Jump to content

Got 12,190 threats is it safe to delete them?


Recommended Posts

Hello Omer135 and welcome to Malwarebytes

Leave the items in quarantine for now, see how your system responds. Entries can be dequarantined if necessary later..... Also run the following and post the two produced logs.

Download Farbar Recovery Scan Tool and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

Be aware FRST must be run from an account with Administrator status...
 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach that log to your reply.

Thank you,

Kevin.

Link to post
Share on other sites

Hi, did that scan, here is FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-10-2017
Ran by Omer (administrator) on AIYA-PC (09-10-2017 18:22:54)
Running from C:\Users\Aiya\Desktop\Security\FRST
Loaded Profiles: Omer (Available Profiles: Omer & aya & shira)
Platform: Windows 10 Home Version 1703 170317-1834 (X64) Language: ‏‏עברית (ישראל)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_7\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Akamai Technologies, Inc.) C:\Users\Aiya\AppData\Local\Akamai\netsession_win.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Intel® Corporation) C:\Program Files\Intel\ConnectCenter\bin\CCFManager.exe
(Akamai Technologies, Inc.) C:\Users\Aiya\AppData\Local\Akamai\netsession_win.exe
(ASUS) C:\Program Files (x86)\ASUS\PC Link\PCLinkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Discord Inc.) C:\Users\Aiya\AppData\Local\Discord\app-0.0.298\Discord.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\McCSPServiceHost.exe
(Discord Inc.) C:\Users\Aiya\AppData\Local\Discord\app-0.0.298\Discord.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Program Files (x86)\ASUS\PC Link\tools\adb.exe
() C:\Program Files (x86)\ASUS\PC Link\tools\pclink_connect.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Discord Inc.) C:\Users\Aiya\AppData\Local\Discord\app-0.0.298\Discord.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8838400 2016-06-07] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [IntelConnectCenter] => C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [90112 2015-03-16] (Intel® Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-11-04] (Razer Inc.)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1928776 2016-11-09] (APN)
HKLM\...\Winlogon: [Shell] explorer.exe,
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3482594340-428826731-879083492-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Aiya\AppData\Local\Akamai\netsession_win.exe [4490200 2017-09-08] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3482594340-428826731-879083492-1000\...\Run: [PCLink] => C:\Program Files (x86)\ASUS\PC Link\PCLink.exe [640272 2015-10-29] (ASUSTek Computer Inc.)
HKU\S-1-5-21-3482594340-428826731-879083492-1000\...\Run: [GoogleChromeAutoLaunch_FA41ACFFCB5E6EB7A38F058117CB2178] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1451352 2017-09-21] (Google Inc.)
HKU\S-1-5-21-3482594340-428826731-879083492-1000\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [986648 2016-10-21] (BlueStack Systems, Inc.)
HKU\S-1-5-21-3482594340-428826731-879083492-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-11-17] (Apple Inc.)
HKU\S-1-5-21-3482594340-428826731-879083492-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3074336 2017-10-05] (Valve Corporation)
HKU\S-1-5-21-3482594340-428826731-879083492-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27815896 2017-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-3482594340-428826731-879083492-1000\...\Run: [Discord] => C:\Users\Aiya\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
Startup: C:\Users\Aiya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2016-01-18]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-09-28]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe (McAfee, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1    mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{c51d48a9-dcf9-43a0-8a9e-fc3d28459fdf}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = 
SearchScopes: HKU\S-1-5-21-3482594340-428826731-879083492-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-14] (Intel Security)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-04] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-09-06] (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-04] (Oracle Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-14] (Intel Security)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-11] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-09-06] (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-11] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-14] (Intel Security)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-14] (Intel Security)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-09-06] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-09-06] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-09-06] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-09-06] (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-06-01] (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-08-08] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-08-08] (McAfee, Inc.)

Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-3482594340-428826731-879083492-1000 -> hxxps://www.google.co.il/?gfe_rd=cr&ei=0qnAVYSBOqHj8wed_prYAw&gws_rd=ssl

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-07-20]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-13] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-04] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-08-08] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-13] ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-11] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-08-08] ()
FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll [2014-01-22] (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll [2012-05-31] (Oberon-Media )
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-03-18] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3482594340-428826731-879083492-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Aiya\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-19] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3482594340-428826731-879083492-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-03-18] (Pando Networks)
FF Plugin HKU\S-1-5-21-3482594340-428826731-879083492-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-08-11] ()

