GeekPolice Tech TutorialsLog in

 

Trojan.Multi.GenAutorunTask.a detected

Share

descriptionSolvedRe: Trojan.Multi.GenAutorunTask.a detected

more_horiz
Fix result of Farbar Recovery Scan Tool (x64) Version: 29-01-2017
Ran by Sheldon (02-02-2017 19:00:12) Run:1
Running from C:\Users\SheldonB\Desktop
Loaded Profiles: Sheldon & SheldonB (Available Profiles: Sheldon & SheldonB)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
SearchScopes: HKU\S-1-5-21-404982144-3513266834-2388539628-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
emptytemp:
CMD: ipconfig /flushdns
end
*****************

HKU\S-1-5-21-404982144-3513266834-2388539628-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10666762 B
Java, Flash, Steam htmlcache => 131770 B
Windows/system/drivers => 36071322 B
Edge => 3561691 B
Chrome => 0 B
Firefox => 178670875 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 5640876 B
NetworkService => 13812 B
Sheldon => 50462368 B
SheldonB => 104837269 B

RecycleBin => 0 B
EmptyTemp: => 372 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:00:17 ====

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 2/2/17
Scan Time: 7:04 PM
Logfile: mbam-feb2.txt
Administrator: No

-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.50
Update Package Version: 1.0.1163
License: Trial

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: DESKTOP-BAMJFKH\SheldonB

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 432785
Time Elapsed: 1 min, 6 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)

descriptionSolvedRe: Trojan.Multi.GenAutorunTask.a detected

more_horiz
Please run the Bitdefender QuickScan , and once done, press the View Report link. Post that log in your next reply.




Please launch Malwarebytes scanner which you have installed on your computer.

  • On the Dashboard, select Settings.
  • Click on Protection.
  • Ensure that Scan for rootkits is checked. If not, check it.
  • If you are notified the Database is out of date, click Update Now.
  • Click Scan now.
  • When completed, click the down arrow on Export Log and select Text file (*.txt).
  • Save the file to your desktop as MBAM.txt.
  • Click Apply Actions, then restart your computer, if requested.
  • Please copy and paste the contents of MBAM.txt into your next reply. Also, indicate if it was successful.

descriptionSolvedRe: Trojan.Multi.GenAutorunTask.a detected

more_horiz
Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 2/2/17
Scan Time: 7:04 PM
Logfile: mbam-feb2.txt
Administrator: No

-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.50
Update Package Version: 1.0.1163
License: Trial

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: DESKTOP-BAMJFKH\SheldonB

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 432785
Time Elapsed: 1 min, 6 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)

descriptionSolvedRe: Trojan.Multi.GenAutorunTask.a detected

more_horiz
Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 2/3/17
Scan Time: 7:45 AM
Logfile: mbam-rootkitscan.txt
Administrator: No

-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.50
Update Package Version: 1.0.1170
License: Trial

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: DESKTOP-BAMJFKH\SheldonB

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 434069
Time Elapsed: 2 min, 42 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)

It was successuful.

descriptionSolvedRe: Trojan.Multi.GenAutorunTask.a detected

more_horiz
QuickScan 32-bit v0.9.9.152
---------------------------
Scan date: Fri Feb 03 07:42:14 2017
Machine ID: A83F025F

C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll - upload failed
C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll - upload failed
C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll - upload failed


Failed to upload 3 file(s)! Please rescan.
------------------------------------------



Processes
---------
(unsigned) hpwuSchd Application 9288 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(verified) AiCharger Application 904 C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(verified) Firefox 3616 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(verified) Firefox 6592 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(verified) Firefox 2716 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
(verified) HPStatusAlerts 9332 C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(verified) Kaspersky Anti-Virus 6044 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avpui.exe
(verified) Kaspersky Anti-Virus 6732 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(verified) Malwarebytes Tray Application 7348 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(verified) Node.js 10148 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(verified) NVIDIA Container 4948 C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(verified) NVIDIA Share 3092 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(verified) NVIDIA Share 9520 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe


Network activity
----------------
Process firefox.exe (6592) connected on port 443 (HTTP over SSL) --> 52.40.13.190
Process firefox.exe (6592) connected on port 80 (HTTP) --> 72.21.91.29
Process firefox.exe (6592) connected on port 443 (HTTP over SSL) --> 54.192.48.171
Process firefox.exe (6592) connected on port 443 (HTTP over SSL) --> 52.37.201.150
Process firefox.exe (6592) connected on port 80 (HTTP) --> 66.235.153.37
Process firefox.exe (6592) connected on port 443 (HTTP over SSL) --> 142.176.121.227
Process firefox.exe (6592) connected on port 80 (HTTP) --> 66.235.153.37
Process firefox.exe (6592) connected on port 80 (HTTP) --> 142.176.121.232



Autoruns and critical files
---------------------------
(unsigned) hpwuSchd Application C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(verified) AiCharger Application C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(verified) HPStatusAlerts C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(verified) Microsoft OneDrive C:\Users\SheldonB\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(verified) Microsoft® Windows® Operating System C:\Windows\System32\cmd.exe
(verified) Microsoft® Windows® Operating System c:\Windows\System32\userinit.exe


Browser plugins
---------------
(verified) Adobe Acrobat C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
(verified) Adobe Content Decryption Module for Fir C:\Users\SheldonB\AppData\Roaming\Mozilla\Firefox\Profiles\r2famy3r.default\gmp-eme-adobe\17\eme-adobe.dll
(verified) Bitdefender QuickScan C:\Users\SheldonB\AppData\Roaming\Mozilla\Firefox\Profiles\r2famy3r.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
(verified) Bonjour C:\Program Files (x86)\Bonjour\mdnsNSP.dll
(verified) Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
(verified) gmpopenh264.dll C:\Users\SheldonB\AppData\Roaming\Mozilla\Firefox\Profiles\r2famy3r.default\gmp-gmpopenh264\1.6\gmpopenh264.dll
(verified) Intel® Identity Protection Technology C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
(verified) Intel® Identity Protection Technology C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
(verified) Internet Explorer c:\Windows\SysWOW64\ieframe.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\mswsock.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\NapiNSP.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\nlaapi.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\pnrpnsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll
(unsigned) NVIDIA 3D Vision C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
(unsigned) NVIDIA 3D VISION C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
(verified) Plugins PDK c:\program files (x86)\kaspersky lab\kaspersky anti-virus 17.0.0\IEExt\ie_plugin.dll
(verified) Widevine Content Decryption Module C:\Users\SheldonB\AppData\Roaming\Mozilla\Firefox\Profiles\r2famy3r.default\gmp-widevinecdm\1.4.8.903\widevinecdm.dll


Missing files
-------------
File not found: C:\Program Files (x86)\ASUS\AI Suite III\Mobo Connect\ALRun.exe -start
--> HKLM\Software\Microsoft\Windows\CurrentVersion\Run\"AO Link Server"


