Omer135 Posted October 9, 2017 ID:1171074 Share Posted October 9, 2017 (edited) I did a full scan and got to much threats (12,190) is it safe to quarantine and delete them? Will it cause any problems to my pc or to some apps on it? result text attached. Please help me. Malwarebytes thrests scan results.txt Edited October 9, 2017 by Omer135 added the results file Link to post Share on other sites More sharing options...
kevinf80 Posted October 9, 2017 ID:1171076 Share Posted October 9, 2017 Hello Omer135 and welcome to Malwarebytes Leave the items in quarantine for now, see how your system responds. Entries can be dequarantined if necessary later..... Also run the following and post the two produced logs. Download Farbar Recovery Scan Tool and save it to your desktop. Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.htmlNote: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way... Be aware FRST must be run from an account with Administrator status... Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.) Make sure Addition.txt is checkmarked under "Optional scans" Press Scan button to run the tool.... It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The tool will also make a log named (Addition.txt) Please attach that log to your reply. Thank you, Kevin. Link to post Share on other sites More sharing options...
Omer135 Posted October 9, 2017 Author ID:1171087 Share Posted October 9, 2017 Hi, did that scan, here is FRST.txt: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-10-2017 Ran by Omer (administrator) on AIYA-PC (09-10-2017 18:22:54) Running from C:\Users\Aiya\Desktop\Security\FRST Loaded Profiles: Omer (Available Profiles: Omer & aya & shira) Platform: Windows 10 Home Version 1703 170317-1834 (X64) Language: עברית (ישראל) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe (Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Razer Inc) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe (McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe (Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (McAfee, Inc.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_7\mcapexe.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe (Akamai Technologies, Inc.) C:\Users\Aiya\AppData\Local\Akamai\netsession_win.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Intel® Corporation) C:\Program Files\Intel\ConnectCenter\bin\CCFManager.exe (Akamai Technologies, Inc.) C:\Users\Aiya\AppData\Local\Akamai\netsession_win.exe (ASUS) C:\Program Files (x86)\ASUS\PC Link\PCLinkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Discord Inc.) C:\Users\Aiya\AppData\Local\Discord\app-0.0.298\Discord.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\McCSPServiceHost.exe (Discord Inc.) C:\Users\Aiya\AppData\Local\Discord\app-0.0.298\Discord.exe (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe () C:\Program Files (x86)\ASUS\PC Link\tools\adb.exe () C:\Program Files (x86)\ASUS\PC Link\tools\pclink_connect.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe (Discord Inc.) C:\Users\Aiya\AppData\Local\Discord\app-0.0.298\Discord.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8838400 2016-06-07] (Realtek Semiconductor) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [IntelConnectCenter] => C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [90112 2015-03-16] (Intel® Corporation) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-11-04] (Razer Inc.) HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1928776 2016-11-09] (APN) HKLM\...\Winlogon: [Shell] explorer.exe, HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-3482594340-428826731-879083492-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Aiya\AppData\Local\Akamai\netsession_win.exe [4490200 2017-09-08] (Akamai Technologies, Inc.) HKU\S-1-5-21-3482594340-428826731-879083492-1000\...\Run: [PCLink] => C:\Program Files (x86)\ASUS\PC Link\PCLink.exe [640272 2015-10-29] (ASUSTek Computer Inc.) HKU\S-1-5-21-3482594340-428826731-879083492-1000\...\Run: [GoogleChromeAutoLaunch_FA41ACFFCB5E6EB7A38F058117CB2178] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1451352 2017-09-21] (Google Inc.) HKU\S-1-5-21-3482594340-428826731-879083492-1000\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [986648 2016-10-21] (BlueStack Systems, Inc.) HKU\S-1-5-21-3482594340-428826731-879083492-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-11-17] (Apple Inc.) HKU\S-1-5-21-3482594340-428826731-879083492-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3074336 2017-10-05] (Valve Corporation) HKU\S-1-5-21-3482594340-428826731-879083492-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27815896 2017-07-28] (Skype Technologies S.A.) HKU\S-1-5-21-3482594340-428826731-879083492-1000\...\Run: [Discord] => C:\Users\Aiya\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.) Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter Startup: C:\Users\Aiya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2016-01-18] ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-09-28] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe (McAfee, Inc.) CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: 0.0.0.1 mssplus.mcafee.com Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 Tcpip\..\Interfaces\{c51d48a9-dcf9-43a0-8a9e-fc3d28459fdf}: [DhcpNameServer] 10.0.0.138 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = SearchScopes: HKU\S-1-5-21-3482594340-428826731-879083492-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-14] (Intel Security) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-04] (Oracle Corporation) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.) BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-09-06] (McAfee, Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-04] (Oracle Corporation) BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-14] (Intel Security) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-11] (Oracle Corporation) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.) BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-09-06] (McAfee, Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-11] (Oracle Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.) Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-14] (Intel Security) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.) Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-14] (Intel Security) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-09-06] (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-09-06] (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-09-06] (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-09-06] (McAfee, Inc.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-06-01] (Skype Technologies) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-08-08] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-08-08] (McAfee, Inc.) Edge: ====== Edge HomeButtonPage: HKU\S-1-5-21-3482594340-428826731-879083492-1000 -> hxxps://www.google.co.il/?gfe_rd=cr&ei=0qnAVYSBOqHj8wed_prYAw&gws_rd=ssl FireFox: ======== FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-07-20] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-13] () FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-04] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-04] (Oracle Corporation) FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-08-08] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-13] () FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-11] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-11] (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-08-08] () FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll [2014-01-22] (McAfee, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation) FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll [2012-05-31] (Oberon-Media ) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-03-18] (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3482594340-428826731-879083492-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Aiya\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-19] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-3482594340-428826731-879083492-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-03-18] (Pando Networks) FF Plugin HKU\S-1-5-21-3482594340-428826731-879083492-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-08-11] () Chrome: ======= CHR DefaultProfile: Profile 2 CHR HomePage: Profile 2 -> hxxp://start.qone8.com/?type=hp&ts=1397254107&from=epom2&uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F168825588255 CHR StartupUrls: Profile 2 -> "hxxps://www.google.co.il/" CHR Profile: C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Default [2017-07-13] CHR Extension: (YouTube) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-07] CHR Extension: (חיפוש Google) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-07] CHR Extension: (Google Sheets) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-07] CHR Extension: (McAfee® WebAdvisor) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-07-13] CHR Extension: (Google Docs Offline) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-13] CHR Extension: (Skype) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-07-13] CHR Extension: (Gmail) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-07] CHR Extension: (Chrome Media Router) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-13] CHR Profile: C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Guest Profile [2015-05-06] CHR Profile: C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-10-09] CHR Extension: (Free Proxy to Unblock any sites | Touch VPN) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2017-07-13] CHR Extension: (YouTube) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Adblock Plus) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-10-01] CHR Extension: (חיפוש Google) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Sleepy Jack) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\edjdoaebnejlnjknbkbacepgemnjlmfc [2015-06-19] CHR Extension: (AliTools) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eenflijjbchafephdplkdmeenekabdfb [2017-10-01] CHR Extension: (McAfee® WebAdvisor) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-07-30] CHR Extension: (Google Docs Offline) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-13] CHR Extension: (Cashdo ) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghdoangbdengbkokhihepcjgdkdogcdi [2017-10-01] CHR Extension: (Torrent Search) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ialilpegnnfigbcggpbbdecdgencbfge [2016-05-25] CHR Extension: (Fieldrunners) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lkpikhjbfbffdblahfidklcohlaeabak [2015-06-18] CHR Extension: (Plants vs Zombies) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2015-06-19] CHR Extension: (Frontline Defense 2 HD) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nincmkjomngcmklpdkmdkioemlhdieim [2015-06-19] CHR Extension: (Gmail) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30] CHR Extension: (Chrome Media Router) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-01] CHR Profile: C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3 [2016-06-11] CHR Extension: (No Name) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-15] CHR Extension: (Replace Favicon) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\akaelkiagnbfcccfnmbimdbplecgbikh [2015-07-15] CHR Extension: (No Name) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-15] CHR Extension: (No Name) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-15] CHR Extension: (No Name) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-15] CHR Extension: (Facebook) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2015-07-15] CHR Extension: (Adblock Plus) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-07-15] CHR Extension: (No Name) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-15] CHR Extension: (No Name) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-15] CHR Extension: (SiteAdvisor) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-07-15] CHR Extension: (AdBlock) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-07-15] CHR Extension: (No Name) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ialilpegnnfigbcggpbbdecdgencbfge [2016-05-25] CHR Extension: (No Name) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jopdpbolklklaiookikgmdinfbooiipj [2015-07-15] CHR Extension: (Movies App) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jpammgopeogkfkfjafahnachhacngopo [2015-07-15] CHR Extension: (Skype Click to Call) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-07-15] CHR Extension: (Google Wallet) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-15] CHR Extension: (Instagram for Chrome) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2015-07-15] CHR Extension: (MediaCaster by Ask) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd [2015-07-15] CHR Extension: (Search People) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-07-15] CHR Extension: (No Name) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-15] CHR Profile: C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\System Profile [2017-07-13] CHR Extension: (Google מצגות) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-15] CHR Extension: (Google Docs) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-15] CHR Extension: (כונן Google) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-15] CHR Extension: (YouTube) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-15] CHR Extension: (חיפוש Google) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-15] CHR Extension: (Google Sheets) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-15] CHR Extension: (Gmail) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-15] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-19] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-19] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2016-01-18] (Adobe Systems) [File not signed] R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [201800 2016-11-09] (APN LLC.