Chrome: 
=======
CHR DefaultProfile: Profile 2
CHR HomePage: Profile 2 -> hxxp://start.qone8.com/?type=hp&ts=1397254107&from=epom2&uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F168825588255
CHR StartupUrls: Profile 2 -> "hxxps://www.google.co.il/"
CHR Profile: C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Default [2017-07-13]
CHR Extension: (YouTube) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-07]
CHR Extension: (חיפוש Google) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-07]
CHR Extension: (Google Sheets) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-07]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-07-13]
CHR Extension: (Google Docs Offline) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-13]
CHR Extension: (Skype) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-07-13]
CHR Extension: (Gmail) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-07]
CHR Extension: (Chrome Media Router) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-13]
CHR Profile: C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Guest Profile [2015-05-06]
CHR Profile: C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-10-09]
CHR Extension: (Free Proxy to Unblock any sites | Touch VPN) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2017-07-13]
CHR Extension: (YouTube) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-10-01]
CHR Extension: (חיפוש Google) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Sleepy Jack) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\edjdoaebnejlnjknbkbacepgemnjlmfc [2015-06-19]
CHR Extension: (AliTools) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eenflijjbchafephdplkdmeenekabdfb [2017-10-01]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-07-30]
CHR Extension: (Google Docs Offline) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-13]
CHR Extension: (Cashdo ) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghdoangbdengbkokhihepcjgdkdogcdi [2017-10-01]
CHR Extension: (Torrent Search) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ialilpegnnfigbcggpbbdecdgencbfge [2016-05-25]
CHR Extension: (Fieldrunners) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lkpikhjbfbffdblahfidklcohlaeabak [2015-06-18]
CHR Extension: (Plants vs Zombies) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2015-06-19]
CHR Extension: (Frontline Defense 2 HD) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nincmkjomngcmklpdkmdkioemlhdieim [2015-06-19]
CHR Extension: (Gmail) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-01]
CHR Profile: C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3 [2016-06-11]
CHR Extension: (No Name) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-15]
CHR Extension: (Replace Favicon) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\akaelkiagnbfcccfnmbimdbplecgbikh [2015-07-15]
CHR Extension: (No Name) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-15]
CHR Extension: (No Name) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-15]
CHR Extension: (No Name) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-15]
CHR Extension: (Facebook) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2015-07-15]
CHR Extension: (Adblock Plus) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-07-15]
CHR Extension: (No Name) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-15]
CHR Extension: (No Name) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-15]
CHR Extension: (SiteAdvisor) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-07-15]
CHR Extension: (AdBlock) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-07-15]
CHR Extension: (No Name) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ialilpegnnfigbcggpbbdecdgencbfge [2016-05-25]
CHR Extension: (No Name) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jopdpbolklklaiookikgmdinfbooiipj [2015-07-15]
CHR Extension: (Movies App) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jpammgopeogkfkfjafahnachhacngopo [2015-07-15]
CHR Extension: (Skype Click to Call) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-07-15]
CHR Extension: (Google Wallet) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-15]
CHR Extension: (Instagram for Chrome) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2015-07-15]
CHR Extension: (MediaCaster by Ask) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd [2015-07-15]
CHR Extension: (Search People) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-07-15]
CHR Extension: (No Name) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-15]
CHR Profile: C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\System Profile [2017-07-13]
CHR Extension: (Google מצגות) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-15]
CHR Extension: (Google Docs) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-15]
CHR Extension: (כונן Google) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-15]
CHR Extension: (YouTube) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-15]
CHR Extension: (חיפוש Google) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-15]
CHR Extension: (Google Sheets) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-15]
CHR Extension: (Gmail) - C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-15]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-19]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2016-01-18] (Adobe Systems) [File not signed]
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [201800 2016-11-09] (APN LLC.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2015-12-11] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1522184 2017-08-08] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-10-21] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-10-21] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [466456 2016-10-21] (BlueStack Systems, Inc.)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1511728 2017-08-10] (McAfee, Inc.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [382504 2017-07-31] (EasyAntiCheat Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-07-12] (Hi-Rez Studios) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-08] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321896 2017-07-06] (HP Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [590880 2017-09-06] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_7\McApExe.exe [993256 2017-08-07] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe [404376 2017-09-05] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\\McCSPServiceHost.exe [2139832 2017-05-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [242640 2017-06-21] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [394704 2017-06-21] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [350160 2017-06-21] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1546904 2017-08-17] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-08-18] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2168208 2017-07-12] (Electronic Arts)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1043864 2017-07-31] (Intel Security, Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2016-07-01] ()
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [69744 2016-10-18] (Razer Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4261344 2016-11-04] (Razer Inc)
S2 STCServ; C:\Program Files\Intel\STCServ\STCServ.exe [8095456 2015-03-16] (Intel Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996736 2017-04-12] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16160 2017-04-12] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86776 2017-04-12] (McAfee, Inc.)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2016-08-26] (Popcorn Time) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-12-11] ()
S3 AsusVBus; C:\WINDOWS\System32\drivers\AsusVBus.sys [39704 2015-07-31] (Windows (R) Win 7 DDK provider)
S3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [85312 2015-07-31] (ASUS Corporation)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-10-21] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-10-07] (Bluestack System Inc. )
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77800 2017-06-26] (McAfee, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-10-04] ()
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [209608 2017-08-07] (McAfee, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [192952 2017-10-09] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-10-09] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [45504 2017-10-09] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2017-10-09] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2017-10-09] (Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [487408 2017-06-26] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [355312 2017-06-26] (McAfee, Inc.)
U3 mfeavfk01; no ImagePath
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [84544 2017-06-26] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [506352 2017-06-26] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [933360 2017-06-26] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [504792 2017-06-27] (McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108504 2017-06-27] (McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116208 2017-06-26] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [253424 2017-06-26] (McAfee, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_f9309145156afb40\nvlddmkm.sys [14456912 2017-05-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-08-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-08-18] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [51736 2016-06-23] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [130880 2015-12-15] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Windows (R) Win 7 DDK provider)
R1 SamsungMonitorFirmware; C:\WINDOWS\system32\drivers\MFWCtwl.sys [21360 2011-12-26] (Samsung Electronics, Inc. ) [File not signed]
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36904 2016-04-01] (Wellbia.com Co., Ltd.)
U3 aspnet_state; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-09 18:22 - 2017-10-09 18:22 - 000000000 ____D C:\FRST
2017-10-09 18:19 - 2017-10-09 18:19 - 000000000 ____D C:\Users\Aiya\Desktop\Security
2017-10-09 18:13 - 2017-10-09 18:13 - 000000258 __RSH C:\ProgramData\ntuser.pol
2017-10-09 16:24 - 2017-10-09 17:28 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-10-09 16:24 - 2017-10-09 16:24 - 000252232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-10-09 16:24 - 2017-10-09 16:24 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2017-10-09 16:24 - 2017-10-09 16:24 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-10-09 16:24 - 2017-10-09 16:24 - 000045504 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-10-09 16:24 - 2017-10-09 16:24 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-10-09 16:24 - 2017-10-09 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-10-09 16:24 - 2017-10-09 16:24 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-10-09 16:24 - 2017-10-09 16:24 - 000000000 ____D C:\Program Files\Malwarebytes
2017-10-09 16:24 - 2017-10-04 13:15 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-10-09 10:46 - 2017-10-09 10:47 - 000000000 ____D C:\Users\Aiya\Desktop\BossDaMajor
2017-10-08 19:16 - 2017-10-08 19:16 - 000000000 ____D C:\Users\Aiya\tempfiles
2017-10-01 01:44 - 2017-10-01 01:44 - 000000000 ____D C:\WINDOWS\Panther
2017-10-01 01:43 - 2017-10-01 01:43 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-09-28 00:13 - 2017-09-28 00:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-09-28 00:13 - 2017-09-28 00:13 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2017-09-18 21:10 - 2017-09-18 21:10 - 000001190 _____ C:\Users\Aiya\Desktop\Overwatch.lnk
2017-09-13 14:23 - 2017-10-06 17:16 - 000085784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe
2017-09-13 14:23 - 2017-09-05 08:30 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-09-13 14:23 - 2017-09-05 08:21 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-09-13 14:23 - 2017-09-05 08:18 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-09-13 14:23 - 2017-09-05 08:16 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-09-13 14:23 - 2017-09-05 08:12 - 001409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-09-13 14:23 - 2017-09-05 08:12 - 001292880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-09-13 14:23 - 2017-09-05 08:12 - 000627080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-09-13 14:23 - 2017-09-05 08:12 - 000081176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2017-09-13 14:23 - 2017-09-05 08:11 - 002675104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-09-13 14:23 - 2017-09-05 07:53 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-09-13 14:23 - 2017-09-05 07:52 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-09-13 14:23 - 2017-09-05 07:50 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2017-09-13 14:23 - 2017-09-05 07:46 - 004471888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-09-13 14:23 - 2017-09-05 07:45 - 005821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-09-13 14:23 - 2017-09-05 07:45 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-09-13 14:23 - 2017-09-05 07:45 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-09-13 14:23 - 2017-09-05 07:45 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-09-13 14:23 - 2017-09-05 07:44 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-09-13 14:23 - 2017-09-05 07:43 - 000611096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-09-13 14:23 - 2017-09-05 07:43 - 000359560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-09-13 14:23 - 2017-09-05 07:43 - 000280480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-09-13 14:23 - 2017-09-05 07:43 - 000169376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-09-13 14:23 - 2017-09-05 07:43 - 000042456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2017-09-13 14:23 - 2017-09-05 07:42 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-09-13 14:23 - 2017-09-05 07:42 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-09-13 14:23 - 2017-09-05 07:42 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-09-13 14:23 - 2017-09-05 07:42 - 000291904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2017-09-13 14:23 - 2017-09-05 07:42 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-09-13 14:23 - 2017-09-05 07:41 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-09-13 14:23 - 2017-09-05 07:41 - 006761560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-13 14:23 - 2017-09-05 07:41 - 004671832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-09-13 14:23 - 2017-09-05 07:41 - 001106904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-09-13 14:23 - 2017-09-05 07:41 - 001013912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-09-13 14:23 - 2017-09-05 07:40 - 000052768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2017-09-13 14:23 - 2017-09-05 07:37 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-09-13 14:23 - 2017-09-05 07:28 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2017-09-13 14:23 - 2017-09-05 07:28 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2017-09-13 14:23 - 2017-09-05 07:27 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-09-13 14:23 - 2017-09-05 07:26 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-09-13 14:23 - 2017-09-05 07:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-09-13 14:23 - 2017-09-05 07:26 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2017-09-13 14:23 - 2017-09-05 07:25 - 013844480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-09-13 14:23 - 2017-09-05 07:25 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-09-13 14:23 - 2017-09-05 07:25 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-09-13 14:23 - 2017-09-05 07:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-09-13 14:23 - 2017-09-05 07:24 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-13 14:23 - 2017-09-05 07:23 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-09-13 14:23 - 2017-09-05 07:22 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-09-13 14:23 - 2017-09-05 07:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-09-13 14:23 - 2017-09-05 07:22 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-09-13 14:23 - 2017-09-05 07:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-09-13 14:23 - 2017-09-05 07:21 - 006728704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-09-13 14:23 - 2017-09-05 07:21 - 001178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-09-13 14:23 - 2017-09-05 07:21 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2017-09-13 14:23 - 2017-09-05 07:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
2017-09-13 14:23 - 2017-09-05 07:20 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-09-13 14:23 - 2017-09-05 07:19 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-09-13 14:23 - 2017-09-05 07:19 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2017-09-13 14:23 - 2017-09-05 07:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2017-09-13 14:23 - 2017-09-05 07:19 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2017-09-13 14:23 - 2017-09-05 07:18 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-09-13 14:23 - 2017-09-05 07:18 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-09-13 14:23 - 2017-09-05 07:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2017-09-13 14:23 - 2017-09-05 07:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2017-09-13 14:23 - 2017-09-05 07:18 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2017-09-13 14:23 - 2017-09-05 07:17 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-09-13 14:23 - 2017-09-05 07:17 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2017-09-13 14:23 - 2017-09-05 07:17 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-09-13 14:23 - 2017-09-05 07:17 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-09-13 14:23 - 2017-09-05 07:17 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-09-13 14:23 - 2017-09-05 07:16 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-09-13 14:23 - 2017-09-05 07:16 - 000844288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2017-09-13 14:23 - 2017-09-05 07:16 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2017-09-13 14:23 - 2017-09-05 07:16 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-09-13 14:23 - 2017-09-05 07:16 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-09-13 14:23 - 2017-09-05 07:15 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-09-13 14:23 - 2017-09-05 07:15 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-09-13 14:23 - 2017-09-05 07:15 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-09-13 14:23 - 2017-09-05 07:15 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-09-13 14:23 - 2017-09-05 07:15 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2017-09-13 14:23 - 2017-09-05 07:14 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-09-13 14:23 - 2017-09-05 07:14 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-09-13 14:23 - 2017-09-05 07:14 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-09-13 14:23 - 2017-09-05 07:14 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-09-13 14:23 - 2017-09-05 07:14 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-09-13 14:23 - 2017-09-05 07:13 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-09-13 14:23 - 2017-09-05 07:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-09-13 14:23 - 2017-09-05 07:12 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-09-13 14:23 - 2017-09-05 07:12 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-09-13 14:23 - 2017-09-05 07:12 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-09-13 14:23 - 2017-09-05 07:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-09-13 14:23 - 2017-09-05 07:11 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-09-13 14:23 - 2017-09-05 07:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-09-13 14:23 - 2017-09-05 07:11 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-09-13 14:23 - 2017-09-05 07:11 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-09-13 14:23 - 2017-09-05 07:10 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-09-13 14:23 - 2017-09-05 07:10 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-09-13 14:23 - 2017-09-05 07:10 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-09-13 14:23 - 2017-09-05 07:10 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