Scan
----
MD5: 57a83f391380df8de12ba684b669e48d C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
MD5: 5f1091fa113607c9c9b2ecf4fbc76f37 C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
MD5: 37f7dd839a711b5706b1264f4d8d4bdc C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
MD5: ac15768336b24ad9626ed65dfb33464e C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
MD5: 82b37c8894360ea87665d2ddcb582b55 C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.28\AsusFanControlService.exe
MD5: bbf8f831c7720dd5135d8c4c8325187a C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
MD5: f6d02735de16705c1ebe6429592cd355 C:\Program Files (x86)\Bonjour\mdnsNSP.dll
MD5: b932e0ee190778d840f1442dfc0f9612 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
MD5: 596dc69bb40a96fca4b19d9d1e221e34 C:\Program Files (x86)\Common Files\Steam\SteamService.exe
MD5: ce5c9977da751ddc30952ac4dcbca788 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
MD5: 86724a200bf1f08a03fb563660fcd928 C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
MD5: 64e96b86d6c5d29c89b206d6f19dabe9 C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
MD5: b170174a8e9f20cb63c562e4a95f4c80 C:\Program Files (x86)\HP\StatusAlerts\bin\Alerts.dll
MD5: b399db248af3502379b7557ff5ec0f0a C:\Program Files (x86)\HP\StatusAlerts\bin\AppConstants.dll
MD5: 6f91437ff71067cb98204231f432b572 C:\Program Files (x86)\HP\StatusAlerts\bin\DMBaseObjects.dll
MD5: 6f5bdc8267e7f887ab3f9d4764eeaa15 C:\Program Files (x86)\HP\StatusAlerts\bin\HPAppTools.dll
MD5: 21dfbff0121ca9742e39b32779d8408a C:\Program Files (x86)\HP\StatusAlerts\bin\HPServiceCommunicator.dll
MD5: 8913fe8d1ce9834a2422ac57f91df782 C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
MD5: b3f65bb440feda13bb34ef1317cc1511 C:\Program Files (x86)\HP\StatusAlerts\bin\HPToolkit.dll
MD5: e01d74d97af5cdc0512a9bbab6144490 C:\Program Files (x86)\HP\StatusAlerts\bin\HPTools.dll
MD5: 15b3750a8306b9632bb9cb962ed9e7dc C:\Program Files (x86)\HP\StatusAlerts\bin\LEDMMapperObjects.dll
MD5: ca6946dd9d47a151edf7a054603f3635 C:\Program Files (x86)\HP\StatusAlerts\bin\LEDMXMLObjects.dll
MD5: 58c50806d92bb4f55ed97ce80fb6b450 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
MD5: 9328f1a1e158da90bcf72ce299def3d0 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
MD5: 25c3e6669946cb890ece2e73dd44b6f2 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
MD5: 37ac03655eceacf37ad4a9996251150f C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
MD5: 8213094ea736a9c575ab0e22ad09b0ba C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
MD5: 1dfc3cca51785254c5604238bb1a5467 C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
MD5: bbe446bab5ccd555a75a9d925ad7b7f8 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\ac_meta.dll
MD5: 03b45c52179e8dae51a0f685c30d06d6 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avp.exe
MD5: 0b52ca78ebe7c885d64116eab5253ba1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avpservice.dll
MD5: e14f3c1c1833a0bb3b639d1bd5f55bf5 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avpui.exe
MD5: 35605dbac24ab135004efc3e61555a65 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avpuimain.dll
MD5: 13028d7ce3b53754b1350babb8e03645 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\backup_facade_metainfo.dll
MD5: eac90f7f824172c26ef79a3b4c21a125 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\bi_meta.dll
MD5: 7a2d25fbc9d615898baa56897088ae1b C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\content_filtering_meta.dll
MD5: 57579fb647d45f6287d2c78bf3ce7a23 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\dblite.dll
MD5: 45a916a97a898d9ba9f5f30658cb33ef C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\dumpwriter.dll
MD5: d2b9aca7f98dd0bcc50eddf50d834262 c:\program files (x86)\kaspersky lab\kaspersky anti-virus 17.0.0\IEExt\ie_plugin.dll
MD5: 48b4e14571bea9ebefbf44d01dce24b7 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\inproc_agent.dll
MD5: 90084fc1f40d78f7e6cce6fe87d1c084 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\instrumental_meta.dll
MD5: 24337596076711fa682d9b09db85863f C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\instrumental_services.dll
MD5: d58c0ded5c7a99be88b8a7834e4d386a C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kasperskylab.kis.ui.balloons.dll
MD5: 0c2bee711ac012146b597d73dba2c35c C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kasperskylab.kis.ui.dll
MD5: d87700ccecd9774c3b8fba3715200a4b C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kasperskylab.kis.ui.loader.dll
MD5: 72bec3e0b342d3f73624c0441b6655e2 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kasperskylab.kis.ui.reports.dataaccess.dll
MD5: 2574cc21fd97763cbbae244ec4e4e4c9 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kasperskylab.kis.ui.shell.dll
MD5: 4eeabaa143161b37dc5ca856ae4226fa C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kasperskylab.kis.ui.visuals.dll
MD5: b90f8c3e2cc592b029db77c55c238abe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kasperskylab.platform.localization.core.dll
MD5: 7ebe7bd7b247895014015c5162f3e15b C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kasperskylab.platform.nativeinterop.dll
MD5: b0fed1ac66d168b51d77f4af77fd0564 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kasperskylab.pure.backupdiskscanner.dll
MD5: 6d2e8aafcfa74533963be3e1761c0a20 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kasperskylab.pure.ui.backup.dll
MD5: 66f88a1fdb80799278fb2e005cf64958 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kasperskylab.ui.common.dll
MD5: c3b20351ac35d105dc558460b465d9ad C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kasperskylab.ui.common.vb.dll
MD5: 2168ad2360e10b254f9ccf59b87d0402 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kasperskylab.ui.core.dll
MD5: 7df1b98f9ff964b0c25d246aacf04301 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kasperskylab.ui.core.visuals.dll
MD5: 61cfee454fa7cd67e40967dd5daebaf1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kasperskylab.ui.platform.balloons.dll
MD5: 72cf01b935cc41cc1ee70f54ec2c3ddb C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kasperskylab.ui.platform.ipm.dll
MD5: 452a7a9e520d165da8c6d544845653c6 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kasperskylab.ui.platform.reports.dataaccess.dll
MD5: 8942c437ae330abb9f43565f389e4430 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kasperskylab.ui.platform.reports.dll
MD5: c5d421c0eeec7543604d9d44c8a82708 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kasperskylab.ui.platform.safemoney.dll
MD5: 922e91ce57bd70e4062bb1a92adfd9ef C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kasperskylab.ui.platform.services.dll
MD5: 445b8050761fd7f9a2ba2d6d0d910c10 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kasperskylab.ui.platform.views.dll
MD5: d4ff6ae1c7fed7e6b7b14b8e309bf4f9 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kl_service.dll
MD5: b409f81fb1687074cf6c5284ad1d87a6 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\microsoft.practices.prism.dll
MD5: 252e9e37cf998800841c259a64cf3722 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\microsoft.practices.prism.interactivity.dll
MD5: 6df78bb163d443d95b21f58808320af7 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\microsoft.practices.servicelocation.dll
MD5: bc83108b18756547013ed443b8cdb31b C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\msvcp100.dll
MD5: 0e37fbfa79d349d672456923ec5fbbe3 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\msvcr100.dll
MD5: f91fb791be279ff0363f37ddbc507882 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\nemerle.dll
MD5: 717459e3cd8e6123cb45fe65373f7b7e C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\nemerle.peg.dll
MD5: 2ac2a81d05bb7ca3dc74f5cc05905e4c C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\params.ppl
MD5: d78f94ac95bb8c877452c670e7134a6b C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\plugins_meta.dll
MD5: 245fef3e4016ef7e18f82cf0329dc540 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\prcore.dll
MD5: 0a9f6da31971144cc0fe874cbea6c77d C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\product_info.dll
MD5: 2f23da511e57cf718416c7896d4a63d8 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\product_metainfo.dll
MD5: 189acc9ec9145eb48a64ab3f29139350 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\prremote.dll
MD5: 009f607da89752b0289a8f9fcb5db86b C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\pxstub.ppl