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2015-12-11] () S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1522184 2017-08-08] () S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-10-21] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-10-21] (BlueStack Systems, Inc.) S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [466456 2016-10-21] (BlueStack Systems, Inc.) S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1511728 2017-08-10] (McAfee, Inc.) S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [382504 2017-07-31] (EasyAntiCheat Ltd) U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-07-12] (Hi-Rez Studios) [File not signed] R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-08] (Hewlett-Packard Co.) [File not signed] R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321896 2017-07-06] (HP Inc.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes) R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [590880 2017-09-06] (McAfee, Inc.) R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_7\McApExe.exe [993256 2017-08-07] (McAfee, Inc.) R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe [404376 2017-09-05] (McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\\McCSPServiceHost.exe [2139832 2017-05-31] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [242640 2017-06-21] (McAfee, Inc.) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [394704 2017-06-21] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [350160 2017-06-21] (McAfee, Inc.) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1546904 2017-08-17] (McAfee, Inc.) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed] R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-08-18] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2168208 2017-07-12] (Electronic Arts) R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1043864 2017-07-31] (Intel Security, Inc.) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed] R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2016-07-01] () R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [69744 2016-10-18] (Razer Inc.) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] () R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4261344 2016-11-04] (Razer Inc) S2 STCServ; C:\Program Files\Intel\STCServ\STCServ.exe [8095456 2015-03-16] (Intel Corporation) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH) R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996736 2017-04-12] (McAfee, Inc.) R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16160 2017-04-12] (McAfee, Inc.) S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86776 2017-04-12] (McAfee, Inc.) R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2016-08-26] (Popcorn Time) [File not signed] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-12-11] () S3 AsusVBus; C:\WINDOWS\System32\drivers\AsusVBus.sys [39704 2015-07-31] (Windows (R) Win 7 DDK provider) S3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [85312 2015-07-31] (ASUS Corporation) S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-10-21] (BlueStack Systems) S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-10-07] (Bluestack System Inc. ) R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77800 2017-06-26] (McAfee, Inc.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-10-04] () S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [209608 2017-08-07] (McAfee, Inc.) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [192952 2017-10-09] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-10-09] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [45504 2017-10-09] (Malwarebytes) R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2017-10-09] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2017-10-09] (Malwarebytes) R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [487408 2017-06-26] (McAfee, Inc.) R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [355312 2017-06-26] (McAfee, Inc.) U3 mfeavfk01; no ImagePath S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [84544 2017-06-26] (McAfee, Inc.) R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [506352 2017-06-26] (McAfee, Inc.) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [933360 2017-06-26] (McAfee, Inc.) R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [504792 2017-06-27] (McAfee LLC.) S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108504 2017-06-27] (McAfee LLC.) R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116208 2017-06-26] (McAfee, Inc.) R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.) R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [253424 2017-06-26] (McAfee, Inc.) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_f9309145156afb40\nvlddmkm.sys [14456912 2017-05-19] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-08-18] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-08-18] (NVIDIA Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek ) R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [51736 2016-06-23] (Razer Inc) R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.) R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [130880 2015-12-15] (Razer, Inc.) R3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Windows (R) Win 7 DDK provider) R1 SamsungMonitorFirmware; C:\WINDOWS\system32\drivers\MFWCtwl.sys [21360 2011-12-26] (Samsung Electronics, Inc. ) [File not signed] S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) S3 xhunter1; C:\WINDOWS\xhunter1.sys [36904 2016-04-01] (Wellbia.com Co., Ltd.) U3 aspnet_state; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-10-09 18:22 - 2017-10-09 18:22 - 000000000 ____D C:\FRST 2017-10-09 18:19 - 2017-10-09 18:19 - 000000000 ____D C:\Users\Aiya\Desktop\Security 2017-10-09 18:13 - 2017-10-09 18:13 - 000000258 __RSH C:\ProgramData\ntuser.pol 2017-10-09 16:24 - 2017-10-09 17:28 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-10-09 16:24 - 2017-10-09 16:24 - 000252232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2017-10-09 16:24 - 2017-10-09 16:24 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2017-10-09 16:24 - 2017-10-09 16:24 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-10-09 16:24 - 2017-10-09 16:24 - 000045504 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-10-09 16:24 - 2017-10-09 16:24 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-10-09 16:24 - 2017-10-09 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-10-09 16:24 - 2017-10-09 16:24 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-10-09 16:24 - 2017-10-09 16:24 - 000000000 ____D C:\Program Files\Malwarebytes 2017-10-09 16:24 - 2017-10-04 13:15 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-10-09 10:46 - 2017-10-09 10:47 - 000000000 ____D C:\Users\Aiya\Desktop\BossDaMajor 2017-10-08 19:16 - 2017-10-08 19:16 - 000000000 ____D C:\Users\Aiya\tempfiles 2017-10-01 01:44 - 2017-10-01 01:44 - 000000000 ____D C:\WINDOWS\Panther 2017-10-01 01:43 - 2017-10-01 01:43 - 000000000 ____D C:\Program Files\Reference Assemblies 2017-09-28 00:13 - 2017-09-28 00:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2017-09-28 00:13 - 2017-09-28 00:13 - 000000000 ____D C:\ProgramData\McAfee Security Scan 2017-09-18 21:10 - 2017-09-18 21:10 - 000001190 _____ C:\Users\Aiya\Desktop\Overwatch.lnk 2017-09-13 14:23 - 2017-10-06 17:16 - 000085784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe 2017-09-13 14:23 - 2017-09-05 08:30 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2017-09-13 14:23 - 2017-09-05 08:21 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2017-09-13 14:23 - 2017-09-05 08:18 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-09-13 14:23 - 2017-09-05 08:16 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2017-09-13 14:23 - 2017-09-05 08:12 - 001409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-09-13 14:23 - 2017-09-05 08:12 - 001292880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2017-09-13 14:23 - 2017-09-05 08:12 - 000627080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2017-09-13 14:23 - 2017-09-05 08:12 - 000081176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2017-09-13 14:23 - 2017-09-05 08:11 - 002675104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-09-13 14:23 - 2017-09-05 07:53 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-09-13 14:23 - 2017-09-05 07:52 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-09-13 14:23 - 2017-09-05 07:50 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll 2017-09-13 14:23 - 2017-09-05 07:46 - 004471888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2017-09-13 14:23 - 2017-09-05 07:45 - 005821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-09-13 14:23 - 2017-09-05 07:45 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2017-09-13 14:23 - 2017-09-05 07:45 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-09-13 14:23 - 2017-09-05 07:45 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-09-13 14:23 - 2017-09-05 07:44 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll 2017-09-13 14:23 - 2017-09-05 07:43 - 000611096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2017-09-13 14:23 - 2017-09-05 07:43 - 000359560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2017-09-13 14:23 - 2017-09-05 07:43 - 000280480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2017-09-13 14:23 - 2017-09-05 07:43 - 000169376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2017-09-13 14:23 - 2017-09-05 07:43 - 000042456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll 2017-09-13 14:23 - 2017-09-05 07:42 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2017-09-13 14:23 - 2017-09-05 07:42 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2017-09-13 14:23 - 2017-09-05 07:42 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2017-09-13 14:23 - 2017-09-05 07:42 - 000291904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll 2017-09-13 14:23 - 2017-09-05 07:42 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2017-09-13 14:23 - 2017-09-05 07:41 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-09-13 14:23 - 2017-09-05 07:41 - 006761560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-09-13 14:23 - 2017-09-05 07:41 - 004671832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-09-13 14:23 - 2017-09-05 07:41 - 001106904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2017-09-13 14:23 - 2017-09-05 07:41 - 001013912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2017-09-13 14:23 - 2017-09-05 07:40 - 000052768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll 2017-09-13 14:23 - 2017-09-05 07:37 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2017-09-13 14:23 - 2017-09-05 07:28 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys 2017-09-13 14:23 - 2017-09-05 07:28 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys 2017-09-13 14:23 - 2017-09-05 07:27 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-09-13 14:23 - 2017-09-05 07:26 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-09-13 14:23 - 2017-09-05 07:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2017-09-13 14:23 - 2017-09-05 07:26 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys 2017-09-13 14:23 - 2017-09-05 07:25 - 013844480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-09-13 14:23 - 2017-09-05 07:25 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2017-09-13 14:23 - 2017-09-05 07:25 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2017-09-13 14:23 - 2017-09-05 07:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE 2017-09-13 14:23 - 2017-09-05 07:24 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-09-13 14:23 - 2017-09-05 07:23 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll 2017-09-13 14:23 - 2017-09-05 07:22 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2017-09-13 14:23 - 2017-09-05 07:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll 2017-09-13 14:23 - 2017-09-05 07:22 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2017-09-13 14:23 - 2017-09-05 07:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2017-09-13 14:23 - 2017-09-05 07:21 - 006728704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-09-13 14:23 - 2017-09-05 07:21 - 001178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll 2017-09-13 14:23 - 2017-09-05 07:21 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll 2017-09-13 14:23 - 2017-09-05 07:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe 2017-09-13 14:23 - 2017-09-05 07:20 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2017-09-13 14:23 - 2017-09-05 07:19 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2017-09-13 14:23 - 2017-09-05 07:19 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll 2017-09-13 14:23 - 2017-09-05 07:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll 2017-09-13 14:23 - 2017-09-05 07:19 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll 2017-09-13 14:23 - 2017-09-05 07:18 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll 2017-09-13 14:23 - 2017-09-05 07:18 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll 2017-09-13 14:23 - 2017-09-05 07:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll 2017-09-13 14:23 - 2017-09-05 07:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll 2017-09-13 14:23 - 2017-09-05 07:18 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll 2017-09-13 14:23 - 2017-09-05 07:17 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-09-13 14:23 - 2017-09-05 07:17 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll 2017-09-13 14:23 - 2017-09-05 07:17 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll 2017-09-13 14:23 - 2017-09-05 07:17 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2017-09-13 14:23 - 2017-09-05 07:17 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll 2017-09-13 14:23 - 2017-09-05 07:16 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-09-13 14:23 - 2017-09-05 07:16 - 000844288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll 2017-09-13 14:23 - 2017-09-05 07:16 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll 2017-09-13 14:23 - 2017-09-05 07:16 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll 2017-09-13 14:23 - 2017-09-05 07:16 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll 2017-09-13 14:23 - 2017-09-05 07:15 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-09-13 14:23 - 2017-09-05 07:15 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2017-09-13 14:23 - 2017-09-05 07:15 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2017-09-13 14:23 - 2017-09-05 07:15 