2017-09-13 14:23 - 2017-09-05 07:06 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2017-09-13 14:23 - 2017-09-05 07:06 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-09-13 14:23 - 2017-09-05 07:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-09-13 14:23 - 2017-09-05 07:04 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-09-13 14:22 - 2017-09-05 08:31 - 001596592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-09-13 14:22 - 2017-09-05 08:31 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-09-13 14:22 - 2017-09-05 08:31 - 001147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-09-13 14:22 - 2017-09-05 08:31 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-09-13 14:22 - 2017-09-05 08:31 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-09-13 14:22 - 2017-09-05 08:31 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-09-13 14:22 - 2017-09-05 08:31 - 000115792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2017-09-13 14:22 - 2017-09-05 08:27 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-09-13 14:22 - 2017-09-05 08:27 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-09-13 14:22 - 2017-09-05 08:26 - 008319904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-09-13 14:22 - 2017-09-05 08:26 - 001930840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-09-13 14:22 - 2017-09-05 08:25 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-13 14:22 - 2017-09-05 08:25 - 000159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-09-13 14:22 - 2017-09-05 08:24 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-09-13 14:22 - 2017-09-05 08:24 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-09-13 14:22 - 2017-09-05 08:23 - 004462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2017-09-13 14:22 - 2017-09-05 08:23 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-09-13 14:22 - 2017-09-05 08:20 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-09-13 14:22 - 2017-09-05 08:19 - 004848960 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-09-13 14:22 - 2017-09-05 08:19 - 002443168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-09-13 14:22 - 2017-09-05 08:18 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-09-13 14:22 - 2017-09-05 08:18 - 005477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-09-13 14:22 - 2017-09-05 08:18 - 002972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-09-13 14:22 - 2017-09-05 08:18 - 002647224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-09-13 14:22 - 2017-09-05 08:18 - 001668344 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2017-09-13 14:22 - 2017-09-05 08:18 - 000685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-09-13 14:22 - 2017-09-05 08:18 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-09-13 14:22 - 2017-09-05 08:17 - 000316320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-09-13 14:22 - 2017-09-05 08:16 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-09-13 14:22 - 2017-09-05 08:16 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-09-13 14:22 - 2017-09-05 08:16 - 000724200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-09-13 14:22 - 2017-09-05 08:16 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-09-13 14:22 - 2017-09-05 08:16 - 000410168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-09-13 14:22 - 2017-09-05 08:16 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-09-13 14:22 - 2017-09-05 08:16 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-09-13 14:22 - 2017-09-05 08:16 - 000049720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2017-09-13 14:22 - 2017-09-05 08:15 - 003116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-09-13 14:22 - 2017-09-05 08:15 - 000871448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-09-13 14:22 - 2017-09-05 08:15 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-09-13 14:22 - 2017-09-05 08:15 - 000381824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-09-13 14:22 - 2017-09-05 08:15 - 000257440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-09-13 14:22 - 2017-09-05 08:14 - 021352656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-09-13 14:22 - 2017-09-05 08:14 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-13 14:22 - 2017-09-05 08:14 - 004708504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-09-13 14:22 - 2017-09-05 08:14 - 001146176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-09-13 14:22 - 2017-09-05 08:14 - 000958664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-09-13 14:22 - 2017-09-05 08:14 - 000254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-09-13 14:22 - 2017-09-05 08:14 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-09-13 14:22 - 2017-09-05 08:13 - 001619816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-09-13 14:22 - 2017-09-05 08:13 - 000064680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-09-13 14:22 - 2017-09-05 08:11 - 000610720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2017-09-13 14:22 - 2017-09-05 08:11 - 000387936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-09-13 14:22 - 2017-09-05 07:53 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-09-13 14:22 - 2017-09-05 07:45 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-09-13 14:22 - 2017-09-05 07:31 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-09-13 14:22 - 2017-09-05 07:30 - 001639936 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-09-13 14:22 - 2017-09-05 07:30 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-09-13 14:22 - 2017-09-05 07:30 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-13 14:22 - 2017-09-05 07:30 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-09-13 14:22 - 2017-09-05 07:30 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-09-13 14:22 - 2017-09-05 07:30 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-09-13 14:22 - 2017-09-05 07:30 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-09-13 14:22 - 2017-09-05 07:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-09-13 14:22 - 2017-09-05 07:30 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-09-13 14:22 - 2017-09-05 07:29 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-09-13 14:22 - 2017-09-05 07:28 - 017371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-13 14:22 - 2017-09-05 07:28 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-13 14:22 - 2017-09-05 07:27 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-09-13 14:22 - 2017-09-05 07:27 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-09-13 14:22 - 2017-09-05 07:27 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-09-13 14:22 - 2017-09-05 07:27 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-09-13 14:22 - 2017-09-05 07:27 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-09-13 14:22 - 2017-09-05 07:27 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2017-09-13 14:22 - 2017-09-05 07:27 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-09-13 14:22 - 2017-09-05 07:27 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-09-13 14:22 - 2017-09-05 07:26 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-09-13 14:22 - 2017-09-05 07:26 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll
2017-09-13 14:22 - 2017-09-05 07:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2017-09-13 14:22 - 2017-09-05 07:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2017-09-13 14:22 - 2017-09-05 07:26 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-09-13 14:22 - 2017-09-05 07:26 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-09-13 14:22 - 2017-09-05 07:26 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2017-09-13 14:22 - 2017-09-05 07:26 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-09-13 14:22 - 2017-09-05 07:25 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-09-13 14:22 - 2017-09-05 07:25 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-09-13 14:22 - 2017-09-05 07:25 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-09-13 14:22 - 2017-09-05 07:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-09-13 14:22 - 2017-09-05 07:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2017-09-13 14:22 - 2017-09-05 07:24 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-09-13 14:22 - 2017-09-05 07:24 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-09-13 14:22 - 2017-09-05 07:24 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-09-13 14:22 - 2017-09-05 07:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-09-13 14:22 - 2017-09-05 07:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-09-13 14:22 - 2017-09-05 07:24 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll
2017-09-13 14:22 - 2017-09-05 07:24 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2017-09-13 14:22 - 2017-09-05 07:24 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-09-13 14:22 - 2017-09-05 07:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-09-13 14:22 - 2017-09-05 07:23 - 020509184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-09-13 14:22 - 2017-09-05 07:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-09-13 14:22 - 2017-09-05 07:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-09-13 14:22 - 2017-09-05 07:23 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-09-13 14:22 - 2017-09-05 07:23 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-09-13 14:22 - 2017-09-05 07:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-09-13 14:22 - 2017-09-05 07:23 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-09-13 14:22 - 2017-09-05 07:23 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2017-09-13 14:22 - 2017-09-05 07:23 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-09-13 14:22 - 2017-09-05 07:22 - 023684608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-09-13 14:22 - 2017-09-05 07:22 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-09-13 14:22 - 2017-09-05 07:22 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-13 14:22 - 2017-09-05 07:22 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-09-13 14:22 - 2017-09-05 07:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2017-09-13 14:22 - 2017-09-05 07:22 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-09-13 14:22 - 2017-09-05 07:22 - 000413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-09-13 14:22 - 2017-09-05 07:22 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-09-13 14:22 - 2017-09-05 07:22 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2017-09-13 14:22 - 2017-09-05 07:22 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-09-13 14:22 - 2017-09-05 07:22 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-09-13 14:22 - 2017-09-05 07:22 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2017-09-13 14:22 - 2017-09-05 07:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-09-13 14:22 - 2017-09-05 07:21 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-09-13 14:22 - 2017-09-05 07:21 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-09-13 14:22 - 2017-09-05 07:21 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-09-13 14:22 - 2017-09-05 07:21 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-09-13 14:22 - 2017-09-05 07:21 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-09-13 14:22 - 2017-09-05 07:21 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-09-13 14:22 - 2017-09-05 07:21 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-09-13 14:22 - 2017-09-05 07:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-09-13 14:22 - 2017-09-05 07:20 - 007337472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-13 14:22 - 2017-09-05 07:20 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-13 14:22 - 2017-09-05 07:20 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-13 14:22 - 2017-09-05 07:20 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-09-13 14:22 - 2017-09-05 07:20 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-09-13 14:22 - 2017-09-05 07:20 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-09-13 14:22 - 2017-09-05 07:20 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-09-13 14:22 - 2017-09-05 07:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-09-13 14:22 - 2017-09-05 07:19 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-09-13 14:22 - 2017-09-05 07:19 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-09-13 14:22 - 2017-09-05 07:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-09-13 14:22 - 2017-09-05 07:19 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-09-13 14:22 - 2017-09-05 07:19 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-09-13 14:22 - 2017-09-05 07:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-09-13 14:22 - 2017-09-05 07:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-09-13 14:22 - 2017-09-05 07:19 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-09-13 14:22 - 2017-09-05 07:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-09-13 14:22 - 2017-09-05 07:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-09-13 14:22 - 2017-09-05 07:18 - 012801536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-09-13 14:22 - 2017-09-05 07:18 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-09-13 14:22 - 2017-09-05 07:18 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-09-13 14:22 - 2017-09-05 07:18 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-09-13 14:22 - 2017-09-05 07:18 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2017-09-13 14:22 - 2017-09-05 07:18 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-09-13 14:22 - 2017-09-05 07:18 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-09-13 14:22 - 2017-09-05 07:18 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-09-13 14:22 - 2017-09-05 07:18 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-09-13 14:22 - 2017-09-05 07:18 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-09-13 14:22 - 2017-09-05 07:18 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-09-13 14:22 - 2017-09-05 07:18 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-09-13 14:22 - 2017-09-05 07:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-09-13 14:22 - 2017-09-05 07:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-09-13 14:22 - 2017-09-05 07:18 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-09-13 14:22 - 2017-09-05 07:18 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-09-13 14:22 - 2017-09-05 07:18 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-09-13 14:22 - 2017-09-05 07:17 - 008207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-09-13 14:22 - 2017-09-05 07:17 - 002765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-13 14:22 - 2017-09-05 07:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-09-13 14:22 - 2017-09-05 07:17 - 001397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-09-13 14:22 - 2017-09-05 07:17 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-09-13 14:22 - 2017-09-05 07:16 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-09-13 14:22 - 2017-09-05 07:16 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-09-13 14:22 - 2017-09-05 07:16 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-09-13 14:22 - 2017-09-05 07:16 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-09-13 14:22 - 2017-09-05 07:16 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-09-13 14:22 - 2017-09-05 07:15 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-09-13 14:22 - 2017-09-05 07:15 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-13 14:22 - 2017-09-05 07:15 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-09-13 14:22 - 2017-09-05 07:15 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-09-13 14:22 - 2017-09-05 07:15 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-09-13 14:22 - 2017-09-05 07:15 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-09-13 14:22 - 2017-09-05 07:15 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-09-13 14:22 - 2017-09-05 07:15 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-09-13 14:22 - 2017-09-05 07:15 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-09-13 14:22 - 2017-09-05 07:15 - 001143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-09-13 14:22 - 2017-09-05 07:15 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-09-13 14:22 - 2017-09-05 07:15 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-09-13 14:22 - 2017-09-05 07:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-09-13 14:22 - 2017-09-05 07:15 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-09-13 14:22 - 2017-09-05 07:14 - 011887104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-09-13 14:22 - 2017-09-05 07:14 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-09-13 14:22 - 2017-09-05 07:14 - 002445824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-09-13 14:22 - 2017-09-05 07:14 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-09-13 14:22 - 2017-09-05 07:14 - 002006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-09-13 14:22 - 2017-09-05 07:14 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-09-13 14:22 - 2017-09-05 07:14 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-09-13 14:22 - 2017-09-05 07:14 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-09-13 14:22 - 2017-09-05 07:14 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-09-13 14:22 - 2017-09-05 07:14 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-09-13 14:22 - 2017-09-05 07:13 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-09-13 14:22 - 2017-09-05 07:13 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-09-13 14:22 - 2017-09-05 07:13 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-09-13 14:22 - 2017-09-05 07:12 - 006265856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-09-13 14:22 - 2017-09-05 07:12 - 002153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-09-13 14:22 - 2017-09-05 07:11 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-09-13 14:22 - 2017-09-05 07:11 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-09-13 14:22 - 2017-09-05 07:11 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-09-13 14:22 - 2017-09-05 07:09 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2017-09-13 14:22 - 2017-09-05 07:07 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-09-13 14:22 - 2017-09-05 07:07 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-09-13 14:22 - 2017-09-05 07:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-09-13 14:22 - 2017-09-01 08:55 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-09-09 22:39 - 2017-09-09 22:39 - 000000000 ____D C:\Users\Aiya\Documents\FeedbackHub
2017-09-09 12:28 - 2017-09-09 12:28 - 000008556 _____ C:\Users\Aiya\Desktop\Free Minecraft.vbs