MD5: 78999cba9ab96123ef27d16f70056794 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\remote_eka_prague_loader.dll
MD5: 7c516156d1e95b53692b2453abbe1125 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\sw_meta.dll
MD5: 5ab96960dab3f6fd16ccfd047d67f8c6 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\system.data.sqlite.dll
MD5: 522cfea73b99fc225c921e912547805f C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\system.windows.interactivity.dll
MD5: f9f349f5107bb6feef34d3e5ca831fc5 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\system_interceptors_meta.dll
MD5: 520f4445b35593ddfb367e4930f3d911 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\ushata.dll
MD5: ac6a5c25cde65cdf226b0067f32f6869 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\vkbd.dll
MD5: cd51fe428282db6d916aac46ef3a40ce C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\winreg.ppl
MD5: 8c8632aa45a1f765966ff9b0474f8881 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\app_core_legacy.dll
MD5: 0b52ca78ebe7c885d64116eab5253ba1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\avpservice.dll
MD5: 57579fb647d45f6287d2c78bf3ce7a23 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\dblite.dll
MD5: 45a916a97a898d9ba9f5f30658cb33ef C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\dumpwriter.dll
MD5: 24337596076711fa682d9b09db85863f C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\instrumental_services.dll
MD5: d4ff6ae1c7fed7e6b7b14b8e309bf4f9 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\kl_service.dll
MD5: eff5ea6088db81c6ef6edcda5ee79909 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
MD5: bdb3d8437752ebcd11db04082b1fe8a5 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
MD5: 6129d6efb0aa6e8444790ca08837f090 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeuimain.dll
MD5: bc83108b18756547013ed443b8cdb31b C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\msvcp100.dll
MD5: 0e37fbfa79d349d672456923ec5fbbe3 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\msvcr100.dll
MD5: 2ac2a81d05bb7ca3dc74f5cc05905e4c C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\params.ppl
MD5: 245fef3e4016ef7e18f82cf0329dc540 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\prcore.dll
MD5: 273d2eb8c8630b4cb78e53e22308b5b1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\product_info.dll
MD5: 2f23da511e57cf718416c7896d4a63d8 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\product_metainfo.dll
MD5: 189acc9ec9145eb48a64ab3f29139350 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\prremote.dll
MD5: 009f607da89752b0289a8f9fcb5db86b C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\pxstub.ppl
MD5: 520f4445b35593ddfb367e4930f3d911 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ushata.dll
MD5: cd51fe428282db6d916aac46ef3a40ce C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\winreg.ppl
MD5: bc0be695e63548171105c57d2e9b98e7 C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-convert-l1-1-0.dll
MD5: 6bfbf95b7253f32a77bacdf119b678f3 C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-environment-l1-1-0.dll
MD5: 07ba5f40c64134e5749df0e8cfee082e C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-filesystem-l1-1-0.dll
MD5: cb4e401ce4fc657ccebb85f96840cc8b C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-heap-l1-1-0.dll
MD5: b53d96644f5774fe29ba8bb12d6e5f66 C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-locale-l1-1-0.dll
MD5: 49a69484b524c6f9fd641e015dd15154 C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-math-l1-1-0.dll
MD5: 66f65b59dff2f8927dc3c8045d8c3a0a C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-multibyte-l1-1-0.dll
MD5: 11218c9f81404a51d1eb6b56ba60f9ab C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-runtime-l1-1-0.dll
MD5: d67520bff673cab4b2ed1af12de37a1f C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-stdio-l1-1-0.dll
MD5: e65f76759251845fa1e6a3cf41b5f231 C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-string-l1-1-0.dll
MD5: 1622347a34eba068916713cf28f46b67 C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-time-l1-1-0.dll
MD5: f7af6bb63229721005c8ac85dc86f5c2 C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-utility-l1-1-0.dll
MD5: b2a2affaebe900ede45d730c75d811cc C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
MD5: 2ef2b10e5f65fb054d2d54bda54d230b C:\Program Files (x86)\Mozilla Firefox\firefox.exe
MD5: da4ea4acb19b938544d22e34bcd53a34 C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
MD5: 23a5b410eaf32364ac7edc2ccc175b36 C:\Program Files (x86)\Mozilla Firefox\lgpllibs.dll
MD5: 3a8f97e74fd376d5d6a040fa951b2662 C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
MD5: d25c3ff7a4cbbffc7c9fff4f659051ce C:\Program Files (x86)\Mozilla Firefox\msvcp140.dll
MD5: 24b07e74cc7d36b79789feed121807ce C:\Program Files (x86)\Mozilla Firefox\nss3.dll
MD5: a8aec06698b6a650db4a6012906903e0 C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
MD5: 37ae69d2ee27f5591b2ac5e87948a5b9 C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
MD5: 59a510daf4f88960434612f83fdc85e2 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
MD5: f378291cb1bae8a3972c6ea1287078c9 C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
MD5: a2523ea6950e248cbdf18c9ea1a844f6 C:\Program Files (x86)\Mozilla Firefox\vcruntime140.dll
MD5: adf79a49e942c91d1fc9863cbfdd6b58 C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
MD5: 4cd514d678cf4fce3993a103e5d9828c C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
MD5: 7165dce213dd0b3aafe6b0526c7e7229 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
MD5: 5fae83bf2faf8aec81dda14705871f9a C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libeay32.dll
MD5: f78842c9f9b56ffabc5b21e8fa9d9483 C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
MD5: aefc6b25904a2cc65410ca2d90952499 C:\Program Files (x86)\NVIDIA Corporation\NvContainer\MessageBus.dll
MD5: 488cb162e79b4eb54d0c4d1c9a2b0fea C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
MD5: 00c073c09aed16a90dd3a74e5685df98 C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User\NvBackend.dll
MD5: 28cb95ad1bc353b9e1d1c8c3e631ec67 C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User\NvTelemetry.dll
MD5: 6e2b1e1e2829d55a5318126aa2a4053c C:\Program Files (x86)\NVIDIA Corporation\NvContainer\poco.dll
MD5: 7f380e21b088094957019d03aeb57d28 C:\Program Files (x86)\NVIDIA Corporation\NvContainer\ssleay32.dll
MD5: d09f73cdc3d9bfdb1be6e2b6a282e529 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
MD5: 3ac537722de58fc88e7ae059064958db C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
MD5: 5a6274a2b9c52fc894b1d379198d447d C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
MD5: 4bf40d8e7a36529aca3c4bba89c393eb C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvAccountAPINode.node
MD5: c3248f838998a393b9a7922dd73f19de C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvBackendAPINode.node
MD5: e8e25774f6749232131d330dcb08885a C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
MD5: 0531e7b0f5f369cccca555e429a969ef C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVGalleryAPINode.node
MD5: 5e408095007d35e7b92742fec265cbba C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
MD5: fdb2a9e5eaef81394d3f4aad482fa5af C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameStreamAPINode.node
MD5: 489ae0ecf3b7162b811e1c52a43eefec C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
MD5: ab8c88b1a2070c1d3b0f7ca4c01f0332 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
MD5: b28f651891be9891c082e6097ec3da80 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvUtil.node
MD5: c4b37cc644574b25e36f0a1e8b849e18 C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\NvGameShare.dll
MD5: ae9ca277c89fff278d0ecc63800aed02 C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\NvGfeServiceBridge.dll
MD5: 32b25c2a55ff03c21dd09528e2a77e04 C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryAPI32.dll
MD5: 2f10a1389d5bacc01bcbd5fa966cc248 C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MD5: 21bfc67e5e4ff5586d3f4e2222c1c71f C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackendAPI32.dll
MD5: f3aab7df6408431c762d8721b68f46e4 C:\Program Files (x86)\Skype\Updater\Updater.exe
MD5: 2c85f07c5a258804c1fa5a3c6764c475 C:\Program Files\ASUS\Turbo LAN\spd.exe
MD5: eaaa2b83c4764fdcfbee4a4d6546de92 C:\Program Files\Bonjour\mdnsNSP.dll
MD5: b5c2f92ee1106dfe7bb1cce4d35b6037 C:\Program Files\Bonjour\mDNSResponder.exe
MD5: 7d811ea7a2aaa49b0446d42cbc1cd338 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
MD5: b63cf22d1ad2abdc39d85851b2beaa6d C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
MD5: 97c9ebb84a761d48dc17e0e6b913c164 C:\Program Files\iPod\bin\iPodService.exe
MD5: ebbad3264c7683809c4ca7c3df275a52 C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
MD5: 5f08d1a781f5d8869cd89dfa8ac99398 C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qdds.dll
MD5: 9cacd8c8aca6828a6f516865edef143b C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qgif.dll
MD5: b8a2896ad2de546a10793442bf4c8ffa C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qicns.dll
MD5: 88b3a248885e1a06646905a3cf61cac3 C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
MD5: 16c52c3c701868a21c75afa1c13cae6b C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qjpeg.dll
MD5: c06f75e8032b22cb6f2f01119837e26c C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
MD5: 80873034b8547cfedb209de1657cf36e C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qtga.dll
MD5: 2354ae342cdad113a0a6a35e445c7a2b C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qtiff.dll
MD5: 0cbc0ac1487f433fa2547656f4c4dafe C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qwbmp.dll
MD5: 9f015231ce6dcdd8d6733888fe3747b2 C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qwebp.dll
MD5: 87bbc81291be721ab69e7a43c0ac6281 C:\Program Files\Malwarebytes\Anti-Malware\mbae.dll
MD5: 804e3246e3e73d4a936f2f4bcdc53a2d C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
MD5: a6a21a7d544675e98c040da18904cf50 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
MD5: fd5cabbe52272bd76007b68186ebaf00 C:\Program Files\Malwarebytes\Anti-Malware\msvcp120.dll
MD5: 034ccadc1c073e4216e9466b720f9849 C:\Program Files\Malwarebytes\Anti-Malware\msvcr120.dll
MD5: 46d4c009bd925703c125d3d329a54684 C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
MD5: 01a29f0c9516118dbfb8805c71c3057e C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
MD5: 376a23bb3499f37586b91f8a4206a1da C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
MD5: 41f9337269e5b684b2fc288edb1e1b31 C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
MD5: 5a8f3033f2f6eb3671ffb0ca489fa12f C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
MD5: 183de395338e4823fad467e07978f522 C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
MD5: 58f567dbd26b920f22a13a691d74b1b4 C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
MD5: 0c77de06aede4d669de3943b35b0cfc7 C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
MD5: 6eb7aed41ec0e502585d2587e53a4da6 C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
MD5: 20121a13f5dcacb34e401b3e0a8016c2 C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
MD5: 35cc29ae4a67493d53e688370d4ccc5a C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
MD5: 1efce0dcd6bb594da1bde6a42e907df7 C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
MD5: d16539a1b5c3a16986ad69597d6eae85 C:\Program Files\Malwarebytes\Anti-Malware\scenegraph\softwarecontext.dll
MD5: 6aebc7136c17478cbc9a772f1e60eb9e C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
MD5: a6ed2e5e268d83b77d15348591cb8ae5 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
MD5: 06c7dad44f4b95aa02be2107486274bc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
MD5: 352919955d0afdbb4900657a671eb9e3 C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
MD5: 5d31780eabba5fb994ae217ff79ac01c C:\Program Files\Windows Defender\MsMpEng.exe
MD5: f9a6050fca8fd24870eb199d7ec54606 C:\Program Files\Windows Defender\NisSrv.exe
MD5: b3f74e43a73504f3c1d2b10948e67ec4 C:\Program Files\Windows Media Player\wmpnetwk.exe
MD5: ffecef67400c0fbdacab3c7913b78f6d C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klsihk.dll
MD5: 8f2ea5ee0695cce2285d92c44108375c C:\Users\SheldonB\AppData\Local\Microsoft\OneDrive\OneDrive.exe
MD5: 12c0b77ce2eb7e6cca679aa528e208e7 C:\Users\SheldonB\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\Ontology.dll
MD5: b8ff5528c19e81b85a800bfcf41f16d4 C:\Users\SheldonB\AppData\Roaming\Mozilla\Firefox\Profiles\r2famy3r.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
MD5: b1c853e7285e224a69695be88ed31a2c C:\Users\SheldonB\AppData\Roaming\Mozilla\Firefox\Profiles\r2famy3r.default\gmp-eme-adobe\17\eme-adobe.dll
MD5: ac8327b0d820f6177ceefff995a76080 C:\Users\SheldonB\AppData\Roaming\Mozilla\Firefox\Profiles\r2famy3r.default\gmp-gmpopenh264\1.6\gmpopenh264.dll
MD5: 6f4c70c96fedc4e0a79c49d75fb31819 C:\Users\SheldonB\AppData\Roaming\Mozilla\Firefox\Profiles\r2famy3r.default\gmp-widevinecdm\1.4.8.903\widevinecdm.dll
MD5: cfa562af7b0bf67505b56e5c00816281 C:\Windows\AppPatch\AcLayers.dll
MD5: be661b7e852493a57bb3a5bbfb58a4c4 C:\Windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
MD5: e8b4162a8e5ca2ccdcb25b6002d43fb9 C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
MD5: 30ef350e978fa6956320aedfc75d5411 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9ad5d97ade63ecd8b60f63393a947d6e\mscorlib.ni.dll
MD5: 21bde40517004d5c402dfce159cd05be C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\649d90e2133d3555a2359bf4673bc283\System.Configuration.ni.dll
MD5: 8b8efe0392736c4693e481686f1130d0 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\cdcce378eb7a99479cfdfb6f332d3f72\System.Drawing.ni.dll
MD5: 995097f6c5c7125348c60fd137ea06ff C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\b7e8ba480b2362f41783653b073265c1\System.Management.ni.dll
MD5: acade261e57d1fbf60f1c76f31bd3c2f C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e0772eed6f7073053565ec73ba6a9200\System.Runtime.Remoting.ni.dll
MD5: 2d5f346241894cec7b7e7592ef3ea480 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d68ea12bfe9ee2551ac844605014acd8\System.ServiceProcess.ni.dll
MD5: 156be932ab20a330531e5fa537cacbcd C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\7983f943973b5c35b032bf6d8398e8bf\System.Web.ni.dll
MD5: da2f2d32d63a898d19277475b0f435fd C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0f305c60a30db4482e9663104bbcf7a8\System.Windows.Forms.ni.dll
MD5: 77506fa9252a9da9142e115ae3b22f7a C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\026d44ef25a1b7ac0ec4018d2e110bd7\System.Xml.ni.dll
MD5: 2badb713d035e4f02fbd74e9b3c3eb67 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c7d0e65d5d01d4d5381bb1d40c4c56c7\System.ni.dll
MD5: 4e10fb1a015b49ac68f76c1a3f4d9c0f C:\Windows\explorer.exe
MD5: 4dac0befb5e8d1f6a837f9306d92a643 C:\Windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
MD5: 252ea54dcd53421cd4223e2eae5d23ca C:\Windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
MD5: 5c91464f76a59d1417cd39dfd9f0a314 C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
MD5: 1d0451b5bc0414f227328090e9a44f2d C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
MD5: 76e9b5994c8af4977b166ab752c66991 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MD5: ec464afbe0d68fd3b362669e0bc7ac68 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
MD5: 90ad6b64bea33d0a280b91507f8128cd C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
MD5: 2b23d5f76d11ed98897ba40723913b7b C:\Windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework-SystemCore\v4.0_4.0.0.0__b77a5c561934e089\PresentationFramework-SystemCore.dll
MD5: a1cd75855d53a0380dd1dc51ae571da0 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework-SystemData\v4.0_4.0.0.0__b77a5c561934e089\PresentationFramework-SystemData.dll
MD5: 48f954a054479b3d13b5eb7bacf76daf C:\Windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework-SystemXml\v4.0_4.0.0.0__b77a5c561934e089\PresentationFramework-SystemXml.dll
MD5: faaad1340922e4a90d50ab794d467ad6 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework-SystemXmlLinq\v4.0_4.0.0.0__b77a5c561934e089\PresentationFramework-SystemXmlLinq.dll
MD5: 11949b99dd6166e437d4be87de643d36 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero2\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero2.dll
MD5: c1575225d0ac59e6889c7dbe77368c86 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
MD5: 02d461eadaac654531c3a89015f661f3 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MD5: 218e07db323d6e814c2b7b5bf73b8a55 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
MD5: 1abd6936eebe52411d142c0485085eeb C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
MD5: 0c5b667e90103ff0523a92ee037d9341 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
MD5: b2dbf83fc811616a5d0d0a7cbe308c8b C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MD5: 993c58027539b0251ddd26d22487edff C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
MD5: a9e47da43d9da776e9098e8d84a4753c C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.InteropServices.WindowsRuntime\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.InteropServices.WindowsRuntime.dll
MD5: 5319155626ab69928da8f9b24fa854d4 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.dll
MD5: e2d397787188c560be487028a191a89f C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MD5: e9b6c308389dfbfe68915e98a89e7b45 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
MD5: d3de7890b2241ad335adcb5b2e28765f C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
MD5: 7bd777b98b90e7e426cb286ced4ce109 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
MD5: 9bef41e48992c85b2385118d107b537f C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
MD5: e40f910c532767e22ed9110e4ec87936 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
MD5: cb8d1aacfd6dc97530ad1d7f1bcf9ced C:\Windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
MD5: d247833262165d1f48e0c893c6890716 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
MD5: bf3543f46f43307362c65b0f7a056c24 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
MD5: 59241194dbdf30a2b4029e402f377900 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
MD5: efa857e2b0cc7c9dfef48a2187b910f7 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
MD5: 942a0fd4301180517656df2d7df45574 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MD5: 58d8e6b37f33776fcdce3e91df25faba C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
MD5: 25cee067aed86ff988c8d31bd7212a21 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MD5: fe3a877218f498f90dd1d097fb770bfa C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
MD5: 7210d35665fb3a0353a2b7ad2acb293c C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
MD5: 2f12004529cc3612b0b43bfeb167733e C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
MD5: 7531d3f8dc93ccbcc29e012286260a60 C:\Windows\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll
MD5: 0487cfc8ab4470573d6e268c20bbe29c C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MD5: 9806f14fa613b53d1ce056c00648ff6c C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PenIMC.dll
MD5: 15edb85eed1134dc44882be733047303 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll
MD5: fa0f679dbb827a17e99afc0096f1885b C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
MD5: 09440fa30c020b4443391fafcf4876e3 C:\Windows\servicing\TrustedInstaller.exe
MD5: 0fec5f30e705eadaea5e9144f2fb12dc C:\Windows\System32\cmd.exe
MD5: 1d090d82282336cd790733fae33641e9 C:\Windows\System32\coremessaging.dll
MD5: e0201a4bb639042959a11457a52dd627 C:\Windows\System32\dhcpcore.dll
MD5: 6046950fc9ca5b7a7e084c189658dacb C:\Windows\System32\dllhost.exe
MD5: 34c935af2a414572b412b3556586d783 C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
MD5: eecb0fd97bd18e223d3a92d9b7e6fd65 C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c775b600ccf2cdac\nvd3dum.dll
MD5: 25c83321b51908e5f35f1ed17f443591 C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c775b600ccf2cdac\nvlddmkm.sys
MD5: 93403b347583bd8d560563b0b485aa5d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c775b600ccf2cdac\nvwgf2um.dll
MD5: 297bfca82aa994ce9b95706146764fbc C:\Windows\System32\es.dll
MD5: af46710ddb8b0e304aa4fd2b940cabd8 C:\Windows\System32\explorer.exe
MD5: be6a279ed7023652dd94fa19e9b27882 C:\Windows\System32\hidserv.dll
MD5: 0675de1739ec0e6cc8a9ec5ce459236a C:\Windows\System32\keyiso.dll
MD5: 35ba17ff927b79eddee436adeb98ef21 C:\Windows\System32\mprdim.dll
MD5: 9d69473a54b200870a407b0e7103ee28 C:\Windows\System32\msiexec.exe
MD5: 8e6958813b6faaff8a6ee9f2a7040299 C:\Windows\System32\mswsock.dll
MD5: 390e89b590bf63eebf88abc15078a198 C:\Windows\System32\NapiNSP.dll
MD5: c4a39409d825d4808832c7b9243fc9b7 C:\Windows\System32\netlogon.dll
MD5: a8c6fcb5a946ab8a9553f43529dfda9a C:\Windows\System32\nlaapi.dll
MD5: 0faa756716218e68d46f9e2fee624242 C:\Windows\System32\pla.dll
MD5: 3f0f179c20f3633d2ec06774430ba831 C:\Windows\System32\pnrpnsp.dll
MD5: e5d081908b6dd64bdfc125a56428aea5 C:\Windows\System32\provsvc.dll
MD5: c0c426db80a332672b9648c595bd5d1d C:\Windows\System32\qwave.dll
MD5: e27c1f78981297d6ca2cec040158e469 C:\Windows\System32\SearchIndexer.exe
MD5: eb4f3bde38abf0aeecdfea76e2cb1eff C:\Windows\System32\SessEnv.dll
MD5: 25fd6dc3d4ec699e4ef5cfb91bfc6ecf C:\Windows\System32\shsvcs.dll
MD5: 71c635d7796d394138bffbb8c2559cfb C:\Windows\System32\smphost.dll
MD5: 1f8434dd4907c832e6e90d6298eab85b C:\Windows\System32\svchost.exe
MD5: 0cba864dbb0e503101c746befc01bbde C:\Windows\System32\tapisrv.dll
MD5: 58a2c2cc89d528de8fe8d3eadc8fbae4 C:\Windows\System32\Unistore.dll
MD5: ac79703ebf464c6ea2ae2cc65e6878a0 C:\Windows\System32\upnphost.dll
MD5: fa900e6cccf0a429d5b720c6f0e2274b c:\Windows\System32\userinit.exe
MD5: 2e63ca57869cfa25cb072befe64a2640 C:\Windows\System32\wdi.dll
MD5: dc496ecfc465280a610188c9b316da21 C:\Windows\System32\WebClnt.dll
MD5: a185bcc083628a702d61f384b2d37de3 C:\Windows\System32\Windows.Internal.Management.dll
MD5: fe68cce3d2985526fb00c692e92e0fe2 C:\Windows\System32\windows.staterepository.dll
MD5: df51c1442a3db8ade2b78dcdec2419fd C:\Windows\System32\winhttp.dll
MD5: 6b408458867bf3b61f363c0eb423f87f C:\Windows\System32\winrnr.dll
MD5: b124b6d66ee6fab7b59fd114a633a1d1 C:\Windows\System32\WsmSvc.dll
MD5: 876577374f31702acc9e8584db453c9b C:\Windows\SysWOW64\advapi32.dll
MD5: 6d1a29096e54589362357cdf0ba1e9e9 C:\Windows\SysWOW64\apphelp.dll
MD5: 0c3c22395bba6b4f6af5075a0ffada86 C:\Windows\SysWOW64\AudioSes.dll
MD5: bc00c6f4e771d0c71d677d87a9897753 C:\Windows\SysWOW64\BCP47Langs.dll
MD5: c041ed5ce66bedfa0ceac973c8e5dac5 C:\Windows\SysWOW64\bcrypt.dll
MD5: dbb08db2f47433858c6606484f5fe545 C:\Windows\SysWOW64\bcryptprimitives.dll
MD5: 90a1cd387f9cb30f86d34b88bfcd83a1 C:\Windows\SysWOW64\cfgmgr32.dll
MD5: 87d1e3eb90a316f1fd6dd60a2457189a C:\Windows\SysWOW64\clbcatq.dll
MD5: 09fb1e45c38939b300140f01d14d0e6a C:\Windows\SysWOW64\combase.dll
MD5: 053b12d5d2e45a7e01e43f008552620c C:\Windows\SysWOW64\comdlg32.dll
MD5: 5d52820bcf597eac5b109d1494b149ba C:\Windows\SysWOW64\crypt32.dll
MD5: 3d4308bac53b881b16d9bd1006abdc65 C:\Windows\SysWOW64\cryptbase.dll
MD5: 0e874792ff73e37ad88f47be222e1d59 C:\Windows\SysWOW64\cryptnet.dll
MD5: 0ce6aff79009aeec169c9a75b7567d30 C:\Windows\SysWOW64\cryptsp.dll
MD5: 6be1dae295eadf4a058f83c164a27089 C:\Windows\SysWOW64\cscapi.dll
MD5: 86f3dd8105ea18131bad4a145f31b668 C:\Windows\SysWOW64\d2d1.dll
MD5: 14165f6bc67b1b51dd9f55c339d63cb0 C:\Windows\SysWOW64\d3d11.dll
MD5: 17c406d38c3989ff3bdb17d08c1991ce C:\Windows\SysWOW64\d3d9.dll
MD5: 7d1cee0aec344815661c8c45cefc1643 C:\Windows\SysWOW64\DataExchange.dll
MD5: f9e3229224fec57a53f5b2a4b21942e0 C:\Windows\SysWOW64\dbgcore.dll
MD5: 529408e2c123d00d4cc2bebcc8479566 C:\Windows\SysWOW64\dbghelp.dll
MD5: 550ba2c78144d79bd4ce88f9be77be9f C:\Windows\SysWOW64\dciman32.dll
MD5: 15c27a751b2da417d6f9948369e8cb90 C:\Windows\SysWOW64\dcomp.dll
MD5: e728fb4102bf63937b40e38b8c3728b1 C:\Windows\SysWOW64\ddraw.dll
MD5: a1c818c3666dc5d95c40f36ef7b70685 C:\Windows\SysWOW64\devobj.dll
MD5: cf0766d323fb5bdd661fd9dd81708860 C:\Windows\SysWOW64\dhcpcsvc.dll
MD5: 8a581a8ee691fd046af2af51f2de9f02 C:\Windows\SysWOW64\dhcpcsvc6.dll
MD5: 227cfe3eda82029aac1c088a16297cd7 C:\Windows\SysWOW64\dnsapi.dll
MD5: d204c988115dd69889e3c0172e92bcff C:\Windows\SysWOW64\dpapi.dll
MD5: ff5221c2e5d5cc82f93eb7c99dc2852f C:\Windows\SysWOW64\drivers\AiCharger.sys
MD5: 6fdda70d46b51e80ca2311064d05df19 C:\Windows\SysWOW64\drivers\AndroidAFDx64.sys
MD5: 798de15f187c1f013095bbbeb6fb6197 C:\Windows\SysWOW64\drivers\AsIO.sys
MD5: 1392b92179b07b672720763d9b1028a5 C:\Windows\SysWOW64\drivers\AsUpIO.sys
MD5: a839b2cf099c3f328e6d369e29b14e02 C:\Windows\SysWOW64\dwmapi.dll
MD5: 63cf9e094a62a787937b955d654c55de C:\Windows\SysWOW64\DWrite.dll
MD5: 0fa371c4d87d47e4d2e39655de14f521 C:\Windows\SysWOW64\dxgi.dll
MD5: 3e26ca9b5ccd4c04506c0109bede3b36 C:\Windows\SysWOW64\dxva2.dll
MD5: 804dce6d165d93ed74a5472b84b6d429 C:\Windows\SysWOW64\evr.dll
MD5: f050c5ed0c243759023d91f25c2da94c C:\Windows\SysWOW64\ExplorerFrame.dll
MD5: 6d95c6266d85ea039fd2843f81fabd93 C:\Windows\SysWOW64\fltLib.dll
MD5: ba22c7afe02e09916c5664e1dd98a879 C:\Windows\SysWOW64\FWPUCLNT.DLL
MD5: a38bcc4df4da792c71f6fba54299f893 C:\Windows\SysWOW64\gdi32.dll
MD5: 56a1f18f27a325a4c17bf7ea963dbd2b C:\Windows\SysWOW64\gdi32full.dll
MD5: 727f75213c1971268d82bc573aa8f424 C:\Windows\SysWOW64\glu32.dll
MD5: 204bff7c714045b641862ee3a8ecf88f C:\Windows\SysWOW64\gpapi.dll
MD5: ff1b2a98c6e96f4541b24ecc2820db80 C:\Windows\SysWOW64\icm32.dll
MD5: 464235f5db3faf56c594a7b74d3837e3 c:\Windows\SysWOW64\ieframe.dll
MD5: 5e03e98e09a3a8bfa0277b2fe565b296 C:\Windows\SysWOW64\iertutil.dll
MD5: bfcfb0177935e235b1febade3694839d C:\Windows\SysWOW64\imagehlp.dll
MD5: 203f58ba41b48a59d6a047e0233db422 C:\Windows\SysWOW64\imm32.dll
MD5: 2eaa99959c52b2aa192ddc3730daad35 C:\Windows\SysWOW64\IntelCpHeciSvc.exe
MD5: 0a358dc3eff8e9c8c28a216385ffd9e9 C:\Windows\SysWOW64\IPHLPAPI.DLL
MD5: 845fd176fad495db046400ac93747976 C:\Windows\SysWOW64\kernel.appcore.dll
MD5: 956db4b52f2ce6365ade6b5d2d74a267 C:\Windows\SysWOW64\kernel32.dll
MD5: 4a0b06dd8211cda36d209fe61283db58 C:\Windows\SysWOW64\KernelBase.dll
MD5: 19d8119776943ed31455c54472dbfafc C:\Windows\SysWOW64\linkinfo.dll
MD5: 9b1ce49762baab1db9d02f98cd5cb984 C:\Windows\SysWOW64\mf.dll
MD5: 8bcbf263a1a513a6d5041c42b0fbaedf C:\Windows\SysWOW64\mfperfhelper.dll
MD5: a7aa7586a6e1cdd99667bdd8a9ad54bc C:\Windows\SysWOW64\mfplat.dll
MD5: dd8eac114e86965fcd82552f889ed23a C:\Windows\SysWOW64\MMDevAPI.dll
MD5: 25335383bc43aacdcd22836a3e732bdc C:\Windows\SysWOW64\mpr.dll
MD5: 5e8336c79be0c2f1080b575e434dd0e4 C:\Windows\SysWOW64\msasn1.dll
MD5: 60009a9d6b55655b7dc63353bc93b72e C:\Windows\SysWOW64\MSAudDecMFT.dll
MD5: 98989fdc88686e7d6a3ebedb41135cb1 C:\Windows\SysWOW64\mscms.dll
MD5: 2582aa6c1f88d34b37b7f82d790d232e C:\Windows\SysWOW64\mscoree.dll
MD5: 8ee8bdf714d986ac30193fe75478047c C:\Windows\SysWOW64\msctf.dll
MD5: 67bdb704614e9a44e8be03fa334e50f9 C:\Windows\SysWOW64\msctfui.dll
MD5: db22bf6e188f54e592c1bbfbd4f79497 C:\Windows\SysWOW64\msimg32.dll
MD5: 4f374782286ded5127d350cedbc2849e C:\Windows\SysWOW64\mskeyprotect.dll
MD5: 677a1a604ea11ceee78cd62ac0a79972 C:\Windows\SysWOW64\msmpeg2vdec.dll
MD5: fd5cabbe52272bd76007b68186ebaf00 C:\Windows\SysWOW64\msvcp120.dll
MD5: 8dd0eab4f85b2fea280677b117785b15 C:\Windows\SysWOW64\msvcp_win.dll
MD5: 034ccadc1c073e4216e9466b720f9849 C:\Windows\SysWOW64\msvcr120.dll
MD5: 856da04454a75cf6e7453d53cd90a29d C:\Windows\SysWOW64\msvcr120_clr0400.dll
MD5: 2b3053473d66ad4c34e05b4ab4a9636e C:\Windows\SysWOW64\msvcrt.dll
MD5: 8e6958813b6faaff8a6ee9f2a7040299 C:\Windows\SysWOW64\mswsock.dll
MD5: 390e89b590bf63eebf88abc15078a198 C:\Windows\SysWOW64\NapiNSP.dll
MD5: f2cae3c03d4eb93f9dc22d2d6e3d91cd C:\Windows\SysWOW64\ncrypt.dll
MD5: 5ca2520bcb004c8180b7afa45e879417 C:\Windows\SysWOW64\ncryptsslp.dll
MD5: a8c6fcb5a946ab8a9553f43529dfda9a C:\Windows\SysWOW64\nlaapi.dll
MD5: bc36aaf42722db03d8aab9f17b6c6ad9 C:\Windows\SysWOW64\nsi.dll
MD5: cda0441be02bb525b159b3949d9dc67d C:\Windows\SysWOW64\ntasn1.dll
MD5: aa3b16977532312a378b532db494b653 C:\Windows\SysWOW64\ntdll.dll
MD5: cf7308d27a2b2851249a7ce892017305 C:\Windows\SysWOW64\ntmarta.dll
MD5: b14ec96f7a15decf967560e981e592c8 C:\Windows\SysWOW64\ntshrui.dll
MD5: e3b51cbf04cfdb9ad6032f433cb8de9c C:\Windows\SysWOW64\nvapi.dll
MD5: 3d13f92cb781a48c76dff475624a3962 C:\Windows\SysWOW64\nvspbridge.dll
MD5: 1955f36f2f46498bd8c08a28538bb4ff C:\Windows\SysWOW64\nvspcap.dll
MD5: e74f2c29ecf25124be3da75fbd6a0e46 C:\Windows\SysWOW64\ole32.dll
MD5: af5121afe8c7eaa52e869b422162a77c C:\Windows\SysWOW64\oleacc.dll
MD5: abf355047ecebff79fe5224bcff9a2e5 C:\Windows\SysWOW64\oleaut32.dll
MD5: df275c9659ed8215695b572a8ce17fbc C:\Windows\SysWOW64\OnDemandConnRouteHelper.dll
MD5: 22331fd3ddd5ad8a9bf8ef609cf613ff C:\Windows\SysWOW64\opengl32.dll
MD5: 748c272726fbc78aa29381d110fb5252 C:\Windows\SysWOW64\pdh.dll
MD5: cb5343ff52a702a9acfaae6be972fe09 C:\Windows\SysWOW64\perfhost.exe
MD5: 3f0f179c20f3633d2ec06774430ba831 C:\Windows\SysWOW64\pnrpnsp.dll
MD5: a6f22ca344fd1b7d75d49ecc718693c8 C:\Windows\SysWOW64\powrprof.dll
MD5: ca6447ddca724f0c5c0cafde184efe64 C:\Windows\SysWOW64\profapi.dll
MD5: 69a2169e9b8a13e8d6211d2d978100cc C:\Windows\SysWOW64\propsys.dll
MD5: 7b73fc5ad82af0fb84212106455e0d48 C:\Windows\SysWOW64\psapi.dll
MD5: 49f66601f196554bc9b36310ce84f011 C:\Windows\SysWOW64\rasadhlp.dll
MD5: 3880361de2c511c7c5735b91016c4862 C:\Windows\SysWOW64\rmclient.dll
MD5: 056e20bf43207e95a92d38b539656e3e C:\Windows\SysWOW64\rpcrt4.dll
MD5: 9a03702c5ebbc4761770bae67764b219 C:\Windows\SysWOW64\rsaenh.dll
MD5: 5bc2d871eb445a70eb762ece7c574bbd C:\Windows\SysWOW64\RTWorkQ.dll
MD5: a4de7801642001f4836e9fa6a8128770 C:\Windows\SysWOW64\schannel.dll
MD5: ed839824e2d0cde4544276df61bb9868 C:\Windows\SysWOW64\sechost.dll
MD5: ace201d14a0f44f5634d178fd117d8cd C:\Windows\SysWOW64\secur32.dll
MD5: b4afcaa856c58fab35c6b6dcf802e420 C:\Windows\SysWOW64\setupapi.dll
MD5: 0f1e9d98cc524190e9b045908e6bc1f6 C:\Windows\SysWOW64\sfc.dll
MD5: 94c93f32b21eb2da6aff2c264b17e623 C:\Windows\SysWOW64\sfc_os.dll
MD5: ad950538c8e6ec4c423f260505d28275 C:\Windows\SysWOW64\SHCore.dll
MD5: def44b761300af3c2cf2955273325093 C:\Windows\SysWOW64\shell32.dll
MD5: 83d8a4e04f99c5fd749d34cc4b970a0e C:\Windows\SysWOW64\shfolder.dll
MD5: d9af3498fa5fe659c8f65408fdbf3990 C:\Windows\SysWOW64\shlwapi.dll
MD5: ddb56b83b18735f13fd1cbef877e9db0 C:\Windows\SysWOW64\srvcli.dll
MD5: 1a8e7650017f0bc9ad12a6861b5119ed C:\Windows\SysWOW64\sspicli.dll
MD5: b45f4a37ccb2eb5e33be5d019b630dfd C:\Windows\SysWOW64\sxs.dll
MD5: 046c293b4a3a2fc51cc7152495827f29 C:\Windows\SysWOW64\twinapi.appcore.dll
MD5: 804e7069b4c6c01b1f4b3a2d8618c77f C:\Windows\SysWOW64\twinapi.dll
MD5: 2e0694a49824cf82c1972020db227d8c C:\Windows\SysWOW64\ucrtbase.dll
MD5: 87be502e7b1d3705783c366ed0cba9f7 C:\Windows\SysWOW64\UIAutomationCore.dll
MD5: 771f172114e51fc2df5838476d97d90a C:\Windows\SysWOW64\urlmon.dll
MD5: 4bec594a3d4aeafac400d88f7e328c7b C:\Windows\SysWOW64\user32.dll
MD5: eb27fe8770bb56d2ba9c9c29f1ab07da C:\Windows\SysWOW64\userenv.dll
MD5: 22db034ad0d37d70be6e33c73a84671b C:\Windows\SysWOW64\usermgrcli.dll
MD5: 1f5d8a8444319a9e8a1b20dde8771b86 C:\Windows\SysWOW64\usp10.dll
MD5: 3b83c49b5a250a95183dcbbb384b45f4 C:\Windows\SysWOW64\uxtheme.dll
MD5: 181fe38c3fe164fbfc1a5a8399ccc2da C:\Windows\SysWOW64\version.dll
MD5: fba861ef9ae6f64ca375eea558d3149b C:\Windows\SysWOW64\wbem\fastprox.dll
MD5: 003274de008d272c16c80d726845c23c C:\Windows\SysWOW64\wbem\wbemprox.dll
MD5: 75b865ad79ecea39f566f4ee82b8ec07 C:\Windows\SysWOW64\wbem\wbemsvc.dll
MD5: 6ae34de520137f17f0474a7fe88e0f30 C:\Windows\SysWOW64\wbem\wmiutils.dll
MD5: f306c8d60c75d48bbe039ea69280bb6f C:\Windows\SysWOW64\wbemcomn.dll
MD5: befed197ae9153766f7304650368f3d8 C:\Windows\SysWOW64\webio.dll
MD5: 9d8f7bd41657b515dd46c7bf90a26cdb C:\Windows\SysWOW64\win32u.dll
MD5: 22096a33f31a39599af270ef6a55230d C:\Windows\SysWOW64\windows.storage.dll
MD5: b19a804bc41c276daf5753be541a97b4 C:\Windows\SysWOW64\WindowsCodecs.dll
MD5: df51c1442a3db8ade2b78dcdec2419fd C:\Windows\SysWOW64\winhttp.dll
MD5: 0d8ca86b639533ed0a7fe1792c5be600 C:\Windows\SysWOW64\wininet.dll
MD5: c3a4c6f5dfeae69ccf5fef9c7f561e72 C:\Windows\SysWOW64\WinMetadata\Windows.Foundation.winmd
MD5: e610da2aa509ea47d0d53d0c74dd7c77 C:\Windows\SysWOW64\WinMetadata\Windows.UI.winmd
MD5: 2cdb8e874f0950ea17a7135427b4f07d C:\Windows\SysWOW64\winmm.dll
MD5: dcdf6a9e619644e12c74457a8a3c1e1b C:\Windows\SysWOW64\winmmbase.dll
MD5: 53965fb6de57c0e2abae5f1870888d44 C:\Windows\SysWOW64\winnsi.dll
MD5: 6b408458867bf3b61f363c0eb423f87f C:\Windows\SysWOW64\winrnr.dll
MD5: c4465ac27b8d372574a2dccaa4e16bcf C:\Windows\SysWOW64\winspool.drv
MD5: 74261d485681a12aff1ad517fd0ef200 C:\Windows\SysWOW64\winsta.dll
MD5: e4bde75b8a2b008d2f6e3f080fdcf51b C:\Windows\SysWOW64\wintrust.dll
MD5: ebd4c2424dc0c023f82ac7f13970016d C:\Windows\SysWOW64\WinTypes.dll
MD5: 68e80b8d811c8967fb9a9a6cc263b77c C:\Windows\SysWOW64\Wldap32.dll
MD5: 96af2c9585ea7a84fd2326002f96d5ad C:\Windows\SysWOW64\wpnapps.dll
MD5: 7a262815259f912431813fef6c2f8e0b C:\Windows\SysWOW64\ws2_32.dll
MD5: 7bc233f49c60b2fc6869b05318c02d64 C:\Windows\SysWOW64\wsock32.dll
MD5: 55d5450c85c0a0de8f2a22f2c0c816ae C:\Windows\SysWOW64\wtsapi32.dll
MD5: 7d4814b02f8844302f29644a1b79765d C:\Windows\SysWOW64\xmllite.dll
MD5: 26a95438c2d0e0c41b73d19400f4c2db C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9268_none_d08e1538442a243e\msvcr80.dll
MD5: 0e86a451c2bf6dd8c550309845473f13 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.14393.447_none_5507ded2cb4f7f4c\comctl32.dll
MD5: 309f13d0ec95d87ff6c756c4358c93e2 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9\comctl32.dll
MD5: b0da5babd745e9d07da0b36e46c6ca8f C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.14393.321_none_baab3cb4359688b4\GdiPlus.dll

The following file(s) must be uploaded for server-side scanning:
C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll

Upload started - 3 file(s)
Qt5Network.dll (669184)
qtquickcontrolsplugin.dll (697856)
qwindows.dll (966656)
Upload speed - 4 KB/s
Upload finished - 0 uploaded, 3 failed

The uploaded file(s) were found clean.

Scan finished - communication took 5 sec
Total traffic - 0.02 MB sent, 1.22 KB recvd
Scanned 464 files and modules - 26 seconds

==============================================================================

descriptionSolvedRe: Trojan.Multi.GenAutorunTask.a detected

more_horiz
Okay, let me help you search with a few more tools...


Scan with herdProtect


Please download herdProtect by Reason Software (portable edition) and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here .
  • Right-click on the HerdProtect icon and select Run as Administrator to install the scanner.
  • It will ask for the location - leave the default one (%ProgramFiles%) or select another, convenient one.
  • Agree to the terms, select Launch herdProtect and click Finish.
  • Click Scan. It may take a while, depending on your system and connection specs. Please be patient.
  • When it finishes click on Save Results.
  • A Notepad with a report should open.

Please include the contents of that report in your next reply.
This type of scan often produces false positives. In any case do not remove on your own any of its findings! Removal will be made after the careful analysis of the scan results.
Upon completion of the cleaning you may remove HerdProtect if you wish so. To do it just delete its directory (chosen by you when installing the tool).


Junkware Removal Tool


Please download Malwarebytes' Junkware Removal Tool and save the file to your desktop.

  • Right-click on the JRT.exe or Junkware Removal Tool icon and select Run as Administrator to start the tool.
  • Follow the prompts and let this process run uninterrupted.
  • This scan can take a while, depending on your System specs.
  • Upon completion, a log (JRT.txt) will open on your desktop.


Please include the contents of that file in your reply.

Do not forget to re-enable your previously switched off protection software!
Please also manually reboot your machine after this procedure.


AdwCleaner


Please download Malwarebytes' AdwCleaner onto your Desktop.

  • Double click on AdwCleaner_xxxx.exe to run the tool.
  • Click on Scan.
  • After done scanning, please hit Logfile. Locate the logfile in the Scan tab, double-click on it, copy the information inside of it, and paste it into your next reply.
  • You can find the logfile at C:\AdwCleaner[Sx].txt as well.

descriptionSolvedRe: Trojan.Multi.GenAutorunTask.a detected

more_horiz
Saved date:          2017-02-03 7:44:55 PM
Files detected:     27
Files scanned:         10,719
Processes scanned:     86
Modules scanned:     1,045
ASEPs scanned:         586
Downloads scanned:     0
Deep analysis:         0/0
---------------------------------------------------------------------------------

Files

---------------------------------------------------------------------------------

File path:         c:\program files (x86)\bonjour\mdnsnsp.dll
Publisher:         Apple Inc.
Signer:         Apple Inc.
MD5:             f6d02735de16705c1ebe6429592cd355
SHA-1:             c6ee693de2c01cad34012471b70d87869969a0cb
Created:         2015-08-12 5:03:38 PM
Detections:         1
Determination:         Ignore detections (false positive)
            - Reason Heuristics as Adware.Eorezo (M) (Adware)

---------------------------------------------------------------------------------

File path:         c:\windows\system32\hptcpmon.dll
Publisher:         Hewlett Packard
MD5:             058592f982b2ff22a7be1733c1915699
SHA-1:             b0f1964da08e5175cd17220e9b87c1fcbe5d25fe
Created:         2009-09-16 6:45:00 PM
Detections:         1
Determination:         Inconclusive
            - Avira AntiVirus as W32/Ramnit.C (Malware)

---------------------------------------------------------------------------------

File path:         c:\program files\bonjour\mdnsresponder.exe
Publisher:         Apple Inc.
Signer:         Apple Inc.
MD5:             b5c2f92ee1106dfe7bb1cce4d35b6037
SHA-1:             31070ef84c5355b082873ffc19ff60659637995f
Created:         2015-08-12 5:03:42 PM
Detections:         1
Determination:         Ignore detections (false positive)
            - Reason Heuristics as Adware.Eorezo (M) (Adware)

---------------------------------------------------------------------------------

File path:         c:\windows\system32\drivers\lvuvc64.sys
Publisher:         Logitech Inc.
Signer:         Logitech, Inc.
MD5:             415e344294d1c0d04627b29146f68481
SHA-1:             0a6cc2c66fc30dc9c53358874048d72b0da6fe4b
Created:         2012-10-26 4:42:22 PM
Detections:         1
Determination:         Ignore detections (false positive)
            - Clam AntiVirus as PUA.Win32.Packer.PrivateExeProte-7

---------------------------------------------------------------------------------

File path:         c:\programdata\application data\asus\ai suite iii\dip5\appsetup\assysctrlservice\asacpi.dll
Publisher:         ASUS
MD5:             a7a060977abc1d51246580efc3106293
SHA-1:             80171e4ad14d959a3ac61d484e6423cb5230e5e8
Created:         2016-02-12 9:58:50 AM
Detections:         1
Determination:         Ignore detections (false positive)
            - Antiy Labs AVL as Virus/Win32.Xpaj.gen (Undefined)

---------------------------------------------------------------------------------

File path:         c:\programdata\application data\asus\ai suite iii\key_express\appsetup\assysctrlservice\asacpi.dll
Publisher:         ASUS
MD5:             a7a060977abc1d51246580efc3106293
SHA-1:             80171e4ad14d959a3ac61d484e6423cb5230e5e8
Created:         2016-02-12 9:58:53 AM
Detections:         1
Determination:         Ignore detections (false positive)
            - Antiy Labs AVL as Virus/Win32.Xpaj.gen (Undefined)

---------------------------------------------------------------------------------

File path:         c:\programdata\application data\blizzard entertainment\battle.net\cache\36\b2\36b27cd911b33c61730a8b82c8b2495fd16e8024fc3b2dde08861c77a852941c.auth
Publisher:        
MD5:             140d0aaf310055ebebcdd91d3f0f522e
SHA-1:             8b0b8779b18467e4e180a74971aa469542a18f50
Created:         2016-02-25 9:33:47 AM
Detections:         2
Determination:         Ignore detections (false positive)
            - Trend Micro House Call as PAK_Generic.001
            - Trend Micro as PAK_Generic.001

---------------------------------------------------------------------------------

File path:         c:\programdata\application data\kaspersky lab\avp17.0.0\bases\swmon_drv.kdl
Publisher:         AO Kaspersky Lab
MD5:             24ec9da8c676aa6893d7a70dc0b3b81a
SHA-1:             5102cbdbcd50ca7d8284e3b1cf34b9785df96c7b
Created:         2016-11-17 6:33:14 PM
Detections:         1
Determination:         Ignore detections (false positive)
            - Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path:         c:\programdata\application data\kaspersky lab\avp17.0.0\bases\cache\arkmon.kdl.cc061dea4fa2d9e9b6548b9d297018b5
Publisher:         AO Kaspersky Lab
MD5:             cc061dea4fa2d9e9b6548b9d297018b5
SHA-1:             33ed9d117fb1c0e936b4ea90b0283b9690d6a365
Created:         2016-12-09 6:14:10 PM
Detections:         1
Determination:         Ignore detections (false positive)
            - Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path:         c:\programdata\application data\kaspersky lab\avp17.0.0\bases\cache\kavsys.kdl.8efabcdbb24ef1c8678ea3759df6b2a3
Publisher:         AO Kaspersky Lab
MD5:             8efabcdbb24ef1c8678ea3759df6b2a3
SHA-1:             fab3d0e42bf59178da2d9687f27519f5fbed3801
Created:         2016-12-09 6:14:10 PM
Detections:         1
Determination:         Ignore detections (false positive)
            - Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path:         c:\programdata\application data\kaspersky lab\avp17.0.0\bases\cache\klavemu.kdl.758ffdcdbdce1598ec69e4c77975d27e
Publisher:         AO Kaspersky Lab
MD5:             758ffdcdbdce1598ec69e4c77975d27e
SHA-1:             d6c52f7cf106993b94dc60bc780f597825df26df
Created:         2017-01-31 7:15:53 AM
Detections:         1
Determination:         Ignore detections (false positive)
            - Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path:         c:\programdata\application data\kaspersky lab\avp17.0.0\bases\cache\mark.kdl.1d2042963b2fb42332a5cf3b50514d6c
Publisher:         AO Kaspersky Lab
MD5:             1d2042963b2fb42332a5cf3b50514d6c
SHA-1:             ad43b582f4f94f8f78895d819108b294b5f2abab
Created:         2016-12-09 6:14:10 PM
Detections:         1
Determination:         Ignore detections (false positive)
            - Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path:         c:\programdata\application data\kaspersky lab\avp17.0.0\bases\cache\qscan.kdl.c828ad6a88aace51685b930a98f4f3d9
Publisher:         AO Kaspersky Lab
MD5:             c828ad6a88aace51685b930a98f4f3d9
SHA-1:             c84b67c1e0571c73b18790b25513fcebd631355d
Created:         2016-12-09 6:14:10 PM
Detections:         1
Determination:         Ignore detections (false positive)
            - Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path:         c:\programdata\application data\kaspersky lab\avp17.0.0\bases\cache\swmon_drv.kdl.0000000000027a5e-01d241229587319e-01d27c7754407315
Publisher:         AO Kaspersky Lab
MD5:             24ec9da8c676aa6893d7a70dc0b3b81a
SHA-1:             5102cbdbcd50ca7d8284e3b1cf34b9785df96c7b
Created:         2017-02-01 6:38:37 AM
Detections:         1
Determination:         Ignore detections (false positive)
            - Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path:         c:\programdata\asus\ai suite iii\dip5\appsetup\assysctrlservice\asacpi.dll
Publisher:         ASUS
MD5:             a7a060977abc1d51246580efc3106293
SHA-1:             80171e4ad14d959a3ac61d484e6423cb5230e5e8
Created:         2016-02-12 9:58:50 AM
Detections:         1
Determination:         Ignore detections (false positive)
            - Antiy Labs AVL as Virus/Win32.Xpaj.gen (Undefined)

---------------------------------------------------------------------------------

File path:         c:\programdata\asus\ai suite iii\key_express\appsetup\assysctrlservice\asacpi.dll
Publisher:         ASUS
MD5:             a7a060977abc1d51246580efc3106293
SHA-1:             80171e4ad14d959a3ac61d484e6423cb5230e5e8
Created:         2016-02-12 9:58:53 AM
Detections:         1
Determination:         Ignore detections (false positive)
            - Antiy Labs AVL as Virus/Win32.Xpaj.gen (Undefined)

---------------------------------------------------------------------------------