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2017-09-13 14:23 - 2017-09-05 07:15 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll 2017-09-13 14:23 - 2017-09-05 07:14 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2017-09-13 14:23 - 2017-09-05 07:14 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2017-09-13 14:23 - 2017-09-05 07:14 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-09-13 14:23 - 2017-09-05 07:14 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll 2017-09-13 14:23 - 2017-09-05 07:14 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll 2017-09-13 14:23 - 2017-09-05 07:13 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-09-13 14:23 - 2017-09-05 07:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll 2017-09-13 14:23 - 2017-09-05 07:12 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2017-09-13 14:23 - 2017-09-05 07:12 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-09-13 14:23 - 2017-09-05 07:12 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2017-09-13 14:23 - 2017-09-05 07:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-09-13 14:23 - 2017-09-05 07:11 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll 2017-09-13 14:23 - 2017-09-05 07:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll 2017-09-13 14:23 - 2017-09-05 07:11 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-09-13 14:23 - 2017-09-05 07:11 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-09-13 14:23 - 2017-09-05 07:10 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2017-09-13 14:23 - 2017-09-05 07:10 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-09-13 14:23 - 2017-09-05 07:10 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2017-09-13 14:23 - 2017-09-05 07:10 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll 2017-09-13 14:23 - 2017-09-05 07:06 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll 2017-09-13 14:23 - 2017-09-05 07:06 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2017-09-13 14:23 - 2017-09-05 07:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll 2017-09-13 14:23 - 2017-09-05 07:04 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll 2017-09-13 14:22 - 2017-09-05 08:31 - 001596592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-09-13 14:22 - 2017-09-05 08:31 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2017-09-13 14:22 - 2017-09-05 08:31 - 001147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-09-13 14:22 - 2017-09-05 08:31 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-09-13 14:22 - 2017-09-05 08:31 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2017-09-13 14:22 - 2017-09-05 08:31 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2017-09-13 14:22 - 2017-09-05 08:31 - 000115792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2017-09-13 14:22 - 2017-09-05 08:27 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-09-13 14:22 - 2017-09-05 08:27 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys 2017-09-13 14:22 - 2017-09-05 08:26 - 008319904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-09-13 14:22 - 2017-09-05 08:26 - 001930840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2017-09-13 14:22 - 2017-09-05 08:25 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll 2017-09-13 14:22 - 2017-09-05 08:25 - 000159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2017-09-13 14:22 - 2017-09-05 08:24 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-09-13 14:22 - 2017-09-05 08:24 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2017-09-13 14:22 - 2017-09-05 08:23 - 004462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll 2017-09-13 14:22 - 2017-09-05 08:23 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2017-09-13 14:22 - 2017-09-05 08:20 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2017-09-13 14:22 - 2017-09-05 08:19 - 004848960 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2017-09-13 14:22 - 2017-09-05 08:19 - 002443168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-09-13 14:22 - 2017-09-05 08:18 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-09-13 14:22 - 2017-09-05 08:18 - 005477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2017-09-13 14:22 - 2017-09-05 08:18 - 002972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2017-09-13 14:22 - 2017-09-05 08:18 - 002647224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-09-13 14:22 - 2017-09-05 08:18 - 001668344 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll 2017-09-13 14:22 - 2017-09-05 08:18 - 000685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll 2017-09-13 14:22 - 2017-09-05 08:18 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2017-09-13 14:22 - 2017-09-05 08:17 - 000316320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2017-09-13 14:22 - 2017-09-05 08:16 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll 2017-09-13 14:22 - 2017-09-05 08:16 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2017-09-13 14:22 - 2017-09-05 08:16 - 000724200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2017-09-13 14:22 - 2017-09-05 08:16 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2017-09-13 14:22 - 2017-09-05 08:16 - 000410168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2017-09-13 14:22 - 2017-09-05 08:16 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2017-09-13 14:22 - 2017-09-05 08:16 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2017-09-13 14:22 - 2017-09-05 08:16 - 000049720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll 2017-09-13 14:22 - 2017-09-05 08:15 - 003116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2017-09-13 14:22 - 2017-09-05 08:15 - 000871448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2017-09-13 14:22 - 2017-09-05 08:15 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2017-09-13 14:22 - 2017-09-05 08:15 - 000381824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll 2017-09-13 14:22 - 2017-09-05 08:15 - 000257440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2017-09-13 14:22 - 2017-09-05 08:14 - 021352656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-09-13 14:22 - 2017-09-05 08:14 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-09-13 14:22 - 2017-09-05 08:14 - 004708504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-09-13 14:22 - 2017-09-05 08:14 - 001146176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2017-09-13 14:22 - 2017-09-05 08:14 - 000958664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2017-09-13 14:22 - 2017-09-05 08:14 - 000254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2017-09-13 14:22 - 2017-09-05 08:14 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-09-13 14:22 - 2017-09-05 08:13 - 001619816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-09-13 14:22 - 2017-09-05 08:13 - 000064680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll 2017-09-13 14:22 - 2017-09-05 08:11 - 000610720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2017-09-13 14:22 - 2017-09-05 08:11 - 000387936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll 2017-09-13 14:22 - 2017-09-05 07:53 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2017-09-13 14:22 - 2017-09-05 07:45 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-09-13 14:22 - 2017-09-05 07:31 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-09-13 14:22 - 2017-09-05 07:30 - 001639936 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2017-09-13 14:22 - 2017-09-05 07:30 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll 2017-09-13 14:22 - 2017-09-05 07:30 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2017-09-13 14:22 - 2017-09-05 07:30 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2017-09-13 14:22 - 2017-09-05 07:30 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2017-09-13 14:22 - 2017-09-05 07:30 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2017-09-13 14:22 - 2017-09-05 07:30 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll 2017-09-13 14:22 - 2017-09-05 07:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll 2017-09-13 14:22 - 2017-09-05 07:30 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe 2017-09-13 14:22 - 2017-09-05 07:29 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll 2017-09-13 14:22 - 2017-09-05 07:28 - 017371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-09-13 14:22 - 2017-09-05 07:28 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-09-13 14:22 - 2017-09-05 07:27 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-09-13 14:22 - 2017-09-05 07:27 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll 2017-09-13 14:22 - 2017-09-05 07:27 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll 2017-09-13 14:22 - 2017-09-05 07:27 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys 2017-09-13 14:22 - 2017-09-05 07:27 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2017-09-13 14:22 - 2017-09-05 07:27 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll 2017-09-13 14:22 - 2017-09-05 07:27 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2017-09-13 14:22 - 2017-09-05 07:27 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll 2017-09-13 14:22 - 2017-09-05 07:26 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe 2017-09-13 14:22 - 2017-09-05 07:26 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll 2017-09-13 14:22 - 2017-09-05 07:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll 2017-09-13 14:22 - 2017-09-05 07:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll 2017-09-13 14:22 - 2017-09-05 07:26 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2017-09-13 14:22 - 2017-09-05 07:26 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2017-09-13 14:22 - 2017-09-05 07:26 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe 2017-09-13 14:22 - 2017-09-05 07:26 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe 2017-09-13 14:22 - 2017-09-05 07:25 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2017-09-13 14:22 - 2017-09-05 07:25 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2017-09-13 14:22 - 2017-09-05 07:25 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-09-13 14:22 - 2017-09-05 07:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2017-09-13 14:22 - 2017-09-05 07:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys 2017-09-13 14:22 - 2017-09-05 07:24 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2017-09-13 14:22 - 2017-09-05 07:24 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll 2017-09-13 14:22 - 2017-09-05 07:24 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll 2017-09-13 14:22 - 2017-09-05 07:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll 2017-09-13 14:22 - 2017-09-05 07:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll 2017-09-13 14:22 - 2017-09-05 07:24 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll 2017-09-13 14:22 - 2017-09-05 07:24 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll 2017-09-13 14:22 - 2017-09-05 07:24 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll 2017-09-13 14:22 - 2017-09-05 07:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2017-09-13 14:22 - 2017-09-05 07:23 - 020509184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-09-13 14:22 - 2017-09-05 07:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll 2017-09-13 14:22 - 2017-09-05 07:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2017-09-13 14:22 - 2017-09-05 07:23 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2017-09-13 14:22 - 2017-09-05 07:23 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2017-09-13 14:22 - 2017-09-05 07:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2017-09-13 14:22 - 2017-09-05 07:23 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2017-09-13 14:22 - 2017-09-05 07:23 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll 2017-09-13 14:22 - 2017-09-05 07:23 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll 2017-09-13 14:22 - 2017-09-05 07:22 - 023684608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-09-13 14:22 - 2017-09-05 07:22 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll 2017-09-13 14:22 - 2017-09-05 07:22 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll 2017-09-13 14:22 - 2017-09-05 07:22 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-09-13 14:22 - 2017-09-05 07:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll 2017-09-13 14:22 - 2017-09-05 07:22 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll 2017-09-13 14:22 - 2017-09-05 07:22 - 000413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2017-09-13 14:22 - 2017-09-05 07:22 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-09-13 14:22 - 2017-09-05 07:22 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll 2017-09-13 14:22 - 2017-09-05 07:22 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2017-09-13 14:22 - 2017-09-05 07:22 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-09-13 14:22 - 2017-09-05 07:22 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll 2017-09-13 14:22 - 2017-09-05 07:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll 2017-09-13 14:22 - 2017-09-05 07:21 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll 2017-09-13 14:22 - 2017-09-05 07:21 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll 2017-09-13 14:22 - 2017-09-05 07:21 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll 2017-09-13 14:22 - 2017-09-05 07:21 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2017-09-13 14:22 - 2017-09-05 07:21 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2017-09-13 14:22 - 2017-09-05 07:21 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll 2017-09-13 14:22 - 2017-09-05 07:21 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll 2017-09-13 14:22 - 2017-09-05 07:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2017-09-13 14:22 - 2017-09-05 07:20 - 007337472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-09-13 14:22 - 2017-09-05 07:20 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-09-13 14:22 - 2017-09-05 07:20 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-09-13 14:22 - 2017-09-05 07:20 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2017-09-13 14:22 - 2017-09-05 07:20 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2017-09-13 14:22 - 2017-09-05 07:20 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2017-09-13 14:22 - 2017-09-05 07:20 