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-09 18:23 - 2016-04-24 21:25 - 000000000 _____ C:\WINDOWS\system32\RzSurroundVADAudioDeviceManager_log.txt
2017-10-09 18:19 - 2014-03-16 23:44 - 000000000 ____D C:\Users\Aiya\AppData\Roaming\Skype
2017-10-09 18:11 - 2014-07-04 09:14 - 000000000 ____D C:\Program Files (x86)\Cheat Engine 6.4
2017-10-09 18:11 - 2014-05-26 08:37 - 000000000 ____D C:\Users\aya\AppData\Local\VNT
2017-10-09 18:11 - 2014-05-25 23:11 - 000000000 ____D C:\Users\shira\AppData\Local\VNT
2017-10-09 18:11 - 2014-05-04 18:39 - 000000000 ____D C:\Users\Aiya\AppData\Local\VNT
2017-10-09 17:54 - 2016-01-18 21:45 - 000000000 ____D C:\Users\Aiya\AppData\Roaming\Browsers
2017-10-09 17:41 - 2017-05-13 03:39 - 000000000 ____D C:\Users\Aiya
2017-10-09 17:41 - 2014-07-08 17:32 - 000000000 ____D C:\Program Files (x86)\Movies Toolbar
2017-10-09 17:40 - 2017-03-19 00:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-10-09 17:40 - 2014-08-07 18:48 - 000000000 ____D C:\Program Files (x86)\globalUpdate
2017-10-09 17:40 - 2014-05-04 18:39 - 000000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2017-10-09 17:39 - 2017-03-19 00:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-09 17:39 - 2014-05-04 18:39 - 000000000 ____D C:\ProgramData\APN
2017-10-09 17:33 - 2017-06-03 13:21 - 000000000 ____D C:\Program Files (x86)\Steam
2017-10-09 17:06 - 2015-12-20 21:22 - 000000000 ____D C:\Users\Aiya\Desktop\עומר עבודות
2017-10-09 16:51 - 2017-05-13 03:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-10-09 16:31 - 2016-05-27 14:03 - 000000000 ____D C:\Users\Aiya\Downloads\PopcornTime
2017-10-09 15:34 - 2014-08-03 00:20 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-10-09 12:32 - 2014-03-16 22:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-10-09 12:25 - 2016-09-22 04:01 - 000000000 ____D C:\ProgramData\NVIDIA
2017-10-09 10:51 - 2014-05-02 19:58 - 000000000 ____D C:\Users\Aiya\AppData\Local\CrashDumps
2017-10-09 10:45 - 2014-08-05 11:40 - 000000000 ____D C:\Users\Aiya\AppData\Local\Adobe
2017-10-09 10:43 - 2017-05-13 06:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-09 10:43 - 2017-03-18 14:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-10-09 10:43 - 2015-02-26 17:57 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-10-09 01:47 - 2017-09-03 22:36 - 000004034 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2017-10-08 19:07 - 2017-05-13 06:19 - 000004144 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0EB24A9E-06EF-420B-9A6B-4E47F34C5F43}
2017-10-08 18:26 - 2017-05-13 05:17 - 001051358 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-08 18:26 - 2015-10-30 21:10 - 001340170 _____ C:\WINDOWS\system32\perfh00D.dat
2017-10-08 18:26 - 2015-10-30 21:10 - 000367180 _____ C:\WINDOWS\system32\perfc00D.dat
2017-10-08 18:21 - 2014-03-16 22:45 - 000000000 ____D C:\Program Files (x86)\McAfee
2017-10-08 18:20 - 2016-07-08 04:51 - 000000344 _____ C:\WINDOWS\Tasks\HPCeeScheduleForOmer.job
2017-10-08 18:08 - 2017-01-04 01:25 - 000000000 ____D C:\Users\Aiya\AppData\Local\tkdata
2017-10-08 18:05 - 2017-03-19 00:01 - 000000000 ____D C:\WINDOWS\INF
2017-10-07 22:35 - 2017-05-13 06:19 - 000003232 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForOmer
2017-10-07 18:07 - 2014-03-16 22:37 - 000000000 ____D C:\Program Files\Common Files\McAfee
2017-10-07 11:57 - 2014-03-16 23:36 - 000000000 ____D C:\ProgramData\Skype
2017-10-07 11:53 - 2015-08-04 14:09 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-06 17:51 - 2017-03-19 00:03 - 000000000 ____D C:\WINDOWS\rescache
2017-10-06 17:21 - 2017-05-13 03:33 - 005073720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-10-06 17:18 - 2017-03-20 07:20 - 000000000 ____D C:\WINDOWS\system32\he
2017-10-06 17:18 - 2017-03-19 00:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-10-06 17:18 - 2017-03-19 00:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-10-06 17:18 - 2017-03-19 00:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-10-06 17:18 - 2017-03-19 00:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-10-06 17:18 - 2017-03-19 00:03 - 000000000 ____D C:\WINDOWS\system32\setup
2017-10-06 17:18 - 2017-03-19 00:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-10-06 17:18 - 2017-03-19 00:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-10-06 17:18 - 2017-03-19 00:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-10-06 04:50 - 2017-06-12 18:03 - 000003446 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)
2017-10-01 03:58 - 2017-03-18 23:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-09-29 13:38 - 2017-07-13 17:00 - 000000000 ____D C:\Users\Aiya\AppData\Local\Battle.net
2017-09-29 13:08 - 2017-07-13 17:00 - 000000000 ____D C:\Program Files (x86)\Blizzard App
2017-09-28 00:13 - 2017-02-08 10:45 - 000002009 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2017-09-28 00:13 - 2017-01-04 01:50 - 000000000 ____D C:\Program Files\McAfee Security Scan
2017-09-27 00:25 - 2016-10-25 20:38 - 000002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-22 03:36 - 2016-04-01 19:34 - 000000000 ____D C:\Users\Aiya\AppData\Local\Akamai
2017-09-20 14:58 - 2015-08-04 14:14 - 000000000 ____D C:\Users\Aiya\AppData\Local\Publishers
2017-09-15 21:08 - 2015-07-30 14:08 - 000000000 ____D C:\Users\Aiya\AppData\Roaming\Kodi
2017-09-15 16:01 - 2017-07-24 17:57 - 000003356 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3482594340-428826731-879083492-1000
2017-09-15 16:01 - 2015-08-04 14:17 - 000002357 _____ C:\Users\Aiya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-15 16:01 - 2014-06-14 22:18 - 000000000 ___RD C:\Users\Aiya\OneDrive
2017-09-13 14:39 - 2014-03-17 04:19 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-09-13 14:33 - 2014-03-17 04:19 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-13 14:27 - 2009-07-14 05:34 - 000000478 _____ C:\WINDOWS\win.ini
2017-09-13 06:51 - 2017-05-13 06:19 - 000004534 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-09-13 06:51 - 2017-03-19 00:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-09-13 06:51 - 2017-03-19 00:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-09-12 23:19 - 2017-03-19 00:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-09-09 12:00 - 2014-08-04 23:43 - 000000000 ____D C:\Users\Aiya\Documents\Snagit

