915-3030507882-558724183-1000\SOFTWARE\OB|monitype22, 7/20/15 17:15:50, Quarantined, [55a008ff8b001323cf19eec31ce81ce4]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2317217915-3030507882-558724183-1000\SOFTWARE\OB|monitype24, 7/20/15 17:15:50, Quarantined, [c2339c6b662564d29355a908c63e669a]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2317217915-3030507882-558724183-1000\SOFTWARE\OB|monitype27, 7/20/15 17:15:50, Quarantined, [8075b7500388b284e404bdf4976dc23e]

Registry Data: 0
(No malicious items detected)

Folders: 85
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\adapter, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\abstractbutton, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\abstractbutton\background, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\alert, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\alert\background, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\embedhtml, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\embedhtml\background, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\embedhtml\html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\embedhtml\js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\embedscript, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\embedscript\background, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\embedscript\html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\embedscript\js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\flare, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\flare\background, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\flare\icons, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\generic, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\generic\background, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\link, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\link\background, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\menu, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\menu\background, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\menu\css, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\menu\html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\menu\images, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\menu\js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\rss, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\rss\background, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\thirdparty, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\thirdparty\background, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\uninstall, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\uninstall\background, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\weather, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\weather\background, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\common, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\radio, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\radio\css, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\radio\js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\rss, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\rss\js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\test, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\topapps, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\topapps\css, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\topapps\js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\weather, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\weather\css, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\weather\js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\api, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\api\background, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\api\window, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\defaultSearch, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\defaultSearch\background, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\defaultSearch\foreground, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\moviereviews, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\moviereviews\background, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\moviereviews\css, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\moviereviews\html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\moviereviews\js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\radio, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\radio\background, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\radio\css, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\radio\foreground, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\radio\radioWrapper, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\search, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\search\background, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\search\html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\supertab, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\supertab\css, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\supertab\html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\supertab\js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\icons, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\images, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\native, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\native\libs, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\shared, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\_metadata, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],

Files: 236
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\manifest.json, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\bg.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\buildVars, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\buildVars.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\companionSW.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\config.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\contentScript.css, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\contentScript.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\debug.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\debug.jade, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\extension_toolbar_api.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\initWidgetWindow.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\newTabContentScript.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\options.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\spent.css, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\spent.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\spent.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\spent2.css, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\spent2.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\spentJ.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\spentK.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\spentK.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\startup.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\stub.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\stubby.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\superFrame.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\toolbar.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\toolbar.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\toolbarUI.css, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\toolbarUI.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\toolbarUI.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\url.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\adapter\adapterUtil.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\adapter\widget-adapter.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\abstractbutton\background\abstractButton.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\alert\background\alertButton.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\embedhtml\background\embedHtmlWidget.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\embedhtml\html\embedHtmlTemplate.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\embedhtml\html\innerEmbedHtmlTemplate.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\embedhtml\js\embedHtmlUI.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\embedscript\background\embedScriptWidget.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\embedscript\html\embedScriptTemplate.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\embedscript\html\innerEmbedScriptTemplate.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\embedscript\js\embedScriptUI.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\flare\background\FlareWidget.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\flare\icons\Icon_Flare_blue.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\flare\icons\Icon_Flare_pink.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\flare\icons\Thumbs.db, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\generic\background\GenericWidget.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\link\background\linkButton.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\menu\README.txt, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\menu\background\menuButton.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\menu\css\menuframe.css, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\menu\html\menuframe.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\menu\images\right_arrow.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\menu\images\right_arrow_white.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\menu\js\jquery-1.7.1.min.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\menu\js\menuframe.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\menu\js\query-string.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\menu\js\underscore-1.3.1.min.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\rss\background\RssWidget.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\thirdparty\background\thirdPartyWidget.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\uninstall\background\uninstallButton.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\components\weather\background\weatherButton.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\js\bs.30.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\js\common.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\js\dynamic.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\js\enableDetect.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\js\eventListening.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\js\global.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\js\jquery-1.7.1.min.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\js\list-interaction.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\js\messageEventListener.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\js\navRedirector.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\js\paramReplacer.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\js\PartnerId.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\js\set.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\js\underscore-1.3.1.min.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\js\underscore-1.5.2.min.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\js\unifiedLogging.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widget-context-1.0.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\common\common.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\common\eventListening.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\common\jquery-1.7.1.min.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\common\list-interaction.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\common\set.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\common\underscore-1.3.1.min.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\radio\radio-widget.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\radio\css\radio-widget.css, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\radio\js\radio-custom.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\radio\js\radio-parser.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\radio\js\radio-widget-ui.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\radio\js\radio-widget.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\rss\rssWidget.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\rss\js\rss-widget-custom.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\rss\js\rss-widget-parse.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\rss\js\rss-widget.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\test\invalid.json, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\test\jquery.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\test\qunit.css, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\test\qunit.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\test\resource.json, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\test\resource.xml, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\test\testWidget.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\test\testWidget.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\topapps\widget.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\topapps\css\widget.css, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\topapps\js\nanigans-topapps-feed.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\topapps\js\topapps-config.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\topapps\js\widget.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\weather\weatherButton.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\weather\css\weatherButton.css, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\common\widget-api\widgets\weather\js\weather.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\api\background\ApiBasedWidget.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\api\background\widget-api-impl.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\api\window\hiddenWidgetWindow.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\api\window\hiddenWidgetWindow.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\api\window\hiddenWidgetWindowInit.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\api\window\widgetWindow.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\api\window\widgetWindow.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\defaultSearch\background\updateSearch.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\defaultSearch\background\updateSearchPromptBg.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\defaultSearch\foreground\07_buttons2.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\defaultSearch\foreground\08_buttons2.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\defaultSearch\foreground\defaultSearchModal.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\defaultSearch\foreground\defaultSearchModalInjector.css, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\defaultSearch\foreground\defaultSearchModalInjector.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\defaultSearch\foreground\tvf_btn_ok.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\defaultSearch\foreground\tvf_btn_ok2.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\defaultSearch\foreground\tvf_restart_alert_icon.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\defaultSearch\foreground\tvf_restart_icon.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\defaultSearch\foreground\updateSearchPromptFg.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\moviereviews\background\MovieReviewsWidget.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\moviereviews\css\movieReviews.css, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\moviereviews\html\movieReviews.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\moviereviews\js\movieReviews.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\radio\background\RadioWidget.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\radio\css\toolbar-item.css, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\radio\foreground\button.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\radio\radioWrapper\radioWrapper.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\radio\radioWrapper\radioWrapper.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\search\background\searchBox.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\search\html\searchSuggestions.css, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\search\html\searchSuggestions.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\search\html\searchSuggestions.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\search\html\searchSuggestionsInit.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\supertab\css\supertab.css, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\supertab\html\supertab.html, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\supertab\js\newtabfork.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\supertab\js\reporting.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\supertab\js\srchsugg.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\supertab\js\supertab.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\supertab\js\unifiedLogging.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\components\supertab\js\__utm.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\icons\arrowSprite.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\icons\icon128.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\icons\icon16.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\icons\icon19disabled.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\icons\icon19on.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\icons\icon48.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\icons\tb_icon_search_disappearing_ask.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\images\223757258.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\images\223757262.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\images\223757267.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\images\223757273.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\images\223757274.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\images\223757276.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\images\223757278.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\images\223757282.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\images\223757287.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\images\223757306.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\images\224931024.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\images\down_arrow.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\images\IDR_PRODUCT_LOGO_16.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\images\IDR_WEBSTORE_ICON.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\images\magnifying_glass.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\images\RadioPlayerSprite.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\images\search_button.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\images\tvf_icon_guide.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\images\tvf_logo.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\images\wrench.png, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\chromeUtils.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\exeManager.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\exeManagerNMD.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\exePackageManager.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\focusManager.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\globalBlacklistManager.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\messaging.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\mutation_summary-min.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\mutation_summary.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\nativeMessagingDispatcher.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\newTabInfo.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\newTabInitialize.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\options.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\readLocalStorage.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\reservespacefortoolbar.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\reservespaceifenabled.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\scriptInjector.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\searchContext.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\settingsOverrides.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\toolbarCookieParser.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\toolbarPreinit.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\underscore-1.3.1.min.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\URILoaderContentScript.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\Widget.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\widgetContentScriptInjectee.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\widgetFactory.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\js\widgetWindowManager.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\native\cache.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\native\ce.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\native\debug.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\native\ss.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\native\libs\jquery-1.7.1.min.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\native\libs\jquery-1.9.1.min.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\native\libs\underscore-1.5.2.min.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\shared\activePing.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\shared\buttonLogger.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\shared\competitorDnsList.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\shared\console.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\shared\FFPreferencesPersister.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\shared\httpTransport.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\shared\HttpURL.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\shared\internationalSearch.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\shared\LocalStoragePersister.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\shared\MindsparkGlobal.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\shared\MindsparkGlobal.unitTest.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\shared\MindsparkGlobalNotes.txt, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\shared\rsvp-latest.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\shared\searchSuggestLocale.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\shared\testHttpTransport.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\shared\unifiedLogger.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\shared\unifiedLogging.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\shared\universalConsole.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\shared\utils.js, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\_metadata\computed_hashes.json, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],
PUP.Optional.Mindspark.A, C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh\12.14.7.40768_0\_metadata\verified_contents.json, Quarantined, [ca2bcd3a6e1dae8837d42e580302768a],

Physical Sectors: 0
(No malicious items detected)

(end)

#22
zep516

Posted 12 August 2015 - 04:05 PM

Trusted Helper

Malware Removal
8,093 posts

tdsskiller

You ran that do you have the log file ?

#23
doctordotcalm

Posted 12 August 2015 - 04:30 PM

Member

Topic Starter
Member
29 posts

just reran tdsskiller and it found nothing. Also reran Hijackthis and log file is below. How about combofix?

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 6:28:01 PM, on 8/12/2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
CHROME: 1.5.1383.0

Boot mode: Normal

Running processes:
C:\Users\poppag\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Glary Utilities 5\memdefrag.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\poppag\Desktop\tdsskiller.exe
C:\Users\poppag\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: TextAloud Toolbar - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~2\TEXTAL~1\TAForIE.dll
O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [emsisoft anti-malware] "c:\program files (x86)\emsisoft anti-malware\a2guard.exe" /d=60
O4 - HKCU\..\Run: [OneDrive] "C:\Users\poppag\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
O4 - HKCU\..\Run: [Google Update] "C:\Users\poppag\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Glary Memory Optimizer] C:\Program Files (x86)\Glary Utilities 5\memdefrag.exe /autostart
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [CloudSystemBooster] "C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe" /hide /autorun
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\poppag\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_2\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\poppag\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_2\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Itibiti.exe] C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Itibiti.exe] C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe (User 'Default user')
O4 - Global Startup: Install LastPass IE RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll
O9 - Extra 'Tools' menuitem: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Emsisoft Protection Service (a2AntiMalware) - Emsisoft Ltd - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Anvi Cloud System Booster Speed Service (AnviCsbSvc) - Anvisoft - C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10671 bytes

#24
zep516

Posted 12 August 2015 - 04:45 PM

Trusted Helper

Malware Removal
8,093 posts

How about combofix?

No combofix on windows 10 yet.

From hijackthis
O4 - HKUS\S-1-5-18\..\Run: [Itibiti.exe] C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe (User 'SYSTEM')

I thought we got rid of that program Itibiti, buy uninstalling it from the uninstall list you used Revo I think, do you still see it there ? Perhaps the run keys are just left overs.
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc)<--- It was listed like this in the uninstall list.

Don't fix anything yet in Hijackthis, just check to see if that program (Itibiti RTC) is still listed. I'll look through the Hijackthis log.

Tell me if the programs there, if it is remove it, then I'll fix those entries in Hijackthis.

#25
doctordotcalm

Posted 12 August 2015 - 04:51 PM

Member

Topic Starter
Member
29 posts

It doesn't show up in Revo so I think it's just a vestige in the registry.

#26
zep516

Posted 12 August 2015 - 04:54 PM

Trusted Helper

Malware Removal
8,093 posts

Open hijackthis,
Right click and run as adminstrator.
Do a system scan only
Place a check mark in the following entries:
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O3 - Toolbar: TextAloud Toolbar - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~2\TEXTAL~1\TAForIE.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\poppag\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [Itibiti.exe] C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Itibiti.exe] C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe (User 'Default user')
Click fix checked
Close Hijackthis
Reboot.

Next
Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

Double-click to run it. When the tool opens click Yes to disclaimer.
Make sure you checkmark Addition.txt box.
Press Scan button.
Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.

#27
doctordotcalm

Posted 12 August 2015 - 05:13 PM

Member

Topic Starter
Member
29 posts

Here are the results

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-08-2015
Ran by poppag (administrator) on POPPAG-PC (12-08-2015 19:07:55)
Running from C:\Users\poppag\Desktop
Loaded Profiles: poppag (Available Profiles: poppag)
Platform: Windows 10 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
() C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Users\poppag\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\memdefrag.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16384_none_115fd2f761f7c508\TiWorker.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-07-08] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-06-29] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944648 2015-07-15] (Synaptics Incorporated)
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4939288 2015-07-27] (Emsisoft Ltd)
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-2317217915-3030507882-558724183-1000\...\Run: [OneDrive] => C:\Users\poppag\AppData\Local\Microsoft\OneDrive\OneDrive.exe [402632 2015-07-27] (Microsoft Corporation)
HKU\S-1-5-21-2317217915-3030507882-558724183-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-08-03] (Glarysoft Ltd)
HKU\S-1-5-21-2317217915-3030507882-558724183-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-2317217915-3030507882-558724183-1000\...\Run: [Glary Memory Optimizer] => C:\Program Files (x86)\Glary Utilities 5\memdefrag.exe [122656 2015-08-03] (Glarysoft Ltd)
HKU\S-1-5-21-2317217915-3030507882-558724183-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-04-30] (TomTom)
HKU\S-1-5-21-2317217915-3030507882-558724183-1000\...\Run: [CloudSystemBooster] => C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe [527544 2014-05-29] (Anvisoft)
HKU\S-1-5-21-2317217915-3030507882-558724183-1000\...\RunOnce: [Uninstall C:\Users\poppag\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_2\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\poppag\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_2\amd64"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2015-06-02]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2317217915-3030507882-558724183-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - TextAloud Toolbar - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\Program Files (x86)\TextAloud\TAForIE64.dll [2015-01-05] (NextUp.com)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-06-02] (LastPass)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-16] (Google Inc.)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-06-02] (LastPass)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-16] (Google Inc.)
Toolbar: HKU\S-1-5-21-2317217915-3030507882-558724183-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-16] (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{158115b5-f52c-4410-8c29-67ab01b7bc6f}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{c5f4e54e-bfbe-4d3c-b231-a266689ea267}: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-06-02] (LastPass)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-17] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-06-02] (LastPass)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2015-06-02] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2317217915-3030507882-558724183-1000: @tools.google.com/Google Update;version=3 -> C:\Users\poppag\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2317217915-3030507882-558724183-1000: @tools.google.com/Google Update;version=9 -> C:\Users\poppag\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015-06-03]
FF HKU\.DEFAULT\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Ninja Loader\FireFox

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-13]
CHR Extension: (Google Docs) - C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-13]
CHR Extension: (Google Drive) - C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-13]
CHR Extension: (YouTube) - C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-13]
CHR Extension: (Google Cast) - C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-06-13]
CHR Extension: (NinjaLoader) - C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmlhbjpgeogifjnmlajdaealbdlfonah [2015-08-11]
CHR Extension: (Google Search) - C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-13]
CHR Extension: (Google Sheets) - C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-13]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-13]
CHR Extension: (Gmail) - C:\Users\poppag\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-13]
CHR HKLM-x32\...\Chrome\Extension: [cmlhbjpgeogifjnmlajdaealbdlfonah] - https://clients2.goo...ice/update2/crx
StartMenuInternet: Google Chrome - chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [5525328 2015-07-27] (Emsisoft Ltd)
R2 AnviCsbSvc; C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe [42680 2014-05-29] (Anvisoft)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-07-10] (Microsoft Corporation)
S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [134144 2015-07-10] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [808856 2015-07-22] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [510976 2015-07-21] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [27136 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [267776 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [193024 2015-07-10] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [87040 2015-07-10] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [275456 2015-07-10] (Microsoft Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [148992 2015-07-23] (Microsoft Corporation)
R3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-07-10] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [21504 2015-07-10] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [62464 2015-07-10] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [296960 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U2 OneSyncSvc_Session2; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U2 OneSyncSvc_Session2; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [289280 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_Session2; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_Session2; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [988672 2015-08-02] (Microsoft Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2015-06-02] ()
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1031680 2015-07-17] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2674176 2015-07-10] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2049024 2015-07-10] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-15] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer GmbH)
S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1203200 2015-07-23] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [925696 2015-07-23] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 UnistoreSvc_Session2; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 UnistoreSvc_Session2; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1420288 2015-07-29] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 UserDataSvc_Session2; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 UserDataSvc_Session2; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [504320 2015-07-10] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [918016 2015-07-10] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1149440 2015-07-10] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1019392 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys [39936 2015-07-10] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3436896 2015-07-10] (QLogic Corporation)
R1 epp64; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\epp64.sys [138504 2015-08-07] (Emsisoft GmbH)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83968 2015-07-10] (Microsoft Corporation)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2015-07-10] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2015-07-10] (Microsoft Corporation)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2015-06-02] (Glarysoft Ltd)
R3 i8042HDR; C:\Windows\system32\DRIVERS\i8042HDR.sys [15920 2009-08-15] (Windows ® Codename Longhorn DDK provider)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424800 2015-07-10] (Mellanox)
S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [26624 2015-07-10] (Microsoft Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705376 2015-07-10] (Mellanox)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76128 2015-07-10] (Mellanox)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-22] (Synaptics Incorporated)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61952 2015-07-10] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys [17760 2015-07-10] (Microsoft Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2015-06-01] (Windows ® Win 7 DDK provider)
S3 TrojanKillerDriver; C:\Windows\System32\DRIVERS\gtkdrv.sys [16640 2013-10-11] (Windows ® Win 7 DDK provider)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [61952 2015-07-10] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [46080 2015-07-17] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [106520 2015-07-10] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2015-07-10] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [26976 2015-07-10] (Mellanox)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59232 2015-07-10] (Mellanox)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [222720 2015-07-10] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-07-10] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: dosvc -> C:\Windows\system32\dosvc.dll (Microsoft Corporation)
NETSVC: DcpSvc -> C:\Windows\system32\dcpsvc.dll (Microsoft Corporation)
NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation)
NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation)
NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation)
NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation)
NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation)
NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation)
NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)
NETSVC: RetailDemo -> C:\Windows\system32\RDXService.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-12 19:07 - 2015-08-12 19:07 - 02173952 _____ (Farbar) C:\Users\poppag\Desktop\FRST64.exe
2015-08-12 19:07 - 2015-08-12 19:07 - 00000000 ____D C:\Users\poppag\Desktop\FRST-OlderVersion
2015-08-12 19:03 - 2015-08-12 19:03 - 00016148 _____ C:\WINDOWS\system32\POPPAG-PC_poppag_HistoryPrediction.bin
2015-08-12 19:01 - 2015-08-12 19:01 - 00000000 ____D C:\Users\poppag\Desktop\backups
2015-08-12 12:35 - 2015-08-12 12:35 - 00001071 _____ C:\Users\poppag\Desktop\Focusky.lnk
2015-08-12 12:35 - 2015-08-12 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusky
2015-08-12 12:11 - 2015-08-12 18:28 - 00010673 _____ C:\Users\poppag\Desktop\hijackthis.log
2015-08-12 12:10 - 2015-08-12 12:10 - 00009898 _____ C:\Users\poppag\Downloads\hijackthis.log
2015-08-12 12:09 - 2015-08-12 12:09 - 00388608 _____ (Trend Micro Inc.) C:\Users\poppag\Desktop\HijackThis.exe
2015-08-12 12:06 - 2015-08-12 15:33 - 01051213 _____ C:\Users\poppag\Desktop\H2 Safe dealership pix series.pptx
2015-08-12 12:05 - 2015-08-12 12:05 - 01169735 _____ C:\Users\poppag\Downloads\H2 Safe dealership pix series.pptx
2015-08-12 12:00 - 2015-08-12 12:00 - 00000017 _____ C:\Users\poppag\AppData\Local\resmon.resmoncfg
2015-08-12 11:21 - 2015-08-12 11:21 - 00003124 _____ C:\WINDOWS\System32\Tasks\SlimCleaner Run
2015-08-12 11:21 - 2015-08-12 11:21 - 00000000 ____D C:\Users\poppag\AppData\Local\SlimWare Utilities Inc
2015-08-12 10:34 - 2015-08-12 10:34 - 00000023 _____ C:\Users\poppag\Desktop\Focusky.txt
2015-08-11 20:24 - 2015-08-11 20:24 - 00001515 _____ C:\Users\poppag\Desktop\JRT.txt
2015-08-11 19:55 - 2015-08-11 20:07 - 01798040 _____ (Malwarebytes Corporation) C:\Users\poppag\Desktop\JRT.exe
2015-08-11 18:29 - 2015-08-12 14:07 - 04012963 _____ C:\Users\poppag\Desktop\Presentation of Service Center 8-11-2015.fs
2015-08-11 18:22 - 2015-08-12 12:44 - 02172928 _____ C:\Users\poppag\Desktop\Presentation of Service Center 8-11-2015.ppt
2015-08-11 18:21 - 2015-08-11 18:21 - 02171904 _____ C:\Users\poppag\Downloads\Presentation of Service Center 8-11-2015.ppt
2015-08-11 16:39 - 2015-08-12 19:08 - 00022366 _____ C:\Users\poppag\Desktop\FRST.txt
2015-08-11 16:34 - 2015-08-11 16:35 - 00055656 _____ C:\Users\poppag\Downloads\Addition.txt
2015-08-11 16:30 - 2015-08-11 16:31 - 02172928 _____ (Farbar) C:\Users\poppag\Downloads\FRST64 (1).exe
2015-08-11 15:07 - 2015-08-05 22:36 - 21874176 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-11 15:07 - 2015-08-03 23:21 - 16709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-11 15:07 - 2015-08-03 23:10 - 13025792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-11 15:07 - 2015-08-02 22:18 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2015-08-11 15:07 - 2015-08-02 21:56 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-08-11 15:07 - 2015-08-02 21:24 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-11 15:07 - 2015-08-02 21:12 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-11 15:06 - 2015-08-05 22:03 - 18805248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-11 15:06 - 2015-08-02 22:13 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-11 15:06 - 2015-08-02 21:50 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-11 15:06 - 2015-08-02 21:18 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-11 15:06 - 2015-08-02 21:18 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-11 15:06 - 2015-08-02 21:01 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-11 15:05 - 2015-08-08 03:30 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-11 15:05 - 2015-08-08 02:24 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-11 15:05 - 2015-08-08 02:24 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-11 15:05 - 2015-08-08 02:00 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-11 15:05 - 2015-08-05 00:49 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-08-11 15:05 - 2015-08-05 00:29 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-11 15:05 - 2015-08-05 00:03 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-11 15:05 - 2015-08-04 23:47 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-08-11 15:05 - 2015-08-04 23:43 - 01916416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-11 15:05 - 2015-08-04 00:08 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-11 15:05 - 2015-08-04 00:06 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-08-11 15:05 - 2015-08-03 23:50 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-11 15:05 - 2015-08-03 22:59 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-11 15:05 - 2015-08-03 22:47 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-11 15:05 - 2015-08-02 22:18 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-11 15:05 - 2015-08-02 21:22 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-11 15:05 - 2015-08-02 21:22 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-08-11 15:05 - 2015-08-02 21:15 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-11 15:05 - 2015-08-02 21:15 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-11 15:05 - 2015-08-02 21:12 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-11 15:05 - 2015-08-02 21:10 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-11 15:05 - 2015-08-02 21:03 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-11 15:04 - 2015-08-08 03:29 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-11 15:04 - 2015-08-08 03:19 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-08-11 15:04 - 2015-08-08 03:01 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-11 15:04 - 2015-08-08 02:48 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-11 15:04 - 2015-08-08 02:40 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-11 15:04 - 2015-08-08 02:22 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-11 15:04 - 2015-08-08 02:15 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-11 15:04 - 2015-08-05 23:18 - 00290768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-11 15:04 - 2015-08-05 23:17 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2015-08-11 15:04 - 2015-08-05 23:17 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2015-08-11 15:04 - 2015-08-05 22:22 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2015-08-11 15:04 - 2015-08-05 00:00 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-08-11 15:04 - 2015-08-04 23:54 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-11 15:04 - 2015-08-04 23:47 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-08-11 15:04 - 2015-08-04 23:39 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-08-11 15:04 - 2015-08-04 00:07 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-11 15:04 - 2015-08-03 23:23 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2015-08-11 15:04 - 2015-08-02 22:32 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2015-08-11 15:04 - 2015-08-02 22:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2015-08-11 15:04 - 2015-08-02 22:19 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-11 15:04 - 2015-08-02 22:17 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-11 15:04 - 2015-08-02 22:17 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2015-08-11 15:04 - 2015-08-02 22:12 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-08-11 15:04 - 2015-08-02 21:49 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-11 15:04 - 2015-08-02 21:22 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-08-11 15:04 - 2015-08-02 21:22 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2015-08-11 15:04 - 2015-08-02 21:21 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2015-08-11 15:04 - 2015-08-02 21:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-11 15:04 - 2015-08-02 21:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-11 15:04 - 2015-08-02 21:18 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-11 15:04 - 2015-08-02 21:18 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2015-08-11 15:04 - 2015-08-02 21:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-11 15:04 - 2015-08-02 21:15 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2015-08-11 15:04 - 2015-08-02 21:14 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-08-11 15:04 - 2015-08-02 21:14 - 00247808 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-11 15:04 - 2015-08-02 21:11 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2015-08-11 15:04 - 2015-08-02 21:11 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-08-11 15:04 - 2015-08-02 21:06 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-11 15:04 - 2015-08-02 21:02 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-08-11 15:04 - 2015-08-02 20:59 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2015-08-11 15:03 - 2015-08-08 02:21 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-08-11 15:03 - 2015-08-04 00:06 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-08-11 15:03 - 2015-08-02 22:19 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-08-11 15:03 - 2015-08-02 22:18 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-11 15:03 - 2015-08-02 22:18 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
2015-08-11 15:03 - 2015-08-02 21:31 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-08-11 15:03 - 2015-08-02 21:24 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-11 15:03 - 2015-08-02 21:23 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-11 15:03 - 2015-08-02 21:15 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-11 15:03 - 2015-08-02 21:15 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-08-11 15:03 - 2015-08-02 21:12 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-11 15:03 - 2015-08-02 21:11 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-11 15:03 - 2015-08-02 21:02 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-11 15:03 - 2015-08-02 21:00 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-11 15:02 - 2015-08-02 21:30 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-11 15:02 - 2015-08-02 21:24 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-11 15:02 - 2015-08-02 21:24 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-11 15:02 - 2015-08-02 21:23 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-11 15:02 - 2015-08-02 21:15 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-11 15:02 - 2015-08-02 21:12 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-11 15:02 - 2015-08-02 21:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-08-11 12:50 - 2015-08-11 12:54 - 00000000 ____D C:\NPE
2015-08-11 12:47 - 2015-08-11 13:25 - 00000000 ____D C:\Users\poppag\AppData\Local\NPE
2015-08-11 12:47 - 2015-08-11 12:47 - 00000000 ____D C:\ProgramData\Norton
2015-08-11 12:46 - 2015-08-11 12:46 - 03088296 _____ (Symantec Corporation) C:\Users\poppag\Downloads\NPE.exe
2015-08-11 12:31 - 2015-08-11 12:31 - 00058688 _____ C:\Users\poppag\Downloads\UnHookLib.dll
2015-08-11 12:12 - 2015-08-11 12:12 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\48230029.sys
2015-08-11 12:06 - 2015-08-11 12:07 - 00000000 ____D C:\Users\poppag\Downloads\Malwarebytes Anti-Malware Premium 2.0.2.1012 Final + Keys [ATOM]
2015-08-11 11:24 - 2015-08-11 11:57 - 00000000 ____D C:\Users\poppag\AppData\Local\TextCrawler
2015-08-11 11:24 - 2015-08-11 11:24 - 00000000 ____D C:\Users\poppag\AppData\Roaming\IsolatedStorage
2015-08-11 11:24 - 2015-08-11 11:24 - 00000000 ____D C:\ProgramData\IsolatedStorage
2015-08-11 11:23 - 2015-08-11 11:23 - 05161408 _____ (DigitalVolcano Software Ltd) C:\Users\poppag\Downloads\TextCrawlerPro_setup.exe
2015-08-11 11:23 - 2015-08-11 11:23 - 00001157 _____ C:\Users\Public\Desktop\TextCrawler Pro.lnk
2015-08-11 11:23 - 2015-08-11 11:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TextCrawler Pro
2015-08-11 11:23 - 2015-08-11 11:23 - 00000000 ____D C:\Program Files (x86)\TextCrawler Pro
2015-08-11 11:14 - 2015-08-11 11:17 - 00000000 ____D C:\Program Files (x86)\Windows Grep
2015-08-11 11:14 - 2015-08-11 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Grep
2015-08-11 11:13 - 2015-08-11 11:13 - 00742893 _____ ( ) C:\Users\poppag\Downloads\WindowsGrep23.exe
2015-08-11 10:46 - 2015-08-11 10:46 - 00000000 ____D C:\Users\poppag\AppData\Local\Anvisoft
2015-08-11 10:42 - 2015-08-11 15:22 - 00000000 ____D C:\Program Files (x86)\SlimCleaner
2015-08-11 10:42 - 2015-08-11 10:57 - 00002483 _____ C:\Users\Public\Desktop\SlimCleaner.lnk
2015-08-11 10:42 - 2015-08-11 10:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner
2015-08-11 10:25 - 2015-08-11 10:41 - 01038656 _____ (SlimWare Utilities, Inc.) C:\Users\poppag\Downloads\SlimCleaner-setup.exe
2015-08-11 10:02 - 2015-08-11 10:02 - 00001356 _____ C:\Users\Public\Desktop\Cloud System Booster.lnk
2015-08-11 09:50 - 2015-08-11 09:54 - 16048725 _____ C:\Users\poppag\Downloads\Cloud System Booster 3.3.16 PRO.rar
2015-08-11 09:40 - 2015-08-11 10:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
2015-08-11 09:40 - 2015-08-11 10:02 - 00000000 ____D C:\Program Files (x86)\Anvisoft
2015-08-11 09:37 - 2015-08-11 09:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-08-10 19:09 - 2015-08-10 19:09 - 00000000 ____D C:\Program Files (x86)\Portable
2015-08-10 18:14 - 2015-08-10 18:14 - 00753184 _____ C:\Users\poppag\Downloads\Adware-Removal-Tool-v3.9.1.exe
2015-08-10 18:14 - 2015-08-10 18:14 - 00000000 ____D C:\Program Files\Adware-Removal-Tool
2015-08-10 17:41 - 2015-08-10 18:11 - 00000000 ____D C:\ProgramData\RogueKiller
2015-08-10 17:41 - 2015-08-10 17:41 - 22653000 _____ C:\Users\poppag\Downloads\RogueKillerX64.exe
2015-08-10 17:41 - 2015-08-10 17:41 - 00037624 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-08-10 16:31 - 2015-08-12 19:07 - 00000000 ____D C:\FRST
2015-08-10 16:31 - 2015-08-11 16:35 - 00131923 _____ C:\Users\poppag\Downloads\FRST.txt
2015-08-10 16:31 - 2015-08-10 16:31 - 02171392 _____ (Farbar) C:\Users\poppag\Downloads\FRST64.exe
2015-08-10 16:17 - 2015-08-10 16:17 - 00000396 _____ C:\EamClean.log
2015-08-10 16:14 - 2015-08-10 16:14 - 00000000 ____D C:\ProgramData\Emsisoft
2015-08-10 16:06 - 2015-08-10 16:06 - 00001171 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2015-08-10 16:06 - 2015-08-10 16:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2015-08-10 16:05 - 2015-08-12 19:04 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2015-08-10 12:32 - 2015-08-10 12:44 - 71516398 _____ C:\Users\poppag\Downloads\GridinSoft Trojan Killer 2.2.7.2 + Patch 2.x.x (32-64bit.) MrSzzS.rar
2015-08-10 12:03 - 2015-08-10 12:11 - 00000000 ____D C:\Users\poppag\Downloads\SUPERAntiSpyware Pro 6.0.1170 + Crack + LifeTime Key [KaranPC]
2015-08-10 11:53 - 2015-08-10 11:53 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\poppag\Desktop\tdsskiller.exe
2015-08-10 11:25 - 2015-08-10 11:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Trojan Killer
2015-08-10 11:25 - 2015-08-10 11:25 - 00000000 ____D C:\ProgramData\GridinSoft
2015-08-10 11:24 - 2015-08-11 13:17 - 00000000 ____D C:\Program Files\GridinSoft Trojan Killer
2015-08-10 11:18 - 2015-08-10 11:18 - 00000000 ____D C:\SUPERDelete
2015-08-09 19:00 - 2015-08-09 19:00 - 01677922 _____ C:\Users\poppag\Downloads\Spyhunter.keygen.zip
2015-08-09 16:13 - 2015-08-09 16:13 - 00000000 _____ C:\autoexec.bat
2015-08-08 13:41 - 2015-08-08 13:41 - 00001160 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2015-08-07 19:41 - 2015-08-10 14:51 - 00002409 _____ C:\WINDOWS\setupact.log
2015-08-07 19:41 - 2015-08-07 19:41 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-07 15:59 - 2015-08-09 17:07 - 00000000 ____D C:\ProgramData\MSNetCore
2015-08-07 15:56 - 2015-08-07 15:56 - 00000000 ____D C:\Program Files (x86)\1045E420-1438977382-DF11-BACB-00266C69E639
2015-08-07 15:54 - 2015-08-12 19:02 - 00000332 _____ C:\WINDOWS\Tasks\XBAJTK.job
2015-08-07 15:54 - 2015-08-07 15:54 - 00002652 _____ C:\WINDOWS\System32\Tasks\XBAJTK
2015-08-07 15:53 - 2015-08-09 16:36 - 00001655 _____ C:\MS Visual Fox Pro.lnk
2015-08-07 13:50 - 2015-08-12 19:02 - 00171570 _____ C:\WINDOWS\PFRO.log
2015-08-07 10:53 - 2015-08-07 10:53 - 00000023 _____ C:\WINDOWS\SysWOW64\syssshow100.dll
2015-08-07 10:46 - 2015-08-11 13:17 - 00000000 ____D C:\Program Files (x86)\BlazeVideo
2015-08-07 10:46 - 2015-08-07 10:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlazeVideo
2015-08-07 10:46 - 2015-08-07 10:46 - 00000000 ____D C:\ProgramData\BlazeVideo
2015-08-06 19:05 - 2015-08-10 17:30 - 00000000 ____D C:\AdwCleaner
2015-08-06 18:53 - 2015-08-06 18:53 - 00001133 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2015-08-06 18:53 - 2015-08-06 18:53 - 00000000 ____D C:\Users\poppag\AppData\Local\VS Revo Group
2015-08-06 18:53 - 2015-08-06 18:53 - 00000000 ____D C:\ProgramData\VS Revo Group
2015-08-06 18:53 - 2015-08-06 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2015-08-06 18:53 - 2015-08-06 18:53 - 00000000 ____D C:\Program Files\VS Revo Group
2015-08-06 18:53 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2015-08-06 18:47 - 2015-08-06 18:47 - 00017271 _____ C:\Users\poppag\Downloads\RevoUninstallerProv3.1.22014Full - ThePirateBay.TO.torrent
2015-08-06 16:06 - 2015-08-12 19:03 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-06 16:01 - 2015-08-06 16:01 - 00245671 _____ C:\Users\poppag\Desktop\Safe H2 Service.fs
2015-08-06 14:50 - 2015-08-10 18:14 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\subinacl.exe
2015-08-06 14:50 - 2015-08-06 14:50 - 00000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2015-08-06 12:39 - 2015-07-30 02:24 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-08-06 12:39 - 2015-07-30 02:21 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-08-06 12:39 - 2015-07-30 02:17 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-08-06 12:39 - 2015-07-30 02:17 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-08-06 12:39 - 2015-07-30 02:16 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-08-06 12:39 - 2015-07-30 02:09 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-08-06 12:39 - 2015-07-30 02:06 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-08-06 12:39 - 2015-07-30 02:05 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-06 12:39 - 2015-07-30 02:05 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-08-06 12:39 - 2015-07-30 02:04 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-06 12:39 - 2015-07-30 02:03 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-08-06 12:39 - 2015-07-30 00:29 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-08-06 12:39 - 2015-07-30 00:26 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-08-06 12:39 - 2015-07-30 00:26 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-08-06 12:39 - 2015-07-30 00:25 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-08-06 12:39 - 2015-07-30 00:25 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-08-06 12:39 - 2015-07-30 00:24 - 01769056 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-06 12:39 - 2015-07-30 00:21 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-06 12:39 - 2015-07-30 00:12 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-08-06 12:39 - 2015-07-29 23:52 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-06 12:39 - 2015-07-29 23:52 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-08-06 12:39 - 2015-07-29 23:49 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-08-06 12:39 - 2015-07-29 23:49 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-06 12:39 - 2015-07-29 23:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-08-06 12:39 - 2015-07-29 23:44 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-06 12:39 - 2015-07-29 23:42 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-08-06 12:39 - 2015-07-29 23:41 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-08-06 12:39 - 2015-07-29 23:40 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-08-06 12:39 - 2015-07-29 23:38 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-08-06 12:39 - 2015-07-29 23:29 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-08-06 12:39 - 2015-07-29 23:15 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-08-06 12:39 - 2015-07-29 23:10 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-06 12:39 - 2015-07-29 23:06 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-06 12:39 - 2015-07-29 23:04 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-08-06 12:39 - 2015-07-29 23:04 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-08-06 12:38 - 2015-07-30 02:23 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-08-06 12:38 - 2015-07-30 02:15 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-08-06 12:38 - 2015-07-30 02:14 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-08-06 12:38 - 2015-07-30 01:24 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-08-06 12:38 - 2015-07-30 00:42 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-06 12:38 - 2015-07-30 00:24 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-08-06 12:38 - 2015-07-30 00:24 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-08-06 12:38 - 2015-07-30 00:24 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-08-06 12:38 - 2015-07-30 00:22 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-08-06 12:38 - 2015-07-30 00:22 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-08-06 12:38 - 2015-07-30 00:12 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-08-06 12:38 - 2015-07-30 00:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-08-06 12:38 - 2015-07-30 00:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-08-06 12:38 - 2015-07-30 00:08 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-06 12:38 - 2015-07-30 00:08 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2015-08-06 12:38 - 2015-07-29 23:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-08-06 12:38 - 2015-07-29 23:52 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2015-08-06 12:38 - 2015-07-29 23:49 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-06 12:38 - 2015-07-29 23:46 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-06 12:38 - 2015-07-29 23:46 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-08-06 12:38 - 2015-07-29 23:46 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-08-06 12:38 - 2015-07-29 23:45 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2015-08-06 12:38 - 2015-07-29 23:45 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-08-06 12:38 - 2015-07-29 23:44 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-06 12:38 - 2015-07-29 23:44 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-08-06 12:38 - 2015-07-29 23:44 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-08-06 12:38 - 2015-07-29 23:44 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-08-06 12:38 - 2015-07-29 23:44 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll
2015-08-06 12:38 - 2015-07-29 23:41 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-08-06 12:38 - 2015-07-29 23:38 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2015-08-06 12:38 - 2015-07-29 23:34 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-08-06 12:38 - 2015-07-29 23:10 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-06 12:38 - 2015-07-29 23:07 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2015-08-06 12:38 - 2015-07-29 23:06 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-08-06 12:38 - 2015-07-29 23:06 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2015-08-06 12:38 - 2015-07-29 23:06 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll
2015-08-06 12:38 - 2015-07-29 22:59 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-08-06 12:38 - 2015-07-29 22:58 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-08-06 11:35 - 2015-08-12 12:35 - 00000000 ____D C:\Program Files (x86)\Focusky
2015-08-06 11:28 - 2015-08-06 11:34 - 142325152 _____ (Focusky Solution ) C:\Users\poppag\Downloads\focusky_setup.exe
2015-08-05 12:02 - 2015-08-05 12:02 - 00000000 ____D C:\Users\poppag\AppData\Roaming\WinBatch
2015-08-05 12:02 - 2015-08-05 12:02 - 00000000 ____D C:\sll0v150
2015-08-03 17:31 - 2015-08-03 17:31 - 00100575 _____ C:\Users\poppag\Downloads\ie68047_created.svg
2015-07-30 17:00 - 2015-08-11 13:17 - 00000000 ____D C:\Program Files (x86)\Games
2015-07-29 17:49 - 2015-07-29 17:49 - 00000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-29 12:36 - 2015-07-29 12:36 - 00002126 _____ C:\Users\Public\Desktop\Google Slides.lnk
2015-07-29 12:36 - 2015-07-29 12:36 - 00002124 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2015-07-29 12:36 - 2015-07-29 12:36 - 00002114 _____ C:\Users\Public\Desktop\Google Docs.lnk
2015-07-29 12:36 - 2015-07-29 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-07-29 12:22 - 2015-07-29 12:26 - 00000000 ____D C:\Users\poppag\AppData\Roaming\Google
2015-07-28 19:43 - 2015-07-28 19:43 - 01048312 _____ C:\Users\poppag\Downloads\Attachments_2015728 (1).zip
2015-07-28 17:26 - 2015-07-28 17:26 - 00410436 _____ C:\Users\poppag\Downloads\Attachments_2015728.zip
2015-07-28 13:06 - 2015-07-26 01:16 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-07-28 13:06 - 2015-07-26 01:16 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-07-28 13:06 - 2015-07-26 01:15 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-07-28 13:06 - 2015-07-26 01:14 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-07-28 13:06 - 2015-07-26 01:14 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-07-28 13:06 - 2015-07-26 01:13 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-07-28 13:06 - 2015-07-26 01:06 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-07-28 13:06 - 2015-07-26 00:28 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-07-28 13:06 - 2015-07-26 00:28 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-07-28 13:06 - 2015-07-25 23:49 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-07-28 13:06 - 2015-07-25 23:40 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-07-28 13:06 - 2015-07-25 23:39 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-07-28 13:06 - 2015-07-25 23:38 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-07-28 13:06 - 2015-07-25 23:30 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-07-28 13:06 - 2015-07-23 23:30 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-07-28 13:06 - 2015-07-23 22:46 - 02224128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-07-28 13:06 - 2015-07-23 22:46 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-07-28 13:06 - 2015-07-23 22:40 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-07-28 13:06 - 2015-07-23 22:39 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-07-28 13:06 - 2015-07-23 22:25 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-07-28 13:06 - 2015-07-23 22:24 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-07-28 13:06 - 2015-07-23 22:24 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-07-28 13:05 - 2015-07-25 23:49 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-07-28 13:05 - 2015-07-25 23:47 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-07-28 13:05 - 2015-07-25 23:40 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-07-28 13:05 - 2015-07-25 23:39 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-07-28 13:05 - 2015-07-25 23:35 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-07-28 13:05 - 2015-07-25 23:34 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-07-28 13:05 - 2015-07-25 23:30 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-07-28 13:05 - 2015-07-25 23:29 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-07-28 13:05 - 2015-07-23 23:18 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-07-28 13:05 - 2015-07-23 23:17 - 00991584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-07-28 13:05 - 2015-07-23 23:17 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-07-28 13:05 - 2015-07-23 23:17 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-07-28 13:05 - 2015-07-23 23:12 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-07-28 13:05 - 2015-07-23 23:11 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-07-28 13:05 - 2015-07-23 22:55 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-07-28 13:05 - 2015-07-23 22:52 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-07-28 13:05 - 2015-07-23 22:46 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-07-28 13:05 - 2015-07-23 22:44 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-07-28 13:05 - 2015-07-23 22:34 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-07-28 13:05 - 2015-07-23 22:30 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-07-28 13:05 - 2015-07-23 22:29 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-07-28 13:05 - 2015-07-23 22:24 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-07-28 13:05 - 2015-07-23 22:24 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-07-28 13:05 - 2015-07-23 22:24 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-07-28 12:42 - 2015-07-28 13:01 - 00000000 ____D C:\Users\poppag\AppData\Roaming\iMazing
2015-07-28 12:42 - 2015-07-28 12:42 - 00000000 ____D C:\Users\poppag\AppData\Local\DigiDNA
2015-07-28 12:42 - 2015-07-28 12:42 - 00000000 ____D C:\ProgramData\DigiDNA
2015-07-28 12:33 - 2015-07-28 12:39 - 15457798 _____ C:\Users\poppag\Downloads\k40yb.DigiDNA.iMazing.1.1.6.rar
2015-07-27 18:40 - 2015-07-27 18:42 - 00000022 _____ C:\Users\poppag\Downloads\Windows_10_Manager_0.1.6_Beta.zip
2015-07-27 13:33 - 2015-07-27 13:33 - 00001977 _____ C:\Users\poppag\AppData\Roaming\Microsoft\Windows\Start Menu\Gaosuo.lnk
2015-07-27 13:33 - 2015-07-27 13:33 - 00001971 _____ C:\Users\poppag\AppData\Roaming\Microsoft\Windows\Start Menu\videos.lnk
2015-07-27 13:33 - 2015-07-27 13:33 - 00001953 _____ C:\Users\poppag\Desktop\Gaosuo.lnk
2015-07-27 13:33 - 2015-07-27 13:33 - 00001947 _____ C:\Users\poppag\Desktop\videos.lnk
2015-07-27 13:33 - 2015-07-27 13:33 - 00000000 ____D C:\Users\poppag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gaosuo
2015-07-27 13:32 - 2015-07-27 13:33 - 00000000 ____D C:\Program Files (x86)\Gaosuo
2015-07-27 13:32 - 2015-07-27 13:32 - 00000000 ____D C:\WINDOWS\Gaosuo
2015-07-27 13:23 - 2015-07-27 13:23 - 00000000 ____D C:\Users\poppag\AppData\Roaming\Friendly Cactus
2015-07-26 20:00 - 2015-07-26 20:11 - 00000000 ____D C:\Users\poppag\AppData\Roaming\IQS
2015-07-26 19:54 - 2015-08-06 15:03 - 00000000 ____D C:\Users\poppag\AppData\Local\Deployment
2015-07-26 19:54 - 2015-07-26 19:54 - 00000000 ____D C:\Users\poppag\AppData\Local\Apps\2.0
2015-07-26 18:47 - 2015-07-26 18:47 - 00000000 ____D C:\Users\poppag\AppData\Roaming\Mad Head Games
2015-07-26 18:46 - 2015-07-26 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Beyond - Light Advent Collector's Edition
2015-07-26 15:36 - 2015-07-26 15:36 - 00000000 ____D C:\Users\poppag\AppData\Local\MetaGeek, LLC
2015-07-26 13:42 - 2015-07-26 15:46 - 00000000 ____D C:\Users\poppag\AppData\Local\MetaGeek,_LLC
2015-07-26 13:42 - 2015-07-26 13:42 - 00000037 ___SH C:\Users\poppag\AppData\Local\70149b02515b3bb20dd492.47983420
2015-07-26 13:38 - 2015-08-05 18:42 - 00000000 ____D C:\Program Files (x86)\MetaGeek
2015-07-26 13:21 - 2015-07-26 13:21 - 11000652 _____ C:\Users\poppag\Downloads\WiHack-v2.4-.3.zip
2015-07-26 13:04 - 2015-07-26 13:04 - 00000030 _____ C:\Users\poppag\Downloads\ProfessionalWifiCracker-Ultimate2014 - ThePirateBay.TO.torrent
2015-07-25 15:14 - 2015-07-22 01:18 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-07-25 15:14 - 2015-07-22 01:15 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-07-25 15:14 - 2015-07-22 01:02 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-07-25 15:14 - 2015-07-22 00:13 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-07-25 15:14 - 2015-07-22 00:00 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-07-25 15:14 - 2015-07-22 00:00 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-07-25 15:14 - 2015-07-22 00:00 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-07-25 15:14 - 2015-07-21 23:53 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-07-25 15:14 - 2015-07-21 23:21 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-07-25 15:14 - 2015-07-21 23:13 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-07-25 15:14 - 2015-07-21 22:50 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-07-24 12:51 - 2015-07-24 12:51 - 02575872 _____ (ACCA software S.p.A.) C:\WINDOWS\ACCA_PreviewHandler.dll
2015-07-24 12:47 - 2007-04-11 10:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capicom.DLL
2015-07-24 12:43 - 2015-07-24 12:43 - 09391096 _____ (ACCA software S.p.A.) C:\Users\poppag\Downloads\Edificius_v600o_EN.exe
2015-07-24 12:38 - 2015-07-22 00:02 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-07-24 12:38 - 2015-07-22 00:00 - 00242264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-07-24 12:38 - 2015-07-21 23:59 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-07-24 12:38 - 2015-07-21 23:55 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-07-24 12:38 - 2015-07-21 23:55 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-07-24 12:38 - 2015-07-21 23:54 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-07-24 12:38 - 2015-07-21 23:48 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-07-24 12:38 - 2015-07-21 23:46 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-07-24 12:38 - 2015-07-21 23:13 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-07-24 12:38 - 2015-07-21 23:11 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-07-24 12:38 - 2015-07-21 23:10 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-07-24 12:38 - 2015-07-21 23:09 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-07-24 12:38 - 2015-07-21 23:07 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-07-24 12:38 - 2015-07-21 23:04 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-07-24 12:38 - 2015-07-21 23:03 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-07-23 14:48 - 2015-07-23 14:50 - 00000000 ____D C:\Users\poppag\Documents\Sound recordings
2015-07-23 13:55 - 2015-07-23 13:55 - 06947302 _____ C:\Users\poppag\samurai.ct7Project
2015-07-23 10:14 - 2015-07-23 10:14 - 00000000 ____D C:\Users\poppag\AppData\Roaming\com.wonderidea.focusky
2015-07-22 15:42 - 2015-07-22 15:42 - 00098788 _____ C:\Users\poppag\Downloads\Sheep.hani
2015-07-22 09:30 - 2015-07-19 00:04 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-07-22 09:30 - 2015-07-18 23:54 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-07-22 09:30 - 2015-07-18 23:23 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-07-22 09:30 - 2015-07-18 23:18 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-07-22 09:30 - 2015-07-18 23:12 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-07-22 09:30 - 2015-07-18 23:02 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-07-22 09:30 - 2015-07-18 22:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-07-21 10:43 - 2015-07-18 04:48 - 00916800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-07-21 10:43 - 2015-07-18 04:47 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-07-21 10:43 - 2015-07-18 03:43 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-07-21 10:43 - 2015-07-18 03:39 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-07-21 10:43 - 2015-07-18 03:37 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-07-21 10:43 - 2015-07-18 03:29 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-07-21 10:43 - 2015-07-18 03:28 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-07-21 10:43 - 2015-07-18 03:28 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-07-21 10:43 - 2015-07-18 03:26 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-07-21 10:43 - 2015-07-18 01:18 - 01085776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-07-21 10:43 - 2015-07-18 01:17 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-07-21 10:43 - 2015-07-18 01:02 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-07-21 10:43 - 2015-07-18 00:06 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-07-21 10:43 - 2015-07-18 00:01 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-07-21 10:43 - 2015-07-17 23:59 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-07-21 10:43 - 2015-07-17 23:59 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-07-21 10:43 - 2015-07-17 23:52 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-07-21 10:43 - 2015-07-17 23:50 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-07-21 10:43 - 2015-07-17 23:50 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-07-21 10:43 - 2015-07-17 23:49 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-07-21 10:43 - 2015-07-17 23:49 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-07-21 10:43 - 2015-07-17 23:49 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-07-21 10:43 - 2015-07-17 23:48 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-07-21 10:43 - 2015-07-17 23:48 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-07-21 10:43 - 2015-07-17 23:47 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-07-21 10:43 - 2015-07-17 00:23 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-07-21 10:43 - 2015-07-17 00:13 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-07-21 10:43 - 2015-07-17 00:12 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-07-21 10:43 - 2015-07-17 00:07 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-07-21 10:43 - 2015-07-16 22:39 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-07-21 10:43 - 2015-07-16 22:39 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-07-21 10:43 - 2015-07-16 22:36 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-07-21 10:43 - 2015-07-16 22:33 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-07-21 10:43 - 2015-07-16 22:33 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-07-21 10:43 - 2015-07-16 22:32 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-07-21 10:43 - 2015-07-16 22:31 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-07-21 10:43 - 2015-07-16 22:26 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-07-21 10:43 - 2015-07-16 22:26 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-07-21 10:43 - 2015-07-16 22:24 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-07-21 10:43 - 2015-07-16 22:21 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-07-21 10:43 - 2015-07-16 22:19 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-07-21 10:43 - 2015-07-16 22:19 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-07-21 10:43 - 2015-07-16 22:19 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-07-21 10:43 - 2015-07-16 22:18 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-07-21 10:43 - 2015-07-16 22:16 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-07-21 10:43 - 2015-07-16 22:05 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-07-21 10:43 - 2015-07-16 22:05 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-07-21 10:43 - 2015-07-16 21:56 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-07-21 10:43 - 2015-07-16 21:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-07-21 10:43 - 2015-07-16 21:51 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-07-21 10:43 - 2015-07-16 21:50 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-07-21 10:43 - 2015-07-16 21:46 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-07-21 10:43 - 2015-07-16 21:44 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-07-20 19:31 - 2015-07-20 19:32 - 00000000 ____D C:\Users\poppag\Desktop\Graphics
2015-07-20 19:29 - 2015-08-03 17:57 - 00000000 ____D C:\Users\poppag\Desktop\Recent Files
2015-07-20 19:27 - 2015-08-11 12:16 - 00000000 ____D C:\Users\poppag\Desktop\Utilities
2015-07-20 19:25 - 2015-07-20 19:25 - 00003260 _____ C:\WINDOWS\System32\Tasks\{01F14956-5EF2-470B-869E-5B4526D24703}
2015-07-20 17:15 - 2015-07-20 17:15 - 00000000 ____D C:\Program Files (x86)\1045E420-1437426923-DF11-BACB-00266C69E639
2015-07-19 12:09 - 2015-07-19 12:09 - 05678024 _____ C:\Users\poppag\default.ct7Project
2015-07-19 10:41 - 2015-07-19 10:41 - 00847401 _____ C:\Users\poppag\Downloads\Forest.hani
2015-07-19 10:25 - 2015-07-22 15:40 - 00000021 _____ C:\Users\poppag\AppData\Local\Apps\T4.txt
2015-07-19 10:23 - 2015-07-17 21:25 - 00046592 _____ (BsB) C:\Users\poppag\Downloads\Hippo Keygen.exe
2015-07-19 10:22 - 2015-07-17 21:25 - 00046592 _____ (BsB) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hippo Keygen.exe
2015-07-19 10:20 - 2015-07-19 10:25 - 00000000 ____D C:\Users\poppag\AppData\Local\Hippo Studios
2015-07-19 09:43 - 2015-07-19 09:45 - 08338753 _____ C:\Users\poppag\Downloads\Hippo_Animator_4.4.5674.rar
2015-07-17 23:47 - 2015-08-11 13:34 - 00000000 ___DC C:\WINDOWS\Panther
2015-07-17 23:42 - 2015-07-17 23:42 - 00000000 ____D C:\Windows.old
2015-07-17 23:35 - 2015-07-17 23:35 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-07-17 23:35 - 2015-07-17 23:35 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-07-17 23:35 - 2015-07-17 23:35 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-07-17 23:35 - 2015-07-17 23:35 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00412672 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00403968 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-07-17 23:35 - 2015-07-17 23:35 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-07-17 23:35 - 2015-07-17 23:35 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-07-17 23:35 - 2015-07-17 23:35 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-07-17 23:35 - 2015-07-17 23:35 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-07-17 23:35 - 2015-07-17 23:35 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-07-17 23:32 - 2015-07-17 23:32 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-07-17 23:29 - 2015-07-17 23:29 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-07-17 23:29 - 2015-07-17 23:29 - 00000000 ____D C:\Program Files\MSBuild
2015-07-17 23:29 - 2015-07-17 23:29 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-07-17 23:29 - 2015-07-17 20:08 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-07-17 23:28 - 2015-06-17 22:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-07-17 23:28 - 2015-06-17 22:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-17 23:28 - 2015-06-17 22:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-07-17 23:28 - 2015-05-30 01:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-07-17 23:28 - 2015-05-30 01:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-07-17 23:28 - 2015-05-30 01:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-07-17 22:35 - 2015-07-16 01:11 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-07-17 22:35 - 2015-07-16 00:55 - 02878000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-07-17 22:35 - 2015-07-14 22:41 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-07-17 22:35 - 2015-07-14 21:35 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-07-17 22:34 - 2015-07-16 01:39 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-07-17 22:34 - 2015-07-16 00:09 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-07-17 22:34 - 2015-07-16 00:04 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-07-17 22:34 - 2015-07-16 00:03 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-07-17 22:34 - 2015-07-16 00:01 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-07-17 22:34 - 2015-07-15 23:54 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-07-17 22:34 - 2015-07-15 23:47 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-07-17 22:34 - 2015-07-15 23:45 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-07-17 22:34 - 2015-07-15 23:44 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-07-17 22:34 - 2015-07-15 23:43 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-07-17 22:34 - 2015-07-15 23:41 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-07-17 22:34 - 2015-07-15 23:40 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-07-17 22:34 - 2015-07-15 23:36 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-07-17 22:34 - 2015-07-15 23:35 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-07-17 22:34 - 2015-07-15 23:33 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-07-17 22:34 - 2015-07-15 23:32 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-07-17 22:34 - 2015-07-15 23:29 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-07-17 22:34 - 2015-07-15 23:27 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-07-17 22:34 - 2015-07-15 23:19 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-07-17 22:34 - 2015-07-14 23:21 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-07-17 22:34 - 2015-07-14 22:49 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-07-17 22:34 - 2015-07-14 22:49 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-07-17 22:34 - 2015-07-14 22:22 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-07-17 22:34 - 2015-07-14 22:16 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-07-17 22:34 - 2015-07-14 22:04 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-07-17 22:34 - 2015-07-14 21:59 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-07-17 22:34 - 2015-07-14 21:57 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-07-17 22:34 - 2015-07-14 21:47 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-07-17 22:34 - 2015-07-14 21:41 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-07-17 22:34 - 2015-07-14 21:37 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-07-17 22:34 - 2015-07-14 21:27 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-07-17 20:48 - 2015-07-17 20:48 - 00000000 ____D C:\WINDOWS\Sun
2015-07-17 20:48 - 2015-07-17 20:48 - 00000000 ____D C:\ProgramData\Sun
2015-07-17 20:48 - 2015-07-17 20:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-17 20:48 - 2015-07-17 20:47 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-07-17 20:47 - 2015-07-17 20:48 - 00000000 ____D C:\ProgramData\Oracle
2015-07-17 20:47 - 2015-07-17 20:47 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-17 20:42 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2015-07-17 20:42 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2015-07-17 20:42 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2015-07-17 20:42 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2015-07-17 20:42 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2015-07-17 20:42 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2015-07-17 20:42 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2015-07-17 20:42 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2015-07-17 20:42 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2015-07-17 20:42 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2015-07-17 20:42 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2015-07-17 20:42 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2015-07-17 20:42 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2015-07-17 20:42 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2015-07-17 20:42 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2015-07-17 20:42 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2015-07-17 20:42 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2015-07-17 20:42 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2015-07-17 20:42 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2015-07-17 20:42 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2015-07-17 20:42 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2015-07-17 20:42 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2015-07-17 20:42 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2015-07-17 20:42 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2015-07-17 20:42 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2015-07-17 20:42 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2015-07-17 20:42 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2015-07-17 20:42 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2015-07-17 20:42 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2015-07-17 20:42 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2015-07-17 20:42 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2015-07-17 20:42 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2015-07-17 20:42 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2015-07-17 20:42 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2015-07-17 20:42 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2015-07-17 20:42 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2015-07-17 20:42 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2015-07-17 20:42 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2015-07-17 20:42 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2015-07-17 20:42 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2015-07-17 20:42 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2015-07-17 20:42 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2015-07-17 20:42 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2015-07-17 20:42 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2015-07-17 20:42 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2015-07-17 20:42 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2015-07-17 20:42 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2015-07-17 20:42 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2015-07-17 20:42 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2015-07-17 20:42 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2015-07-17 20:42 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2015-07-17 20:42 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2015-07-17 20:42 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2015-07-17 20:42 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2015-07-17 20:42 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2015-07-17 20:42 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2015-07-17 20:42 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2015-07-17 20:42 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2015-07-17 20:42 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2015-07-17 20:42 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2015-07-17 20:42 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2015-07-17 20:42 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2015-07-17 20:42 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2015-07-17 20:42 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2015-07-17 20:42 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2015-07-17 20:42 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2015-07-17 20:42 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2015-07-17 20:42 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2015-07-17 20:42 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2015-07-17 20:42 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2015-07-17 20:42 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2015-07-17 20:42 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2015-07-17 20:42 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2015-07-17 20:42 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2015-07-17 20:42 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2015-07-17 20:42 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2015-07-17 20:42 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2015-07-17 20:42 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2015-07-17 20:42 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2015-07-17 20:42 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2015-07-17 20:42 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2015-07-17 20:42 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2015-07-17 20:42 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2015-07-17 20:42 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2015-07-17 20:42 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2015-07-17 20:42 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2015-07-17 20:42 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2015-07-17 20:42 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2015-07-17 20:41 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2015-07-17 20:41 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2015-07-17 20:41 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2015-07-17 20:41 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2015-07-17 20:41 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2015-07-17 20:41 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2015-07-17 20:41 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2015-07-17 20:41 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2015-07-17 20:41 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2015-07-17 20:41 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2015-07-17 20:41 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2015-07-17 20:41 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2015-07-17 20:41 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2015-07-17 20:41 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2015-07-17 20:41 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2015-07-17 20:41 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2015-07-17 20:41 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2015-07-17 20:41 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2015-07-17 20:41 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2015-07-17 20:41 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2015-07-17 20:41 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2015-07-17 20:41 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2015-07-17 20:41 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2015-07-17 20:41 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2015-07-17 20:41 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2015-07-17 20:41 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2015-07-17 20:41 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2015-07-17 20:41 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2015-07-17 20:41 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2015-07-17 20:41 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2015-07-17 20:41 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2015-07-17 20:41 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2015-07-17 20:41 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2015-07-17 20:41 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2015-07-17 20:41 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2015-07-17 20:41 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2015-07-17 20:41 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2015-07-17 20:41 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2015-07-17 20:41 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2015-07-17 20:41 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2015-07-17 20:41 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2015-07-17 20:41 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2015-07-17 20:41 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2015-07-17 20:41 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2015-07-17 20:41 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2015-07-17 20:41 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2015-07-17 20:41 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2015-07-17 20:41 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2015-07-17 20:41 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2015-07-17 20:41 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2015-07-17 20:41 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2015-07-17 20:41 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2015-07-17 20:41 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2015-07-17 20:41 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2015-07-17 20:41 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2015-07-17 20:41 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2015-07-17 20:41 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2015-07-17 20:41 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2015-07-17 20:41 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2015-07-17 20:41 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2015-07-17 20:41 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2015-07-17 20:41 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2015-07-17 20:41 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2015-07-17 20:41 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2015-07-17 20:41 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2015-07-17 20:41 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2015-07-17 20:41 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2015-07-17 20:41 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2015-07-17 20:41 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2015-07-17 20:41 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2015-07-17 20:41 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2015-07-17 20:41 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2015-07-17 20:41 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2015-07-17 20:41 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2015-07-17 20:41 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2015-07-17 20:41 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2015-07-17 20:41 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2015-07-17 20:41 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2015-07-17 20:41 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2015-07-17 20:41 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2015-07-17 20:41 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2015-07-17 20:41 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2015-07-17 20:41 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2015-07-17 20:41 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2015-07-17 20:41 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2015-07-17 20:41 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2015-07-17 20:41 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2015-07-17 20:41 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2015-07-17 20:41 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2015-07-17 20:41 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2015-07-17 20:38 - 2015-07-17 20:42 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2015-07-17 20:38 - 2015-07-17 20:40 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2015-07-17 20:26 - 2015-07-17 20:26 - 00000020 ___SH C:\Users\poppag\ntuser.ini
2015-07-17 20:24 - 2015-07-17 20:24 - 00000000 __SHD C:\Recovery
2015-07-17 20:06 - 2015-07-17 20:06 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-17 20:06 - 2015-07-17 20:06 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-07-17 20:06 - 2015-07-17 20:06 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-07-17 20:06 - 2015-07-17 20:06 - 00000000 ____D C:\Users\Default\3D Objects
2015-07-17 20:06 - 2015-07-17 20:06 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-07-17 20:06 - 2015-07-17 20:06 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-07-17 19:59 - 2015-07-17 20:08 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-07-17 19:59 - 2015-07-17 19:59 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-07-17 19:56 - 2015-08-11 13:34 - 00000000 ____D C:\Users\poppag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-17 19:56 - 2015-08-07 13:59 - 00000000 ____D C:\Users\poppag
2015-07-17 19:56 - 2015-07-17 19:58 - 00000000 ____D C:\Users\poppag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-07-17 19:56 - 2015-07-17 19:58 - 00000000 ____D C:\Users\poppag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-07-17 19:56 - 2015-07-10 07:04 - 00000000 ____D C:\Users\poppag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-07-17 19:56 - 2015-07-10 07:04 - 00000000 ____D C:\Users\poppag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-07-17 19:53 - 2015-07-10 06:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-07-17 19:52 - 2015-07-17 19:52 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-07-17 19:52 - 2015-07-17 19:52 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-07-17 19:51 - 2015-07-17 19:51 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-07-17 19:51 - 2015-07-17 19:51 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-07-17 19:51 - 2015-07-17 19:51 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-07-17 19:51 - 2015-07-17 19:51 - 00000000 ____D C:\WINDOWS\system32\DAX2
2015-07-17 19:51 - 2015-07-17 19:51 - 00000000 ____D C:\Program Files\Synaptics
2015-07-17 19:51 - 2015-07-17 19:51 - 00000000 ____D C:\Program Files\Realtek
2015-07-17 19:49 - 2015-07-17 19:50 - 00038294 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-07-17 18:36 - 2015-07-17 18:36 - 00000000 ____D C:\ProgramData\Reprise
2015-07-17 18:35 - 2015-07-17 18:35 - 00000000 ____D C:\ProgramData\SketchUp
2015-07-17 17:47 - 2015-07-17 17:47 - 04770942 _____ C:\Users\poppag\Downloads\attachments_2015_07_17.zip
2015-07-17 16:29 - 2015-07-17 16:29 - 00000000 ____D C:\Users\poppag\Documents\Viewbuild
2015-07-15 17:10 - 2015-07-15 17:10 - 00764616 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2015-07-15 17:10 - 2015-07-15 17:10 - 00613576 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2015-07-15 17:10 - 2015-07-15 17:10 - 00419528 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll
2015-07-15 17:10 - 2015-07-15 17:10 - 00269000 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2015-07-15 17:10 - 2015-07-15 17:10 - 00255176 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo29.dll
2015-07-15 17:10 - 2015-07-15 17:10 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys
2015-07-15 17:10 - 2015-07-15 17:10 - 00042184 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys
2015-07-14 19:40 - 2015-07-14 19:40 - 00000000 ____D C:\Users\poppag\AppData\Roaming\Synaptics
2015-07-14 17:34 - 2015-07-14 17:34 - 21646088 _____ (Hewlett-Packard Company ) C:\Users\poppag\Downloads\sp39403.exe
2015-07-14 17:08 - 2015-07-14 17:09 - 76326632 _____ (Hewlett-Packard Company ) C:\Users\poppag\Downloads\sp54972.exe
2015-07-14 10:13 - 2015-07-15 09:20 - 00000000 ____D C:\Users\poppag\AppData\Local\MicrosoftEdge
2015-07-14 07:58 - 2015-07-14 07:58 - 00000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2015-07-14 04:29 - 2015-07-22 10:00 - 01804696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2015-07-14 04:29 - 2015-07-22 10:00 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2015-07-13 15:37 - 2015-07-13 15:38 - 34226736 _____ (Cisco Systems, Inc.) C:\Users\poppag\Downloads\nmsetup (1).exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-12 19:06 - 2015-06-02 17:04 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2015-08-12 19:05 - 2015-06-01 17:06 - 00000000 ____D C:\Users\poppag\AppData\Local\ActiveSync
2015-08-12 19:04 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-12 19:04 - 2015-06-25 12:02 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-12 19:02 - 2015-07-10 08:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-12 19:01 - 2015-07-10 05:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-12 18:59 - 2015-06-25 12:02 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-12 18:37 - 2015-06-13 18:26 - 00000932 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2317217915-3030507882-558724183-1000UA.job
2015-08-12 18:28 - 2015-06-01 17:37 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-12 17:44 - 2015-07-10 08:20 - 00357496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-12 17:43 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\tracing
2015-08-12 16:26 - 2015-06-01 17:04 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7BF4FE33-08B0-4225-83EC-7677A32BB4D8}
2015-08-12 11:23 - 2015-06-01 18:58 - 00000000 ____D C:\Users\poppag\AppData\Local\CrashDumps
2015-08-12 09:49 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-11 19:37 - 2015-06-13 18:26 - 00000880 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2317217915-3030507882-558724183-1000Core.job
2015-08-11 19:37 - 2015-06-02 16:53 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-08-11 18:55 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-11 18:55 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-11 18:55 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-11 18:55 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-11 18:55 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-11 18:23 - 2015-06-03 18:20 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-11 18:14 - 2015-06-04 10:04 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-11 18:14 - 2015-06-03 18:20 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-11 18:10 - 2015-07-10 06:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-11 17:56 - 2009-07-13 22:34 - 00000478 _____ C:\WINDOWS\win.ini
2015-08-11 17:53 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\restore
2015-08-11 12:49 - 2015-06-01 17:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-11 12:14 - 2015-06-01 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-11 09:36 - 2015-06-01 19:44 - 00000000 ____D C:\Program Files\7-Zip
2015-08-10 14:55 - 2015-06-01 16:30 - 00875126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-10 13:03 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-10 09:15 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SchCache
2015-08-09 09:53 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-08 13:41 - 2015-06-02 17:04 - 00003386 _____ C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2015-08-08 13:41 - 2015-06-02 17:04 - 00003032 _____ C:\WINDOWS\System32\Tasks\GU5SkipUAC
2015-08-08 13:41 - 2015-06-02 17:04 - 00001172 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-08-08 11:38 - 2015-07-10 07:06 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 11:38 - 2015-07-10 07:06 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-07 14:15 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-07 13:49 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-08-06 14:45 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-08-05 10:54 - 2015-07-10 05:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-08-05 10:54 - 2015-06-02 17:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-08-05 10:54 - 2015-06-01 18:33 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-08-05 10:46 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\registration
2015-08-05 10:44 - 2015-06-01 16:50 - 00000000 ____D C:\Users\poppag\AppData\Local\Packages
2015-08-03 17:57 - 2015-06-04 12:58 - 00000000 ____D C:\ProgramData\A-PDF
2015-08-03 17:34 - 2015-06-01 19:27 - 00000000 ____D C:\Users\poppag\Documents\TTSSketchMaker
2015-07-31 08:12 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-07-31 08:12 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-07-31 08:12 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-07-31 08:12 - 2015-07-10 05:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-07-31 08:12 - 2015-07-10 05:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-07-30 17:01 - 2015-07-11 17:40 - 00000000 ____D C:\Users\poppag\AppData\Roaming\Eipix
2015-07-30 09:54 - 2015-06-13 18:25 - 00000000 ____D C:\Users\poppag\AppData\Local\Google
2015-07-29 17:55 - 2015-06-25 12:03 - 00000000 ____D C:\Program Files\Recuva
2015-07-29 17:49 - 2015-06-26 13:13 - 00000000 ____D C:\Program Files\CCleaner
2015-07-29 17:49 - 2015-06-01 17:40 - 00001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-07-29 17:49 - 2015-06-01 17:40 - 00001087 _____ C:\Users\Public\Desktop\Audacity.lnk
2015-07-29 17:48 - 2015-06-01 17:40 - 00000000 ____D C:\Program Files (x86)\Audacity
2015-07-29 12:36 - 2015-06-25 12:02 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-27 10:27 - 2015-06-01 16:53 - 00002388 _____ C:\Users\poppag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-07-27 10:27 - 2015-06-01 16:53 - 00000000 ___RD C:\Users\poppag\OneDrive
2015-07-23 13:50 - 2015-06-03 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrazyTalk7
2015-07-22 17:49 - 2015-06-04 10:04 - 00000000 ____D C:\Users\poppag\AppData\Local\Microsoft Help
2015-07-22 13:08 - 2015-06-13 12:05 - 00000000 ____D C:\Users\poppag\3D Objects
2015-07-22 09:10 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-07-19 11:57 - 2015-06-14 20:00 - 00000000 ____D C:\Users\poppag\AppData\Roaming\Apple Computer
2015-07-18 10:42 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\appcompat
2015-07-17 23:47 - 2015-07-10 07:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-07-17 20:29 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-07-17 20:23 - 2015-06-01 16:20 - 00057153 _____ C:\WINDOWS\diagwrn.xml
2015-07-17 20:23 - 2015-06-01 16:20 - 00057153 _____ C:\WINDOWS\diagerr.xml
2015-07-17 20:19 - 2015-06-01 16:27 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-07-17 20:17 - 2015-07-10 07:04 - 00000000 __RSD C:\WINDOWS\Media
2015-07-17 20:16 - 2015-07-10 07:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-07-17 20:08 - 2015-07-12 16:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2015-07-17 20:08 - 2015-07-10 09:14 - 00000000 ____D C:\WINDOWS\ShellNew
2015-07-17 20:08 - 2015-07-10 07:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-17 20:08 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-07-17 20:08 - 2015-07-10 05:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-07-17 20:08 - 2015-07-08 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-17 20:08 - 2015-07-08 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-07-17 20:08 - 2015-07-08 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-07-17 20:08 - 2015-06-28 12:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2015-07-17 20:08 - 2015-06-26 13:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-07-17 20:08 - 2015-06-25 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2015-07-17 20:08 - 2015-06-24 19:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X7
2015-07-17 20:08 - 2015-06-13 18:26 - 00000000 ____D C:\Users\poppag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
2015-07-17 20:08 - 2015-06-12 16:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Logo Creator v6.8
2015-07-17 20:08 - 2015-06-11 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2015-07-17 20:08 - 2015-06-04 13:02 - 00000000 ____D C:\Users\poppag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cartoon Effect Creator
2015-07-17 20:08 - 2015-06-04 12:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flip Builder
2015-07-17 20:08 - 2015-06-04 12:37 - 00000000 ____D C:\Users\poppag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IntoCartoon Pro 3.1
2015-07-17 20:08 - 2015-06-04 10:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-07-17 20:08 - 2015-06-04 10:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-07-17 20:08 - 2015-06-03 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\plasq
2015-07-17 20:08 - 2015-06-03 17:19 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-07-17 20:08 - 2015-06-03 16:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2015-07-17 20:08 - 2015-06-02 13:39 - 00000000 ____D C:\Users\poppag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicISO
2015-07-17 20:08 - 2015-06-02 12:35 - 00000000 ____D C:\Users\poppag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2015-07-17 20:08 - 2015-06-02 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2015-07-17 20:08 - 2015-06-02 12:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProShow Producer
2015-07-17 20:08 - 2015-06-01 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TextAloud
2015-07-17 20:06 - 2015-07-10 07:04 - 00000000 __RSD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-07-17 20:06 - 2015-07-10 07:04 - 00000000 __RSD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-07-17 20:06 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-07-17 20:06 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-07-17 20:06 - 2015-07-10 05:05 - 00000000 __RHD C:\Users\Default
2015-07-17 20:06 - 2015-06-30 03:46 - 00000000 ____D C:\Users\Default.migrated
2015-07-17 20:01 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-07-17 20:01 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-07-17 20:00 - 2015-07-10 09:19 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-07-17 20:00 - 2015-07-10 07:04 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-07-17 20:00 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\spool
2015-07-17 20:00 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\IME
2015-07-17 20:00 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\schemas
2015-07-17 20:00 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\Resources
2015-07-17 20:00 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-07-17 20:00 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\IME
2015-07-17 20:00 - 2015-06-03 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AKVIS
2015-07-17 20:00 - 2015-05-23 09:06 - 00000000 ___RD C:\WINDOWS\PrintDialog3D
2015-07-17 20:00 - 2009-07-14 03:45 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-07-17 19:59 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-07-17 19:59 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files\Common Files\System
2015-07-17 19:59 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-07-17 19:08 - 2015-07-10 09:39 - 00000000 ___HD C:\$Windows.~BT
2015-07-15 19:32 - 2015-06-13 18:26 - 00004050 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2317217915-3030507882-558724183-1000UA
2015-07-15 19:32 - 2015-06-13 18:26 - 00003674 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2317217915-3030507882-558724183-1000Core
2015-07-15 14:54 - 2015-06-25 12:02 - 00003984 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 14:54 - 2015-06-25 12:02 - 00003752 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2015-06-02 12:36 - 2015-06-02 12:41 - 16258616 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-07-26 13:42 - 2015-07-26 13:42 - 0000037 ___SH () C:\Users\poppag\AppData\Local\70149b02515b3bb20dd492.47983420
2015-08-12 12:00 - 2015-08-12 12:00 - 0000017 _____ () C:\Users\poppag\AppData\Local\resmon.resmoncfg
2015-07-17 19:52 - 2015-07-17 19:52 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\poppag\AppData\Local\Temp\flaDDC.tmp.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-08-05 11:07

==================== End of log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:12-08-2015
Ran by poppag (2015-08-12 19:09:58)
Running from C:\Users\poppag\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2317217915-3030507882-558724183-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2317217915-3030507882-558724183-503 - Limited - Disabled)
Guest (S-1-5-21-2317217915-3030507882-558724183-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2317217915-3030507882-558724183-1002 - Limited - Enabled)
poppag (S-1-5-21-2317217915-3030507882-558724183-1000 - Administrator - Enabled) => C:\Users\poppag

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.05 beta x64 (HKLM\...\7-Zip) (Version: - )
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated)
AKVIS Coloriage (HKLM\...\{4833435D-7A4D-4D15-86F4-51C2D15549CF}) (Version: 9.5.1062.10402 - AKVIS)
AKVIS Coloriage Plugin (HKLM-x32\...\AKVIS Coloriage_is1) (Version: - )
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cartoon Effect Creator (HKLM-x32\...\{B5432F4D-CB93-472A-A361-F813801FF141}) (Version: 1.0.0 - Cartoon Effect Creator)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
ChromecastApp (HKU\S-1-5-21-2317217915-3030507882-558724183-1000\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.)
Cloud System Booster (HKLM-x32\...\Cloud System Booster) (Version: 3.3 - Anvisoft)
Comic Life (HKLM-x32\...\{6A1F0A1A-474C-4151-8534-5F61832D88CD}) (Version: 1.3.6 - plasq)
Corel PaintShop Pro X7 (HKLM-x32\...\_{176F50D6-6857-49CE-B731-65F757EE3F0D}) (Version: 17.0.0.199 - Corel Corporation)
CrazyTalk v7.32 PRO (HKLM-x32\...\{27C4EA98-84A3-4CDF-A436-F984A0283357}) (Version: 7.32.3114.1 - Reallusion Inc.)
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 10.0 - Emsisoft Ltd.)
Flip Builder (HKLM-x32\...\Flip Builder_is1) (Version: - Flip Builder)
Focusky 2.7.2 (HKLM-x32\...\Focusky_is1) (Version: 2.7.2 - Focusky Solution)
Gaosuo (HKLM-x32\...\Gaosuo2.0) (Version: 2.0 - Gaosuo)
Glary Utilities PRO 5.31 (HKLM-x32\...\Glary Utilities 5) (Version: 5.31.0.51 - Glarysoft Ltd)
Google Drive (HKLM-x32\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
GooReader PRO (HKLM-x32\...\{F4B5F459-15B3-4A59-A2EC-2E88820AC9AB}) (Version: 6.3.1 - GooReader)
ICA (x32 Version: 17.0.0.199 - Corel Corporation) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
IPM_PSP_COM64 (Version: 17.0.0.199 - Corel Corporation) Hidden
iTunes (HKLM\...\{4046F74A-28F8-48C6-A5D3-2AFC472574C1}) (Version: 12.2.0.145 - Apple Inc.)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)
Magic ISO Maker v5.5 (build 0272) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0272)) (Version: - )
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation)
ProShow Producer (HKLM-x32\...\ProShow Producer) (Version: - Photodex Corporation)
PSPPContent (x32 Version: 17.0.0.199 - Corel Corporation) Hidden
PSPPHelp (x32 Version: 17.0.0.199 - Corel Corporation) Hidden
PSPPro64 (Version: 17.0.0.199 - Corel Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Setup (x32 Version: 17.0.0.199 - Corel Corporation) Hidden
SlimCleaner (HKLM-x32\...\{6B8D6199-EE44-4FD7-813A-6D8C62C9B384}) (Version: 4.0.30878 - SlimWare Utilities, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.10.0 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43879 - TeamViewer)
TextAloud 3.0 (HKLM-x32\...\TextAloud3_is1) (Version: 3.0 - NextUp.com)
TextCrawler Pro 3.0.5 (HKLM-x32\...\TextCrawler Pro) (Version: 3.0.5 - DigitalVolcano Software Ltd)
The Logo Creator v6.8 (HKLM-x32\...\{A30C1462-DE8B-1814-4D94-938CEA53F4E4}) (Version: 6.8 - Laughingbird Software)
TomTom HOME (HKLM-x32\...\{0E09BE17-EDEA-42CA-8974-42A587F51510}) (Version: 2.9.8 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Trojan Killer (HKLM-x32\...\GridinSoft Trojan Killer) (Version: 2.1.9.4 - Gridinsoft LLC)
TTS Sketch Maker v1.0 (HKLM-x32\...\SketchMaker) (Version: 1.0.0 - UNKNOWN)
TTS Sketch Maker v1.0 (x32 Version: 1.0.0 - UNKNOWN) Hidden
Windows Grep 2.3 (HKLM-x32\...\Windows Grep_is1) (Version: - )
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2317217915-3030507882-558724183-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2317217915-3030507882-558724183-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2317217915-3030507882-558724183-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\poppag\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2317217915-3030507882-558724183-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\poppag\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2317217915-3030507882-558724183-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\poppag\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2317217915-3030507882-558724183-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\poppag\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2317217915-3030507882-558724183-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\poppag\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2317217915-3030507882-558724183-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\poppag\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2317217915-3030507882-558724183-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\poppag\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2317217915-3030507882-558724183-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\poppag\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2317217915-3030507882-558724183-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\poppag\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2317217915-3030507882-558724183-1000_Classes\CLSID\{E11054A5-EE73-4928-A39A-2C4986E7138F}\InprocServer32 -> C:\WINDOWS\system32\kernel32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2317217915-3030507882-558724183-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\poppag\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2317217915-3030507882-558724183-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\poppag\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2317217915-3030507882-558724183-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\poppag\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