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2017-09-13 14:22 - 2017-09-05 07:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe 2017-09-13 14:22 - 2017-09-05 07:19 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-09-13 14:22 - 2017-09-05 07:19 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2017-09-13 14:22 - 2017-09-05 07:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2017-09-13 14:22 - 2017-09-05 07:19 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2017-09-13 14:22 - 2017-09-05 07:19 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2017-09-13 14:22 - 2017-09-05 07:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll 2017-09-13 14:22 - 2017-09-05 07:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2017-09-13 14:22 - 2017-09-05 07:19 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll 2017-09-13 14:22 - 2017-09-05 07:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2017-09-13 14:22 - 2017-09-05 07:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2017-09-13 14:22 - 2017-09-05 07:18 - 012801536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-09-13 14:22 - 2017-09-05 07:18 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2017-09-13 14:22 - 2017-09-05 07:18 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-09-13 14:22 - 2017-09-05 07:18 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-09-13 14:22 - 2017-09-05 07:18 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll 2017-09-13 14:22 - 2017-09-05 07:18 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2017-09-13 14:22 - 2017-09-05 07:18 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2017-09-13 14:22 - 2017-09-05 07:18 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe 2017-09-13 14:22 - 2017-09-05 07:18 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2017-09-13 14:22 - 2017-09-05 07:18 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-09-13 14:22 - 2017-09-05 07:18 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll 2017-09-13 14:22 - 2017-09-05 07:18 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll 2017-09-13 14:22 - 2017-09-05 07:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2017-09-13 14:22 - 2017-09-05 07:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2017-09-13 14:22 - 2017-09-05 07:18 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2017-09-13 14:22 - 2017-09-05 07:18 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll 2017-09-13 14:22 - 2017-09-05 07:18 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll 2017-09-13 14:22 - 2017-09-05 07:17 - 008207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-09-13 14:22 - 2017-09-05 07:17 - 002765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll 2017-09-13 14:22 - 2017-09-05 07:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-09-13 14:22 - 2017-09-05 07:17 - 001397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2017-09-13 14:22 - 2017-09-05 07:17 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2017-09-13 14:22 - 2017-09-05 07:16 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-09-13 14:22 - 2017-09-05 07:16 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll 2017-09-13 14:22 - 2017-09-05 07:16 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll 2017-09-13 14:22 - 2017-09-05 07:16 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2017-09-13 14:22 - 2017-09-05 07:16 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-09-13 14:22 - 2017-09-05 07:15 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-09-13 14:22 - 2017-09-05 07:15 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-09-13 14:22 - 2017-09-05 07:15 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-09-13 14:22 - 2017-09-05 07:15 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2017-09-13 14:22 - 2017-09-05 07:15 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2017-09-13 14:22 - 2017-09-05 07:15 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-09-13 14:22 - 2017-09-05 07:15 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2017-09-13 14:22 - 2017-09-05 07:15 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-09-13 14:22 - 2017-09-05 07:15 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-09-13 14:22 - 2017-09-05 07:15 - 001143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2017-09-13 14:22 - 2017-09-05 07:15 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2017-09-13 14:22 - 2017-09-05 07:15 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2017-09-13 14:22 - 2017-09-05 07:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-09-13 14:22 - 2017-09-05 07:15 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2017-09-13 14:22 - 2017-09-05 07:14 - 011887104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-09-13 14:22 - 2017-09-05 07:14 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2017-09-13 14:22 - 2017-09-05 07:14 - 002445824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-09-13 14:22 - 2017-09-05 07:14 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll 2017-09-13 14:22 - 2017-09-05 07:14 - 002006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2017-09-13 14:22 - 2017-09-05 07:14 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll 2017-09-13 14:22 - 2017-09-05 07:14 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2017-09-13 14:22 - 2017-09-05 07:14 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-09-13 14:22 - 2017-09-05 07:14 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2017-09-13 14:22 - 2017-09-05 07:14 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2017-09-13 14:22 - 2017-09-05 07:13 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-09-13 14:22 - 2017-09-05 07:13 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-09-13 14:22 - 2017-09-05 07:13 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-09-13 14:22 - 2017-09-05 07:12 - 006265856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-09-13 14:22 - 2017-09-05 07:12 - 002153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2017-09-13 14:22 - 2017-09-05 07:11 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-09-13 14:22 - 2017-09-05 07:11 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2017-09-13 14:22 - 2017-09-05 07:11 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2017-09-13 14:22 - 2017-09-05 07:09 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll 2017-09-13 14:22 - 2017-09-05 07:07 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll 2017-09-13 14:22 - 2017-09-05 07:07 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll 2017-09-13 14:22 - 2017-09-05 07:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll 2017-09-13 14:22 - 2017-09-01 08:55 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin 2017-09-09 22:39 - 2017-09-09 22:39 - 000000000 ____D C:\Users\Aiya\Documents\FeedbackHub 2017-09-09 12:28 - 2017-09-09 12:28 - 000008556 _____ C:\Users\Aiya\Desktop\Free Minecraft.vbs ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-10-09 18:23 - 2016-04-24 21:25 - 000000000 _____ C:\WINDOWS\system32\RzSurroundVADAudioDeviceManager_log.txt 2017-10-09 18:19 - 2014-03-16 23:44 - 000000000 ____D C:\Users\Aiya\AppData\Roaming\Skype 2017-10-09 18:11 - 2014-07-04 09:14 - 000000000 ____D C:\Program Files (x86)\Cheat Engine 6.4 2017-10-09 18:11 - 2014-05-26 08:37 - 000000000 ____D C:\Users\aya\AppData\Local\VNT 2017-10-09 18:11 - 2014-05-25 23:11 - 000000000 ____D C:\Users\shira\AppData\Local\VNT 2017-10-09 18:11 - 2014-05-04 18:39 - 000000000 ____D C:\Users\Aiya\AppData\Local\VNT 2017-10-09 17:54 - 2016-01-18 21:45 - 000000000 ____D C:\Users\Aiya\AppData\Roaming\Browsers 2017-10-09 17:41 - 2017-05-13 03:39 - 000000000 ____D C:\Users\Aiya 2017-10-09 17:41 - 2014-07-08 17:32 - 000000000 ____D C:\Program Files (x86)\Movies Toolbar 2017-10-09 17:40 - 2017-03-19 00:03 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-10-09 17:40 - 2014-08-07 18:48 - 000000000 ____D C:\Program Files (x86)\globalUpdate 2017-10-09 17:40 - 2014-05-04 18:39 - 000000000 ____D C:\Program Files (x86)\AskPartnerNetwork 2017-10-09 17:39 - 2017-03-19 00:03 - 000000000 ___HD C:\Program Files\WindowsApps 2017-10-09 17:39 - 2014-05-04 18:39 - 000000000 ____D C:\ProgramData\APN 2017-10-09 17:33 - 2017-06-03 13:21 - 000000000 ____D C:\Program Files (x86)\Steam 2017-10-09 17:06 - 2015-12-20 21:22 - 000000000 ____D C:\Users\Aiya\Desktop\עומר עבודות 2017-10-09 16:51 - 2017-05-13 03:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-10-09 16:31 - 2016-05-27 14:03 - 000000000 ____D C:\Users\Aiya\Downloads\PopcornTime 2017-10-09 15:34 - 2014-08-03 00:20 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2017-10-09 12:32 - 2014-03-16 22:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2017-10-09 12:25 - 2016-09-22 04:01 - 000000000 ____D C:\ProgramData\NVIDIA 2017-10-09 10:51 - 2014-05-02 19:58 - 000000000 ____D C:\Users\Aiya\AppData\Local\CrashDumps 2017-10-09 10:45 - 2014-08-05 11:40 - 000000000 ____D C:\Users\Aiya\AppData\Local\Adobe 2017-10-09 10:43 - 2017-05-13 06:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-10-09 10:43 - 2017-03-18 14:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2017-10-09 10:43 - 2015-02-26 17:57 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios 2017-10-09 01:47 - 2017-09-03 22:36 - 000004034 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse 2017-10-08 19:07 - 2017-05-13 06:19 - 000004144 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0EB24A9E-06EF-420B-9A6B-4E47F34C5F43} 2017-10-08 18:26 - 2017-05-13 05:17 - 001051358 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-10-08 18:26 - 2015-10-30 21:10 - 001340170 _____ C:\WINDOWS\system32\perfh00D.dat 2017-10-08 18:26 - 2015-10-30 21:10 - 000367180 _____ C:\WINDOWS\system32\perfc00D.dat 2017-10-08 18:21 - 2014-03-16 22:45 - 000000000 ____D C:\Program Files (x86)\McAfee 2017-10-08 18:20 - 2016-07-08 04:51 - 000000344 _____ C:\WINDOWS\Tasks\HPCeeScheduleForOmer.job 2017-10-08 18:08 - 2017-01-04 01:25 - 000000000 ____D C:\Users\Aiya\AppData\Local\tkdata 2017-10-08 18:05 - 2017-03-19 00:01 - 000000000 ____D C:\WINDOWS\INF 2017-10-07 22:35 - 2017-05-13 06:19 - 000003232 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForOmer 2017-10-07 18:07 - 2014-03-16 22:37 - 000000000 ____D C:\Program Files\Common Files\McAfee 2017-10-07 11:57 - 2014-03-16 23:36 - 000000000 ____D C:\ProgramData\Skype 2017-10-07 11:53 - 2015-08-04 14:09 - 000000000 __RHD C:\Users\Public\AccountPictures 2017-10-06 17:51 - 2017-03-19 00:03 - 000000000 ____D C:\WINDOWS\rescache 2017-10-06 17:21 - 2017-05-13 03:33 - 005073720 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-10-06 17:18 - 2017-03-20 07:20 - 000000000 ____D C:\WINDOWS\system32\he 2017-10-06 17:18 - 2017-03-19 00:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2017-10-06 17:18 - 2017-03-19 00:03 - 000000000 ___SD C:\WINDOWS\system32\F12 2017-10-06 17:18 - 2017-03-19 00:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2017-10-06 17:18 - 2017-03-19 00:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2017-10-06 17:18 - 2017-03-19 00:03 - 000000000 ____D C:\WINDOWS\system32\setup 2017-10-06 17:18 - 2017-03-19 00:03 - 000000000 ____D C:\WINDOWS\ShellExperiences 2017-10-06 17:18 - 2017-03-19 00:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2017-10-06 17:18 - 2017-03-19 00:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-10-06 04:50 - 2017-06-12 18:03 - 000003446 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare) 2017-10-01 03:58 - 2017-03-18 23:51 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-09-29 13:38 - 2017-07-13 17:00 - 000000000 ____D C:\Users\Aiya\AppData\Local\Battle.net 2017-09-29 13:08 - 2017-07-13 17:00 - 000000000 ____D C:\Program Files (x86)\Blizzard App 2017-09-28 00:13 - 2017-02-08 10:45 - 000002009 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2017-09-28 00:13 - 2017-01-04 01:50 - 000000000 ____D C:\Program Files\McAfee Security Scan 2017-09-27 00:25 - 2016-10-25 20:38 - 000002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-09-22 03:36 - 2016-04-01 19:34 - 000000000 ____D C:\Users\Aiya\AppData\Local\Akamai 2017-09-20 14:58 - 2015-08-04 14:14 - 000000000 ____D C:\Users\Aiya\AppData\Local\Publishers 2017-09-15 21:08 - 2015-07-30 14:08 - 000000000 ____D C:\Users\Aiya\AppData\Roaming\Kodi 2017-09-15 16:01 - 2017-07-24 17:57 - 000003356 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3482594340-428826731-879083492-1000 2017-09-15 16:01 - 2015-08-04 14:17 - 000002357 _____ C:\Users\Aiya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-09-15 16:01 - 2014-06-14 22:18 - 000000000 ___RD C:\Users\Aiya\OneDrive 2017-09-13 14:39 - 2014-03-17 04:19 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-09-13 14:33 - 2014-03-17 04:19 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-09-13 14:27 - 2009-07-14 05:34 - 000000478 _____ C:\WINDOWS\win.ini 2017-09-13 06:51 - 2017-05-13 06:19 - 000004534 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2017-09-13 06:51 - 2017-03-19 00:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-09-13 06:51 - 2017-03-19 00:03 - 000000000 ____D C:\WINDOWS\system32\Macromed 2017-09-12 23:19 - 2017-03-19 00:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2017-09-09 12:00 - 2014-08-04 23:43 - 000000000 ____D C:\Users\Aiya\Documents\Snagit ==================== Files in the root of some directories ======= 2014-04-12 01:09 - 2014-04-12 01:10 - 000000318 _____ () C:\Users\Aiya\AppData\Roaming\aps.uninstall.scan.results 2014-11-20 20:47 - 2014-11-20 21:02 - 000000942 _____ () C:\Users\Aiya\AppData\Roaming\LiveSupport.exe_log.txt 2014-11-20 20:47 - 2014-11-20 21:02 - 000000092 _____ () C:\Users\Aiya\AppData\Roaming\regsvr32.exe_log.txt 2015-04-24 14:17 - 2015-04-24 14:20 - 000000600 _____ () C:\Users\Aiya\AppData\Roaming\winscp.rnd 2017-07-30 11:22 - 2017-07-30 11:24 - 000004608 _____ () C:\Users\Aiya\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-05-13 03:37 - 2017-05-13 03:37 - 000000000 ____H () C:\ProgramData\DP45977C.lfl 2014-03-16 23:35 - 2016-09-10 16:52 - 000003127 _____ () C:\ProgramData\hpzinstall.log 2014-11-21 20:04 - 2014-11-21 20:04 - 000005015 _____ () C:\ProgramData\wmzddnmb.cix ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-10-01 18:37 ==================== End of FRST.txt ============================ Addition.txt attached. Thanks. Addition.txt Link to post Share on other sites More sharing options...