==================== Files in the root of some directories =======

2014-04-12 01:09 - 2014-04-12 01:10 - 000000318 _____ () C:\Users\Aiya\AppData\Roaming\aps.uninstall.scan.results
2014-11-20 20:47 - 2014-11-20 21:02 - 000000942 _____ () C:\Users\Aiya\AppData\Roaming\LiveSupport.exe_log.txt
2014-11-20 20:47 - 2014-11-20 21:02 - 000000092 _____ () C:\Users\Aiya\AppData\Roaming\regsvr32.exe_log.txt
2015-04-24 14:17 - 2015-04-24 14:20 - 000000600 _____ () C:\Users\Aiya\AppData\Roaming\winscp.rnd
2017-07-30 11:22 - 2017-07-30 11:24 - 000004608 _____ () C:\Users\Aiya\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-05-13 03:37 - 2017-05-13 03:37 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2014-03-16 23:35 - 2016-09-10 16:52 - 000003127 _____ () C:\ProgramData\hpzinstall.log
2014-11-21 20:04 - 2014-11-21 20:04 - 000005015 _____ () C:\ProgramData\wmzddnmb.cix

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-10-01 18:37

==================== End of FRST.txt ============================

 

Addition.txt attached.

Thanks.

Addition.txt

Link to post
Share on other sites

Thanks for those logs, continue with the following:

Uninstall the following if still present:

DownLite
GoPhoto.it
GoSave
Image Toolbar beta
Torntv
wisen wizard
YoutubeAdBlocke

Next,

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file"
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

Please open Malwarebytes Anti-Malware.
 
  • On the Settings tab > Protection Scroll to and make sure the following are selected:
    Scan for Rootkite
    Scan within Archives
     
  • Scroll further to Potential Threat Protection make sure the following are set as follows:
    Potentially Unwanted Programs (PUP`s) set as :- Always detect PUP`s (recommended)
    Potentially Unwanted Modifications (PUM`s) set as :- Alwaysdetect PUM`s (recommended)
     
  • Click on the Scan make sure Threat Scan is selected,
  • A Threat Scan will begin.
  • With some infections, you may or may not see this message box.
    'Could not load DDA driver'
     
  • Click 'Yes' to this message, to allow the driver to load after a restart.
  • Allow the computer to restart. Continue with the rest of these instructions.
  • When the scan is complete if anything is found make sure that the first checkbox at the top is checked (that will automatically check all detected items), then click on the Quarantine Selected Tab
  • If asked to restart your computer to complete the removal, please do so
  • When complete click on Export Summary after deletion (bottom-left corner) and select Copy to Clipboard.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more to retrieve the log.


To get the log from Malwarebytes do the following:
 
  • Click on the Reports tab > from main interface.
  • Double click on the Scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have two options:
    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply

     
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…


Next,

Download AdwCleaner by Malwarebytes onto your Desktop.

Or from this Mirror
 
  • Right-click on AdwCleaner.exe and select user posted imageRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean button. This will kill all the active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply


Next,

Download Microsoft's " Malicious Software Removal Tool" and save direct to the desktop

Ensure to get the correct version for your system....

32 Bit version:
https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

64 Bit version:
https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en

Right click on the Tool, select “Run as Administrator” the tool will expand to the options Window
In the "Scan Type" window, select Quick Scan
Perform a scan and Click Finish when the scan is done.

Retrieve the MSRT log as follows, and post it in your next reply:

1) Select the Windows key and R key together to open the "Run" function
2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:

notepad c:\windows\debug\mrt.log

The log will include log details for each time MSRT has run, we only need the most recent log by date and time....

Let me see those logs, also tell me if there are any remaining issues or concerns...

Thank you,

Kevin.

fixlist.txt

Link to post
Share on other sites

Ok, I done the steps. I still dont know if I should delete all the 12,190 threats from my first scan, should I delete them?

Here is the malewarebytes log:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 10/9/17
Scan Time: 8:30 PM
Log File: 9a1b26a8-ad17-11e7-9b83-e03f491ba4ce.json
Administrator: Yes

-Software Information-
Version: 3.2.2.2029
Components Version: 1.0.212
Update Package Version: 1.0.2982
License: Trial

-System Information-
OS: Windows 10 (Build 15063.608)
CPU: x64
File System: NTFS
User: AIYA-PC\Omer

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 742236
Threats Detected: 16
Threats Quarantined: 16
Time Elapsed: 1 hr, 47 min, 57 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 2
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe, Quarantined, [9203], [175065],1.0.2982
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe, Quarantined, [9203], [175065],1.0.2982

Module: 2
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe, Quarantined, [9203], [175065],1.0.2982
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe, Quarantined, [9203], [175065],1.0.2982

Registry Key: 1
PUP.Optional.APNToolBar.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\APNMCP, Delete-on-Reboot, [9203], [175065],1.0.2982

Registry Value: 1
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ApnTBMon, Delete-on-Reboot, [9203], [175065],1.0.2982

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 4
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater, Delete-on-Reboot, [9203], [175065],1.0.2982
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar, Delete-on-Reboot, [9203], [175065],1.0.2982
PUP.Optional.APNToolBar.Gen, C:\PROGRAM FILES (X86)\ASKPARTNERNETWORK, Delete-on-Reboot, [9203], [175065],1.0.2982
Adware.LoadBlanks.ShrtCln, C:\USERS\AIYA\APPDATA\ROAMING\BROWSERS, Delete-on-Reboot, [8375], [402793],1.0.2982

File: 6
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe, Delete-on-Reboot, [9203], [175065],1.0.2982
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe, Delete-on-Reboot, [9203], [175065],1.0.2982
Adware.LoadBlanks.ShrtCln, C:\USERS\AIYA\APPDATA\ROAMING\BROWSERS\chrome.bat.exe, Delete-on-Reboot, [8375], [402793],1.0.2982
Adware.LoadBlanks.ShrtCln, C:\Users\Aiya\AppData\Roaming\Browsers\iexplore.bat.exe, Delete-on-Reboot, [8375], [402793],1.0.2982
Generic.Malware/Suspicious, C:\USERS\AIYA\DESKTOP\BOSSDAMAJOR\BOSSDAMAJOR REMOVE.ZIP, Delete-on-Reboot, [0], [392686],1.0.2982
Generic.Malware/Suspicious, C:\USERS\AIYA\DESKTOP\BOSSDAMAJOR\BOSSDAMAJOR.RAR, Delete-on-Reboot, [0], [392686],1.0.2982

Physical Sector: 0
(No malicious items detected)


(end)

Here is the Adwcleaner:

# AdwCleaner 7.0.3.1 - Logfile created on Mon Oct 09 19:44:35 2017
# Updated on 2017/29/09 by Malwarebytes 
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

Deleted: BackupStack
Deleted: Update service
Deleted: APNMCP


***** [ Folders ] *****

Deleted: C:\Users\Aiya\AppData\Roaming\\browsers
Deleted: C:\Program Files (x86)\globalUpdate
Deleted: C:\Users\Aiya\AppData\Local\globalUpdate
Deleted: C:\Program Files (x86)\DeltaFix
Deleted: C:\Program Files (x86)\SpeedItup Free
Deleted: C:\Program Files (x86)\movies toolbar
Deleted: C:\Program Files (x86)\TrimInstance
Deleted: C:\Program Files (x86)\Prompt Downloader
Deleted: C:\Users\Aiya\AppData\Local\Prompt Downloader
Deleted: C:\Program Files (x86)\YouTube Accelerator
Deleted: C:\ProgramData\TXQMPC
Deleted: C:\Users\All Users\TXQMPC
Deleted: C:\Users\Aiya\AppData\Roaming\337Games
Deleted: C:\ProgramData\iWin
Deleted: C:\Users\All Users\iWin
Deleted: C:\Users\Aiya\AppData\Local\NativeMessaging
Deleted: C:\Users\Aiya\AppData\Local\VNT
Deleted: C:\Users\aya\AppData\Local\VNT
Deleted: C:\Users\shira\AppData\Local\VNT
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plants Vs Zombies
Deleted: C:\Program Files (x86)\Plants Vs Zombies
Deleted: C:\Users\Aiya\Downloads\Plants Vs Zombies
Deleted: C:\Users\Aiya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plants Vs Zombies
Deleted: C:\Users\Aiya\Desktop\Plants Vs Zombies
Deleted: C:\Program Files (x86)\Movies Toolbar
Deleted: C:\ProgramData\Tencent
Deleted: C:\ProgramData\Application Data\Tencent
Deleted: C:\Program Files\Common Files\Tencent
Deleted: C:\Program Files (x86)\Tencent
Deleted: C:\Program Files (x86)\Common Files\Tencent
Deleted: C:\Users\Aiya\AppData\Local\VirtualStore\ProgramData\Application Data\Tencent
Deleted: C:\Users\Aiya\AppData\Roaming\Tencent
Deleted: C:\Users\Aiya\AppData\Local\VirtualStore\Program Files (x86)\Tencent
Deleted: C:\Users\All Users\Tencent
Deleted: C:\Program Files (x86)\AskPartnerNetwork
Deleted: C:\Users\Aiya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Deleted: C:\ProgramData\apn
Deleted: C:\Users\Aiya\AppData\Local\Temp\apn
Deleted: C:\Users\All Users\apn
Deleted: C:\Users\Aiya\AppData\LocalLow\Goobzo


***** [ Files ] *****

Deleted: C:\Users\Aiya\AppData\Roaming\aps.uninstall.scan.results
Deleted: C:\Users\Aiya\AppData\Roaming\LiveSupport.exe_log.txt
Deleted: C:\Windows\SysNative\log\iSafeKrnlCall.log
Deleted: C:\Users\Aiya\AppData\Roaming\regsvr32.exe_log.txt


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: Windows Updater
Deleted: Oxy
Deleted: windows updater


***** [ Registry ] *****

Deleted: [Key] - HKU\.DEFAULT\Software\Elex-tech
Deleted: [Key] - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055349\Software\Elex-tech
Deleted: [Key] - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119279\Software\Elex-tech
Deleted: [Key] - HKU\S-1-5-18\Software\Elex-tech
Deleted: [Key] - HKLM\SOFTWARE\winzipersvc
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\DownLite
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055569\Software\DownLite
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119807\Software\DownLite
Deleted: [Key] - HKCU\Software\DownLite
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Deleted: [Key] - HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Deleted: [Key] - HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055569\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119807\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Deleted: [Key] - HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\Escolade
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055569\Software\Escolade
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119807\Software\Escolade
Deleted: [Key] - HKCU\Software\Escolade
Deleted: [Key] - HKLM\SOFTWARE\GlobalUpdate
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\GlobalUpdate
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055569\Software\GlobalUpdate
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119807\Software\GlobalUpdate
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203056171\Software\GlobalUpdate
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203121876\Software\GlobalUpdate
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203056323\Software\GlobalUpdate
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203122741\Software\GlobalUpdate
Deleted: [Key] - HKCU\Software\GlobalUpdate
Deleted: [Key] - HKLM\SOFTWARE\hdcode
Deleted: [Key] - HKLM\SOFTWARE\IePlugin
Deleted: [Key] - HKLM\SOFTWARE\InstalledBrowserExtensions
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\InstalledBrowserExtensions
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055569\Software\InstalledBrowserExtensions
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119807\Software\InstalledBrowserExtensions
Deleted: [Key] - HKCU\Software\InstalledBrowserExtensions
Deleted: [Key] - HKLM\SOFTWARE\V9
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\V9
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055569\Software\V9
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119807\Software\V9
Deleted: [Key] - HKCU\Software\V9
Deleted: [Key] - HKLM\SOFTWARE\Wpm
Deleted: [Key] - HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Deleted: [Key] - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055349\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Deleted: [Key] - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119279\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055569\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119807\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203056171\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203121876\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203056323\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203122741\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Deleted: [Key] - HKU\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Deleted: [Key] - HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B696F285-F54E-2524-58B1-E06A70ABE6BE}
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\Prompt Downloader
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055569\Software\Prompt Downloader
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119807\Software\Prompt Downloader
Deleted: [Key] - HKCU\Software\Prompt Downloader
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\VNT
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055569\Software\VNT
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119807\Software\VNT
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203056171\Software\VNT
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203121876\Software\VNT
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203056323\Software\VNT
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203122741\Software\VNT
Deleted: [Key] - HKCU\Software\VNT
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
Deleted: [Key] - HKLM\SOFTWARE\Classes\SOFTWARE\Classes\CLSID\{03AE1B7B-A9E7-4D5A-9D34-89999C31B659}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98FD652EB4839214E97B69DD8EEA1D29
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|ApnTBMon
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ApnTBMon
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing
Deleted: [Key] - HKLM\SOFTWARE\MozillaPlugins\@pandonetworks.com\PandoWebPlugin
Deleted: [Value] - HKCU\SOFTWARE\Classes\.crx\OpenWithProgids|UCHTML.AssocFile.CRX
Deleted: [Value] - HKCU\SOFTWARE\Classes\.htm\OpenWithProgids|UCHTML.AssocFile.HTM
Deleted: [Value] - HKCU\SOFTWARE\Classes\.html\OpenWithProgids|UCHTML.AssocFile.HTML
Deleted: [Value] - HKCU\SOFTWARE\Classes\.mht\OpenWithProgids|UCHTML.AssocFile.MHT
Deleted: [Value] - HKCU\SOFTWARE\Classes\.shtm\OpenWithProgids|UCHTML.AssocFile.SHTM
Deleted: [Value] - HKCU\SOFTWARE\Classes\.shtml\OpenWithProgids|UCHTML.AssocFile.SHTML
Deleted: [Value] - HKCU\SOFTWARE\Classes\.webp\OpenWithProgids|UCHTML.AssocFile.WEBP
Deleted: [Value] - HKCU\SOFTWARE\Classes\.xht\OpenWithProgids|UCHTML.AssocFile.XHT
Deleted: [Value] - HKCU\SOFTWARE\Classes\.xhtml\OpenWithProgids|UCHTML.AssocFile.XHTML
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\Conduit
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055569\Software\Conduit
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119807\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit
Deleted: [Key] - HKLM\SOFTWARE\SafetyNut
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\win
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055569\Software\win
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119807\Software\win
Deleted: [Key] - HKCU\Software\win
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCFCC2EC-3F33-45A8-8ADF-A6C81F11232F}
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\Softonic
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055569\Software\Softonic
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119807\Software\Softonic
Deleted: [Key] - HKCU\Software\Softonic
Deleted: [Key] - HKLM\SOFTWARE\Sense
Deleted: [Key] - HKLM\SOFTWARE\Goobzo
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Ge-Force
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{80B3B43F-7508-4627-BE66-00FB9AE5EE72}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{5A83D7C9-4A14-4000-BC05-389268238753}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{357D32FC-F0AE-4B37-B36F-D44AA31496F5}
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000\Software\SpeeditupFree
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203055569\Software\SpeeditupFree
Deleted: [Key] - HKU\S-1-5-21-3482594340-428826731-879083492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10092017203119807\Software\SpeeditupFree
Deleted: [Key] - HKCU\Software\SpeeditupFree


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [23135 B] - [2017/10/9 17:43:1]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

 

MSRT log:

 


Microsoft Windows Malicious Software Removal Tool v5.52, September 2017 (build 5.52.14201.0)
Started On Mon Oct 09 23:26:16 2017

Engine: 1.1.14104.0
Signatures: 1.251.334.0
Run Mode: Interactive Graphical Mode

Results Summary:
----------------
No infection found

 

Thanks.

Link to post
Share on other sites

Little edit to the last reply:

My pc is working fine now, I had alot of viruses probably. Can I be sure that it safe to buy things and use personal information on this pc and no one will steal it. I mean there is a chance that I have a file that stealing information from my PC?

And one more thing, by all the files and logs I sent you, do you think my PC is well protected now or I need to do more things?

Im doing right now one more scan in malewarebytes and Its not done yet but its already on 280 Threats and its been only 3:40 Minutes and 270,000 files. From where all this threats are coming from?? I downloaded just few files since we did all that scans and all the files I downloaded are trusted.

Thanks

Link to post
Share on other sites

You have McAfee full package, probably worth also upgrading Malwarebytes from trial to Premium. Also install unchecky, that will help stop piggybacked extras that come bundled with many freeware packages...

Unchecky --> http://unchecky.com/

As you currently have Malwarebytes scanning again and it has uncovered more malicious entries we need an indepth AV scan. Wait for Malwarebytes to finish, all entries in quarantine can be deleted..

Next,

Download Sophos Free Virus Removal Tool and save it to your desktop.

If your security alerts to this scan either accept the alert or turn off your security to allow Sophos to run and complete.....

Please Do Not use your PC whilst the scan is in progress.... This scan is very thorough so may take several hours...
 
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
  • If no threats were found please confirm that result....
The Virus Removal Tool scans the following areas of your computer:
  • Memory, including system memory on 32-bit (x86) versions of Windows
  • The Windows registry
  • All local hard drives, fixed and removable
  • Mapped network drives are not scanned.



Note: If threats are found in the computer memory, the scan stops. This is because further scanning could enable the threat to spread. You will be asked to click Start Cleanup to remove the threats before continuing the scan.
 

Post new log from Malwarebytes, also log from Sophos AV, also give an update on any remaining issues or concerns..

Thank you,

Kevin...

 

Link to post
Share on other sites

My new malwarebytes log: 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 10/13/17
Scan Time: 3:01 PM
Log File: 3b6c7b08-b00e-11e7-9a1a-e03f491ba4ce.json
Administrator: Yes

-Software Information-
Version: 3.2.2.2029
Components Version: 1.0.212
Update Package Version: 1.0.3005
License: Trial

-System Information-
OS: Windows 10 (Build 15063.674)
CPU: x64
File System: NTFS
User: AIYA-PC\Omer

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 723063
Threats Detected: 279
Threats Quarantined: 279
Time Elapsed: 1 hr, 19 min, 30 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 3
PUP.Optional.Bandoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\imeshvuzebandooCR, Quarantined, [989], [445716],1.0.3005
Adware.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{06B99631-BFA2-3B7A-F58B-D067C2BA59B7}, Quarantined, [371], [445719],1.0.3005
Adware.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507}, Quarantined, [371], [445717],1.0.3005

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 49
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\manipulation\var, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\traversing\var, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\manipulation, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\sizzle\dist, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\traversing, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\attributes, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\fonts, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\test-infra, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\ajax\var, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\data\var, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\core\var, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\css, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\exports, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\effects, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css\var, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\sizzle, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\queue, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\event, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\grunt, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\fonts, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\ajax, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\core, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\data, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\dist, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\underscore, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\backbone, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\config\skin\images\logo, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\config\skin\images, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\templates, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\config\skin, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\_locales\en, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\_metadata, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\_locales, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\config, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\images, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\styles, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\USERS\AIYA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 3\EXTENSIONS\panpiecllaicaafneoofcmdgmbcihhnd, Quarantined, [525], [445701],1.0.3005

File: 227
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\backbone\backbone.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\backbone\bower.json, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\backbone\CNAME, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\backbone\component.json, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\backbone\CONTRIBUTING.md, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\backbone\index.html, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\backbone\index.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\backbone\LICENSE, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\backbone\package.json, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\backbone\README.md, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\css\bootstrap-theme.css, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\css\bootstrap-theme.css.map, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\css\bootstrap-theme.min.css, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\css\bootstrap.css, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\css\bootstrap.css.map, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\css\bootstrap.min.css, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\fonts\glyphicons-halflings-regular.eot, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\fonts\glyphicons-halflings-regular.svg, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\fonts\glyphicons-halflings-regular.ttf, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\fonts\glyphicons-halflings-regular.woff, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\js\bootstrap.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\dist\js\bootstrap.min.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\fonts\glyphicons-halflings-regular.eot, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\fonts\glyphicons-halflings-regular.svg, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\fonts\glyphicons-halflings-regular.ttf, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\fonts\glyphicons-halflings-regular.woff, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\grunt\bs-glyphicons-data-generator.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\grunt\bs-lessdoc-parser.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\grunt\bs-raw-files-generator.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\grunt\shrinkwrap.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\js\affix.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\js\alert.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\js\button.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\js\carousel.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\js\collapse.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\js\dropdown.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\js\modal.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\js\popover.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\js\scrollspy.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\js\tab.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\js\tooltip.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\js\transition.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\alerts.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\badges.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\bootstrap.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\breadcrumbs.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\button-groups.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\buttons.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\carousel.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\close.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\code.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\component-animations.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\dropdowns.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\forms.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\glyphicons.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\grid.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\input-groups.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\jumbotron.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\labels.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\list-group.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\media.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\mixins.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\modals.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\navbar.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\navs.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\normalize.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\pager.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\pagination.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\panels.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\popovers.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\print.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\progress-bars.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\responsive-utilities.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\scaffolding.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\tables.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\theme.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\thumbnails.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\tooltip.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\type.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\utilities.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\variables.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\less\wells.less, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\test-infra\npm-shrinkwrap.canonical.json, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\test-infra\README.md, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\test-infra\requirements.txt, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\test-infra\s3_cache.py, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\test-infra\sauce_browsers.yml, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\test-infra\uncached-npm-install.sh, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\bower.json, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\Gruntfile.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\LICENSE, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\package.json, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\bootstrap\README.md, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\dist\jquery.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\dist\jquery.min.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\dist\jquery.min.map, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\ajax\var\nonce.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\ajax\var\rquery.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\ajax\jsonp.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\ajax\load.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\ajax\parseJSON.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\ajax\parseXML.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\ajax\script.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\ajax\xhr.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\attributes\attr.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\attributes\classes.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\attributes\prop.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\attributes\support.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\attributes\val.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\core\var\rsingleTag.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\core\access.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\core\init.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\core\parseHTML.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\core\ready.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css\var\cssExpand.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css\var\getStyles.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css\var\isHidden.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css\var\rmargin.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css\var\rnumnonpx.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css\addGetHookIf.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css\curCSS.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css\defaultDisplay.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css\hiddenVisibleSelectors.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css\support.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css\swap.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\data\var\data_priv.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\data\var\data_user.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\data\accepts.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\data\Data.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\effects\animatedSelector.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\effects\Tween.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\event\alias.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\event\support.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\exports\amd.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\exports\global.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\manipulation\var\rcheckableType.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\manipulation\support.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\manipulation\_evalUrl.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\queue\delay.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\sizzle\dist\sizzle.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\sizzle\dist\sizzle.min.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\sizzle\dist\sizzle.min.map, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\traversing\var\rneedsContext.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\traversing\findFilter.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var\arr.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var\class2type.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var\concat.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var\hasOwn.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var\indexOf.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var\pnum.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var\push.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var\rnotwhite.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var\slice.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var\strundefined.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var\support.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var\toString.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\var\trim.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\ajax.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\attributes.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\callbacks.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\core.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\css.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\data.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\deferred.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\deprecated.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\dimensions.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\effects.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\event.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\intro.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\jquery.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\manipulation.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\offset.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\outro.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\queue.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\selector-native.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\selector-sizzle.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\selector.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\serialize.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\traversing.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\src\wrap.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\bower.json, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\jquery\MIT-LICENSE.txt, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\underscore\bower.json, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\underscore\component.json, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\underscore\LICENSE, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\underscore\package.json, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\underscore\README.md, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\bower_components\underscore\underscore.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\config\skin\images\logo\logo_128x.png, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\config\skin\images\logo\logo_16x.png, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\config\skin\images\logo\logo_19x.png, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\config\skin\images\logo\logo_38x.png, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\config\skin\images\logo\logo_48x.png, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\config\build.json, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\images\bundle_download.png, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\images\bundle_icon.png, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\images\icon128.png, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\images\icon16.png, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\images\icon19.png, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\images\icon38.png, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\images\icon48.png, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\images\search_icon.png, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\images\title_image.png, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\templates\BundleRow.ejs, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\apnAPI.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\background.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\base64.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\constants.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\guid.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\options.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\pings.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\popup.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\premium_bundles_historical.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\settings.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\templates.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\scripts\vendor.js, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\styles\main.css, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\styles\popup.css, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\_locales\en\messages.json, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\_metadata\verified_contents.json, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\icon.png, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\manifest.json, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\options.html, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\popup.html, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\settings.html, Quarantined, [525], [445701],1.0.3005
PUP.Optional.ASK, C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\panpiecllaicaafneoofcmdgmbcihhnd\101.14_0\vendor.css, Quarantined, [525], [445701],1.0.3005
Adware.MultiPlug, C:\PROGRAMDATA\NTUSER.POL, Quarantined, [371], [-1],0.0.0

Physical Sector: 0
(No malicious items detected)


(end)

 

 

My sophos log (before restart):

2017-10-13 22:11:13.430    Sophos Virus Removal Tool version 2.6.1
2017-10-13 22:11:13.430    Copyright (c) 2009-2017 Sophos Limited. All rights reserved.

2017-10-13 22:11:13.431    This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-10-13 22:11:13.431    Windows version 6.2 SP 0.0  build 9200 SM=0x300 PT=0x1 WOW64
2017-10-13 22:11:13.431    Checking for updates...
2017-10-13 22:11:13.575    Update progress: proxy server not available
2017-10-13 22:11:25.671    Option all = no
2017-10-13 22:11:25.671    Option recurse = yes
2017-10-13 22:11:25.741    Option archive = no
2017-10-13 22:11:25.741    Option service = yes
2017-10-13 22:11:25.741    Option confirm = yes
2017-10-13 22:11:25.741    Option sxl = yes
2017-10-13 22:11:25.741    Option max-data-age = 35
2017-10-13 22:11:25.741    Option vdl-logging = yes
2017-10-13 22:11:25.748    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2017-10-13 22:11:25.748    Machine ID:    07e0d09441444e83b70e566b20603749
2017-10-13 22:11:25.749    Component SVRTcli.exe version 2.6.1
2017-10-13 22:11:25.749    Component control.dll version 2.6.1
2017-10-13 22:11:25.749    Component SVRTservice.exe version 2.6.1
2017-10-13 22:11:25.749    Component engine\osdp.dll version 1.44.1.2286
2017-10-13 22:11:25.749    Component engine\veex.dll version 3.68.6.2286
2017-10-13 22:11:25.750    Component engine\savi.dll version 9.0.7.2286
2017-10-13 22:11:25.750    Component rkdisk.dll version 1.5.31.1
2017-10-13 22:11:25.750    Version info:    Product version    2.6.1
2017-10-13 22:11:25.750    Version info:    Detection engine    3.68.6
2017-10-13 22:11:25.750    Version info:    Detection data    5.44
2017-10-13 22:11:25.750    Version info:    Build date    19/09/2017
2017-10-13 22:11:25.750    Version info:    Data files added    236
2017-10-13 22:11:25.750    Version info:    Last successful update    (not yet updated)
2017-10-13 22:11:47.314    Downloading updates...
2017-10-13 22:11:47.316    Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2017-10-13 22:11:47.316    Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-10-13 22:11:47.316    Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-10-13 22:11:47.316    Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2017-10-13 22:11:47.316    Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2017-10-13 22:11:47.316    Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2017-10-13 22:11:47.316    Update progress: [I49502] sdds.data0910.xml: found supplement IDE545 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2017-10-13 22:11:47.317    Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE545 LATEST path=
2017-10-13 22:11:47.317    Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE545 LATEST path=
2017-10-13 22:11:47.317    Update progress: [I49502] sdds.data0910.xml: found supplement IDE546 LATEST path= baseVersion= [included from product IDE545 LATEST path=]
2017-10-13 22:11:47.317    Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE546 LATEST path=
2017-10-13 22:11:47.317    Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE546 LATEST path=
2017-10-13 22:11:47.317    Update progress: [I49502] sdds.data0910.xml: found supplement IDE547 LATEST path= baseVersion= [included from product IDE546 LATEST path=]
2017-10-13 22:11:47.317    Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE547 LATEST path=
2017-10-13 22:11:47.317    Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE547 LATEST path=
2017-10-13 22:11:47.317    Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-10-13 22:11:48.284    Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2017-10-13 22:11:48.284    Update progress: [I19463] Product download size 174235198 bytes
2017-10-13 22:12:00.158    Update progress: [I19463] Syncing product IDE545 LATEST path=
2017-10-13 22:12:00.158    Update progress: [I19463] Product download size 2585002 bytes
2017-10-13 22:12:03.135    Update progress: [I19463] Syncing product IDE546 LATEST path=
2017-10-13 22:12:03.135    Update progress: [I19463] Product download size 1652529 bytes
2017-10-13 22:12:05.176    Update progress: [I19463] Syncing product IDE547 LATEST path=
2017-10-13 22:12:05.471    Installing updates...
2017-10-13 22:12:06.077    Error level 1
2017-10-13 22:12:24.313    Update successful
2017-10-13 22:12:32.616    Option all = no
2017-10-13 22:12:32.616    Option recurse = yes
2017-10-13 22:12:32.616    Option archive = no
2017-10-13 22:12:32.616    Option service = yes
2017-10-13 22:12:32.616    Option confirm = yes
2017-10-13 22:12:32.616    Option sxl = yes
2017-10-13 22:12:32.617    Option max-data-age = 35
2017-10-13 22:12:32.617    Option vdl-logging = yes
2017-10-13 22:12:32.621    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2017-10-13 22:12:32.622    Machine ID:    07e0d09441444e83b70e566b20603749
2017-10-13 22:12:32.622    Component SVRTcli.exe version 2.6.1
2017-10-13 22:12:32.622    Component control.dll version 2.6.1
2017-10-13 22:12:32.623    Component SVRTservice.exe version 2.6.1
2017-10-13 22:12:32.623    Component engine\osdp.dll version 1.44.1.2286
2017-10-13 22:12:32.623    Component engine\veex.dll version 3.68.6.2286
2017-10-13 22:12:32.623    Component engine\savi.dll version 9.0.7.2286
2017-10-13 22:12:32.623    Component rkdisk.dll version 1.5.31.1
2017-10-13 22:12:32.623    Version info:    Product version    2.6.1
2017-10-13 22:12:32.624    Version info:    Detection engine    3.68.6
2017-10-13 22:12:32.624    Version info:    Detection data    5.44
2017-10-13 22:12:32.624    Version info:    Build date    19/09/2017
2017-10-13 22:12:32.624    Version info:    Data files added    237
2017-10-13 22:12:32.624    Version info:    Last successful update    14/10/2017 01:12:24

2017-10-13 23:01:17.262    Could not open C:\hiberfil.sys
2017-10-13 23:32:36.983    >>> Virus 'Mal/DrodZp-A' found in file C:\ProgramData\McAfee\VirusScan\Quarantine\quarantine\66294f74-367c-4165-9efc-83ba299ccae6.zip
2017-10-13 23:36:16.577    Could not open C:\swapfile.sys
2017-10-13 23:39:21.846    Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-10-13 23:39:21.847    Could not open C:\System Volume Information\{55f693e2-b038-11e7-9c89-e03f491ba4ce}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-10-13 23:39:21.847    Could not open C:\System Volume Information\{8db0dde9-ad3a-11e7-9c86-e03f491ba4ce}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-10-13 23:39:21.847    Could not open C:\System Volume Information\{c70e070b-af80-11e7-9c88-e03f491ba4ce}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-10-13 23:41:12.515    Could not open C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Current Session
2017-10-13 23:41:12.516    Could not open C:\Users\Aiya\AppData\Local\Google\Chrome\User Data\Profile 2\Current Tabs
2017-10-14 01:09:15.692    Could not open C:\Windows\System32\catroot2\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\catdb
2017-10-14 01:09:15.694    Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2017-10-14 01:09:22.224    Could not open C:\Windows\System32\config\BBI
2017-10-14 01:09:22.469    Could not open C:\Windows\System32\config\DRIVERS
2017-10-14 01:09:22.539    Could not open C:\Windows\System32\config\RegBack\DEFAULT
2017-10-14 01:09:22.567    Could not open C:\Windows\System32\config\RegBack\SAM
2017-10-14 01:09:22.572    Could not open C:\Windows\System32\config\RegBack\SECURITY
2017-10-14 01:09:22.581    Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2017-10-14 01:09:22.588    Could not open C:\Windows\System32\config\RegBack\SYSTEM
2017-10-14 01:22:13.135    Could not open C:\Windows\Temp\mcafee_LZlDsOFtUpj3iC3
2017-10-14 01:42:13.394    Could not open LOGICAL:0004:00000000
2017-10-14 01:42:13.399    Could not open E:\
2017-10-14 01:55:01.425    The following items will be cleaned up:
2017-10-14 01:55:01.425    Mal/DrodZp-A
2017-10-14 07:02:50.437    Threat 'Mal/DrodZp-A' needs a reboot to complete cleanup.
2017-10-14 07:02:50.438    File "C:\ProgramData\McAfee\VirusScan\Quarantine\quarantine\66294f74-367c-4165-9efc-83ba299ccae6.zip" belongs to malware 'Mal/DrodZp-A'.
2017-10-14 07:02:50.438    File "C:\ProgramData\McAfee\VirusScan\Quarantine\quarantine\66294f74-367c-4165-9efc-83ba299ccae6.zip" needs a reboot to complete cleanup.
2017-10-14 07:02:50.438    Threat will be removed on reboot.
2017-10-14 07:02:50.639    Installed boot task components.

2017-10-14 07:02:51.192    The computer must be restarted in order to complete the cleanup.
2017-10-14 07:02:51.192    Error level 5
2017-10-14 07:02:51.202    Cleanup on restart pending for Mal/DrodZp-A: DeleteFile "\\?\C:\ProgramData\McAfee\VirusScan\Quarantine\quarantine\66294f74-367c-4165-9efc-83ba299ccae6.zip"
 

 

So after the cleanup can I be sure that there is nothing that stealing any information? can I buy things online and my credit card details will not be stolen?

Thanks.

Link to post
Share on other sites

Before we clean up i`d recommend a clean install of your default browser Chrome, that is where Malwarebytes seems to be very busy.......

If your Chrome Bookmarks are important do this first:

Go to this link: http://www.wikihow.com/Export-Bookmarks-from-Chrome follow the instructions and Export your Bookmarks from Chrome, save to your Desktop or similar. Note the instructions can also be used to Import the bookmarks.....

Continue for a clean install:

Download Chrome installer and save to install later: https://www.google.com/intl/en_uk/chrome/browser/desktop/index.html https://www.google.com/intl/en_usa/chrome/browser/desktop/index.html

Remove all synced data from Chrome go here: https://support.google.com/chrome/answer/6386691?hl=en-GB follow those instructions... It is essntial that any/all synced data is removed when the browser is hijacked or exploited in anyway...

Uninstall Chrome: https://support.google.com/chrome/answer/95319?hl=en-GB follow those instructions, ensure the option to "Also delete your browsing data" is selected. <<--- Very important!!

Navigate to C:\Users\Your user name\Appdata\Local from that folder delete the folder named Google (you will need to show hidden files/folders to see the folder Appdata)

For XP that will be My Computer > C:\ Documents and Settings\Your User Name\Application Data\Roaming

How to show hidden files and folders for windows: http://www.howtogeek.com/howto/windows-vista/show-hidden-files-and-folders-in-windows-vista/

Install Google Chrome :

Install Adblock Plus to Chrome: https://chrome.google.com/webstore/detail/adblock-plus/cfhdojbkjhnklbpkdaibdccddilifddb

Install DrWeb Link Ant-virus Link Checker: https://chrome.google.com/webstore/detail/drweb-anti-virus-link-che/aleggpabliehgbeagmfhnodcijcmbonb?hl=en
 
Next,
 
Change all passwords that you use on your PC, specificall any with financial implications.... Use your PC, surf about, see how it responds. Let me know if there are any remaining issues or concerns......
 
Thank you,
 
Kevin....
Link to post
Share on other sites

Hi, this is the new log:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 10/14/17
Scan Time: 5:31 PM
Log File: 573ac13a-b0ec-11e7-9f75-e03f491ba4ce.json
Administrator: Yes

-Software Information-
Version: 3.2.2.2029
Components Version: 1.0.212
Update Package Version: 1.0.3010
License: Trial

-System Information-
OS: Windows 10 (Build 15063.674)
CPU: x64
File System: NTFS
User: AIYA-PC\Omer

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 724634
Threats Detected: 1
Threats Quarantined: 1
Time Elapsed: 1 hr, 2 min, 51 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 1
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Torntv V9.0, Quarantined, [220], [446031],1.0.3010

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)

 

It found only 1 threat, so now am I safe or I need to do more things before I will be totally safe.

Thanks.

Link to post
Share on other sites

You should be good to go, continue to clean up:

Uninstall Sophos AV http://www.askvg.com/how-to-completely-uninstall-remove-a-software-program-in-windows-without-using-3rd-party-software/

Next,

Download "Delfix by Xplode" and save it to your desktop.

Or use the following if first link is down:

"Delfix link mirror"

If your security program alerts to Delfix either, accept the alert or turn your security off.

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

Make Sure the following items are checked:

 
  • Remove disinfection tools <----- this will remove tools we may have used.
  • Purge System Restore <--- this will remove all previous and possibly exploited restore points, a new point relative to system status at present will be created.
  • Reset system settings <--- this will reset any system settings back to default that were changed either by us during cleansing or malware/infection


Now click on "Run" and wait patiently until the tool has completed.

The tool will create a log when it has completed. We don't need you to post this.

Any remnant files/logs from tools we have used can be deleted…

Next,

Read the following links to fully understand PC Security and Best Practices, you may find them useful....

Answers to Common Security Questions and best Practices

Do I need a Registry Cleaner?

Take care and surf safe

Kevin... user posted image
Link to post
Share on other sites

Glad we could help. :)If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.