File path:         c:\programdata\blizzard entertainment\battle.net\cache\36\b2\36b27cd911b33c61730a8b82c8b2495fd16e8024fc3b2dde08861c77a852941c.auth
Publisher:        
MD5:             140d0aaf310055ebebcdd91d3f0f522e
SHA-1:             8b0b8779b18467e4e180a74971aa469542a18f50
Created:         2016-02-25 9:33:47 AM
Detections:         2
Determination:         Ignore detections (false positive)
            - Trend Micro House Call as PAK_Generic.001
            - Trend Micro as PAK_Generic.001

---------------------------------------------------------------------------------

File path:         c:\programdata\kaspersky lab\avp17.0.0\bases\swmon_drv.kdl
Publisher:         AO Kaspersky Lab
MD5:             24ec9da8c676aa6893d7a70dc0b3b81a
SHA-1:             5102cbdbcd50ca7d8284e3b1cf34b9785df96c7b
Created:         2016-11-17 6:33:14 PM
Detections:         1
Determination:         Ignore detections (false positive)
            - Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path:         c:\programdata\kaspersky lab\avp17.0.0\bases\cache\arkmon.kdl.cc061dea4fa2d9e9b6548b9d297018b5
Publisher:         AO Kaspersky Lab
MD5:             cc061dea4fa2d9e9b6548b9d297018b5
SHA-1:             33ed9d117fb1c0e936b4ea90b0283b9690d6a365
Created:         2016-12-09 6:14:10 PM
Detections:         1
Determination:         Ignore detections (false positive)
            - Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path:         c:\programdata\kaspersky lab\avp17.0.0\bases\cache\kavsys.kdl.8efabcdbb24ef1c8678ea3759df6b2a3
Publisher:         AO Kaspersky Lab
MD5:             8efabcdbb24ef1c8678ea3759df6b2a3
SHA-1:             fab3d0e42bf59178da2d9687f27519f5fbed3801
Created:         2016-12-09 6:14:10 PM
Detections:         1
Determination:         Ignore detections (false positive)
            - Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path:         c:\programdata\kaspersky lab\avp17.0.0\bases\cache\klavemu.kdl.758ffdcdbdce1598ec69e4c77975d27e
Publisher:         AO Kaspersky Lab
MD5:             758ffdcdbdce1598ec69e4c77975d27e
SHA-1:             d6c52f7cf106993b94dc60bc780f597825df26df
Created:         2017-01-31 7:15:53 AM
Detections:         1
Determination:         Ignore detections (false positive)
            - Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path:         c:\programdata\kaspersky lab\avp17.0.0\bases\cache\mark.kdl.1d2042963b2fb42332a5cf3b50514d6c
Publisher:         AO Kaspersky Lab
MD5:             1d2042963b2fb42332a5cf3b50514d6c
SHA-1:             ad43b582f4f94f8f78895d819108b294b5f2abab
Created:         2016-12-09 6:14:10 PM
Detections:         1
Determination:         Ignore detections (false positive)
            - Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path:         c:\programdata\kaspersky lab\avp17.0.0\bases\cache\qscan.kdl.c828ad6a88aace51685b930a98f4f3d9
Publisher:         AO Kaspersky Lab
MD5:             c828ad6a88aace51685b930a98f4f3d9
SHA-1:             c84b67c1e0571c73b18790b25513fcebd631355d
Created:         2016-12-09 6:14:10 PM
Detections:         1
Determination:         Ignore detections (false positive)
            - Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path:         c:\programdata\kaspersky lab\avp17.0.0\bases\cache\swmon_drv.kdl.0000000000027a5e-01d241229587319e-01d27c7754407315
Publisher:         AO Kaspersky Lab
MD5:             24ec9da8c676aa6893d7a70dc0b3b81a
SHA-1:             5102cbdbcd50ca7d8284e3b1cf34b9785df96c7b
Created:         2017-02-01 6:38:37 AM
Detections:         1
Determination:         Ignore detections (false positive)
            - Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path:         c:\program files\common files\frst64.exe
Publisher:         Farbar
MD5:             d1350b32e69af173fe3f7fa48c705404
SHA-1:             64ff2ed20e9ae521590dcadba505806851f1ba35
Created:         2017-02-02 7:41:35 AM
Detections:         1
Determination:         Ignore detections (false positive)
            - Antiy Labs AVL as Trojan/Generic.ASVCS3S.1E5 (Undefined)

---------------------------------------------------------------------------------

File path:         c:\program files (x86)\asus\ai suite iii\mobo connect\androidopenaccessory.dll
Publisher:         ASUSTek Computer Inc.
MD5:             4bf417f1ffc8095af34deb4c1b410343
SHA-1:             18a946cb52932da451be1af47dec76f5fa39e7a8
Created:         2016-02-12 9:58:14 AM
Detections:         7
Determination:         UndefinedMalware
            - MicroWorld eScan as Gen:Variant.Symmi.35017 (Undefined)
            - Bitdefender as Gen:Variant.Symmi.35017 (Undefined)
            - Lavasoft Ad-Aware as Gen:Variant.Symmi.35017 (Undefined)
            - Emsisoft Anti-Malware as Gen:Variant.Symmi.35017 (Undefined)
            - F-Secure as Gen:Variant.Symmi.35017 (Undefined)
            - Arcabit as Trojan.Symmi.D88C9 (Undefined)
            - G Data as Gen:Variant.Symmi.35017 (Undefined)

---------------------------------------------------------------------------------

File path:         c:\program files (x86)\asus\assysctrlservice\1.00.22\asacpi.dll
Publisher:         ASUS
MD5:             a7a060977abc1d51246580efc3106293
SHA-1:             80171e4ad14d959a3ac61d484e6423cb5230e5e8
Created:         2016-02-12 9:57:45 AM
Detections:         1
Determination:         Ignore detections (false positive)
            - Antiy Labs AVL as Virus/Win32.Xpaj.gen (Undefined)

descriptionSolvedRe: Trojan.Multi.GenAutorunTask.a detected

more_horiz
# AdwCleaner v6.043 - Logfile created 03/02/2017 at 20:31:08
# Updated on 27/01/2017 by Malwarebytes
# Database : 2017-02-03.2 [Server]
# Operating System : Windows 10 Home  (X64)
# Username : Sheldon - DESKTOP-BAMJFKH
# Running from : C:\Users\SheldonB\Downloads\adwcleaner_6.043.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

No malicious services found.


***** [ Folders ] *****

No malicious folders found.


***** [ Files ] *****

No malicious files found.


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

No malicious registry entries found.


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
No malicious Chromium based browser items found.

*************************

\AdwCleaner\AdwCleaner[S0].txt - [1004 Bytes] - [03/02/2017 20:31:08]

########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [1075 Bytes] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Home x64
Ran by Sheldon (Administrator) on 2017-02-03 at 19:47:08.61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0


Deleted the following from C:\Users\Sheldon\AppData\Roaming\Mozilla\Firefox\Profiles\jnypoext.default\prefs.js
om hxxp://royalbank.com hxxp://securecode.com hxxp://securesuite.net hxxp://sfx.ms hxxp://stellarisgame.com hxxp://theinquirer.net hxxp://ticketmaster.ca hxxp://tickets.com ht



Registry: 1

Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{093F479D-712E-46CD-9E06-62E734A05F68} (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2017-02-03 at 19:48:01.96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

descriptionSolvedRe: Trojan.Multi.GenAutorunTask.a detected

more_horiz
Any more issues?

We need to know any other issues that are plaguing your computer. Kindly give a summary so we know how to continue from here.

Many of the things to note for us would be:


  • Slow computer
  • Error messages
  • Fake antivirus alerts or the icon in the system tray
  • svchost.exe running at 100%
  • System crashes or blue screen of death


Note: Absence of issues does not mean that you're protected in the future.

descriptionSolvedRe: Trojan.Multi.GenAutorunTask.a detected

more_horiz
My edge browser still doesn't respond properly.  When it starts it immediately closes ( 1 sec - I don't see any pages ).  Thanks for everything so far!

descriptionSolvedRe: Trojan.Multi.GenAutorunTask.a detected

more_horiz
Create a system restore point

  • Search for Create a restore point from the taskbar and select it from the list of results.
  • On the System Protection tab in System Properties, select Create.

  • Enter a description for the restore point, and then select Create > OK. (Name it "Reinstall Microsoft Edge")


NEXT

Press the Search or Cortana button next to Start, or just press Start, and type "Powershell." When a result pops up, right click on it and select Run as administrator.

Enter the following command in the console:

Code:

Get-AppXPackage -AllUsers -Name Microsoft.MicrosoftEdge | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register "$($_.InstallLocation)\AppXManifest.xml" -Verbose}


(Hint: CTRL+C to copy the code above, and then in PowerShell, use CTRL+V to paste it.)

After this, reboot your computer.

descriptionSolvedRe: Trojan.Multi.GenAutorunTask.a detected

more_horiz
The powershell operation was successful but edge still closes right away.

descriptionSolvedRe: Trojan.Multi.GenAutorunTask.a detected

more_horiz
You can completely reset Microsoft Edge to default for only your account. When you reset Microsoft Edge, it will also delete all of your favorites in Microsoft Edge. If wanted, you should back up your favorites in Microsoft Edge first.

Please start the Powershell as a administrator.

Execute following commands one at time please:

Code:

remove-item $env:localappdata\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\* -recurse -Force



Code:

Get-AppXPackage -Name Microsoft.MicrosoftEdge | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register "$($_.InstallLocation)\AppXManifest.xml" -Verbose}


Restart your computer and test if issue resolved.

descriptionSolvedRe: Trojan.Multi.GenAutorunTask.a detected

more_horiz
OP which version of the Windows OS you are running Microsoft Edge from?

descriptionSolvedRe: Trojan.Multi.GenAutorunTask.a detected

more_horiz
I am running Windows 10.
Permissions in this forum:
You cannot reply to topics in this forum