kevinf80 Posted October 9, 2017 ID:1171134 Share Posted October 9, 2017 Thanks for those logs, continue with the following: Uninstall the following if still present: DownLite GoPhoto.it GoSave Image Toolbar beta Torntv wisen wizard YoutubeAdBlocke Next, Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file" NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work. Open FRST and press the Fix button just once and wait. The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply. Next, Please open Malwarebytes Anti-Malware. On the Settings tab > Protection Scroll to and make sure the following are selected:Scan for RootkiteScan within Archives Scroll further to Potential Threat Protection make sure the following are set as follows:Potentially Unwanted Programs (PUP`s) set as :- Always detect PUP`s (recommended)Potentially Unwanted Modifications (PUM`s) set as :- Alwaysdetect PUM`s (recommended) Click on the Scan make sure Threat Scan is selected, A Threat Scan will begin. With some infections, you may or may not see this message box.'Could not load DDA driver' Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions. When the scan is complete if anything is found make sure that the first checkbox at the top is checked (that will automatically check all detected items), then click on the Quarantine Selected Tab If asked to restart your computer to complete the removal, please do so When complete click on Export Summary after deletion (bottom-left corner) and select Copy to Clipboard. Wait for the prompt to restart the computer to appear, then click on Yes. After the restart once you are back at your desktop, open MBAM once more to retrieve the log. To get the log from Malwarebytes do the following: Click on the Reports tab > from main interface. Double click on the Scan log which shows the Date and time of the scan just performed. Click Export > From export you have two options:Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your replyText file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply… Next, Download AdwCleaner by Malwarebytes onto your Desktop. Or from this Mirror Right-click on AdwCleaner.exe and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users) Accept the EULA (I accept), then click on Scan Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean button. This will kill all the active processes Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply Next, Download Microsoft's " Malicious Software Removal Tool" and save direct to the desktop Ensure to get the correct version for your system.... 32 Bit version:https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en 64 Bit version:https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en Right click on the Tool, select “Run as Administrator” the tool will expand to the options Window In the "Scan Type" window, select Quick Scan Perform a scan and Click Finish when the scan is done. Retrieve the MSRT log as follows, and post it in your next reply: 1) Select the Windows key and R key together to open the "Run" function 2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:notepad c:\windows\debug\mrt.log The log will include log details for each time MSRT has run, we only need the most recent log by date and time.... Let me see those logs, also tell me if there are any remaining issues or concerns... Thank you, Kevin. fixlist.txt Link to post Share on other sites More sharing options...
Omer135 Posted October 9, 2017 Author ID:1171210 Share Posted October 9, 2017 Ok, I done the steps. I still dont know if I should delete all the 12,190 threats from my first scan, should I delete them? Here is the malewarebytes log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 10/9/17 Scan Time: 8:30 PM Log File: 9a1b26a8-ad17-11e7-9b83-e03f491ba4ce.json Administrator: Yes -Software Information- Version: 3.2.2.2029 Components Version: 1.0.212 Update Package Version: 1.0.2982 License: Trial -System Information- OS: Windows 10 (Build 15063.608) CPU: x64 File System: NTFS User: AIYA-PC\Omer -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 742236 Threats Detected: 16 Threats Quarantined: 16 Time Elapsed: 1 hr, 47 min, 57 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 2 PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe, Quarantined, [9203], [175065],1.0.2982 PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe, Quarantined, [9203], [175065],1.0.2982 Module: 2 PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe, Quarantined, [9203], [175065],1.0.2982 PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe, Quarantined, [9203], [175065],1.0.2982 Registry Key: 1 PUP.Optional.APNToolBar.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\APNMCP, Delete-on-Reboot, [9203], [175065],1.0.2982 Registry Value: 1 PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ApnTBMon, Delete-on-Reboot, [9203], [175065],1.0.2982 Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 4 PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater, Delete-on-Reboot, [9203], [175065],1.0.2982 PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar, Delete-on-Reboot, [9203], [175065],1.0.2982 PUP.Optional.APNToolBar.Gen, C:\PROGRAM FILES (X86)\ASKPARTNERNETWORK, Delete-on-Reboot, [9203], [175065],1.0.2982 Adware.LoadBlanks.ShrtCln, C:\USERS\AIYA\APPDATA\ROAMING\BROWSERS, Delete-on-Reboot, [8375], [402793],1.0.2982 File: 6 PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe, Delete-on-Reboot, [9203], [175065],1.0.2982 PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe, Delete-on-Reboot, [9203], [175065],1.0.2982 Adware.LoadBlanks.ShrtCln, C:\USERS\AIYA\APPDATA\ROAMING\BROWSERS\chrome.bat.exe, Delete-on-Reboot, [8375], [402793],1.0.2982 Adware.LoadBlanks.ShrtCln, C:\Users\Aiya\AppData\Roaming\Browsers\iexplore.bat.exe, Delete-on-Reboot, [8375], [402793],1.0.2982 Generic.Malware/Suspicious, C:\USERS\AIYA\DESKTOP\BOSSDAMAJOR\BOSSDAMAJOR REMOVE.ZIP, Delete-on-Reboot, [0], [392686],1.0.2982 Generic.Malware/Suspicious, C:\USERS\AIYA\DESKTOP\BOSSDAMAJOR\BOSSDAMAJOR.RAR, Delete-on-Reboot, [0], [392686],1.0.2982 Physical Sector: 0 (No malicious items detected) (end) Here is the Adwcleaner: # AdwCleaner 7.0.3.1 - Logfile created on Mon Oct 09 19:44:35 2017 # Updated on 2017/29/09 by Malwarebytes # Running on Windows 10 Home (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** Deleted: BackupStack Deleted: Update service Deleted: APNMCP ***** [ Folders ] ***** Deleted: C:\Users\Aiya\AppData\Roaming\\browsers Deleted: C:\Program Files (x86)\globalUpdate Deleted: C:\Users\Aiya\AppData\Local\globalUpdate Deleted: C:\Program Files (x86)\DeltaFix Deleted: C:\Program Files (x86)\SpeedItup Free Deleted: C:\Program Files (x86)\movies toolbar Deleted: C:\Program Files (x86)\TrimInstance Deleted: C:\Program Files (x86)\Prompt Downloader Deleted: C:\Users\Aiya\AppData\Local\Prompt Downloader Deleted: C:\Program Files (x86)\YouTube Accelerator Deleted: C:\ProgramData\TXQMPC Deleted: C:\Users\All Users\TXQMPC Deleted: C:\Users\Aiya\AppData\Roaming\337Games Deleted: C:\ProgramData\iWin Deleted: C:\Users\All Users\iWin Deleted: C:\Users\Aiya\AppData\Local\NativeMessaging Deleted: C:\Users\Aiya\AppData\Local\VNT Deleted: C:\Users\aya\AppData\Local\VNT Deleted: C:\Users\shira\AppData\Local\VNT Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plants Vs Zombies Deleted: C:\Program Files (x86)\Plants Vs Zombies Deleted: C:\Users\Aiya\Downloads\Plants Vs Zombies Deleted: C:\Users\Aiya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plants Vs Zombies Deleted: C:\Users\Aiya\Desktop\Plants Vs Zombies Deleted: C:\Program Files (x86)\Movies Toolbar Deleted: C:\ProgramData\Tencent Deleted: C:\ProgramData\Application Data\Tencent Deleted: C:\Program Files\Common Files\Tencent Deleted: C:\Program Files (x86)\Tencent Deleted: C:\Program Files (x86)\Common Files\Tencent Deleted: C:\Users\Aiya\AppData\Local\VirtualStore\ProgramData\Application Data\Tencent Deleted: C:\Users\Aiya\AppData\Roaming\Tencent Deleted: C:\Users\Aiya\AppData\Local\VirtualStore\Program Files (x86)\Tencent Deleted: C:\Users\All Users\Tencent Deleted: C:\Program Files (x86)\AskPartnerNetwork Deleted: C:\Users\Aiya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup Deleted: C:\ProgramData\apn Deleted: C:\Users\Aiya\AppData\Local\Temp\apn Deleted: C:\Users\All Users\apn Deleted: C:\Users\Aiya\AppData\LocalLow\Goobzo ***** [ Files ] ***** Deleted: C:\Users\Aiya\AppData\Roaming\aps.uninstall.scan.results Deleted: C:\Users\Aiya\AppData\Roaming\LiveSupport.exe_log.txt Deleted: C:\Windows\SysNative\log\iSafeKrnlCall.log Deleted: C:\Users\Aiya\AppData\Roaming\regsvr32.exe_log.txt ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** Deleted: Windows Updater Deleted: Oxy Deleted: windows updater ***** [ Registry ] ***** Deleted: [Key] - HKU\.DEFAULT\Software\Elex-tech Deleted: [Key] - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055349\Software\Elex-tech Deleted: [Key] - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119279\Software\Elex-tech Deleted: [Key] - HKU\S-1-5-18\Software\Elex-tech Deleted: [Key] - HKLM\SOFTWARE\winzipersvc Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\DownLite Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055569\Software\DownLite Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119807\Software\DownLite Deleted: [Key] - HKCU\Software\DownLite Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613} Deleted: [Key] - HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Deleted: [Key] - HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9} Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9} Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055569\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9} Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119807\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9} Deleted: [Key] - HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9} Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\Escolade Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055569\Software\Escolade Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119807\Software\Escolade Deleted: [Key] - HKCU\Software\Escolade Deleted: [Key] - HKLM\SOFTWARE\GlobalUpdate Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\GlobalUpdate Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055569\Software\GlobalUpdate Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119807\Software\GlobalUpdate Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203056171\Software\GlobalUpdate Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203121876\Software\GlobalUpdate Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203056323\Software\GlobalUpdate Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203122741\Software\GlobalUpdate Deleted: [Key] - HKCU\Software\GlobalUpdate Deleted: [Key] - HKLM\SOFTWARE\hdcode Deleted: [Key] - HKLM\SOFTWARE\IePlugin Deleted: [Key] - HKLM\SOFTWARE\InstalledBrowserExtensions Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\InstalledBrowserExtensions Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055569\Software\InstalledBrowserExtensions Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119807\Software\InstalledBrowserExtensions Deleted: [Key] - HKCU\Software\InstalledBrowserExtensions Deleted: [Key] - HKLM\SOFTWARE\V9 Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\V9 Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055569\Software\V9 Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119807\Software\V9 Deleted: [Key] - HKCU\Software\V9 Deleted: [Key] - HKLM\SOFTWARE\Wpm Deleted: [Key] - HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Deleted: [Key] - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055349\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Deleted: [Key] - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119279\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055569\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119807\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203056171\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203121876\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203056323\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203122741\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Deleted: [Key] - HKU\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Deleted: [Key] - HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B696F285-F54E-2524-58B1-E06A70ABE6BE} Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\Prompt Downloader Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055569\Software\Prompt Downloader Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119807\Software\Prompt Downloader Deleted: [Key] - HKCU\Software\Prompt Downloader Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\VNT Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055569\Software\VNT Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119807\Software\VNT Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203056171\Software\VNT Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203121876\Software\VNT Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203056323\Software\VNT Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203122741\Software\VNT Deleted: [Key] - HKCU\Software\VNT Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298} Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7} Deleted: [Key] - HKLM\SOFTWARE\Classes\SOFTWARE\Classes\CLSID\{03AE1B7B-A9E7-4D5A-9D34-89999C31B659} Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98FD652EB4839214E97B69DD8EEA1D29 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15 Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|ApnTBMon Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ApnTBMon Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing Deleted: [Key] - HKLM\SOFTWARE\MozillaPlugins\@pandonetworks.com\PandoWebPlugin Deleted: [Value] - HKCU\SOFTWARE\Classes\.crx\OpenWithProgids|UCHTML.AssocFile.CRX Deleted: [Value] - HKCU\SOFTWARE\Classes\.htm\OpenWithProgids|UCHTML.AssocFile.HTM Deleted: [Value] - HKCU\SOFTWARE\Classes\.html\OpenWithProgids|UCHTML.AssocFile.HTML Deleted: [Value] - HKCU\SOFTWARE\Classes\.mht\OpenWithProgids|UCHTML.AssocFile.MHT Deleted: [Value] - HKCU\SOFTWARE\Classes\.shtm\OpenWithProgids|UCHTML.AssocFile.SHTM Deleted: [Value] - HKCU\SOFTWARE\Classes\.shtml\OpenWithProgids|UCHTML.AssocFile.SHTML Deleted: [Value] - HKCU\SOFTWARE\Classes\.webp\OpenWithProgids|UCHTML.AssocFile.WEBP Deleted: [Value] - HKCU\SOFTWARE\Classes\.xht\OpenWithProgids|UCHTML.AssocFile.XHT Deleted: [Value] - HKCU\SOFTWARE\Classes\.xhtml\OpenWithProgids|UCHTML.AssocFile.XHTML Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\Conduit Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055569\Software\Conduit Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119807\Software\Conduit Deleted: [Key] - HKCU\Software\Conduit Deleted: [Key] - HKLM\SOFTWARE\SafetyNut Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\win Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055569\Software\win Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119807\Software\win Deleted: [Key] - HKCU\Software\win Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCFCC2EC-3F33-45A8-8ADF-A6C81F11232F} Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\Softonic Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055569\Software\Softonic Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119807\Software\Softonic Deleted: [Key] - HKCU\Software\Softonic Deleted: [Key] - HKLM\SOFTWARE\Sense Deleted: [Key] - HKLM\SOFTWARE\Goobzo Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Ge-Force Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{80B3B43F-7508-4627-BE66-00FB9AE5EE72} Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{5A83D7C9-4A14-4000-BC05-389268238753} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{357D32FC-F0AE-4B37-B36F-D44AA31496F5} Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\SpeeditupFree Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055569\Software\SpeeditupFree Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119807\Software\SpeeditupFree Deleted: [Key] - HKCU\Software\SpeeditupFree ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[S0].txt - [23135 B] - [2017/10/9 17:43:1] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ########## MSRT log: Microsoft Windows Malicious Software Removal Tool v5.52, September 2017 (build 5.52.14201.0) Started On Mon Oct 09 23:26:16 2017 Engine: 1.1.14104.0 Signatures: 1.251.334.0 Run Mode: Interactive Graphical Mode Results Summary: ---------------- No infection found Thanks. Link to post Share on other sites More sharing options...
kevinf80 Posted October 9, 2017 ID:1171211 Share Posted October 9, 2017 What about the FRST fix, did you run that..? can I see the log.... Link to post Share on other sites More sharing options...
Omer135 Posted October 9, 2017 Author ID:1171227 Share Posted October 9, 2017 Hi, yeah I did the FRST I just forgot about it XD, the Fixlog.txt attached here. Fixlog.txt Link to post Share on other sites More sharing options...
kevinf80 Posted October 9, 2017 ID:1171234 Share Posted October 9, 2017 All entries in quarantine can be left there for now, when you are confident your system is responding as expected they can be deleted.... How is your PC behaving, any remaining issues or concerns...? Link to post Share on other sites More sharing options...
Omer135 Posted October 13, 2017 Author ID:1172324 Share Posted October 13, 2017 My pc is working fine now, I had alot of viruses probably. Can I be sure that it safe to buy things and use personal information on this pc and no one will steal it. I mean there is a chance that I have a file that stealing information from my PC? Thanks. Link to post Share on other sites More sharing options...
Omer135 Posted October 13, 2017 Author ID:1172339 Share Posted October 13, 2017 Little edit to the last reply: My pc is working fine now, I had alot of viruses probably. Can I be sure that it safe to buy things and use personal information on this pc and no one will steal it. I mean there is a chance that I have a file that stealing information from my PC? And one more thing, by all the files and logs I sent you, do you think my PC is well protected now or I need to do more things? Im doing right now one more scan in malewarebytes and Its not done yet but its already on 280 Threats and its been only 3:40 Minutes and 270,000 files. From where all this threats are coming from?? I downloaded just few files since we did all that scans and all the files I downloaded are trusted. Thanks Link to post Share on other sites More sharing options...
kevinf80 Posted October 13, 2017 ID:1172357 Share Posted October 13, 2017 You have McAfee full package, probably worth also upgrading Malwarebytes from trial to Premium. Also install unchecky, that will help stop piggybacked extras that come bundled with many freeware packages... Unchecky --> http://unchecky.com/ As you currently have Malwarebytes scanning again and it has uncovered more malicious entries we need an indepth AV scan. Wait for Malwarebytes to finish, all entries in quarantine can be deleted.. Next, Download Sophos Free Virus Removal Tool and save it to your desktop. If your security alerts to this scan either accept the alert or turn off your security to allow Sophos to run and complete..... Please Do Not use your PC whilst the scan is in progress.... This scan is very thorough so may take several hours... Double click the icon and select Run Click Next Select I accept the terms in this license agreement, then click Next twice Click Install Click Finish to launch the program Once the virus database has been updated click Start Scanning If any threats are found click Details, then View log file... (bottom left hand corner) Copy and paste the results in your reply Close the Notepad document, close the Threat Details screen, then click Start cleanup Click Exit to close the program If no threats were found please confirm that result.... The Virus Removal Tool scans the following areas of your computer: Memory, including system memory on 32-bit (x86) versions of Windows The Windows registry All local hard drives, fixed and removable Mapped network drives are not scanned. Note: If threats are found in the computer memory, the scan stops. This is because further scanning could enable the threat to spread. You will be asked to click Start Cleanup to remove the threats before continuing the scan. Post new log from Malwarebytes, also log from Sophos AV, also give an update on any remaining issues or concerns.. Thank you, Kevin... Link to post Share on other sites More sharing options...