11-08-2015 17:53:08 Windows Update
11-08-2015 18:53:28 Restore Point Created by FRST
11-08-2015 19:34:07 Removed Itibiti RTC
11-08-2015 19:37:27 Removed Itibiti RTC

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-08-11 18:54 - 2015-08-11 18:54 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {0445827B-6AB7-464B-96BD-FF1582EBC888} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => C:\WINDOWS\system32\MusNotification.exe [2015-07-16] (Microsoft Corporation)
Task: {094FD898-0332-4E29-AA15-E5E5EFEDDE7D} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {1641F54C-1E57-4902-AB65-EE2B65E5629D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {1D3D099E-EE1E-4907-8BA2-BA8F12D11AA6} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [2015-07-10] (Microsoft Corporation)
Task: {23E48B97-D27C-4CCD-9CC7-5ED99632C642} - System32\Tasks\{01F14956-5EF2-470B-869E-5B4526D24703} => pcalua.exe -a C:\Users\poppag\AppData\Roaming\VOPackage\Uninstall.exe
Task: {2C97A00A-1C5C-4318-B5CC-8A1A126B77F9} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask
Task: {3101E228-F2EC-47D5-95F9-5C814C337F77} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {3658A493-8590-45BD-BF7B-22C5D097CF23} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {3A78DEA6-0143-47F0-81AC-5A831E7EC728} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_RebootDisplay => C:\windows\system32\MusNotification.exe [2015-07-16] (Microsoft Corporation)
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {434E433B-E453-4F65-AB7E-966089392304} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {43C83335-996D-4AF9-965F-2C12ABA320FF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {4454A8D0-2E4E-4A02-BF67-48DF6A7BFAB4} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask
Task: {475AEC44-2E74-406B-99B7-1459D74399A7} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-08-03] (Glarysoft Ltd)
Task: {4922EC2C-119C-4F7B-9245-F394751B4F0C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-11] (Microsoft Corporation)
Task: {4E9D5D88-6203-4E05-979C-131ECE360821} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {53F3D29F-F064-4074-84DE-E5FBF0117D1D} - System32\Tasks\SlimCleaner Run => C:\Program Files (x86)\SlimCleaner\SlimCleaner.exe [2013-07-10] (SlimWare Utilities, Inc.)
Task: {56D38698-0486-4075-A510-C9ECB538AA78} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {5E5515C1-7D87-4904-B9CE-FD29EB2ADB72} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync
Task: {6095FC09-FE39-42A4-BE63-E82B757947AF} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {611C823C-437B-46E7-9683-5312DFFCFD7B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {6568C3EC-1BAC-43E7-A729-E248F3923993} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_WnfDisplay => C:\windows\system32\MusNotification.exe [2015-07-16] (Microsoft Corporation)
Task: {6601302D-623A-49FA-B333-D72B850A1BB0} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6607300F-A9DD-450C-A7F6-F4CB5A248C55} - System32\Tasks\XBAJTK => Rundll32.exe "C:\WINDOWS\SysWOW64\kbdnkoe.dll",ofmgh
Task: {676D7F6F-5F78-4CA4-A30C-EFFB1B29FCBE} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-08-03] (Glarysoft Ltd)
Task: {682C7EAC-335C-4656-8DC3-20A11FD473E6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-25] (Google Inc.)
Task: {686AF7C7-9865-478D-B413-BB9A7D96D64D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Update_Interval => C:\WINDOWS\system32\MusNotification.exe [2015-07-16] (Microsoft Corporation)
Task: {6A10A336-EE86-4643-82D6-820C98F6939E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {6A9651DD-66BD-41F3-9688-73D8BE9F2DAD} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\HypervisorFlightingTask
Task: {6B9D768E-422F-4D1A-A271-B1439C20FBE1} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {6E030240-0135-4718-BFAE-99B71A069182} - System32\Tasks\{F0E995F4-2D23-4FCC-B70A-F808518F93A5} => pcalua.exe -a C:\Users\poppag\AppData\Local\ArcadeTwist\uninstaller.exe
Task: {711EE2F9-A611-4773-AF8E-D4B278A6718D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {744C9FEA-08B7-43E1-A729-0F94647D655C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {77D29258-0230-488D-A970-0B8B587A1749} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {7A003965-A297-4DC6-B15B-852D798391E0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\Windows\system32\MusNotification.exe [2015-07-16] (Microsoft Corporation)
Task: {7E0F2EA7-141E-4952-8727-35AB2CBC2134} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2317217915-3030507882-558724183-1000Core => C:\Users\poppag\AppData\Local\Google\Update\GoogleUpdate.exe [2015-06-13] (Google Inc.)
Task: {848DCC36-520C-4946-BF68-C7EFFEFA2F84} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot => C:\windows\system32\MusNotification.exe [2015-07-16] (Microsoft Corporation)
Task: {88730611-7AFB-40C6-8E48-76EFA3719A03} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {8A1CECD8-DE92-4BE6-8B9A-6898A76CD281} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {8A3DDA78-0419-45FB-A132-6C7AB0E3AFE9} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {8C1CFD19-5B45-4C55-B6BE-6B57DF008DC7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-07-14] (Microsoft Corporation)
Task: {97B43328-A689-4B88-9787-F05CE029F1EF} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_WnfDisplay => C:\windows\system32\MusNotification.exe [2015-07-16] (Microsoft Corporation)
Task: {A1B1447F-A2CD-48A8-A2F4-8D5B531CAC95} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {A364E297-00AD-490D-900E-22AC34598C71} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {A4335502-C651-4E1D-AE0D-0279C52E4F0D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2317217915-3030507882-558724183-1000UA => C:\Users\poppag\AppData\Local\Google\Update\GoogleUpdate.exe [2015-06-13] (Google Inc.)
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {A6B623BE-3E7B-4A7B-97E2-8FBD71B9CFA7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {AC29E64E-3271-47BA-B8F1-914523CF379B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Automatic App Update
Task: {B4AC9434-4060-491F-A0C2-D0CA422961BE} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B9B36D41-C776-424E-9A13-5387E17A2CEB} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2015-07-10] (Microsoft Corporation)
Task: {C1E73681-F70E-4474-998E-B0F60189727D} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {C2162702-FFEB-48C0-AA5F-2DA3A8887D61} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {D2401052-A382-42DE-9C79-D1CF3563F654} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation
Task: {DAF2BAE3-1C5B-4CB5-9F62-0911C031A15A} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [2015-07-10] (Microsoft Corporation)
Task: {E4653F28-C58D-4AAB-9067-FDC674C8E859} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {EA3F661E-B31C-44A9-B40C-E3D5D56149D4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display => C:\windows\system32\MusNotification.exe [2015-07-16] (Microsoft Corporation)
Task: {F44F9629-9B43-4F2C-9058-CE35BA40F4FD} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {FA6347E4-6466-4628-A190-5CAECDF7924C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-25] (Google Inc.)
Task: {FF2CDA06-EC5E-4EFE-BE7A-C63BE6F110D6} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {FFB684AB-C3C7-49F1-AAAA-8970380D64C4} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => 0x000A010054E45D0E0DF0A644BAD06B07DBC495A846003803000000003C000A0020000000FEFFFFFF000000000013040000008021DF07080003000C00130003000B0041020000360043003A005C00500072006F006700720061006D002000460069006C00650073002000280078003800360029005C0047006F006F0067006C0065005C005500700064006100740065005C0047006F006F0067006C0065005500700064006100740065002E00650078006500000003002F00630000000000150057004F0052004B00470052004F00550050005C0050004F0050005000410047002D00500043002400000020014B006500650070007300200079006F0075007200200047006F006F0067006C006500200073006F00660074007700610072006500200075007000200074006F00200064006100740065002E002000490066002000740068006900730020007400610073006B002000690073002000640069007300610062006C006500640020006F0072002000730074006F0070007000650064002C00200079006F0075007200200047006F006F0067006C006500200073006F006600740077006100720065002000770069006C006C0020006E006F00740020006200650020006B00650070007400200075007000200074006F00200064006100740065002C0020006D00650061006E0069006E0067002000730065006300750072006900740079002000760075006C006E00650072006100620069006C00690074006900650073002000740068006100740020006D00610079002000610072006900730065002000630061006E006E006F007400200062006500200066006900780065006400200061006E00640020006600650061007400750072006500730020006D006100790020006E006F007400200077006F0072006B002E002000540068006900730020007400610073006B00200075006E0069006E007300740061006C006C007300200069007400730065006C00660020007700680065006E0020007400680065007200650020006900730020006E006F00200047006F006F0067006C006500200073006F0066007400770061007200650020007500730069006E0067002000690074002E000000000008000000000000000000020030000000CF0701000100000000000000000000000000000000000000000000000700000001000000000000000000000030000100DF0707000F000000000000000E003B0000000000000000000000000001000000010000000000000000000000
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2317217915-3030507882-558724183-1000Core.job => C:\Users\poppag\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2317217915-3030507882-558724183-1000UA.job => C:\Users\poppag\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\XBAJTK.job => 0x000A0100F988ED4DA7549E4C84771D571943FB9146001A01000000003C000A0020000000FEFFFFFF2B0407800113040001008021DF07080003000C00130002002100B8010100210043003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C00720075006E0064006C006C00330032002E00650078006500000029002000220043003A005C00570049004E0044004F00570053005C0053007900730057004F005700360034005C006B00620064006E006B006F0065002E0064006C006C0022002C006F0066006D006700680000000000150057004F0052004B00470052004F00550050005C0050004F0050005000410047002D0050004300240000000000000008000000000000000000010030000000DC07050007000000000000000000000000000000000000000000000006000000010000000000000000000000

==================== Loaded Modules (Whitelisted) ==============

2015-07-17 22:34 - 2015-07-14 22:04 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00403968 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-06-02 12:01 - 2015-06-02 12:01 - 00186760 _____ () C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
2015-08-06 12:39 - 2015-07-30 02:05 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-06 12:39 - 2015-07-30 02:05 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-07-10 06:59 - 2015-07-10 06:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-11 15:02 - 2015-08-02 21:11 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 07:00 - 2015-07-10 09:14 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-11 15:02 - 2015-08-02 21:08 - 01806848 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-11 15:02 - 2015-08-02 21:09 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-26 13:11 - 2015-06-26 13:11 - 00039192 ____R () C:\Program Files\CCleaner\branding.dll
2015-08-03 03:03 - 2015-08-03 03:03 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-2317217915-3030507882-558724183-1000\...\combatpcviruses.com -> hxxp://www.combatpcviruses.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2317217915-3030507882-558724183-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-2317217915-3030507882-558724183-1000\...\StartupApproved\Run: => "BitTorrent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [UDP Query User{0AF4C6D7-7F2E-40B1-B2D7-F0393CA2D173}C:\program files (x86)\winpcap\rpcapd.exe] => (Block) C:\program files (x86)\winpcap\rpcapd.exe
FirewallRules: [TCP Query User{1989A757-32D9-4454-8730-0A785D91688E}C:\program files (x86)\winpcap\rpcapd.exe] => (Block) C:\program files (x86)\winpcap\rpcapd.exe
FirewallRules: [{FDED7275-7517-4EF5-B4A8-3336F4F9D373}] => (Allow) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe
FirewallRules: [{E473A78C-DDC0-4845-86DB-B0FB84C4EC2D}] => (Allow) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe
FirewallRules: [{F8CB9DA3-1659-4D1A-BA62-BB4C096863DB}] => (Allow) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe
FirewallRules: [{961D206A-0D42-4FD0-AC18-731DE9577F6A}] => (Allow) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe
FirewallRules: [{6E830CB9-AA68-46E8-98C1-57AE52B8415A}] => (Allow) C:\Program Files (x86)\Photodex\ProShow Producer\proshow.exe
FirewallRules: [{FCF67DE3-43E2-4522-BA65-F2F83311E13F}] => (Allow) C:\Program Files (x86)\Photodex\ProShow Producer\proshow.exe
FirewallRules: [{D007E421-FA59-4AC9-8F13-A2929F7CFBA7}] => (Allow) C:\Program Files (x86)\Photodex\ProShow Producer\proshow.exe
FirewallRules: [{617187F1-00A2-4F38-A0BE-ED43E767A6F2}] => (Allow) C:\Program Files (x86)\Photodex\ProShow Producer\proshow.exe
FirewallRules: [{0A47F631-1B78-41A5-B933-9458E44CF35D}] => (Allow) C:\Users\poppag\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{762FD1CA-394B-4616-A579-CD55B0326A4F}] => (Allow) C:\Users\poppag\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{46E4B791-DA9D-4E65-A5FA-1C5256ACD2D6}C:\users\poppag\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\poppag\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{36DBE6B4-9F33-4ABB-BCCB-ECCE180283F8}C:\users\poppag\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\poppag\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{BAF48359-2597-48AA-B339-4DEEEA57341C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{80604BD0-F577-4D77-8262-4D8EA32643A5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7890CB88-6954-4AFC-8307-5CC08DA5EFD9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{74E91C5B-49A7-43D9-B157-CBB0C19F3C21}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2241CB14-114E-4158-997B-A685D21FA059}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5424CF0A-6B7A-41FE-BAA5-82FA46DF3CB8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2702A889-B4BD-4A41-A0F0-0D28F075FDB6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9243BFC2-6E30-4CD8-B817-FFE5A0010549}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{AE054CD6-D1BD-44E4-B5D3-1B3601B81321}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{7FDFFEC5-0759-492A-9955-5B4CCE4D57DC}] => (Allow) C:\Program Files (x86)\BlazeVideo\SmartShow\Blazevideo SmartShow.exe
FirewallRules: [{9C96E0B6-7E8E-414B-BFA8-EB9B4C187936}] => (Allow) C:\Program Files (x86)\BlazeVideo\SmartShow\Blazevideo SmartShow.exe
FirewallRules: [{FF156A42-E940-4228-BF50-D4FEB91DB8C2}] => (Allow) C:\Program Files (x86)\BlazeVideo\SmartShow\Blazevideo SmartShow.exe
FirewallRules: [{097156E5-FB70-4058-96A8-EA8A18E272F0}] => (Allow) C:\Program Files (x86)\BlazeVideo\SmartShow\Blazevideo SmartShow.exe
FirewallRules: [{2E4ABEE3-E04D-47A7-939C-382A0102E7FE}] => (Allow) C:\Program Files (x86)\Microsoft.NET\v2.0.507279\msbuild.exe
FirewallRules: [{C7ABAEFE-7C25-4125-BE53-AA7447AEE4C5}] => (Allow) C:\Windows\SysWOW64\rundll32.exe
FirewallRules: [{C972AA1D-4FD0-4332-B8C1-4823628B5F77}] => (Allow) C:\Windows\SysWOW64\rundll32.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (08/12/2015 05:51:43 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5188) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (08/12/2015 05:51:43 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5188) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).

Error: (08/12/2015 05:51:33 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5188) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (08/12/2015 05:51:33 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5188) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).

Error: (08/12/2015 05:51:22 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5188) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (08/12/2015 05:51:22 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5188) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).

Error: (08/12/2015 05:51:12 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5188) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (08/12/2015 05:51:12 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5188) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).

Error: (08/12/2015 05:51:02 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5188) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (08/12/2015 05:51:02 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5188) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).

System errors:
=============
Error: (08/12/2015 07:01:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (08/12/2015 07:01:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (08/12/2015 07:01:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (08/12/2015 07:01:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (08/12/2015 05:46:27 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (08/12/2015 05:46:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (08/12/2015 05:46:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (08/12/2015 05:46:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Microsoft Office:
=========================
Error: (08/12/2015 05:51:43 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost5188-1032

Error: (08/12/2015 05:51:43 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost5188C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.

Error: (08/12/2015 05:51:33 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost5188-1032

Error: (08/12/2015 05:51:33 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost5188C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.

Error: (08/12/2015 05:51:22 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost5188-1032

Error: (08/12/2015 05:51:22 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost5188C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.

Error: (08/12/2015 05:51:12 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost5188-1032

Error: (08/12/2015 05:51:12 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost5188C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.

Error: (08/12/2015 05:51:02 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost5188-1032

Error: (08/12/2015 05:51:02 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost5188C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.

CodeIntegrity:
===================================
Date: 2015-08-12 11:56:43.201
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

Date: 2015-08-12 11:56:43.002
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

Date: 2015-08-12 11:56:42.491
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

Date: 2015-08-12 11:56:42.274
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

Date: 2015-08-12 11:56:37.329
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

Date: 2015-08-12 11:56:36.640
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

Date: 2015-08-12 11:56:35.909
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

Date: 2015-08-12 11:56:35.481
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

Date: 2015-08-12 11:56:35.446
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

Date: 2015-08-12 11:56:35.411
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

Processor: Pentium® Dual-Core CPU T4400 @ 2.20GHz
Percentage of memory in use: 45%
Total physical RAM: 2939.98 MB
Available physical RAM: 1591.43 MB
Total Virtual: 5883.98 MB
Available Virtual: 4185.09 MB

==================== Drives ================================

Drive c: (TI105487W0B) (Fixed) (Total:286.56 GB) (Free:223.88 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 483E95B7)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=286.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=489 MB) - (Type=27)
Partition 4: (Not Active) - (Size=9.1 GB) - (Type=17)

==================== End of log ============================

#28
zep516

Posted 12 August 2015 - 05:16 PM

Trusted Helper

Malware Removal
8,093 posts

Thanks a lot, take a break while I look over this.

SuperAntispyware has the ability to lock home pages, take a look at it and see if you see anything or perhaps uninstall it as we work. Running out of ideas.

I'll be back shortly.

#29
doctordotcalm

Posted 12 August 2015 - 06:02 PM

Member

Topic Starter
Member
29 posts

Gotta go. Running super spy ware and so far it turned up 70 tracking cookies. I will let you know the result tomorrow. Thanks again.

#30
zep516

Posted 12 August 2015 - 06:12 PM

Trusted Helper

Malware Removal
8,093 posts

Thanks a lot.

See you at around 4..... Tomorrow

Thanks
Joe

Back to Virus, Spyware, Malware Removal · Next Unread Topic →

Also tagged with one or more of these keywords: Help

Security → Virus, Spyware, Malware Removal → Having Powersheel.exe Issues ... Need fixlist.txt Started by raj0171 , 19 Mar 2024 Virus, HELP, Malwarebytes	5 replies 2,670 views	DR M 06 Apr 2024
Hardware → Hardware, Components and Peripherals → Recover the hard drive Started by Andrew Board , 16 Jan 2024 data recovery, hard drive, help and 1 more...	2 replies 668 views	phillpower2 16 Jan 2024
Security → Virus, Spyware, Malware Removal → Help getting started checking laptop for malware [Solved] Started by triedeverything , 12 Apr 2023 help, malware, spyware 1 2	Hot 19 replies 5,789 views	DR M 16 Apr 2023
Security → Virus, Spyware, Malware Removal → Please, I need serious help with new laptop, INSANELY slow, big virus? Started by muscaria , 29 Mar 2022 help, laptop, virus, event viewer and 3 more...	1 reply 1,525 views	RKinner 29 Mar 2022
Development → Software Development → Help with Python Task please Started by Student1122 , 11 Feb 2021 Python, nested list, programming and 2 more...	3 replies 3,849 views	RKinner 18 Feb 2021