Omer135 Posted October 14, 2017 Author ID:1172591 Share Posted October 14, 2017 My new malwarebytes log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 10/13/17 Scan Time: 3:01 PM Log File: 3b6c7b08-b00e-11e7-9a1a-e03f491ba4ce.json Administrator: Yes -Software Information- Version: 3.2.2.2029 Components Version: 1.0.212 Update Package Version: 1.0.3005 License: Trial -System Information- OS: Windows 10 (Build 15063.674) CPU: x64 File System: NTFS User: AIYA-PC\Omer -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 723063 Threats Detected: 279 Threats Quarantined: 279 Time Elapsed: 1 hr, 19 min, 30 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 3 PUP.Optional.Bandoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\imeshvuzebandooCR, Quarantined, [989], [445716],1.0.3005 Adware.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{06B99631-BFA2-3B7A-F58B-D067C2BA59B7}, Quarantined, [371], [445719],1.0.3005 Adware.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507}, Quarantined, [371], [445717],1.0.3005 Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 49 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\manipulation\var, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\traversing\var, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\manipulation, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\sizzle\dist, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\traversing, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\attributes, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\fonts, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\test-infra, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\ajax\var, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\data\var, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\core\var, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\css, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\exports, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\effects, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css\var, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\sizzle, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\queue, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\event, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\grunt, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\fonts, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\ajax, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\core, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\data, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\dist, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\underscore, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\backbone, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\config\skin\images\logo, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\config\skin\images, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\templates, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\config\skin, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\_locales\en, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\_metadata, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\_locales, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\config, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\images, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\styles, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\USERS\AIYA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 3\EXTENSIONS\panpiecllaicaafneoofcmdgmbcihhnd, Quarantined, [525], [445701],1.0.3005 File: 227 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\backbone\backbone.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\backbone\bower.json, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\backbone\CNAME, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\backbone\component.json, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\backbone\CONTRIBUTING.md, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\backbone\index.html, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\backbone\index.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\backbone\LICENSE, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\backbone\package.json, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\backbone\README.md, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\css\bootstrap-theme.css, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\css\bootstrap-theme.css.map, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\css\bootstrap-theme.min.css, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\css\bootstrap.css, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\css\bootstrap.css.map, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\css\bootstrap.min.css, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\fonts\glyphicons-halflings-regular.eot, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\fonts\glyphicons-halflings-regular.svg, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\fonts\glyphicons-halflings-regular.ttf, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\fonts\glyphicons-halflings-regular.woff, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\js\bootstrap.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\js\bootstrap.min.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\fonts\glyphicons-halflings-regular.eot, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\fonts\glyphicons-halflings-regular.svg, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\fonts\glyphicons-halflings-regular.ttf, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\fonts\glyphicons-halflings-regular.woff, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\grunt\bs-glyphicons-data-generator.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\grunt\bs-lessdoc-parser.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\grunt\bs-raw-files-generator.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\grunt\shrinkwrap.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\js\affix.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\js\alert.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\js\button.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\js\carousel.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\js\collapse.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\js\dropdown.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\js\modal.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\js\popover.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\js\scrollspy.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\js\tab.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\js\tooltip.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\js\transition.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\alerts.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\badges.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\bootstrap.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\breadcrumbs.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\button-groups.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\buttons.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\carousel.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\close.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\code.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\component-animations.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\dropdowns.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\forms.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\glyphicons.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\grid.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\input-groups.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\jumbotron.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\labels.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\list-group.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\media.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\mixins.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\modals.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\navbar.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\navs.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\normalize.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\pager.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\pagination.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\panels.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\popovers.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\print.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\progress-bars.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\responsive-utilities.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\scaffolding.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\tables.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\theme.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\thumbnails.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\tooltip.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\type.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\utilities.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\variables.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\wells.less, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\test-infra\npm-shrinkwrap.canonical.json, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\test-infra\README.md, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\test-infra\requirements.txt, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\test-infra\s3_cache.py, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\test-infra\sauce_browsers.yml, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\test-infra\uncached-npm-install.sh, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\bower.json, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\Gruntfile.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\LICENSE, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\package.json, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\README.md, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\dist\jquery.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\dist\jquery.min.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\dist\jquery.min.map, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\ajax\var\nonce.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\ajax\var\rquery.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\ajax\jsonp.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\ajax\load.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\ajax\parseJSON.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\ajax\parseXML.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\ajax\script.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\ajax\xhr.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\attributes\attr.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\attributes\classes.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\attributes\prop.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\attributes\support.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\attributes\val.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\core\var\rsingleTag.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\core\access.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\core\init.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\core\parseHTML.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\core\ready.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css\var\cssExpand.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css\var\getStyles.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css\var\isHidden.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css\var\rmargin.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css\var\rnumnonpx.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css\addGetHookIf.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css\curCSS.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css\defaultDisplay.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css\hiddenVisibleSelectors.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css\support.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css\swap.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\data\var\data_priv.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\data\var\data_user.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\data\accepts.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\data\Data.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\effects\animatedSelector.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\effects\Tween.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\event\alias.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\event\support.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\exports\amd.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\exports\global.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\manipulation\var\rcheckableType.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\manipulation\support.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\manipulation\_evalUrl.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\queue\delay.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\sizzle\dist\sizzle.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\sizzle\dist\sizzle.min.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\sizzle\dist\sizzle.min.map, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\traversing\var\rneedsContext.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\traversing\findFilter.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var\arr.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var\class2type.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var\concat.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var\hasOwn.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var\indexOf.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var\pnum.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var\push.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var\rnotwhite.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var\slice.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var\strundefined.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var\support.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var\toString.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var\trim.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\ajax.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\attributes.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\callbacks.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\core.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\data.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\deferred.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\deprecated.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\dimensions.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\effects.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\event.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\intro.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\jquery.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\manipulation.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\offset.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\outro.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\queue.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\selector-native.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\selector-sizzle.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\selector.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\serialize.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\traversing.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\wrap.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\bower.json, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\MIT-LICENSE.txt, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\underscore\bower.json, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\underscore\component.json, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\underscore\LICENSE, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\underscore\package.json, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\underscore\README.md, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\underscore\underscore.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\config\skin\images\logo\logo_128x.png, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\config\skin\images\logo\logo_16x.png, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\config\skin\images\logo\logo_19x.png, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\config\skin\images\logo\logo_38x.png, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\config\skin\images\logo\logo_48x.png, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\config\build.json, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\images\bundle_download.png, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\images\bundle_icon.png, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\images\icon128.png, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\images\icon16.png, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\images\icon19.png, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\images\icon38.png, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\images\icon48.png, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\images\search_icon.png, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\images\title_image.png, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\templates\BundleRow.ejs, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\apnAPI.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\background.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\base64.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\constants.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\guid.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\options.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\pings.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\popup.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\premium_bundles_historical.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\settings.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\templates.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\vendor.js, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\styles\main.css, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\styles\popup.css, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\_locales\en\messages.json, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\_metadata\verified_contents.json, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\icon.png, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\manifest.json, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\options.html, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\popup.html, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\settings.html, Quarantined, [525], [445701],1.0.3005 PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\vendor.css, Quarantined, [525], [445701],1.0.3005 Adware.MultiPlug, C:\PROGRAMDATA\NTUSER.POL, Quarantined, [371], [-1],0.0.0 Physical Sector: 0 (No malicious items detected) (end) My sophos log (before restart): 2017-10-13 22:11:13.430 Sophos Virus Removal Tool version 2.6.1 2017-10-13 22:11:13.430 Copyright (c) 2009-2017 Sophos Limited. All rights reserved. 2017-10-13 22:11:13.431 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them. 2017-10-13 22:11:13.431 Windows version 6.2 SP 0.0 build 9200 SM=0x300 PT=0x1 WOW64 2017-10-13 22:11:13.431 Checking for updates... 2017-10-13 22:11:13.575 Update progress: proxy server not available 2017-10-13 22:11:25.671 Option all = no 2017-10-13 22:11:25.671 Option recurse = yes 2017-10-13 22:11:25.741 Option archive = no 2017-10-13 22:11:25.741 Option service = yes 2017-10-13 22:11:25.741 Option confirm = yes 2017-10-13 22:11:25.741 Option sxl = yes 2017-10-13 22:11:25.741 Option max-data-age = 35 2017-10-13 22:11:25.741 Option vdl-logging = yes 2017-10-13 22:11:25.748 Customer ID: 094260ca9b3af99f9d4a3909fc47a743 2017-10-13 22:11:25.748 Machine ID: 07e0d09441444e83b70e566b20603749 2017-10-13 22:11:25.749 Component SVRTcli.exe version 2.6.1 2017-10-13 22:11:25.749 Component control.dll version 2.6.1 2017-10-13 22:11:25.749 Component SVRTservice.exe version 2.6.1 2017-10-13 22:11:25.749 Component engine\osdp.dll version 1.44.1.2286 2017-10-13 22:11:25.749 Component engine\veex.dll version 3.68.6.2286 2017-10-13 22:11:25.750 Component engine\savi.dll version 9.0.7.2286 2017-10-13 22:11:25.750 Component rkdisk.dll version 1.5.31.1 2017-10-13 22:11:25.750 Version info: Product version 2.6.1 2017-10-13 22:11:25.750 Version info: Detection engine 3.68.6 2017-10-13 22:11:25.750 Version info: Detection data 5.44 2017-10-13 22:11:25.750 Version info: Build date 19/09/2017 2017-10-13 22:11:25.750 Version info: Data files added 236 2017-10-13 22:11:25.750 Version info: Last successful update (not yet updated) 2017-10-13 22:11:47.314 Downloading updates... 2017-10-13 22:11:47.316 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1 2017-10-13 22:11:47.316 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path= 2017-10-13 22:11:47.316 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path= 2017-10-13 22:11:47.316 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=] 2017-10-13 22:11:47.316 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path= 2017-10-13 22:11:47.316 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path= 2017-10-13 22:11:47.316 Update progress: [I49502] sdds.data0910.xml: found supplement IDE545 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=] 2017-10-13 22:11:47.317 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE545 LATEST path= 2017-10-13 22:11:47.317 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE545 LATEST path= 2017-10-13 22:11:47.317 Update progress: [I49502] sdds.data0910.xml: found supplement IDE546 LATEST path= baseVersion= [included from product IDE545 LATEST path=] 2017-10-13 22:11:47.317 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE546 LATEST path= 2017-10-13 22:11:47.317 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE546 LATEST path= 2017-10-13 22:11:47.317 Update progress: [I49502] sdds.data0910.xml: found supplement IDE547 LATEST path= baseVersion= [included from product IDE546 LATEST path=] 2017-10-13 22:11:47.317 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE547 LATEST path= 2017-10-13 22:11:47.317 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE547 LATEST path= 2017-10-13 22:11:47.317 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path= 2017-10-13 22:11:48.284 Update progress: [I19463] Syncing product SAVIW32 LATEST path= 2017-10-13 22:11:48.284 Update progress: [I19463] Product download size 174235198 bytes 2017-10-13 22:12:00.158 Update progress: [I19463] Syncing product IDE545 LATEST path= 2017-10-13 22:12:00.158 Update progress: [I19463] Product download size 2585002 bytes 2017-10-13 22:12:03.135 Update progress: [I19463] Syncing product IDE546 LATEST path= 2017-10-13 22:12:03.135 Update progress: [I19463] Product download size 1652529 bytes 2017-10-13 22:12:05.176 Update progress: [I19463] Syncing product IDE547 LATEST path= 2017-10-13 22:12:05.471 Installing updates... 2017-10-13 22:12:06.077 Error level 1 2017-10-13 22:12:24.313 Update successful 2017-10-13 22:12:32.616 Option all = no 2017-10-13 22:12:32.616 Option recurse = yes 2017-10-13 22:12:32.616 Option archive = no 2017-10-13 22:12:32.616 Option service = yes 2017-10-13 22:12:32.616 Option confirm = yes 2017-10-13 22:12:32.616 Option sxl = yes 2017-10-13 22:12:32.617 Option max-data-age = 35 2017-10-13 22:12:32.617 Option vdl-logging = yes 2017-10-13 22:12:32.621 Customer ID: 094260ca9b3af99f9d4a3909fc47a743 2017-10-13 22:12:32.622 Machine ID: 07e0d09441444e83b70e566b20603749 2017-10-13 22:12:32.622 Component SVRTcli.exe version 2.6.1 2017-10-13 22:12:32.622 Component control.dll version 2.6.1 2017-10-13 22:12:32.623 Component SVRTservice.exe version 2.6.1 2017-10-13 22:12:32.623 Component engine\osdp.dll version 1.44.1.2286 2017-10-13 22:12:32.623 Component engine\veex.dll version 3.68.6.2286 2017-10-13 22:12:32.623 Component engine\savi.dll version 9.0.7.2286 2017-10-13 22:12:32.623 Component rkdisk.dll version 1.5.31.1 2017-10-13 22:12:32.623 Version info: Product version 2.6.1 2017-10-13 22:12:32.624 Version info: Detection engine 3.68.6 2017-10-13 22:12:32.624 Version info: Detection data 5.44 2017-10-13 22:12:32.624 Version info: Build date 19/09/2017 2017-10-13 22:12:32.624 Version info: Data files added 237 2017-10-13 22:12:32.624 Version info: Last successful update 14/10/2017 01:12:24 2017-10-13 23:01:17.262 Could not open C:\hiberfil.sys 2017-10-13 23:32:36.983 >>> Virus 'Mal/DrodZp-A' found in file C:\ProgramData\McAfee\VirusScan\Quarantine\quarantine\66294f74-367c-4165-9efc-83ba299ccae6.zip 2017-10-13 23:36:16.577 Could not open C:\swapfile.sys 2017-10-13 23:39:21.846 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} 2017-10-13 23:39:21.847 Could not open C:\System Volume Information\{55f693e2-b038-11e7-9c89-e03f491ba4ce}{3808876b-c176-4e48-b7ae-04046e6cc752} 2017-10-13 23:39:21.847 Could not open C:\System Volume Information\{8db0dde9-ad3a-11e7-9c86-e03f491ba4ce}{3808876b-c176-4e48-b7ae-04046e6cc752} 2017-10-13 23:39:21.847 Could not open C:\System Volume Information\{c70e070b-af80-11e7-9c88-e03f491ba4ce}{3808876b-c176-4e48-b7ae-04046e6cc752} 2017-10-13 23:41:12.515 Could not open C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Current Session 2017-10-13 23:41:12.516 Could not open C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Current Tabs 2017-10-14 01:09:15.692 Could not open C:\Windows\System32\catroot2\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\catdb 2017-10-14 01:09:15.694 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb 2017-10-14 01:09:22.224 Could not open C:\Windows\System32\config\BBI 2017-10-14 01:09:22.469 Could not open C:\Windows\System32\config\DRIVERS 2017-10-14 01:09:22.539 Could not open C:\Windows\System32\config\RegBack\DEFAULT 2017-10-14 01:09:22.567 Could not open C:\Windows\System32\config\RegBack\SAM 2017-10-14 01:09:22.572 Could not open C:\Windows\System32\config\RegBack\SECURITY 2017-10-14 01:09:22.581 Could not open C:\Windows\System32\config\RegBack\SOFTWARE 2017-10-14 01:09:22.588 Could not open C:\Windows\System32\config\RegBack\SYSTEM 2017-10-14 01:22:13.135 Could not open C:\Windows\Temp\mcafee_LZlDsOFtUpj3iC3 2017-10-14 01:42:13.394 Could not open LOGICAL:0004:00000000 2017-10-14 01:42:13.399 Could not open E:\ 2017-10-14 01:55:01.425 The following items will be cleaned up: 2017-10-14 01:55:01.425 Mal/DrodZp-A 2017-10-14 07:02:50.437 Threat 'Mal/DrodZp-A' needs a reboot to complete cleanup. 2017-10-14 07:02:50.438 File "C:\ProgramData\McAfee\VirusScan\Quarantine\quarantine\66294f74-367c-4165-9efc-83ba299ccae6.zip" belongs to malware 'Mal/DrodZp-A'. 2017-10-14 07:02:50.438 File "C:\ProgramData\McAfee\VirusScan\Quarantine\quarantine\66294f74-367c-4165-9efc-83ba299ccae6.zip" needs a reboot to complete cleanup. 2017-10-14 07:02:50.438 Threat will be removed on reboot. 2017-10-14 07:02:50.639 Installed boot task components. 2017-10-14 07:02:51.192 The computer must be restarted in order to complete the cleanup. 2017-10-14 07:02:51.192 Error level 5 2017-10-14 07:02:51.202 Cleanup on restart pending for Mal/DrodZp-A: DeleteFile "\\?\C:\ProgramData\McAfee\VirusScan\Quarantine\quarantine\66294f74-367c-4165-9efc-83ba299ccae6.zip" So after the cleanup can I be sure that there is nothing that stealing any information? can I buy things online and my credit card details will not be stolen? Thanks. Link to post Share on other sites More sharing options...
kevinf80 Posted October 14, 2017 ID:1172606 Share Posted October 14, 2017 Before we clean up i`d recommend a clean install of your default browser Chrome, that is where Malwarebytes seems to be very busy....... If your Chrome Bookmarks are important do this first: Go to this link: http://www.wikihow.com/Export-Bookmarks-from-Chrome follow the instructions and Export your Bookmarks from Chrome, save to your Desktop or similar. Note the instructions can also be used to Import the bookmarks..... Continue for a clean install: Download Chrome installer and save to install later: https://www.google.com/intl/en_uk/chrome/browser/desktop/index.html https://www.google.com/intl/en_usa/chrome/browser/desktop/index.html Remove all synced data from Chrome go here: https://support.google.com/chrome/answer/6386691?hl=en-GB follow those instructions... It is essntial that any/all synced data is removed when the browser is hijacked or exploited in anyway... Uninstall Chrome: https://support.google.com/chrome/answer/95319?hl=en-GB follow those instructions, ensure the option to "Also delete your browsing data" is selected. <<--- Very important!! Navigate to C:\Users\Your user name\Appdata\Local from that folder delete the folder named Google (you will need to show hidden files/folders to see the folder Appdata) For XP that will be My Computer > C:\ Documents and Settings\Your User Name\Application Data\Roaming How to show hidden files and folders for windows: http://www.howtogeek.com/howto/windows-vista/show-hidden-files-and-folders-in-windows-vista/ Install Google Chrome : Install Adblock Plus to Chrome: https://chrome.google.com/webstore/detail/adblock-plus/cfhdojbkjhnklbpkdaibdccddilifddb Install DrWeb Link Ant-virus Link Checker: https://chrome.google.com/webstore/detail/drweb-anti-virus-link-che/aleggpabliehgbeagmfhnodcijcmbonb?hl=en Next, Change all passwords that you use on your PC, specificall any with financial implications.... Use your PC, surf about, see how it responds. Let me know if there are any remaining issues or concerns...... Thank you, Kevin.... Link to post Share on other sites More sharing options...
Omer135 Posted October 14, 2017 Author ID:1172642 Share Posted October 14, 2017 Hi I uninstalled and installed again as you told me, I installed the adblock and the antivirus, I will run malwarebytes again. If it won't find anything I can change my passwords and buy things online? Thanks Link to post Share on other sites More sharing options...
kevinf80 Posted October 14, 2017 ID:1172647 Share Posted October 14, 2017 Post log whenever ready... Link to post Share on other sites More sharing options...
Omer135 Posted October 14, 2017 Author ID:1172659 Share Posted October 14, 2017 Hi, this is the new log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 10/14/17 Scan Time: 5:31 PM Log File: 573ac13a-b0ec-11e7-9f75-e03f491ba4ce.json Administrator: Yes -Software Information- Version: 3.2.2.2029 Components Version: 1.0.212 Update Package Version: 1.0.3010 License: Trial -System Information- OS: Windows 10 (Build 15063.674) CPU: x64 File System: NTFS User: AIYA-PC\Omer -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 724634 Threats Detected: 1 Threats Quarantined: 1 Time Elapsed: 1 hr, 2 min, 51 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 1 PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Torntv V9.0, Quarantined, [220], [446031],1.0.3010 Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) (end) It found only 1 threat, so now am I safe or I need to do more things before I will be totally safe. Thanks. Link to post Share on other sites More sharing options...
kevinf80 Posted October 14, 2017 ID:1172667 Share Posted October 14, 2017 You should be good to go, continue to clean up: Uninstall Sophos AV http://www.askvg.com/how-to-completely-uninstall-remove-a-software-program-in-windows-without-using-3rd-party-software/ Next, Download "Delfix by Xplode" and save it to your desktop. Or use the following if first link is down:"Delfix link mirror" If your security program alerts to Delfix either, accept the alert or turn your security off. Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator Make Sure the following items are checked: Remove disinfection tools <----- this will remove tools we may have used. Purge System Restore <--- this will remove all previous and possibly exploited restore points, a new point relative to system status at present will be created. Reset system settings <--- this will reset any system settings back to default that were changed either by us during cleansing or malware/infection Now click on "Run" and wait patiently until the tool has completed. The tool will create a log when it has completed. We don't need you to post this. Any remnant files/logs from tools we have used can be deleted… Next, Read the following links to fully understand PC Security and Best Practices, you may find them useful....Answers to Common Security Questions and best PracticesDo I need a Registry Cleaner? Take care and surf safe Kevin... Link to post Share on other sites More sharing options...
kevinf80 Posted October 15, 2017 ID:1172924 Share Posted October 15, 2017 Glad we could help. :)If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts