Inactive-A Malware issues

Status
Not open for further replies.
F

fiddlegirl24

Posts: 10   +0
Thanks so much for your help!! I can't even begin to express how grateful I am!!

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Rebekah (administrator) on REBEKAH-PC on 16-03-2015 21:34:12
Running from C:\Users\Rebekah\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PU4CIANK
Loaded Profiles: Rebekah (Available profiles: Rebekah)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
() C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\LPT\srpts.exe
( ) C:\Windows\System32\lxeacoms.exe
() C:\Users\Rebekah\AppData\Local\RGMService\RGMUpdater.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
() C:\Users\Rebekah\AppData\Local\RGMService\RGMLoader.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Smartbar) C:\Users\Rebekah\AppData\Local\Smartbar\Application\SnapDo.exe
() C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
(brother) C:\Program Files (x86)\Brownie\BrStsW64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Dropbox, Inc.) C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(brother) C:\Program Files (x86)\Brownie\brpjp04a.exe
(brother) C:\Program Files (x86)\Brownie\brpjp04a.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_305_ActiveX.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [444416 2009-06-28] (IDT, Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-16] (Dell Inc.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1807680 2010-02-09] ()
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [DellSupportCenter] => C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.)
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [498160 2009-12-15] ()
HKLM-x32\...\Run: [BrStsWnd] => C:\Program Files (x86)\Brownie\BrstsW64.exe [3695928 2009-08-19] (brother)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5513424 2015-03-16] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3904439425-939549074-3371034818-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-3904439425-939549074-3371034818-1000\...\Run: [Itibiti.exe] => C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
HKU\S-1-5-21-3904439425-939549074-3371034818-1000\...\Run: [conhost] => C:\Users\Rebekah\AppData\Roaming\Microsoft\conhost.exe
HKU\S-1-5-21-3904439425-939549074-3371034818-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)
HKU\S-1-5-21-3904439425-939549074-3371034818-1000\...\Run: [Browser Infrastructure Helper] => C:\Users\Rebekah\AppData\Local\Smartbar\Application\SnapDo.exe [29728 2014-08-28] (Smartbar)
AppInit_DLLs: C:\Users\Rebekah\AppData\Local\Smartbar\Application\Resources\crdlil64.dll => C:\Users\Rebekah\AppData\Local\Smartbar\Application\Resources\crdlil64.dll [138752 2015-02-13] ()
AppInit_DLLs-x32: C:\Users\Rebekah\AppData\Local\Smartbar\Application\Resources\crdlil.dll => C:\Users\Rebekah\AppData\Local\Smartbar\Application\Resources\crdlil.dll [120320 2015-02-13] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\volmgr.lnk
ShortcutTarget: volmgr.lnk -> C:\Users\Rebekah\AppData\Local\volmgr.exe (No File)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Rebekah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Rebekah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Rebekah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3904439425-939549074-3371034818-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [.DEFAULT] => http=127.0.0.1:43902
AutoConfigURL: [S-1-5-21-3904439425-939549074-3371034818-1000] => file://C:/Program%20Files%20(x86)/LPT/Proxy.pac
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&...tCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1875619525&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&...tCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1875619525&ir=
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?p=mKO_AwFzX...JZ0Lsa92OmCRpPaAACS33zO_oX4Q,,&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://feed.snapdo.com/?p=mKO_AwFzX...TNB5WYUI_Z-sBFC4CM9Se0q9ljnGoTqSse3hM2SUTN43w,,
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?p=mKO_AwFzX...JZ0Lsa92OmCRpPaAACS33zO_oX4Q,,&q={searchTerms}
HKU\S-1-5-21-3904439425-939549074-3371034818-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?p=mKO_AwFzX...JZ0Lsa92OmCRpPaAACS33zO_oX4w,,&q={searchTerms}
HKU\S-1-5-21-3904439425-939549074-3371034818-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://feed.snapdo.com/?p=mKO_AwFzX...TNB5WYUI_Z-sBFC4CM9Se0q9ljnGoTqSse3hM2SUTN43Q,,
HKU\S-1-5-21-3904439425-939549074-3371034818-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?p=mKO_AwFzX...JZ0Lsa92OmCRpPaAACS33zO_oX4w,,&q={searchTerms}
HKU\S-1-5-21-3904439425-939549074-3371034818-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKLM -> DefaultScope {81F30F22-2EC0-43A7-9476-49B6154B8B32} URL = http://start.mysearchdial.com/resul...tCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1875619525&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM -> {81F30F22-2EC0-43A7-9476-49B6154B8B32} URL = http://start.mysearchdial.com/resul...tCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1875619525&ir=
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?p=mKO_AwFzX...JZ0Lsa92OmCRpPaAACS33zO_oX4w,,&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?p=mKO_AwFzX...JZ0Lsa92OmCRpPaAACS33zO_oX4w,,&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?p=mKO_AwFzX...JZ0Lsa92OmCRpPaAACS33zO_oX4Q,,&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?p=mKO_AwFzX...JZ0Lsa92OmCRpPaAACS33zO_oX4Q,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3904439425-939549074-3371034818-1000 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?p=mKO_AwFzX...JZ0Lsa92OmCRpPaAACS33zO_oX4w,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3904439425-939549074-3371034818-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?p=mKO_AwFzX...JZ0Lsa92OmCRpPaAACS33zO_oX4w,,&q={searchTerms}
BHO: SmartbarInternetExplorerBHOEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2012-02-10] (Sun Microsystems, Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-16] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-02-10] (Sun Microsystems, Inc.)
BHO-x32: Snap.DoEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-16] (Avast Software s.r.o.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-04-15] (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Yontoo Layers -> {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -> C:\Program Files (x86)\Yontoo Layers Client\YontooIEClient.dll [2011-01-20] (Yontoo Technology, Inc.)
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
Toolbar: HKLM-x32 - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-3904439425-939549074-3371034818-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-04-15] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25

FireFox:
========
FF ProfilePath: C:\Users\Rebekah\AppData\Roaming\Mozilla\Firefox\Profiles\pot5xo43.default
FF NewTab: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaHk7fb-MO5XCXXVn6DMoLXA5bpSRiP8qgt8qU7OgttvXIHGsPLCbSq6DZIk8YcG3pp9ouX8AonYHZ7RMseefythr76q5v17RKA3hvYX3uDKvactSuvGRlR3Vv_5yzs67tEBoBKjmC3-CvTmjpV-zGHLLSrMCYqd7gf_yR02-PeCbl8aj2FXqX0xKrI30Q,,
FF DefaultSearchEngine: Web Search
FF DefaultSearchEngine.US: Web Search
FF SearchEngineOrder.1: Mysearchdial
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaHk7fb-MO5XCXXVn6DMoLXA5bpSRiP8qgt8qU7OgttvXIHGsPLCbSq6DZIk8YcG3pp9ouX8AonYHZ7RMseefythr76q5v17RKA3hvYX3uDKvactSuvGRlR3Vv_5yzs8xBL_WrtXvPx3EE2JFTNB5WYUI_Z-sBFC4CM9Se0q9ljnGoTqSse3hM2SUTN43Q,,
FF Keyword.URL: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaHk7fb-MO5XCXXVn6DMoLXA5bpSRiP8qgt8qU7OgttvXIHGsPLCbSq6DZIk8YcG3pp9ouX8AonYHZ7RMseefythr76q5v17RKA3hvYX3uDKvactSuvGRlR3Vv_5yzswqMKH91E_-nXiCAAzJQSNpnWG0udeYd91u0JZ0Lsa92OmCRpPaAACS33zO_oX4w,,&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-08] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2012-02-10] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-08] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll No File
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3904439425-939549074-3371034818-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll [2011-11-17] (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll [2011-12-03] (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010-04-12] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-06-04] (Apple Inc.)
FF SearchPlugin: C:\Users\Rebekah\AppData\Roaming\Mozilla\Firefox\Profiles\pot5xo43.default\searchplugins\Web Search.xml [2015-02-13]
FF SearchPlugin: C:\Users\Rebekah\AppData\Roaming\Mozilla\Firefox\Profiles\pot5xo43.default\searchplugins\yahoo-msd.xml [2014-09-11]
FF Extension: SmaRutoCiomaparE - C:\Users\Rebekah\AppData\Roaming\Mozilla\Firefox\Profiles\pot5xo43.default\Extensions\cwcamd@cqhaeiae.net [2014-03-20]
FF Extension: FlashCoupono - C:\Users\Rebekah\AppData\Roaming\Mozilla\Firefox\Profiles\pot5xo43.default\Extensions\qtpbjkaeie@txkzeauie.edu [2014-03-25]
FF Extension: Newtab - C:\Users\Rebekah\AppData\Roaming\Mozilla\Firefox\Profiles\pot5xo43.default\Extensions\{2dbd048f-4eb0-441d-96ea-a71bd073704c}.xpi [2014-11-29]
FF Extension: Search Manager for Moziila Firefox &#x2122; - C:\Users\Rebekah\AppData\Roaming\Mozilla\Firefox\Profiles\pot5xo43.default\Extensions\{71e6896a-7bed-49b8-bb69-e641e983b31b}.xpi [2014-11-29]
FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-10]
FF HKLM-x32\...\Firefox\Extensions: [quiknowledge@quiknowledge.com] - C:\Program Files (x86)\Mozilla Firefox\extensions\quiknowledge@quiknowledge.com
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-16]

Chrome:
=======
CHR Profile: C:\Users\Rebekah\AppData\Local\Google\Chrome\User Data\Default
CHR HKU\S-1-5-21-3904439425-939549074-3371034818-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Rebekah\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-16]
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Users\Rebekah\AppData\Local\Temp\YontooLayers.crx [Not Found]
StartMenuInternet: Chrome.SGN2Q45EIA33MCKXC26GWL6BA4 - C:\Users\Rebekah\AppData\Local\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-16] (Avast Software s.r.o.)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [32288 2014-02-06] () <==== ATTENTION
R2 lxea_device; C:\Windows\system32\lxeacoms.exe [1052328 2010-04-14] ( )
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 RGMUpdater; C:\Users\Rebekah\AppData\Local\RGMService\RGMUpdater.exe [28160 2014-10-27] () [File not signed]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe [240128 2009-06-28] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-16] (Dell Inc.) [File not signed]
S3 gusvc; "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" [X]
S2 vToolbarUpdater14.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [X]
 
Section 2
==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-16] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-16] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-16] (Avast Software s.r.o.)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-16] (Avast Software s.r.o.)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [441728 2015-03-16] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-16] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [268640 2015-03-16] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-03-06] (AVG Technologies)
S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [41032 2009-06-18] (McAfee, Inc.)
S3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [40904 2009-11-11] (McAfee, Inc.)
S3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [49480 2009-11-11] (McAfee, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 ApfiltrService; system32\DRIVERS\Apfiltr.sys [X]
S1 qknfd; system32\drivers\qknfd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-16 21:33 - 2015-03-16 21:34 - 00000000 ____D () C:\FRST
2015-03-16 20:40 - 2015-03-16 20:40 - 00000000 ____D () C:\Users\Rebekah\AppData\Roaming\AVAST Software
2015-03-16 20:39 - 2015-03-16 20:39 - 00001924 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-03-16 20:39 - 2015-03-16 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-03-16 20:38 - 2015-03-16 20:38 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-16 20:37 - 2015-03-16 20:37 - 00441728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-03-16 20:37 - 2015-03-16 20:37 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-03-16 20:37 - 2015-03-16 20:37 - 00268640 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-03-16 20:37 - 2015-03-16 20:37 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-03-16 20:37 - 2015-03-16 20:37 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-03-16 20:37 - 2015-03-16 20:37 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-03-16 20:37 - 2015-03-16 20:37 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-03-16 20:37 - 2015-03-16 20:37 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-03-16 20:37 - 2015-03-16 20:36 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-03-16 20:36 - 2015-03-16 20:36 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-03-16 20:35 - 2015-03-16 20:35 - 00000000 ____D () C:\Program Files\AVAST Software
2015-03-16 20:30 - 2015-03-16 20:31 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-03-16 20:30 - 2015-03-16 20:30 - 00441728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\pbeqyhnb.sys
2015-03-16 19:24 - 2015-03-16 19:24 - 00000000 ____D () C:\Users\Rebekah\AppData\Local\{2A8F63F5-688C-4FFB-9B11-7D53D48D36E7}
2015-03-14 10:54 - 2015-02-02 21:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-14 10:54 - 2015-02-02 21:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-14 10:54 - 2015-02-02 21:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-14 10:54 - 2015-02-02 21:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-14 10:54 - 2015-02-02 21:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-14 10:54 - 2015-02-02 21:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-14 10:54 - 2015-02-02 21:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-14 10:54 - 2015-02-02 21:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-14 10:54 - 2015-02-02 21:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-14 10:54 - 2015-02-02 21:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-14 10:54 - 2015-02-02 21:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-14 10:54 - 2015-02-02 21:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-14 10:54 - 2015-02-02 21:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-14 10:54 - 2015-02-02 21:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-14 10:54 - 2015-02-02 21:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-14 10:54 - 2015-02-02 21:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-14 10:54 - 2015-02-02 21:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-14 10:54 - 2015-02-02 21:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-14 10:54 - 2015-02-02 21:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-14 10:54 - 2015-02-02 21:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-14 10:54 - 2015-02-02 21:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-14 10:54 - 2015-02-02 21:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-14 10:54 - 2015-02-02 21:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-14 10:54 - 2015-02-02 21:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-14 10:54 - 2015-02-02 21:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-14 10:54 - 2015-02-02 21:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-14 10:54 - 2015-02-02 21:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-14 10:54 - 2015-02-02 21:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-14 10:54 - 2015-02-02 21:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-14 10:54 - 2015-02-02 21:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-14 10:54 - 2015-02-02 21:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-14 10:54 - 2015-02-02 21:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-14 10:54 - 2015-02-02 21:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-14 10:54 - 2015-02-02 21:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-14 10:54 - 2015-02-02 21:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-14 10:54 - 2015-02-02 21:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-14 10:54 - 2015-02-02 21:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-14 10:54 - 2015-02-02 21:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-14 10:54 - 2015-02-02 21:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-14 10:54 - 2015-02-02 21:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-14 10:54 - 2015-02-02 21:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-14 10:54 - 2015-02-02 21:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-14 10:54 - 2015-02-02 21:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-14 10:54 - 2015-02-02 21:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-14 10:54 - 2015-02-02 21:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-14 10:54 - 2015-02-02 21:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-14 10:54 - 2015-02-02 21:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-14 10:54 - 2015-02-02 21:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-14 10:54 - 2015-02-02 21:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-14 10:54 - 2015-02-02 21:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-14 10:54 - 2015-02-02 21:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-14 10:54 - 2015-02-02 21:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-14 10:54 - 2015-02-02 21:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-14 10:54 - 2015-02-02 21:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-14 10:54 - 2015-02-02 21:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-14 10:54 - 2015-02-02 21:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-14 10:54 - 2015-02-02 21:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-14 10:54 - 2015-02-02 21:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-14 10:54 - 2015-02-02 21:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-14 10:54 - 2015-02-02 21:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-14 10:54 - 2015-02-02 21:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-14 10:54 - 2015-02-02 21:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-14 10:54 - 2015-02-02 21:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-14 10:54 - 2015-02-02 21:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-14 10:54 - 2015-02-02 21:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-14 10:54 - 2015-02-02 21:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-14 10:54 - 2015-02-02 21:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-14 10:54 - 2015-02-02 21:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-14 10:54 - 2015-02-02 21:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-14 10:54 - 2015-02-02 21:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-14 10:54 - 2015-02-02 21:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-14 10:54 - 2015-02-02 21:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-14 10:54 - 2015-02-02 21:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-14 10:54 - 2015-02-02 21:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-14 10:54 - 2015-02-02 21:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-14 10:54 - 2015-02-02 21:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-14 10:54 - 2015-02-02 21:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-14 10:54 - 2015-02-02 21:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-14 10:54 - 2015-02-02 21:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-14 10:54 - 2015-02-02 21:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-14 10:54 - 2015-02-02 21:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-14 10:54 - 2015-02-02 21:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-14 10:54 - 2015-02-02 21:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-14 10:54 - 2015-02-02 21:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-14 10:54 - 2015-02-02 21:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-14 10:54 - 2015-02-02 21:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-14 10:54 - 2015-02-02 21:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-14 10:54 - 2015-02-02 21:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-14 10:54 - 2015-02-02 20:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-14 10:54 - 2014-10-31 16:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-14 10:54 - 2014-06-27 18:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-14 10:54 - 2014-06-27 18:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-14 10:53 - 2015-02-25 21:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-14 10:53 - 2015-02-19 22:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-14 10:53 - 2015-02-19 22:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-14 10:53 - 2015-02-19 22:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-14 10:53 - 2015-02-19 22:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-14 10:53 - 2015-02-19 22:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-14 10:53 - 2015-02-19 22:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-14 10:53 - 2015-02-19 22:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-14 10:53 - 2015-02-19 22:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-14 10:53 - 2015-02-19 21:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-14 10:53 - 2015-02-19 21:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-14 10:53 - 2015-02-12 23:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-14 10:53 - 2015-02-12 23:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-14 10:45 - 2015-02-23 21:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-14 10:45 - 2015-02-23 20:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-14 10:45 - 2015-02-20 18:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-14 10:45 - 2015-02-20 18:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-14 10:45 - 2015-02-20 18:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-14 10:45 - 2015-02-20 18:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-14 10:45 - 2015-02-20 17:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-14 10:45 - 2015-02-20 17:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-14 10:45 - 2015-02-19 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-14 10:45 - 2015-02-19 21:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-14 10:45 - 2015-02-19 20:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-14 10:45 - 2015-02-19 20:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-14 10:45 - 2015-02-19 20:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-14 10:45 - 2015-02-19 20:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-14 10:45 - 2015-02-19 20:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-14 10:45 - 2015-02-19 20:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-14 10:45 - 2015-02-19 20:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-14 10:45 - 2015-02-19 20:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-14 10:45 - 2015-02-19 20:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-14 10:45 - 2015-02-19 20:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-14 10:45 - 2015-02-19 20:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-14 10:45 - 2015-02-19 20:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-14 10:45 - 2015-02-19 20:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-14 10:45 - 2015-02-19 20:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-14 10:45 - 2015-02-19 20:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-14 10:45 - 2015-02-19 20:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-14 10:45 - 2015-02-19 20:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-14 10:45 - 2015-02-19 20:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-14 10:45 - 2015-02-19 20:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-14 10:45 - 2015-02-19 20:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-14 10:45 - 2015-02-19 20:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-14 10:45 - 2015-02-19 20:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-14 10:45 - 2015-02-19 20:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-14 10:45 - 2015-02-19 20:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-14 10:45 - 2015-02-19 19:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-14 10:45 - 2015-02-19 19:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-14 10:45 - 2015-02-19 19:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-14 10:45 - 2015-02-19 19:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-14 10:45 - 2015-02-19 19:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-14 10:45 - 2015-02-19 19:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-14 10:45 - 2015-02-19 19:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-14 10:45 - 2015-02-19 19:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-14 10:45 - 2015-02-19 19:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-14 10:45 - 2015-02-19 19:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-14 10:45 - 2015-02-19 19:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-14 10:45 - 2015-02-19 19:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-14 10:45 - 2015-02-19 19:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-14 10:45 - 2015-02-19 19:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-14 10:45 - 2015-02-19 19:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-14 10:45 - 2015-02-19 19:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-14 10:45 - 2015-02-19 19:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-14 10:45 - 2015-02-19 19:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-14 10:45 - 2015-02-19 18:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-14 10:45 - 2015-02-19 18:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-14 10:44 - 2015-02-20 19:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-14 10:44 - 2015-02-19 20:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-14 10:09 - 2015-03-16 19:10 - 00000000 ____D () C:\Users\Rebekah\AppData\Local\{85488047-EA7F-46EF-A462-C00F28A80639}
2015-03-12 20:06 - 2015-03-05 23:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-12 20:06 - 2015-03-05 23:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-12 20:06 - 2015-03-05 23:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-12 20:06 - 2015-03-05 23:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-12 20:06 - 2015-03-05 23:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-12 20:06 - 2015-03-05 23:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-12 20:06 - 2015-03-05 23:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-12 20:06 - 2015-03-05 23:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-12 20:06 - 2015-03-05 23:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-12 20:06 - 2015-03-05 23:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-12 20:06 - 2015-03-05 23:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-12 20:06 - 2015-03-05 23:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-12 20:06 - 2015-03-05 23:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-12 20:06 - 2015-03-05 23:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-12 20:06 - 2015-03-05 23:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-12 20:06 - 2015-03-05 23:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-12 20:06 - 2015-03-05 23:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-12 20:06 - 2015-03-05 23:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-12 20:06 - 2015-03-05 23:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-12 20:06 - 2015-03-05 23:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-12 20:06 - 2015-03-05 23:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-12 20:06 - 2015-03-05 23:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-12 20:06 - 2015-03-05 23:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-12 20:06 - 2015-03-05 23:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-12 20:06 - 2015-03-05 23:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-12 20:06 - 2015-03-05 23:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-12 20:06 - 2015-03-05 23:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-12 20:06 - 2015-03-05 23:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-12 20:06 - 2015-03-05 23:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-12 20:06 - 2015-03-05 23:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-12 20:06 - 2015-03-05 23:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-12 20:06 - 2015-02-02 21:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-12 20:06 - 2015-02-02 21:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-12 20:06 - 2015-02-02 21:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-12 20:06 - 2015-02-02 21:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-12 20:06 - 2015-01-30 17:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-12 20:06 - 2015-01-16 20:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-12 20:06 - 2015-01-16 20:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-12 20:03 - 2015-02-03 21:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-12 20:03 - 2015-02-03 20:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-10 22:54 - 2015-03-10 22:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-08 20:31 - 2015-03-08 20:31 - 00000085 _____ () C:\Windows\wininit.ini
2015-03-07 15:39 - 2015-03-08 11:32 - 00000000 ____D () C:\Users\Rebekah\AppData\Local\{06030585-9CFC-48DE-BE2D-722632156923}
2015-02-28 22:43 - 2015-03-03 00:15 - 00000000 ____D () C:\Users\Rebekah\AppData\Local\{6FC631FB-A57D-4E27-BAF4-BD41C4AB6D53}
2015-02-25 23:53 - 2015-01-08 21:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-25 23:53 - 2015-01-08 21:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-25 23:53 - 2015-01-08 21:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-25 23:52 - 2015-01-08 20:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-25 23:24 - 2015-02-25 23:25 - 00000000 ____D () C:\Users\Rebekah\AppData\Local\{793C2E75-0F40-4B84-B409-65896C9A4E58}
2015-02-25 04:02 - 2015-01-08 17:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 04:02 - 2015-01-08 17:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-17 15:26 - 2015-02-17 15:26 - 01217184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL
2015-02-16 20:55 - 2015-02-16 20:56 - 00000000 ____D () C:\Users\Rebekah\AppData\Local\{C3DF858F-CE18-4F8F-BB26-8D5EF10F9C9D}
2015-02-14 19:24 - 2015-02-15 13:18 - 00000000 ____D () C:\Users\Rebekah\AppData\Local\{5EF42EFC-7B5D-495B-A60A-9BDCEE7CE423}

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-16 21:20 - 2014-12-16 09:23 - 00000000 ____D () C:\Users\Rebekah\AppData\Local\RGMService
2015-03-16 21:01 - 2012-03-31 09:40 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-16 20:38 - 2010-12-15 14:35 - 00000000 ___HD () C:\Users\Rebekah\AppData\Local\Google
2015-03-16 20:30 - 2013-01-01 15:01 - 00102448 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2015-03-16 20:19 - 2009-07-13 23:10 - 01634916 _____ () C:\Windows\WindowsUpdate.log
2015-03-16 19:25 - 2012-09-01 20:45 - 00000000 ___RD () C:\Users\Rebekah\Dropbox
2015-03-16 19:25 - 2012-09-01 20:41 - 00000000 ____D () C:\Users\Rebekah\AppData\Roaming\Dropbox
2015-03-16 19:25 - 2012-05-24 15:31 - 00000000 ___RD () C:\Users\Rebekah\Google Drive
2015-03-16 19:25 - 2009-07-13 22:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-16 19:25 - 2009-07-13 22:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-16 19:23 - 2010-03-24 07:09 - 00000000 ___HD () C:\Users\Rebekah\Tracing
2015-03-16 19:22 - 2010-08-21 15:00 - 00000665 ____H () C:\Windows\Brownie.ini
2015-03-16 19:22 - 2009-07-13 23:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-16 19:21 - 2010-03-17 21:01 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2015-03-16 19:21 - 2010-03-17 21:01 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2015-03-16 19:21 - 2010-03-12 16:56 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2015-03-16 19:19 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-16 19:19 - 2009-07-13 22:45 - 00401792 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-16 19:18 - 2009-07-13 22:51 - 00190379 _____ () C:\Windows\setupact.log
2015-03-16 19:13 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-16 19:13 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-14 11:43 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2015-03-14 10:14 - 2012-09-01 20:45 - 00001029 _____ () C:\Users\Rebekah\Desktop\Dropbox.lnk
2015-03-14 10:14 - 2012-09-01 20:42 - 00000000 ____D () C:\Users\Rebekah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-03-14 10:04 - 2012-04-26 10:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-14 10:04 - 2010-03-12 18:35 - 00758732 _____ () C:\Windows\PFRO.log
2015-03-13 03:26 - 2010-03-12 16:58 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-13 03:18 - 2013-07-16 08:29 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-13 03:09 - 2010-06-24 06:33 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-08 20:38 - 2014-04-04 23:24 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-03-08 20:10 - 2009-07-13 23:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-06 04:10 - 2011-09-17 23:22 - 00775124 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-03-03 07:17 - 2011-01-11 11:19 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-26 04:24 - 2009-07-13 21:20 - 00000000 ___HD () C:\Windows\tracing
2015-02-16 22:52 - 2014-05-30 11:31 - 00000000 ____D () C:\Users\Rebekah\Desktop\economics for homeschoolers

==================== Files in the root of some directories =======

2010-05-02 11:30 - 2010-05-02 11:32 - 8656832 ____H (Dell, Inc. ) C:\Users\Rebekah\AppData\Roaming\DataSafeDotNet.exe
2011-09-10 12:47 - 2011-09-10 12:51 - 0002136 _____ () C:\Users\Rebekah\AppData\Roaming\FC80.563
2014-02-28 10:46 - 2014-03-30 22:32 - 0000081 _____ () C:\Users\Rebekah\AppData\Roaming\WB.CFG
2012-05-15 18:09 - 2012-08-03 16:03 - 0000130 _____ () C:\Users\Rebekah\AppData\Roaming\wklnhst.dat
2011-03-31 14:36 - 2011-03-31 14:48 - 0005120 ____H () C:\Users\Rebekah\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-06-15 20:58 - 2011-06-15 20:58 - 0000000 ____H () C:\Users\Rebekah\AppData\Local\{B73768D6-3839-46FD-9373-FCACC8282E52}
2010-12-15 14:37 - 2010-12-15 14:37 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2012-07-23 09:37 - 2012-07-23 09:37 - 0001122 _____ () C:\ProgramData\lxeaJSW.log
2012-03-31 10:14 - 2014-11-01 18:44 - 0004813 _____ () C:\ProgramData\lxeascan.log
2011-09-03 10:32 - 2011-09-03 10:32 - 0000344 ____H () C:\ProgramData\P1kAlMiG2Kb7Fz
2012-04-05 08:15 - 2012-04-05 08:15 - 4675752 _____ () C:\ProgramData\SPL82A.tmp
2011-09-03 10:33 - 2011-09-03 10:33 - 0000160 ____H () C:\ProgramData\~P1kAlMiG2Kb7Fz
2011-09-03 10:33 - 2011-09-03 10:33 - 0000184 ____H () C:\ProgramData\~P1kAlMiG2Kb7Fzr

Files to move or delete:
====================
C:\Users\Rebekah\setup.exe
 
Section 3

Some content of TEMP:
====================
C:\Users\Rebekah\AppData\Local\Temp\-3m7vwvy.dll
C:\Users\Rebekah\AppData\Local\Temp\-4keeaxs.dll
C:\Users\Rebekah\AppData\Local\Temp\-73e_nce.dll
C:\Users\Rebekah\AppData\Local\Temp\-aacudzj.dll
C:\Users\Rebekah\AppData\Local\Temp\-c0c7j4l.dll
C:\Users\Rebekah\AppData\Local\Temp\-cdg0fbu.dll
C:\Users\Rebekah\AppData\Local\Temp\-d29jgcm.dll
C:\Users\Rebekah\AppData\Local\Temp\-d2yksa9.dll
C:\Users\Rebekah\AppData\Local\Temp\-gc6jopy.dll
C:\Users\Rebekah\AppData\Local\Temp\-gp0pelr.dll
C:\Users\Rebekah\AppData\Local\Temp\-h4bfg8g.dll
C:\Users\Rebekah\AppData\Local\Temp\-hypzwuh.dll
C:\Users\Rebekah\AppData\Local\Temp\-iw7w2vs.dll
C:\Users\Rebekah\AppData\Local\Temp\-jtldgr_.dll
C:\Users\Rebekah\AppData\Local\Temp\-keqy7qy.dll
C:\Users\Rebekah\AppData\Local\Temp\-kx6cxna.dll
C:\Users\Rebekah\AppData\Local\Temp\-ldrabio.dll
C:\Users\Rebekah\AppData\Local\Temp\-lt38tml.dll
C:\Users\Rebekah\AppData\Local\Temp\-qvq0kyt.dll
C:\Users\Rebekah\AppData\Local\Temp\-x0cd-8k.dll
C:\Users\Rebekah\AppData\Local\Temp\-zh9fkt7.dll
C:\Users\Rebekah\AppData\Local\Temp\-_ioaiku.dll
C:\Users\Rebekah\AppData\Local\Temp\06xbaox3.dll
C:\Users\Rebekah\AppData\Local\Temp\078l0a3o.dll
C:\Users\Rebekah\AppData\Local\Temp\09ykpr5d.dll
C:\Users\Rebekah\AppData\Local\Temp\0aotn_p5.dll
C:\Users\Rebekah\AppData\Local\Temp\0dbe-7_f.dll
C:\Users\Rebekah\AppData\Local\Temp\0dtnuqts.dll
C:\Users\Rebekah\AppData\Local\Temp\0e1kohdp.dll
C:\Users\Rebekah\AppData\Local\Temp\0effyfiz.dll
C:\Users\Rebekah\AppData\Local\Temp\0ibqyrws.dll
C:\Users\Rebekah\AppData\Local\Temp\0izl3nwk.dll
C:\Users\Rebekah\AppData\Local\Temp\0j4cn1g4.dll
C:\Users\Rebekah\AppData\Local\Temp\0ly-7ysm.dll
C:\Users\Rebekah\AppData\Local\Temp\0mt8uv6y.dll
C:\Users\Rebekah\AppData\Local\Temp\0r8qhqub.dll
C:\Users\Rebekah\AppData\Local\Temp\0t9b4not.dll
C:\Users\Rebekah\AppData\Local\Temp\0u753bx3.dll
C:\Users\Rebekah\AppData\Local\Temp\0uaozfpg.dll
C:\Users\Rebekah\AppData\Local\Temp\0uq913tg.dll
C:\Users\Rebekah\AppData\Local\Temp\0vaeoux0.dll
C:\Users\Rebekah\AppData\Local\Temp\0xwvkdii.dll
C:\Users\Rebekah\AppData\Local\Temp\0y0qtca3.dll
C:\Users\Rebekah\AppData\Local\Temp\0zg-xcbd.dll
C:\Users\Rebekah\AppData\Local\Temp\0_pdgqfz.dll
C:\Users\Rebekah\AppData\Local\Temp\0_wgmtqg.dll
C:\Users\Rebekah\AppData\Local\Temp\1-l-rue1.dll
C:\Users\Rebekah\AppData\Local\Temp\1-mp2nbx.dll
C:\Users\Rebekah\AppData\Local\Temp\1849yyu5.dll
C:\Users\Rebekah\AppData\Local\Temp\185-lyao.dll
C:\Users\Rebekah\AppData\Local\Temp\1b2ulxnb.dll
C:\Users\Rebekah\AppData\Local\Temp\1br8fjj6.dll
C:\Users\Rebekah\AppData\Local\Temp\1c4wrdbm.dll
C:\Users\Rebekah\AppData\Local\Temp\1cos6dg7.dll
C:\Users\Rebekah\AppData\Local\Temp\1fpyuep8.dll
C:\Users\Rebekah\AppData\Local\Temp\1gf6d7x3.dll
C:\Users\Rebekah\AppData\Local\Temp\1hgdzbqx.dll
C:\Users\Rebekah\AppData\Local\Temp\1j1thu0e.dll
C:\Users\Rebekah\AppData\Local\Temp\1jwo_ka8.dll
C:\Users\Rebekah\AppData\Local\Temp\1lhnjwk1.dll
C:\Users\Rebekah\AppData\Local\Temp\1ly79wez.dll
C:\Users\Rebekah\AppData\Local\Temp\1mvv9xgl.dll
C:\Users\Rebekah\AppData\Local\Temp\1n4hfaqm.dll
C:\Users\Rebekah\AppData\Local\Temp\1n8j-ymb.dll
C:\Users\Rebekah\AppData\Local\Temp\1n_b8n1m.dll
C:\Users\Rebekah\AppData\Local\Temp\1pxhwyia.dll
C:\Users\Rebekah\AppData\Local\Temp\1qnzo7ez.dll
C:\Users\Rebekah\AppData\Local\Temp\1qwmmp-r.dll
C:\Users\Rebekah\AppData\Local\Temp\1rboscoi.dll
C:\Users\Rebekah\AppData\Local\Temp\1rh-b-or.dll
C:\Users\Rebekah\AppData\Local\Temp\1tnur9wx.dll
C:\Users\Rebekah\AppData\Local\Temp\1ulbidvd.dll
C:\Users\Rebekah\AppData\Local\Temp\1v_0ng0d.dll
C:\Users\Rebekah\AppData\Local\Temp\1wroymij.dll
C:\Users\Rebekah\AppData\Local\Temp\1y13vdii.dll
C:\Users\Rebekah\AppData\Local\Temp\1ytbum5d.dll
C:\Users\Rebekah\AppData\Local\Temp\1zvfjhtu.dll
C:\Users\Rebekah\AppData\Local\Temp\26ybgahh.dll
C:\Users\Rebekah\AppData\Local\Temp\283asdzm.dll
C:\Users\Rebekah\AppData\Local\Temp\28kgznux.dll
C:\Users\Rebekah\AppData\Local\Temp\29eva3ji.dll
C:\Users\Rebekah\AppData\Local\Temp\2bz39h5t.dll
C:\Users\Rebekah\AppData\Local\Temp\2bzaxiso.dll
C:\Users\Rebekah\AppData\Local\Temp\2dosswao.dll
C:\Users\Rebekah\AppData\Local\Temp\2du7iftc.dll
C:\Users\Rebekah\AppData\Local\Temp\2fcdm_9z.dll
C:\Users\Rebekah\AppData\Local\Temp\2fzuhq3s.dll
C:\Users\Rebekah\AppData\Local\Temp\2gejshnw.dll
C:\Users\Rebekah\AppData\Local\Temp\2gz4rwct.dll
C:\Users\Rebekah\AppData\Local\Temp\2hlezxfo.dll
C:\Users\Rebekah\AppData\Local\Temp\2hw871oa.dll
C:\Users\Rebekah\AppData\Local\Temp\2l5xzoe4.dll
C:\Users\Rebekah\AppData\Local\Temp\2nhe9we1.dll
C:\Users\Rebekah\AppData\Local\Temp\2ozud8wh.dll
C:\Users\Rebekah\AppData\Local\Temp\2pwpiq5d.dll
C:\Users\Rebekah\AppData\Local\Temp\2s4ixqlj.dll
C:\Users\Rebekah\AppData\Local\Temp\2uhkbdxq.dll
C:\Users\Rebekah\AppData\Local\Temp\2wm-smtq.dll
C:\Users\Rebekah\AppData\Local\Temp\2xh3f95e.dll
C:\Users\Rebekah\AppData\Local\Temp\2xrln84l.dll
C:\Users\Rebekah\AppData\Local\Temp\2xssfy4n.dll
C:\Users\Rebekah\AppData\Local\Temp\2yuy3d-w.dll
C:\Users\Rebekah\AppData\Local\Temp\2z38ff73.dll
C:\Users\Rebekah\AppData\Local\Temp\2zjntukk.dll
C:\Users\Rebekah\AppData\Local\Temp\2_qz38hp.dll
C:\Users\Rebekah\AppData\Local\Temp\31tlg63m.dll
C:\Users\Rebekah\AppData\Local\Temp\3aiv2lu7.dll
C:\Users\Rebekah\AppData\Local\Temp\3biusnlv.dll
C:\Users\Rebekah\AppData\Local\Temp\3dbyfau5.dll
C:\Users\Rebekah\AppData\Local\Temp\3f2fodto.dll
C:\Users\Rebekah\AppData\Local\Temp\3h7eaz1y.dll
C:\Users\Rebekah\AppData\Local\Temp\3hdmb86g.dll
C:\Users\Rebekah\AppData\Local\Temp\3he_p8c9.dll
C:\Users\Rebekah\AppData\Local\Temp\3lwdnmjv.dll
C:\Users\Rebekah\AppData\Local\Temp\3napqo8s.dll
C:\Users\Rebekah\AppData\Local\Temp\3sxil2ze.dll
C:\Users\Rebekah\AppData\Local\Temp\3tpgqb3l.dll
C:\Users\Rebekah\AppData\Local\Temp\3wgwiw3-.dll
C:\Users\Rebekah\AppData\Local\Temp\3wtzjqiv.dll
C:\Users\Rebekah\AppData\Local\Temp\3xvv-vkq.dll
C:\Users\Rebekah\AppData\Local\Temp\3zw2cage.dll
C:\Users\Rebekah\AppData\Local\Temp\3_retfgf.dll
C:\Users\Rebekah\AppData\Local\Temp\41hzdm9i.dll
C:\Users\Rebekah\AppData\Local\Temp\44zs-vfu.dll
C:\Users\Rebekah\AppData\Local\Temp\453_jzym.dll
C:\Users\Rebekah\AppData\Local\Temp\45upn6wy.dll
C:\Users\Rebekah\AppData\Local\Temp\48wi3zzj.dll
C:\Users\Rebekah\AppData\Local\Temp\4d2dopcj.dll
C:\Users\Rebekah\AppData\Local\Temp\4friemew.dll
C:\Users\Rebekah\AppData\Local\Temp\4guhtk7v.dll
C:\Users\Rebekah\AppData\Local\Temp\4hxhg_0e.dll
C:\Users\Rebekah\AppData\Local\Temp\4idzj0-r.dll
C:\Users\Rebekah\AppData\Local\Temp\4jp4icfv.dll
C:\Users\Rebekah\AppData\Local\Temp\4muotght.dll
C:\Users\Rebekah\AppData\Local\Temp\4nt-9fwp.dll
C:\Users\Rebekah\AppData\Local\Temp\4q9cumst.dll
C:\Users\Rebekah\AppData\Local\Temp\4roswzem.dll
C:\Users\Rebekah\AppData\Local\Temp\4sljq3bm.dll
C:\Users\Rebekah\AppData\Local\Temp\4vtoyl-8.dll
C:\Users\Rebekah\AppData\Local\Temp\4wejqy5r.dll
C:\Users\Rebekah\AppData\Local\Temp\4xd1de9k.dll
C:\Users\Rebekah\AppData\Local\Temp\4xerbq1l.dll
C:\Users\Rebekah\AppData\Local\Temp\50518uninstall.exe
C:\Users\Rebekah\AppData\Local\Temp\52rjn09s.dll
C:\Users\Rebekah\AppData\Local\Temp\55puxif9.dll
C:\Users\Rebekah\AppData\Local\Temp\5cdi5w2e.dll
C:\Users\Rebekah\AppData\Local\Temp\5gutavvh.dll
C:\Users\Rebekah\AppData\Local\Temp\5h-oqad6.dll
C:\Users\Rebekah\AppData\Local\Temp\5hsr1wjh.dll
C:\Users\Rebekah\AppData\Local\Temp\5iv-pmr-.dll
C:\Users\Rebekah\AppData\Local\Temp\5kzfm8gj.dll
C:\Users\Rebekah\AppData\Local\Temp\5lzc5qwq.dll
C:\Users\Rebekah\AppData\Local\Temp\5nmvzgk7.dll
C:\Users\Rebekah\AppData\Local\Temp\5oqgdivw.dll
C:\Users\Rebekah\AppData\Local\Temp\5pfzh1fh.dll
C:\Users\Rebekah\AppData\Local\Temp\5qjqnexg.dll
C:\Users\Rebekah\AppData\Local\Temp\5rjemcnb.dll
C:\Users\Rebekah\AppData\Local\Temp\5rjpusxj.dll
C:\Users\Rebekah\AppData\Local\Temp\5tkspsqb.dll
C:\Users\Rebekah\AppData\Local\Temp\5wiif-q9.dll
C:\Users\Rebekah\AppData\Local\Temp\5xza36qk.dll
C:\Users\Rebekah\AppData\Local\Temp\5xztnrhf.dll
C:\Users\Rebekah\AppData\Local\Temp\64zp7rvj.dll
C:\Users\Rebekah\AppData\Local\Temp\68cqkpmn.dll
C:\Users\Rebekah\AppData\Local\Temp\6b1-vupd.dll
C:\Users\Rebekah\AppData\Local\Temp\6cc_ddof.dll
C:\Users\Rebekah\AppData\Local\Temp\6fbntdqg.dll
C:\Users\Rebekah\AppData\Local\Temp\6gefmjfg.dll
C:\Users\Rebekah\AppData\Local\Temp\6gv9bqi7.dll
C:\Users\Rebekah\AppData\Local\Temp\6hij8-wm.dll
C:\Users\Rebekah\AppData\Local\Temp\6lsxim4x.dll
C:\Users\Rebekah\AppData\Local\Temp\6lxdmoxg.dll
C:\Users\Rebekah\AppData\Local\Temp\6mw2doed.dll
C:\Users\Rebekah\AppData\Local\Temp\6n_qvnwz.dll
C:\Users\Rebekah\AppData\Local\Temp\6oxamv5u.dll
C:\Users\Rebekah\AppData\Local\Temp\6qw5cwlo.dll
C:\Users\Rebekah\AppData\Local\Temp\6tpcvrfl.dll
C:\Users\Rebekah\AppData\Local\Temp\6t_og4bq.dll
C:\Users\Rebekah\AppData\Local\Temp\6uxfanx4.dll
C:\Users\Rebekah\AppData\Local\Temp\6v23suie.dll
C:\Users\Rebekah\AppData\Local\Temp\6vrrhd7j.dll
C:\Users\Rebekah\AppData\Local\Temp\6vybatij.dll
C:\Users\Rebekah\AppData\Local\Temp\6yhzatru.dll
C:\Users\Rebekah\AppData\Local\Temp\6zdxozve.dll
C:\Users\Rebekah\AppData\Local\Temp\6zehmbch.dll
C:\Users\Rebekah\AppData\Local\Temp\706_jis0.dll
C:\Users\Rebekah\AppData\Local\Temp\75o8xry2.dll
C:\Users\Rebekah\AppData\Local\Temp\7cktz3aj.dll
C:\Users\Rebekah\AppData\Local\Temp\7cxqjpbs.dll
C:\Users\Rebekah\AppData\Local\Temp\7dedrorz.dll
C:\Users\Rebekah\AppData\Local\Temp\7e9tlcwb.dll
C:\Users\Rebekah\AppData\Local\Temp\7fo3fkpz.dll
C:\Users\Rebekah\AppData\Local\Temp\7gfyqsjs.dll
C:\Users\Rebekah\AppData\Local\Temp\7gxrzuk8.dll
C:\Users\Rebekah\AppData\Local\Temp\7kirjbsc.dll
C:\Users\Rebekah\AppData\Local\Temp\7othdrr4.dll
C:\Users\Rebekah\AppData\Local\Temp\7ptqgjcq.dll
C:\Users\Rebekah\AppData\Local\Temp\7r166ihd.dll
C:\Users\Rebekah\AppData\Local\Temp\7rxin79u.dll
C:\Users\Rebekah\AppData\Local\Temp\7saheywt.dll
C:\Users\Rebekah\AppData\Local\Temp\7wnz5scq.dll
C:\Users\Rebekah\AppData\Local\Temp\7wqhlgeg.dll
C:\Users\Rebekah\AppData\Local\Temp\7ywswmix.dll
C:\Users\Rebekah\AppData\Local\Temp\87hl-dvp.dll
C:\Users\Rebekah\AppData\Local\Temp\8b8r8tn3.dll
C:\Users\Rebekah\AppData\Local\Temp\8bjlevgn.dll
C:\Users\Rebekah\AppData\Local\Temp\8c3giem1.dll
C:\Users\Rebekah\AppData\Local\Temp\8cyl5hhr.dll
C:\Users\Rebekah\AppData\Local\Temp\8eie96wy.dll
C:\Users\Rebekah\AppData\Local\Temp\8f0iicdb.dll
C:\Users\Rebekah\AppData\Local\Temp\8gasm4vh.dll
C:\Users\Rebekah\AppData\Local\Temp\8gbylhxs.dll
C:\Users\Rebekah\AppData\Local\Temp\8gpeaymd.dll
C:\Users\Rebekah\AppData\Local\Temp\8hg6bx-r.dll
C:\Users\Rebekah\AppData\Local\Temp\8hntdtjr.dll
C:\Users\Rebekah\AppData\Local\Temp\8i63cs5n.dll
C:\Users\Rebekah\AppData\Local\Temp\8iqwcbe0.dll
C:\Users\Rebekah\AppData\Local\Temp\8j4n_tbv.dll
C:\Users\Rebekah\AppData\Local\Temp\8jptu2vz.dll
C:\Users\Rebekah\AppData\Local\Temp\8lphjfr0.dll
C:\Users\Rebekah\AppData\Local\Temp\8mplzhru.dll
C:\Users\Rebekah\AppData\Local\Temp\8ncb8xax.dll
C:\Users\Rebekah\AppData\Local\Temp\8s5t1zjg.dll
C:\Users\Rebekah\AppData\Local\Temp\8slcwwkz.dll
C:\Users\Rebekah\AppData\Local\Temp\8swpyhyc.dll
C:\Users\Rebekah\AppData\Local\Temp\8uz_3nm4.dll
C:\Users\Rebekah\AppData\Local\Temp\8vwohzij.dll
C:\Users\Rebekah\AppData\Local\Temp\8xrfxgfh.dll
C:\Users\Rebekah\AppData\Local\Temp\8y7kykjk.dll
C:\Users\Rebekah\AppData\Local\Temp\8zg-nxi3.dll
C:\Users\Rebekah\AppData\Local\Temp\8zql5zcr.dll
C:\Users\Rebekah\AppData\Local\Temp\9172ps_k.dll
C:\Users\Rebekah\AppData\Local\Temp\91jah-r7.dll
C:\Users\Rebekah\AppData\Local\Temp\93bpx4ar.dll
C:\Users\Rebekah\AppData\Local\Temp\94brzig3.dll
C:\Users\Rebekah\AppData\Local\Temp\94r_ps-5.dll
C:\Users\Rebekah\AppData\Local\Temp\9ahzr1dn.dll
C:\Users\Rebekah\AppData\Local\Temp\9an5709p.dll
C:\Users\Rebekah\AppData\Local\Temp\9ap3b34h.dll
C:\Users\Rebekah\AppData\Local\Temp\9b5epyx8.dll
C:\Users\Rebekah\AppData\Local\Temp\9btc5juc.dll
C:\Users\Rebekah\AppData\Local\Temp\9ei4fla1.dll
C:\Users\Rebekah\AppData\Local\Temp\9eksxkqd.dll
C:\Users\Rebekah\AppData\Local\Temp\9ftt12fm.dll
C:\Users\Rebekah\AppData\Local\Temp\9fyokbrz.dll
C:\Users\Rebekah\AppData\Local\Temp\9gc8ibgb.dll
C:\Users\Rebekah\AppData\Local\Temp\9gwmzpk2.dll
C:\Users\Rebekah\AppData\Local\Temp\9ix4waap.dll
C:\Users\Rebekah\AppData\Local\Temp\9labwcm9.dll
C:\Users\Rebekah\AppData\Local\Temp\9mhpz8_o.dll
C:\Users\Rebekah\AppData\Local\Temp\9o3vgkbq.dll
C:\Users\Rebekah\AppData\Local\Temp\9oo02tcv.dll
C:\Users\Rebekah\AppData\Local\Temp\9sydq9ok.dll
C:\Users\Rebekah\AppData\Local\Temp\9tm5jkqv.dll
C:\Users\Rebekah\AppData\Local\Temp\9twc8ozo.dll
C:\Users\Rebekah\AppData\Local\Temp\9wh19zux.dll
C:\Users\Rebekah\AppData\Local\Temp\9wkumxoh.dll
C:\Users\Rebekah\AppData\Local\Temp\9zrjzpvp.dll
C:\Users\Rebekah\AppData\Local\Temp\a-vdq3bz.dll
C:\Users\Rebekah\AppData\Local\Temp\a0v4xkmf.dll
C:\Users\Rebekah\AppData\Local\Temp\a17rnzl_.dll
C:\Users\Rebekah\AppData\Local\Temp\a4aiku0r.dll
C:\Users\Rebekah\AppData\Local\Temp\a4gwmncq.dll
C:\Users\Rebekah\AppData\Local\Temp\a5hkows_.dll
C:\Users\Rebekah\AppData\Local\Temp\a5zbdgax.dll
C:\Users\Rebekah\AppData\Local\Temp\a7kfrhkv.dll
C:\Users\Rebekah\AppData\Local\Temp\a9-zdbtu.dll
C:\Users\Rebekah\AppData\Local\Temp\aanwd_87.dll
C:\Users\Rebekah\AppData\Local\Temp\abfpqosz.dll
C:\Users\Rebekah\AppData\Local\Temp\acnaa-s6.dll
C:\Users\Rebekah\AppData\Local\Temp\addgursu.dll
C:\Users\Rebekah\AppData\Local\Temp\adf-erln.dll
C:\Users\Rebekah\AppData\Local\Temp\ad_wd45r.dll
C:\Users\Rebekah\AppData\Local\Temp\aetpj0d-.dll
C:\Users\Rebekah\AppData\Local\Temp\ae_-kntn.dll
C:\Users\Rebekah\AppData\Local\Temp\afivq4nu.dll
C:\Users\Rebekah\AppData\Local\Temp\agtq48az.dll
C:\Users\Rebekah\AppData\Local\Temp\ah3syhx_.dll
C:\Users\Rebekah\AppData\Local\Temp\ahlwlami.dll
C:\Users\Rebekah\AppData\Local\Temp\ahxij6ax.dll
C:\Users\Rebekah\AppData\Local\Temp\ak6p9dfa.dll
C:\Users\Rebekah\AppData\Local\Temp\almoxvpp.dll
C:\Users\Rebekah\AppData\Local\Temp\aloma5mi.dll
C:\Users\Rebekah\AppData\Local\Temp\alq-ycc5.dll
C:\Users\Rebekah\AppData\Local\Temp\anmnsuue.dll
C:\Users\Rebekah\AppData\Local\Temp\annwipvr.dll
C:\Users\Rebekah\AppData\Local\Temp\anzva-xv.dll
C:\Users\Rebekah\AppData\Local\Temp\aorirves.dll
C:\Users\Rebekah\AppData\Local\Temp\aotdox82.dll
C:\Users\Rebekah\AppData\Local\Temp\aqf-escb.dll
C:\Users\Rebekah\AppData\Local\Temp\aqkcd6yt.dll
C:\Users\Rebekah\AppData\Local\Temp\aqrwiopc.dll
C:\Users\Rebekah\AppData\Local\Temp\as3-sdrj.dll
C:\Users\Rebekah\AppData\Local\Temp\as4famdq.dll
C:\Users\Rebekah\AppData\Local\Temp\ash4ntb8.dll
C:\Users\Rebekah\AppData\Local\Temp\asucnw2c.dll
C:\Users\Rebekah\AppData\Local\Temp\at9e92b3.dll
C:\Users\Rebekah\AppData\Local\Temp\atgy4yyz.dll
C:\Users\Rebekah\AppData\Local\Temp\aubcbwjq.dll
C:\Users\Rebekah\AppData\Local\Temp\auyd2ydv.dll
C:\Users\Rebekah\AppData\Local\Temp\aveznmrf.dll
C:\Users\Rebekah\AppData\Local\Temp\awmdyvcg.dll
C:\Users\Rebekah\AppData\Local\Temp\axizp65l.dll
C:\Users\Rebekah\AppData\Local\Temp\axswqqeh.dll
C:\Users\Rebekah\AppData\Local\Temp\ayxsxuqn.dll
C:\Users\Rebekah\AppData\Local\Temp\azpl0hmc.dll
C:\Users\Rebekah\AppData\Local\Temp\a_l67b9m.dll
C:\Users\Rebekah\AppData\Local\Temp\b2qm0wzw.dll
C:\Users\Rebekah\AppData\Local\Temp\b3kkd-zl.dll
C:\Users\Rebekah\AppData\Local\Temp\b5xoordi.dll
C:\Users\Rebekah\AppData\Local\Temp\b6thki4s.dll
C:\Users\Rebekah\AppData\Local\Temp\b6z-w3xn.dll
C:\Users\Rebekah\AppData\Local\Temp\b7brrxqq.dll
C:\Users\Rebekah\AppData\Local\Temp\b7xs8be2.dll
C:\Users\Rebekah\AppData\Local\Temp\b9dxmbhz.dll
C:\Users\Rebekah\AppData\Local\Temp\bam8-s1t.dll
C:\Users\Rebekah\AppData\Local\Temp\bawsv14z.dll
C:\Users\Rebekah\AppData\Local\Temp\bccevoea.dll
C:\Users\Rebekah\AppData\Local\Temp\bcign6ed.dll
C:\Users\Rebekah\AppData\Local\Temp\bcje0vkt.dll
C:\Users\Rebekah\AppData\Local\Temp\bdf6fuao.dll
C:\Users\Rebekah\AppData\Local\Temp\bd_hewvx.dll
C:\Users\Rebekah\AppData\Local\Temp\bfiq0spq.dll
C:\Users\Rebekah\AppData\Local\Temp\bfpkyime.dll
C:\Users\Rebekah\AppData\Local\Temp\bgc04ngz.dll
C:\Users\Rebekah\AppData\Local\Temp\bge3vrmf.dll
C:\Users\Rebekah\AppData\Local\Temp\bgppgjoj.dll
C:\Users\Rebekah\AppData\Local\Temp\bgy18lnz.dll
C:\Users\Rebekah\AppData\Local\Temp\bhca0pxg.dll
C:\Users\Rebekah\AppData\Local\Temp\bhuztztg.dll
C:\Users\Rebekah\AppData\Local\Temp\bi-mltkp.dll
C:\Users\Rebekah\AppData\Local\Temp\bivnlfex.dll
C:\Users\Rebekah\AppData\Local\Temp\bjfrbyeq.dll
C:\Users\Rebekah\AppData\Local\Temp\bkodxevj.dll
C:\Users\Rebekah\AppData\Local\Temp\blsprqfc.dll
C:\Users\Rebekah\AppData\Local\Temp\bm0tiemh.dll
C:\Users\Rebekah\AppData\Local\Temp\boqrndkr.dll
C:\Users\Rebekah\AppData\Local\Temp\bqwb4kc7.dll
C:\Users\Rebekah\AppData\Local\Temp\br_utdhm.dll
C:\Users\Rebekah\AppData\Local\Temp\bsvuhory.dll
C:\Users\Rebekah\AppData\Local\Temp\btr2mnfp.dll
C:\Users\Rebekah\AppData\Local\Temp\bu10ieoi.dll
C:\Users\Rebekah\AppData\Local\Temp\bur3yhr-.dll
C:\Users\Rebekah\AppData\Local\Temp\bwa8qljy.dll
C:\Users\Rebekah\AppData\Local\Temp\bwhqdarz.dll
C:\Users\Rebekah\AppData\Local\Temp\bxpt2xo0.dll
C:\Users\Rebekah\AppData\Local\Temp\bydf14sf.dll
C:\Users\Rebekah\AppData\Local\Temp\bzepqkma.dll
C:\Users\Rebekah\AppData\Local\Temp\c-kgu22y.dll
C:\Users\Rebekah\AppData\Local\Temp\c1tg77ol.dll
C:\Users\Rebekah\AppData\Local\Temp\c3c7wbkz.dll
C:\Users\Rebekah\AppData\Local\Temp\c4qsc9ud.dll
C:\Users\Rebekah\AppData\Local\Temp\c7lqkibe.dll
C:\Users\Rebekah\AppData\Local\Temp\c87dt3xa.dll
C:\Users\Rebekah\AppData\Local\Temp\c9frxht4.dll
C:\Users\Rebekah\AppData\Local\Temp\cbmwc_c3.dll
C:\Users\Rebekah\AppData\Local\Temp\cbz3by5b.dll
C:\Users\Rebekah\AppData\Local\Temp\cc2p8qeq.dll
C:\Users\Rebekah\AppData\Local\Temp\cchepytw.dll
C:\Users\Rebekah\AppData\Local\Temp\cdg0g-fb.dll
C:\Users\Rebekah\AppData\Local\Temp\ce2ch1i5.dll
C:\Users\Rebekah\AppData\Local\Temp\cerf1hgg.dll
C:\Users\Rebekah\AppData\Local\Temp\cgepgfu1.dll
C:\Users\Rebekah\AppData\Local\Temp\cgltprzt.dll
C:\Users\Rebekah\AppData\Local\Temp\chapxvbl.dll
C:\Users\Rebekah\AppData\Local\Temp\chr2er3x.dll
C:\Users\Rebekah\AppData\Local\Temp\ciajvmqx.dll
C:\Users\Rebekah\AppData\Local\Temp\cixq1o4q.dll
C:\Users\Rebekah\AppData\Local\Temp\cizqge4-.dll
C:\Users\Rebekah\AppData\Local\Temp\ckejdvl_.dll
C:\Users\Rebekah\AppData\Local\Temp\ckokiscj.dll
C:\Users\Rebekah\AppData\Local\Temp\cl0i9sae.dll
C:\Users\Rebekah\AppData\Local\Temp\clyrj9qm.dll
C:\Users\Rebekah\AppData\Local\Temp\clyuhtgb.dll
C:\Users\Rebekah\AppData\Local\Temp\cmzc0onb.dll
C:\Users\Rebekah\AppData\Local\Temp\cnts2gon.dll
C:\Users\Rebekah\AppData\Local\Temp\co5uh82p.dll
C:\Users\Rebekah\AppData\Local\Temp\coadxcqu.dll
C:\Users\Rebekah\AppData\Local\Temp\coo7fst2.dll
C:\Users\Rebekah\AppData\Local\Temp\covsxryb.dll
C:\Users\Rebekah\AppData\Local\Temp\crqwwi0l.dll
C:\Users\Rebekah\AppData\Local\Temp\crsjvdnu.dll
C:\Users\Rebekah\AppData\Local\Temp\cs8q9lkn.dll
C:\Users\Rebekah\AppData\Local\Temp\cvfnf4jy.dll
C:\Users\Rebekah\AppData\Local\Temp\czc816ra.dll
C:\Users\Rebekah\AppData\Local\Temp\d-b4fwkp.dll
C:\Users\Rebekah\AppData\Local\Temp\d-kdp8ox.dll
C:\Users\Rebekah\AppData\Local\Temp\d-pcibgb.dll
C:\Users\Rebekah\AppData\Local\Temp\d-v6f90o.dll
C:\Users\Rebekah\AppData\Local\Temp\d0yiywix.dll
C:\Users\Rebekah\AppData\Local\Temp\d1rnj7rx.dll
C:\Users\Rebekah\AppData\Local\Temp\d2ereupm.dll
C:\Users\Rebekah\AppData\Local\Temp\d3dxjm47.dll
C:\Users\Rebekah\AppData\Local\Temp\d4cmlee7.dll
C:\Users\Rebekah\AppData\Local\Temp\d4zgqunz.dll
C:\Users\Rebekah\AppData\Local\Temp\d6pbesl5.dll
C:\Users\Rebekah\AppData\Local\Temp\d6zwntih.dll
C:\Users\Rebekah\AppData\Local\Temp\d7alxd6k.dll
C:\Users\Rebekah\AppData\Local\Temp\d7kklz0f.dll
C:\Users\Rebekah\AppData\Local\Temp\d8v6xc3m.dll
C:\Users\Rebekah\AppData\Local\Temp\dabt6lvc.dll
C:\Users\Rebekah\AppData\Local\Temp\dah6gjkk.dll
C:\Users\Rebekah\AppData\Local\Temp\dcfhm1jy.dll
C:\Users\Rebekah\AppData\Local\Temp\ddgcafrr.dll
C:\Users\Rebekah\AppData\Local\Temp\ddrol73k.dll
C:\Users\Rebekah\AppData\Local\Temp\degdbneh.dll
C:\Users\Rebekah\AppData\Local\Temp\deq49-nr.dll
C:\Users\Rebekah\AppData\Local\Temp\desg9smt.dll
C:\Users\Rebekah\AppData\Local\Temp\deynv3ct.dll
C:\Users\Rebekah\AppData\Local\Temp\dfscochl.dll
C:\Users\Rebekah\AppData\Local\Temp\dguddlt7.dll
C:\Users\Rebekah\AppData\Local\Temp\dgzelabi.dll
C:\Users\Rebekah\AppData\Local\Temp\dhc2ooo4.dll
C:\Users\Rebekah\AppData\Local\Temp\dhf7gfm1.dll
C:\Users\Rebekah\AppData\Local\Temp\dhjismdc.dll
C:\Users\Rebekah\AppData\Local\Temp\dhngfze6.dll
C:\Users\Rebekah\AppData\Local\Temp\diu_fpu5.dll
C:\Users\Rebekah\AppData\Local\Temp\dizbtest.dll
C:\Users\Rebekah\AppData\Local\Temp\djs1t6lw.dll
C:\Users\Rebekah\AppData\Local\Temp\dku8jnvw.dll
C:\Users\Rebekah\AppData\Local\Temp\dl4trua6.dll
C:\Users\Rebekah\AppData\Local\Temp\dlchq3j2.dll
C:\Users\Rebekah\AppData\Local\Temp\dmbxsfwq.dll
C:\Users\Rebekah\AppData\Local\Temp\dmlewqey.dll
C:\Users\Rebekah\AppData\Local\Temp\dnjoqtyp.dll
C:\Users\Rebekah\AppData\Local\Temp\dpkktoqh.dll
C:\Users\Rebekah\AppData\Local\Temp\dpnmdhky.dll
C:\Users\Rebekah\AppData\Local\Temp\dqa3n0zn.dll
C:\Users\Rebekah\AppData\Local\Temp\dqpburnv.dll
C:\Users\Rebekah\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplsdlsn.dll
 
Section 4
C:\Users\Rebekah\AppData\Local\Temp\ds41dscf.dll
C:\Users\Rebekah\AppData\Local\Temp\dsxnmxop.dll
C:\Users\Rebekah\AppData\Local\Temp\dtfydujs.dll
C:\Users\Rebekah\AppData\Local\Temp\dtxmqpyk.dll
C:\Users\Rebekah\AppData\Local\Temp\dtysn2kp.dll
C:\Users\Rebekah\AppData\Local\Temp\dvr_0w4r.dll
C:\Users\Rebekah\AppData\Local\Temp\dx4lddgt.dll
C:\Users\Rebekah\AppData\Local\Temp\dyfgjjov.dll
C:\Users\Rebekah\AppData\Local\Temp\dys7aoyj.dll
C:\Users\Rebekah\AppData\Local\Temp\dzzbyzyn.dll
C:\Users\Rebekah\AppData\Local\Temp\d_0rj5gf.dll
C:\Users\Rebekah\AppData\Local\Temp\e-bbte9c.dll
C:\Users\Rebekah\AppData\Local\Temp\e0xzv9fl.dll
C:\Users\Rebekah\AppData\Local\Temp\e0_nasuc.dll
C:\Users\Rebekah\AppData\Local\Temp\e1hrx66u.dll
C:\Users\Rebekah\AppData\Local\Temp\e4k7kd0c.dll
C:\Users\Rebekah\AppData\Local\Temp\e4zc8kin.dll
C:\Users\Rebekah\AppData\Local\Temp\e6ytcqgu.dll
C:\Users\Rebekah\AppData\Local\Temp\e7idpftd.dll
C:\Users\Rebekah\AppData\Local\Temp\e8zdi3lh.dll
C:\Users\Rebekah\AppData\Local\Temp\eas8gaui.dll
C:\Users\Rebekah\AppData\Local\Temp\easd9pqp.dll
C:\Users\Rebekah\AppData\Local\Temp\ec0mql-p.dll
C:\Users\Rebekah\AppData\Local\Temp\ec4zs2ek.dll
C:\Users\Rebekah\AppData\Local\Temp\eczzilzw.dll
C:\Users\Rebekah\AppData\Local\Temp\edvaqb_c.dll
C:\Users\Rebekah\AppData\Local\Temp\egdsqcvh.dll
C:\Users\Rebekah\AppData\Local\Temp\egsrn8k-.dll
C:\Users\Rebekah\AppData\Local\Temp\ehasxi9i.dll
C:\Users\Rebekah\AppData\Local\Temp\ehhahn-b.dll
C:\Users\Rebekah\AppData\Local\Temp\eio9tpl-.dll
C:\Users\Rebekah\AppData\Local\Temp\eivzz2zy.dll
C:\Users\Rebekah\AppData\Local\Temp\ejbymc6p.dll
C:\Users\Rebekah\AppData\Local\Temp\ekkv7zrt.dll
C:\Users\Rebekah\AppData\Local\Temp\ekngveqj.dll
C:\Users\Rebekah\AppData\Local\Temp\elbyknes.dll
C:\Users\Rebekah\AppData\Local\Temp\em0qldj7.dll
C:\Users\Rebekah\AppData\Local\Temp\emppti9e.dll
C:\Users\Rebekah\AppData\Local\Temp\emqiccla.dll
C:\Users\Rebekah\AppData\Local\Temp\emw8xzcr.dll
C:\Users\Rebekah\AppData\Local\Temp\en1uriyv.dll
C:\Users\Rebekah\AppData\Local\Temp\eph9nmkk.dll
C:\Users\Rebekah\AppData\Local\Temp\erykzhh-.dll
C:\Users\Rebekah\AppData\Local\Temp\es6sfzxa.dll
C:\Users\Rebekah\AppData\Local\Temp\espcw2t4.dll
C:\Users\Rebekah\AppData\Local\Temp\eulh7ywi.dll
C:\Users\Rebekah\AppData\Local\Temp\evx643le.dll
C:\Users\Rebekah\AppData\Local\Temp\ewmasmf5.dll
C:\Users\Rebekah\AppData\Local\Temp\eyl70fpq.dll
C:\Users\Rebekah\AppData\Local\Temp\eyo31wov.dll
C:\Users\Rebekah\AppData\Local\Temp\eyrva_sw.dll
C:\Users\Rebekah\AppData\Local\Temp\f0mmah7u.dll
C:\Users\Rebekah\AppData\Local\Temp\f13dqi_b.dll
C:\Users\Rebekah\AppData\Local\Temp\f2gdij1e.dll
C:\Users\Rebekah\AppData\Local\Temp\f3sgvdzb.dll
C:\Users\Rebekah\AppData\Local\Temp\f4hkbwkv.dll
C:\Users\Rebekah\AppData\Local\Temp\f4xpjdoe.dll
C:\Users\Rebekah\AppData\Local\Temp\f6rrp_j7.dll
C:\Users\Rebekah\AppData\Local\Temp\f8x5qt11.dll
C:\Users\Rebekah\AppData\Local\Temp\fa4qudlh.dll
C:\Users\Rebekah\AppData\Local\Temp\fac6vitv.dll
C:\Users\Rebekah\AppData\Local\Temp\facujngv.dll
C:\Users\Rebekah\AppData\Local\Temp\fak5nhkf.dll
C:\Users\Rebekah\AppData\Local\Temp\fbqv6cpi.dll
C:\Users\Rebekah\AppData\Local\Temp\fcmvubpf.dll
C:\Users\Rebekah\AppData\Local\Temp\fdeeoel7.dll
C:\Users\Rebekah\AppData\Local\Temp\fdwdyvno.dll
C:\Users\Rebekah\AppData\Local\Temp\fdwvyqmc.dll
C:\Users\Rebekah\AppData\Local\Temp\fe-7vreg.dll
C:\Users\Rebekah\AppData\Local\Temp\fezkuwph.dll
C:\Users\Rebekah\AppData\Local\Temp\ffd64loh.dll
C:\Users\Rebekah\AppData\Local\Temp\fggssbqx.dll
C:\Users\Rebekah\AppData\Local\Temp\fgobdt3h.dll
C:\Users\Rebekah\AppData\Local\Temp\fi__77xy.dll
C:\Users\Rebekah\AppData\Local\Temp\fjs8vwln.dll
C:\Users\Rebekah\AppData\Local\Temp\fl0y9izv.dll
C:\Users\Rebekah\AppData\Local\Temp\fleefbqt.dll
C:\Users\Rebekah\AppData\Local\Temp\flouqb6s.dll
C:\Users\Rebekah\AppData\Local\Temp\flvbht1i.dll
C:\Users\Rebekah\AppData\Local\Temp\fmcdl7-s.dll
C:\Users\Rebekah\AppData\Local\Temp\fn6dnbiy.dll
C:\Users\Rebekah\AppData\Local\Temp\fo1hdywt.dll
C:\Users\Rebekah\AppData\Local\Temp\fono5xfi.dll
C:\Users\Rebekah\AppData\Local\Temp\fp2osptu.dll
C:\Users\Rebekah\AppData\Local\Temp\fpudzjth.dll
C:\Users\Rebekah\AppData\Local\Temp\fq6oj17c.dll
C:\Users\Rebekah\AppData\Local\Temp\frne-sfw.dll
C:\Users\Rebekah\AppData\Local\Temp\frz7swnc.dll
C:\Users\Rebekah\AppData\Local\Temp\fs1t8ndh.dll
C:\Users\Rebekah\AppData\Local\Temp\fs8qtz2t.dll
C:\Users\Rebekah\AppData\Local\Temp\fsgj0jic.dll
C:\Users\Rebekah\AppData\Local\Temp\fsyazmso.dll
C:\Users\Rebekah\AppData\Local\Temp\fur0wljn.dll
C:\Users\Rebekah\AppData\Local\Temp\fv64y8pf.dll
C:\Users\Rebekah\AppData\Local\Temp\fvwlzsq3.dll
C:\Users\Rebekah\AppData\Local\Temp\fxkedbrv.dll
C:\Users\Rebekah\AppData\Local\Temp\fyd9mq7n.dll
C:\Users\Rebekah\AppData\Local\Temp\fyhgnykb.dll
C:\Users\Rebekah\AppData\Local\Temp\fzoe0nmd.dll
C:\Users\Rebekah\AppData\Local\Temp\f_b3rii-.dll
C:\Users\Rebekah\AppData\Local\Temp\f_d-y49q.dll
C:\Users\Rebekah\AppData\Local\Temp\g-aekkgn.dll
C:\Users\Rebekah\AppData\Local\Temp\g-lujqza.dll
C:\Users\Rebekah\AppData\Local\Temp\g5wbe_33.dll
C:\Users\Rebekah\AppData\Local\Temp\g5_oxlvx.dll
C:\Users\Rebekah\AppData\Local\Temp\g6yeehj8.dll
C:\Users\Rebekah\AppData\Local\Temp\gbcahyqu.dll
C:\Users\Rebekah\AppData\Local\Temp\gbxq0dzr.dll
C:\Users\Rebekah\AppData\Local\Temp\gcpbtmxq.dll
C:\Users\Rebekah\AppData\Local\Temp\gc_pc0yy.dll
C:\Users\Rebekah\AppData\Local\Temp\gdlrnlci.dll
C:\Users\Rebekah\AppData\Local\Temp\gds6jex3.dll
C:\Users\Rebekah\AppData\Local\Temp\gdvecjbc.dll
C:\Users\Rebekah\AppData\Local\Temp\geeg-b7w.dll
C:\Users\Rebekah\AppData\Local\Temp\gfftxom7.dll
C:\Users\Rebekah\AppData\Local\Temp\gges4ahi.dll
C:\Users\Rebekah\AppData\Local\Temp\ggutko52.dll
C:\Users\Rebekah\AppData\Local\Temp\ghi6oyvh.dll
C:\Users\Rebekah\AppData\Local\Temp\ghvlqntr.dll
C:\Users\Rebekah\AppData\Local\Temp\gjaei0sp.dll
C:\Users\Rebekah\AppData\Local\Temp\gjjlcp_v.dll
C:\Users\Rebekah\AppData\Local\Temp\gkcduxe6.dll
C:\Users\Rebekah\AppData\Local\Temp\gkxxdpg4.dll
C:\Users\Rebekah\AppData\Local\Temp\glc1azl6.dll
C:\Users\Rebekah\AppData\Local\Temp\gm2xgnpq.dll
C:\Users\Rebekah\AppData\Local\Temp\gmutrazr.dll
C:\Users\Rebekah\AppData\Local\Temp\gmyooci0.dll
C:\Users\Rebekah\AppData\Local\Temp\goa5dwdq.dll
C:\Users\Rebekah\AppData\Local\Temp\gqtuweyw.dll
C:\Users\Rebekah\AppData\Local\Temp\gr_duoqq.dll
C:\Users\Rebekah\AppData\Local\Temp\gse0e_va.dll
C:\Users\Rebekah\AppData\Local\Temp\gsnxn9vf.dll
C:\Users\Rebekah\AppData\Local\Temp\gswyttj-.dll
C:\Users\Rebekah\AppData\Local\Temp\gt5lj95n.dll
C:\Users\Rebekah\AppData\Local\Temp\gtonluyr.dll
C:\Users\Rebekah\AppData\Local\Temp\gvdxligv.dll
C:\Users\Rebekah\AppData\Local\Temp\gvi0_2ai.dll
C:\Users\Rebekah\AppData\Local\Temp\gw0mncta.dll
C:\Users\Rebekah\AppData\Local\Temp\gwinjmmf.dll
C:\Users\Rebekah\AppData\Local\Temp\gx8_ho_z.dll
C:\Users\Rebekah\AppData\Local\Temp\gxag2hpi.dll
C:\Users\Rebekah\AppData\Local\Temp\gxdv1vpj.dll
C:\Users\Rebekah\AppData\Local\Temp\gyhfhwi9.dll
C:\Users\Rebekah\AppData\Local\Temp\gyuauwdo.dll
C:\Users\Rebekah\AppData\Local\Temp\gz9lyfqm.dll
C:\Users\Rebekah\AppData\Local\Temp\g_-yigx8.dll
C:\Users\Rebekah\AppData\Local\Temp\h35iieeu.dll
C:\Users\Rebekah\AppData\Local\Temp\h5ckcs-x.dll
C:\Users\Rebekah\AppData\Local\Temp\h8xsw5th.dll
C:\Users\Rebekah\AppData\Local\Temp\hbj_kkz3.dll
C:\Users\Rebekah\AppData\Local\Temp\hcab3i3-.dll
C:\Users\Rebekah\AppData\Local\Temp\hccyokp_.dll
C:\Users\Rebekah\AppData\Local\Temp\hf117cvz.dll
C:\Users\Rebekah\AppData\Local\Temp\hf7ay9he.dll
C:\Users\Rebekah\AppData\Local\Temp\hg-624gx.dll
C:\Users\Rebekah\AppData\Local\Temp\hg9ryaj3.dll
C:\Users\Rebekah\AppData\Local\Temp\hgirv-hu.dll
C:\Users\Rebekah\AppData\Local\Temp\hg_vaxmp.dll
C:\Users\Rebekah\AppData\Local\Temp\hhimm-wq.dll
C:\Users\Rebekah\AppData\Local\Temp\hhyf3bqb.dll
C:\Users\Rebekah\AppData\Local\Temp\hjcg3zlh.dll
C:\Users\Rebekah\AppData\Local\Temp\hkobibq_.dll
C:\Users\Rebekah\AppData\Local\Temp\hm4pdnhg.dll
C:\Users\Rebekah\AppData\Local\Temp\hohcnfkk.dll
C:\Users\Rebekah\AppData\Local\Temp\hoixjdkv.dll
C:\Users\Rebekah\AppData\Local\Temp\hovci-mt.dll
C:\Users\Rebekah\AppData\Local\Temp\how9cnjp.dll
C:\Users\Rebekah\AppData\Local\Temp\hpw0mfhz.dll
C:\Users\Rebekah\AppData\Local\Temp\hqsxptcc.dll
C:\Users\Rebekah\AppData\Local\Temp\hr3jfqwj.dll
C:\Users\Rebekah\AppData\Local\Temp\hrsorhqx.dll
C:\Users\Rebekah\AppData\Local\Temp\hsebx28r.dll
C:\Users\Rebekah\AppData\Local\Temp\hslf2plh.dll
C:\Users\Rebekah\AppData\Local\Temp\ht6bdm4p.dll
C:\Users\Rebekah\AppData\Local\Temp\huve03g7.dll
C:\Users\Rebekah\AppData\Local\Temp\hvthmilz.dll
C:\Users\Rebekah\AppData\Local\Temp\hvzpxyuy.dll
C:\Users\Rebekah\AppData\Local\Temp\hwuvbj7c.dll
C:\Users\Rebekah\AppData\Local\Temp\hxwqmamh.dll
C:\Users\Rebekah\AppData\Local\Temp\hzlwlt-5.dll
C:\Users\Rebekah\AppData\Local\Temp\i1ewpvao.dll
C:\Users\Rebekah\AppData\Local\Temp\i34pdkj9.dll
C:\Users\Rebekah\AppData\Local\Temp\i43ehmlk.dll
C:\Users\Rebekah\AppData\Local\Temp\i5jq5e3s.dll
C:\Users\Rebekah\AppData\Local\Temp\i8sawywl.dll
C:\Users\Rebekah\AppData\Local\Temp\iahoato-.dll
C:\Users\Rebekah\AppData\Local\Temp\iawolmqm.dll
C:\Users\Rebekah\AppData\Local\Temp\ib8zfciz.dll
C:\Users\Rebekah\AppData\Local\Temp\ibwhgems.dll
C:\Users\Rebekah\AppData\Local\Temp\ibwqjj8c.dll
C:\Users\Rebekah\AppData\Local\Temp\idswuffx.dll
C:\Users\Rebekah\AppData\Local\Temp\idtvx83a.dll
C:\Users\Rebekah\AppData\Local\Temp\iemoznlj.dll
C:\Users\Rebekah\AppData\Local\Temp\ieqj_1y0.dll
C:\Users\Rebekah\AppData\Local\Temp\ietdz6wl.dll
C:\Users\Rebekah\AppData\Local\Temp\ifyoocfp.dll
C:\Users\Rebekah\AppData\Local\Temp\igchyzgn.dll
C:\Users\Rebekah\AppData\Local\Temp\igjavxwb.dll
C:\Users\Rebekah\AppData\Local\Temp\ihgxl3df.dll
C:\Users\Rebekah\AppData\Local\Temp\ihlhxhix.dll
C:\Users\Rebekah\AppData\Local\Temp\ihryhktb.dll
C:\Users\Rebekah\AppData\Local\Temp\iif0cfjp.dll
C:\Users\Rebekah\AppData\Local\Temp\iifbo2vj.dll
C:\Users\Rebekah\AppData\Local\Temp\iiko58kh.dll
C:\Users\Rebekah\AppData\Local\Temp\ikrscewu.dll
C:\Users\Rebekah\AppData\Local\Temp\ilal3cgh.dll
C:\Users\Rebekah\AppData\Local\Temp\ilklqn8d.dll
C:\Users\Rebekah\AppData\Local\Temp\ilnhbcfi.dll
C:\Users\Rebekah\AppData\Local\Temp\immvc15y.dll
C:\Users\Rebekah\AppData\Local\Temp\imnmqyyb.dll
C:\Users\Rebekah\AppData\Local\Temp\iorg_rh_.dll
C:\Users\Rebekah\AppData\Local\Temp\ipqhtkgi.dll
C:\Users\Rebekah\AppData\Local\Temp\irfwlj51.dll
C:\Users\Rebekah\AppData\Local\Temp\irf_vtaf.dll
C:\Users\Rebekah\AppData\Local\Temp\irwciq29.dll
C:\Users\Rebekah\AppData\Local\Temp\ishennif.dll
C:\Users\Rebekah\AppData\Local\Temp\ishnrhfx.dll
C:\Users\Rebekah\AppData\Local\Temp\istvjw91.dll
C:\Users\Rebekah\AppData\Local\Temp\it3x_s04.dll
C:\Users\Rebekah\AppData\Local\Temp\it9lpae_.dll
C:\Users\Rebekah\AppData\Local\Temp\itncyelx.dll
C:\Users\Rebekah\AppData\Local\Temp\iuupsdfb.dll
C:\Users\Rebekah\AppData\Local\Temp\iwnougyx.dll
C:\Users\Rebekah\AppData\Local\Temp\ixigm6z1.dll
C:\Users\Rebekah\AppData\Local\Temp\iy49d3gr.dll
C:\Users\Rebekah\AppData\Local\Temp\iybfk49s.dll
C:\Users\Rebekah\AppData\Local\Temp\iyemq_op.dll
C:\Users\Rebekah\AppData\Local\Temp\iyf0hxvx.dll
C:\Users\Rebekah\AppData\Local\Temp\iyygfiyj.dll
C:\Users\Rebekah\AppData\Local\Temp\iz4dbjeo.dll
C:\Users\Rebekah\AppData\Local\Temp\izjcgafa.dll
C:\Users\Rebekah\AppData\Local\Temp\j13evwfp.dll
C:\Users\Rebekah\AppData\Local\Temp\j3fvswqi.dll
C:\Users\Rebekah\AppData\Local\Temp\j3s4czv4.dll
C:\Users\Rebekah\AppData\Local\Temp\j5btocxt.dll
C:\Users\Rebekah\AppData\Local\Temp\j5q07y0r.dll
C:\Users\Rebekah\AppData\Local\Temp\j65dzjbn.dll
C:\Users\Rebekah\AppData\Local\Temp\j6pcqijx.dll
C:\Users\Rebekah\AppData\Local\Temp\j743x7rw.dll
C:\Users\Rebekah\AppData\Local\Temp\j9spxtap.dll
C:\Users\Rebekah\AppData\Local\Temp\javjdhox.dll
C:\Users\Rebekah\AppData\Local\Temp\jb2e2uhv.dll
C:\Users\Rebekah\AppData\Local\Temp\jb2q4th1.dll
C:\Users\Rebekah\AppData\Local\Temp\jdgblyyu.dll
C:\Users\Rebekah\AppData\Local\Temp\jdsn2lmg.dll
C:\Users\Rebekah\AppData\Local\Temp\je1nbzqf.dll
C:\Users\Rebekah\AppData\Local\Temp\jerfmzhl.dll
C:\Users\Rebekah\AppData\Local\Temp\jh9f8ksr.dll
C:\Users\Rebekah\AppData\Local\Temp\jhvralhr.dll
C:\Users\Rebekah\AppData\Local\Temp\jhxlutqc.dll
C:\Users\Rebekah\AppData\Local\Temp\jkjuykeo.dll
C:\Users\Rebekah\AppData\Local\Temp\jli-2xei.dll
C:\Users\Rebekah\AppData\Local\Temp\jmbrg-ns.dll
C:\Users\Rebekah\AppData\Local\Temp\jmf1s8tq.dll
C:\Users\Rebekah\AppData\Local\Temp\jmkvu-am.dll
C:\Users\Rebekah\AppData\Local\Temp\jnhl3wtl.dll
C:\Users\Rebekah\AppData\Local\Temp\jnqrddmx.dll
C:\Users\Rebekah\AppData\Local\Temp\joogmzfz.dll
C:\Users\Rebekah\AppData\Local\Temp\jplcqizt.dll
C:\Users\Rebekah\AppData\Local\Temp\jsamkder.dll
C:\Users\Rebekah\AppData\Local\Temp\jsuzrze8.dll
C:\Users\Rebekah\AppData\Local\Temp\jtnz5crf.dll
C:\Users\Rebekah\AppData\Local\Temp\jtuholhn.dll
C:\Users\Rebekah\AppData\Local\Temp\jukmxpjn.dll
C:\Users\Rebekah\AppData\Local\Temp\ju_1vmbq.dll
C:\Users\Rebekah\AppData\Local\Temp\jv4pnjwx.dll
C:\Users\Rebekah\AppData\Local\Temp\jv8u3uc1.dll
C:\Users\Rebekah\AppData\Local\Temp\jvebldcj.dll
C:\Users\Rebekah\AppData\Local\Temp\jwcgzleb.dll
C:\Users\Rebekah\AppData\Local\Temp\jwnjgpyd.dll
C:\Users\Rebekah\AppData\Local\Temp\jwthsbsy.dll
C:\Users\Rebekah\AppData\Local\Temp\jxcdk6id.dll
C:\Users\Rebekah\AppData\Local\Temp\jxna-kxs.dll
C:\Users\Rebekah\AppData\Local\Temp\jxsug0xt.dll
C:\Users\Rebekah\AppData\Local\Temp\jybiaaok.dll
C:\Users\Rebekah\AppData\Local\Temp\jyegeslj.dll
C:\Users\Rebekah\AppData\Local\Temp\j_dp6jdl.dll
C:\Users\Rebekah\AppData\Local\Temp\j_jl_5ev.dll
C:\Users\Rebekah\AppData\Local\Temp\k-qyicmp.dll
C:\Users\Rebekah\AppData\Local\Temp\k0mpxtfq.dll
C:\Users\Rebekah\AppData\Local\Temp\k0xnm_rx.dll
C:\Users\Rebekah\AppData\Local\Temp\k4mmyi-I.dll
C:\Users\Rebekah\AppData\Local\Temp\k5wadcjj.dll
C:\Users\Rebekah\AppData\Local\Temp\k5xcup1o.dll
C:\Users\Rebekah\AppData\Local\Temp\k6xays17.dll
C:\Users\Rebekah\AppData\Local\Temp\k6zwuj2k.dll
C:\Users\Rebekah\AppData\Local\Temp\k8oqr5vw.dll
C:\Users\Rebekah\AppData\Local\Temp\k8yfp1rp.dll
C:\Users\Rebekah\AppData\Local\Temp\ka1kiqi9.dll
C:\Users\Rebekah\AppData\Local\Temp\kaf7iorg.dll
C:\Users\Rebekah\AppData\Local\Temp\kao2aw3c.dll
C:\Users\Rebekah\AppData\Local\Temp\kawlp544.dll
C:\Users\Rebekah\AppData\Local\Temp\kbeorhxv.dll
C:\Users\Rebekah\AppData\Local\Temp\kcw1veai.dll
C:\Users\Rebekah\AppData\Local\Temp\kdotm2uz.dll
C:\Users\Rebekah\AppData\Local\Temp\kf0pppsk.dll
C:\Users\Rebekah\AppData\Local\Temp\kfv3r3nr.dll
C:\Users\Rebekah\AppData\Local\Temp\kgb1b7af.dll
C:\Users\Rebekah\AppData\Local\Temp\khkvl4zx.dll
C:\Users\Rebekah\AppData\Local\Temp\kj5bpncp.dll
C:\Users\Rebekah\AppData\Local\Temp\klkx6i7-.dll
C:\Users\Rebekah\AppData\Local\Temp\knj-knjp.dll
C:\Users\Rebekah\AppData\Local\Temp\knqpujfc.dll
C:\Users\Rebekah\AppData\Local\Temp\knuoq5rc.dll
C:\Users\Rebekah\AppData\Local\Temp\kpdfydot.dll
C:\Users\Rebekah\AppData\Local\Temp\kqx_vzp1.dll
C:\Users\Rebekah\AppData\Local\Temp\Kraus.exe
C:\Users\Rebekah\AppData\Local\Temp\krznqscg.dll
C:\Users\Rebekah\AppData\Local\Temp\kszfs3k5.dll
C:\Users\Rebekah\AppData\Local\Temp\kuwpufah.dll
C:\Users\Rebekah\AppData\Local\Temp\kvchvai4.dll
C:\Users\Rebekah\AppData\Local\Temp\kveco96j.dll
C:\Users\Rebekah\AppData\Local\Temp\kvfnt-wb.dll
C:\Users\Rebekah\AppData\Local\Temp\kvm93ujq.dll
C:\Users\Rebekah\AppData\Local\Temp\kvprag_6.dll
C:\Users\Rebekah\AppData\Local\Temp\kxa5emcz.dll
C:\Users\Rebekah\AppData\Local\Temp\kxojfgns.dll
C:\Users\Rebekah\AppData\Local\Temp\kynhs9sm.dll
C:\Users\Rebekah\AppData\Local\Temp\kyvnx7k6.dll
C:\Users\Rebekah\AppData\Local\Temp\kzhoiuzd.dll
C:\Users\Rebekah\AppData\Local\Temp\l2npsm0s.dll
C:\Users\Rebekah\AppData\Local\Temp\l3szulkq.dll
C:\Users\Rebekah\AppData\Local\Temp\l6gmboxd.dll
C:\Users\Rebekah\AppData\Local\Temp\l7hdcz2q.dll
C:\Users\Rebekah\AppData\Local\Temp\l81ajoz2.dll
C:\Users\Rebekah\AppData\Local\Temp\lc0gmoho.dll
C:\Users\Rebekah\AppData\Local\Temp\lcyx7v9w.dll
C:\Users\Rebekah\AppData\Local\Temp\lfpfxdxc.dll
C:\Users\Rebekah\AppData\Local\Temp\lgjntioi.dll
C:\Users\Rebekah\AppData\Local\Temp\lh6av9ji.dll
C:\Users\Rebekah\AppData\Local\Temp\lhj46e6v.dll
C:\Users\Rebekah\AppData\Local\Temp\lhlnfb2o.dll
C:\Users\Rebekah\AppData\Local\Temp\lhrvtdoe.dll
C:\Users\Rebekah\AppData\Local\Temp\lhwrg1ah.dll
C:\Users\Rebekah\AppData\Local\Temp\liwxyiiy.dll
C:\Users\Rebekah\AppData\Local\Temp\ljem_zn6.dll
C:\Users\Rebekah\AppData\Local\Temp\ljx5h3zs.dll
C:\Users\Rebekah\AppData\Local\Temp\lkwhwkrq.dll
C:\Users\Rebekah\AppData\Local\Temp\ln47d5cu.dll
C:\Users\Rebekah\AppData\Local\Temp\ln5khmab.dll
C:\Users\Rebekah\AppData\Local\Temp\lnfwdpdd.dll
C:\Users\Rebekah\AppData\Local\Temp\lqx6j0wo.dll
C:\Users\Rebekah\AppData\Local\Temp\lrymnejs.dll
C:\Users\Rebekah\AppData\Local\Temp\lsjca65d.dll
C:\Users\Rebekah\AppData\Local\Temp\lthaatix.dll
C:\Users\Rebekah\AppData\Local\Temp\ltkaayen.dll
C:\Users\Rebekah\AppData\Local\Temp\ltqchrb9.dll
C:\Users\Rebekah\AppData\Local\Temp\ludpl3di.dll
C:\Users\Rebekah\AppData\Local\Temp\lugda8pm.dll
C:\Users\Rebekah\AppData\Local\Temp\luwnhkot.dll
C:\Users\Rebekah\AppData\Local\Temp\lvnoe6cc.dll
C:\Users\Rebekah\AppData\Local\Temp\lw0adyfw.dll
C:\Users\Rebekah\AppData\Local\Temp\lw4uvuay.dll
C:\Users\Rebekah\AppData\Local\Temp\lwsgpayj.dll
C:\Users\Rebekah\AppData\Local\Temp\lw_5vp_a.dll
C:\Users\Rebekah\AppData\Local\Temp\lxodd7b-.dll
C:\Users\Rebekah\AppData\Local\Temp\lyjbi5rv.dll
C:\Users\Rebekah\AppData\Local\Temp\lzcvivs5.dll
C:\Users\Rebekah\AppData\Local\Temp\l_azwzf-.dll
C:\Users\Rebekah\AppData\Local\Temp\m-2wt6tf.dll
C:\Users\Rebekah\AppData\Local\Temp\m05vdn_p.dll
C:\Users\Rebekah\AppData\Local\Temp\m0qcmctu.dll
C:\Users\Rebekah\AppData\Local\Temp\m3iydrhu.dll
C:\Users\Rebekah\AppData\Local\Temp\m3owp3is.dll
C:\Users\Rebekah\AppData\Local\Temp\m5ligaz6.dll
C:\Users\Rebekah\AppData\Local\Temp\m6xpjvri.dll
C:\Users\Rebekah\AppData\Local\Temp\m7g0g7gv.dll
C:\Users\Rebekah\AppData\Local\Temp\m8unhcpa.dll
C:\Users\Rebekah\AppData\Local\Temp\m92l2aqw.dll
C:\Users\Rebekah\AppData\Local\Temp\m9cdcfsj.dll
C:\Users\Rebekah\AppData\Local\Temp\martxt-n.dll
C:\Users\Rebekah\AppData\Local\Temp\mc1nhgf2.dll
C:\Users\Rebekah\AppData\Local\Temp\md2hifka.dll
C:\Users\Rebekah\AppData\Local\Temp\mddfwbri.dll
C:\Users\Rebekah\AppData\Local\Temp\merkldmy.dll
C:\Users\Rebekah\AppData\Local\Temp\mfthfkck.dll
C:\Users\Rebekah\AppData\Local\Temp\mgdmvnof.dll
C:\Users\Rebekah\AppData\Local\Temp\mh2fvxnh.dll
C:\Users\Rebekah\AppData\Local\Temp\mi7z4vpk.dll
C:\Users\Rebekah\AppData\Local\Temp\mii0akrc.dll
C:\Users\Rebekah\AppData\Local\Temp\mjpsf4z5.dll
C:\Users\Rebekah\AppData\Local\Temp\mkccjvxm.dll
C:\Users\Rebekah\AppData\Local\Temp\ml-oohkx.dll
C:\Users\Rebekah\AppData\Local\Temp\mmrrsnqw.dll
C:\Users\Rebekah\AppData\Local\Temp\mmuy8tsw.dll
C:\Users\Rebekah\AppData\Local\Temp\monn5hpc.dll
C:\Users\Rebekah\AppData\Local\Temp\mosrjpwu.dll
C:\Users\Rebekah\AppData\Local\Temp\mperqenp.dll
C:\Users\Rebekah\AppData\Local\Temp\mpncbkb_.dll
C:\Users\Rebekah\AppData\Local\Temp\mptgrstz.dll
C:\Users\Rebekah\AppData\Local\Temp\mpxsqtc-.dll
C:\Users\Rebekah\AppData\Local\Temp\mqemvl-t.dll
C:\Users\Rebekah\AppData\Local\Temp\mqkf1xaf.dll
C:\Users\Rebekah\AppData\Local\Temp\msc7wslr.dll
C:\Users\Rebekah\AppData\Local\Temp\mseibwxu.dll
C:\Users\Rebekah\AppData\Local\Temp\msz7mvbc.dll
C:\Users\Rebekah\AppData\Local\Temp\mt-7shaa.dll
C:\Users\Rebekah\AppData\Local\Temp\mt_988hf.dll
C:\Users\Rebekah\AppData\Local\Temp\mucc93jf.dll
C:\Users\Rebekah\AppData\Local\Temp\muwct2ww.dll
C:\Users\Rebekah\AppData\Local\Temp\mvc6tmqg.dll
C:\Users\Rebekah\AppData\Local\Temp\mvpvibj1.dll
C:\Users\Rebekah\AppData\Local\Temp\mwrkfpod.dll
C:\Users\Rebekah\AppData\Local\Temp\mxo47b35.dll
C:\Users\Rebekah\AppData\Local\Temp\my51ohrl.dll
C:\Users\Rebekah\AppData\Local\Temp\mzmnatjn.dll
C:\Users\Rebekah\AppData\Local\Temp\n37gofwg.dll
C:\Users\Rebekah\AppData\Local\Temp\n4fyzcmh.dll
C:\Users\Rebekah\AppData\Local\Temp\n5laxm5v.dll
C:\Users\Rebekah\AppData\Local\Temp\n5vxaz4z.dll
C:\Users\Rebekah\AppData\Local\Temp\n6a7ofrx.dll
C:\Users\Rebekah\AppData\Local\Temp\n8u2szyt.dll
C:\Users\Rebekah\AppData\Local\Temp\na1jyraf.dll
C:\Users\Rebekah\AppData\Local\Temp\na7_pgxr.dll
C:\Users\Rebekah\AppData\Local\Temp\nakaa4ap.dll
C:\Users\Rebekah\AppData\Local\Temp\nc0i1otk.dll
C:\Users\Rebekah\AppData\Local\Temp\nd3e7aei.dll
C:\Users\Rebekah\AppData\Local\Temp\ndgaimq-.dll
C:\Users\Rebekah\AppData\Local\Temp\ndwtenif.dll
C:\Users\Rebekah\AppData\Local\Temp\negq_7je.dll
C:\Users\Rebekah\AppData\Local\Temp\nf96mz9n.dll
C:\Users\Rebekah\AppData\Local\Temp\nfutzz0i.dll
C:\Users\Rebekah\AppData\Local\Temp\ngcgsf_f.dll
C:\Users\Rebekah\AppData\Local\Temp\ngdvih4a.dll
C:\Users\Rebekah\AppData\Local\Temp\nglv3a3c.dll
C:\Users\Rebekah\AppData\Local\Temp\ngzdvpwq.dll
C:\Users\Rebekah\AppData\Local\Temp\njcw9tus.dll
C:\Users\Rebekah\AppData\Local\Temp\nkifnpeu.dll
C:\Users\Rebekah\AppData\Local\Temp\nkp3gdak.dll
C:\Users\Rebekah\AppData\Local\Temp\nnnvcqo5.dll
C:\Users\Rebekah\AppData\Local\Temp\nojnrusn.dll
C:\Users\Rebekah\AppData\Local\Temp\npbjdayc.dll
C:\Users\Rebekah\AppData\Local\Temp\npp.6.5.5.Installer.exe
C:\Users\Rebekah\AppData\Local\Temp\nqbp9g7t.dll
C:\Users\Rebekah\AppData\Local\Temp\nqcu_lqf.dll
C:\Users\Rebekah\AppData\Local\Temp\nqhyvj1q.dll
C:\Users\Rebekah\AppData\Local\Temp\nqygtbxv.dll
C:\Users\Rebekah\AppData\Local\Temp\nr8ujutz.dll
C:\Users\Rebekah\AppData\Local\Temp\nrrc0-sz.dll
C:\Users\Rebekah\AppData\Local\Temp\nsetrorq.dll
C:\Users\Rebekah\AppData\Local\Temp\nsufbofn.dll
C:\Users\Rebekah\AppData\Local\Temp\nsxa5-lx.dll
C:\Users\Rebekah\AppData\Local\Temp\ntjroavw.dll
C:\Users\Rebekah\AppData\Local\Temp\ntttw957.dll
C:\Users\Rebekah\AppData\Local\Temp\nvzraszz.dll
C:\Users\Rebekah\AppData\Local\Temp\nw2orhxr.dll
C:\Users\Rebekah\AppData\Local\Temp\nwivsuvb.dll
C:\Users\Rebekah\AppData\Local\Temp\nwmiidah.dll
C:\Users\Rebekah\AppData\Local\Temp\nwrrpi_s.dll
C:\Users\Rebekah\AppData\Local\Temp\nx0cbwwt.dll
C:\Users\Rebekah\AppData\Local\Temp\nxbugwqj.dll
C:\Users\Rebekah\AppData\Local\Temp\nxcjhbdn.dll
C:\Users\Rebekah\AppData\Local\Temp\nxo-d91x.dll
C:\Users\Rebekah\AppData\Local\Temp\nxqkpooi.dll
C:\Users\Rebekah\AppData\Local\Temp\nyijybka.dll
C:\Users\Rebekah\AppData\Local\Temp\n_da4vpb.dll
C:\Users\Rebekah\AppData\Local\Temp\o-idzbh6.dll
C:\Users\Rebekah\AppData\Local\Temp\o1o_vqro.dll
C:\Users\Rebekah\AppData\Local\Temp\o2g8_zed.dll
C:\Users\Rebekah\AppData\Local\Temp\o4fwz9po.dll
C:\Users\Rebekah\AppData\Local\Temp\o79kkrbl.dll
C:\Users\Rebekah\AppData\Local\Temp\o7jeimds.dll
C:\Users\Rebekah\AppData\Local\Temp\o7s5n50g.dll
C:\Users\Rebekah\AppData\Local\Temp\o8_8cybl.dll
C:\Users\Rebekah\AppData\Local\Temp\ocnmgvev.dll
C:\Users\Rebekah\AppData\Local\Temp\ocp0hssc.dll
C:\Users\Rebekah\AppData\Local\Temp\ocxglkze.dll
C:\Users\Rebekah\AppData\Local\Temp\off1zunj.dll
C:\Users\Rebekah\AppData\Local\Temp\ogms0xag.dll
C:\Users\Rebekah\AppData\Local\Temp\ohcnuypk.dll
C:\Users\Rebekah\AppData\Local\Temp\ohlfthpk.dll
C:\Users\Rebekah\AppData\Local\Temp\ohls5lm9.dll
C:\Users\Rebekah\AppData\Local\Temp\ohq-ca_q.dll
C:\Users\Rebekah\AppData\Local\Temp\ojib3rzq.dll
C:\Users\Rebekah\AppData\Local\Temp\ojqoko5u.dll
C:\Users\Rebekah\AppData\Local\Temp\ojsnpemp.dll
C:\Users\Rebekah\AppData\Local\Temp\ok1e7uue.dll
C:\Users\Rebekah\AppData\Local\Temp\omdgande.dll
C:\Users\Rebekah\AppData\Local\Temp\omkh7x6m.dll
C:\Users\Rebekah\AppData\Local\Temp\on0vrjsn.dll
C:\Users\Rebekah\AppData\Local\Temp\oorubmmg.dll
C:\Users\Rebekah\AppData\Local\Temp\oov2vnkr.dll
C:\Users\Rebekah\AppData\Local\Temp\opptyu0q.dll
C:\Users\Rebekah\AppData\Local\Temp\oprq0tp1.dll
C:\Users\Rebekah\AppData\Local\Temp\opwexvse.dll
C:\Users\Rebekah\AppData\Local\Temp\oqom_r0w.dll
C:\Users\Rebekah\AppData\Local\Temp\orjqhi7h.dll
C:\Users\Rebekah\AppData\Local\Temp\os6vgpv7.dll
C:\Users\Rebekah\AppData\Local\Temp\ose00000.exe
C:\Users\Rebekah\AppData\Local\Temp\ost9hzwg.dll
C:\Users\Rebekah\AppData\Local\Temp\osvgjntr.dll
C:\Users\Rebekah\AppData\Local\Temp\othwtswv.dll
C:\Users\Rebekah\AppData\Local\Temp\otiv61cf.dll
C:\Users\Rebekah\AppData\Local\Temp\otq53sq1.dll
C:\Users\Rebekah\AppData\Local\Temp\ovnpldon.dll
C:\Users\Rebekah\AppData\Local\Temp\ovweiwq5.dll
C:\Users\Rebekah\AppData\Local\Temp\ow0clwtf.dll
C:\Users\Rebekah\AppData\Local\Temp\owdzpljg.dll
C:\Users\Rebekah\AppData\Local\Temp\oxfzt4ws.dll
C:\Users\Rebekah\AppData\Local\Temp\oxz9sjrn.dll
C:\Users\Rebekah\AppData\Local\Temp\oy46otl7.dll
C:\Users\Rebekah\AppData\Local\Temp\oyip0my_.dll
C:\Users\Rebekah\AppData\Local\Temp\oywqnvgo.dll
C:\Users\Rebekah\AppData\Local\Temp\oyxmqn2z.dll
C:\Users\Rebekah\AppData\Local\Temp\ozibe-wc.dll
C:\Users\Rebekah\AppData\Local\Temp\o_k51j3n.dll
C:\Users\Rebekah\AppData\Local\Temp\p0hl0wzb.dll
C:\Users\Rebekah\AppData\Local\Temp\p2i1vfkw.dll
C:\Users\Rebekah\AppData\Local\Temp\p4okzmd_.dll
C:\Users\Rebekah\AppData\Local\Temp\p4r-7eot.dll
C:\Users\Rebekah\AppData\Local\Temp\p6itkdzq.dll
C:\Users\Rebekah\AppData\Local\Temp\p7hidd_d.dll
C:\Users\Rebekah\AppData\Local\Temp\p7lcsfry.dll
C:\Users\Rebekah\AppData\Local\Temp\p9usijcm.dll
C:\Users\Rebekah\AppData\Local\Temp\pam_phyo.dll
C:\Users\Rebekah\AppData\Local\Temp\pczk-yzz.dll
C:\Users\Rebekah\AppData\Local\Temp\pd5nt4yv.dll
C:\Users\Rebekah\AppData\Local\Temp\pdlpwtgg.dll
C:\Users\Rebekah\AppData\Local\Temp\pdt9arsd.dll
C:\Users\Rebekah\AppData\Local\Temp\pdx2x9af.dll
C:\Users\Rebekah\AppData\Local\Temp\peocwx7y.dll
C:\Users\Rebekah\AppData\Local\Temp\petlhzfp.dll
C:\Users\Rebekah\AppData\Local\Temp\pgeyixqv.dll
C:\Users\Rebekah\AppData\Local\Temp\pi2u7tlw.dll
C:\Users\Rebekah\AppData\Local\Temp\pidc50dd.dll
C:\Users\Rebekah\AppData\Local\Temp\pikfuep6.dll
C:\Users\Rebekah\AppData\Local\Temp\pikrsir-.dll
C:\Users\Rebekah\AppData\Local\Temp\pjdq_uhr.dll
C:\Users\Rebekah\AppData\Local\Temp\pjv1zwqr.dll
C:\Users\Rebekah\AppData\Local\Temp\pkr6c8ps.dll
C:\Users\Rebekah\AppData\Local\Temp\pktzl0qo.dll
C:\Users\Rebekah\AppData\Local\Temp\plqaibpd.dll
C:\Users\Rebekah\AppData\Local\Temp\pnajmgz4.dll
C:\Users\Rebekah\AppData\Local\Temp\pnmqq27r.dll
C:\Users\Rebekah\AppData\Local\Temp\poiibbji.dll
C:\Users\Rebekah\AppData\Local\Temp\ppjykqfc.dll
C:\Users\Rebekah\AppData\Local\Temp\pqh68qrd.dll
C:\Users\Rebekah\AppData\Local\Temp\pqpt6wrp.dll
C:\Users\Rebekah\AppData\Local\Temp\prmqantn.dll
C:\Users\Rebekah\AppData\Local\Temp\psdbphi6.dll
C:\Users\Rebekah\AppData\Local\Temp\psvu5icp.dll
C:\Users\Rebekah\AppData\Local\Temp\pt2jikas.dll
C:\Users\Rebekah\AppData\Local\Temp\ptwwonbz.dll
C:\Users\Rebekah\AppData\Local\Temp\pudn5nyz.dll
C:\Users\Rebekah\AppData\Local\Temp\pummzzlq.dll
C:\Users\Rebekah\AppData\Local\Temp\pvf0uvoi.dll
C:\Users\Rebekah\AppData\Local\Temp\pvgpzgix.dll
C:\Users\Rebekah\AppData\Local\Temp\pvhbdrf6.dll
C:\Users\Rebekah\AppData\Local\Temp\pw7ywx00.dll
C:\Users\Rebekah\AppData\Local\Temp\pw7_8t8h.dll
C:\Users\Rebekah\AppData\Local\Temp\pwunov-3.dll
C:\Users\Rebekah\AppData\Local\Temp\pxlt5qy6.dll
C:\Users\Rebekah\AppData\Local\Temp\pxx7qipw.dll
C:\Users\Rebekah\AppData\Local\Temp\py9lefxq.dll
C:\Users\Rebekah\AppData\Local\Temp\pysskrdk.dll
C:\Users\Rebekah\AppData\Local\Temp\pythef0y.dll
C:\Users\Rebekah\AppData\Local\Temp\pyt_s0dl.dll
C:\Users\Rebekah\AppData\Local\Temp\pyynr7wg.dll
C:\Users\Rebekah\AppData\Local\Temp\pyzfzxap.dll
C:\Users\Rebekah\AppData\Local\Temp\pzriyq9o.dll
C:\Users\Rebekah\AppData\Local\Temp\p_6hvg4b.dll
C:\Users\Rebekah\AppData\Local\Temp\p_vr4yiw.dll
C:\Users\Rebekah\AppData\Local\Temp\q1fovjqj.dll
C:\Users\Rebekah\AppData\Local\Temp\q3yulq5e.dll
C:\Users\Rebekah\AppData\Local\Temp\q40drqzp.dll
C:\Users\Rebekah\AppData\Local\Temp\q6_4b72s.dll
C:\Users\Rebekah\AppData\Local\Temp\q7enfart.dll
C:\Users\Rebekah\AppData\Local\Temp\q9ncs49b.dll
C:\Users\Rebekah\AppData\Local\Temp\qa3ajvoq.dll
C:\Users\Rebekah\AppData\Local\Temp\qaaw8c_3.dll
C:\Users\Rebekah\AppData\Local\Temp\qamvhmni.dll
C:\Users\Rebekah\AppData\Local\Temp\qa_0wiws.dll
C:\Users\Rebekah\AppData\Local\Temp\qa_yejsa.dll
C:\Users\Rebekah\AppData\Local\Temp\qbo68tyf.dll
C:\Users\Rebekah\AppData\Local\Temp\qc3macfy.dll
C:\Users\Rebekah\AppData\Local\Temp\qcihmzuy.dll
C:\Users\Rebekah\AppData\Local\Temp\qcmdix1g.dll
C:\Users\Rebekah\AppData\Local\Temp\qd4rqqmu.dll
C:\Users\Rebekah\AppData\Local\Temp\qdifyke6.dll
C:\Users\Rebekah\AppData\Local\Temp\qdtn8wc4.dll
C:\Users\Rebekah\AppData\Local\Temp\qet2fihu.dll
C:\Users\Rebekah\AppData\Local\Temp\qfb3pd8u.dll
C:\Users\Rebekah\AppData\Local\Temp\qfn31upd.dll
C:\Users\Rebekah\AppData\Local\Temp\qg0p17-v.dll
C:\Users\Rebekah\AppData\Local\Temp\qg1irupf.dll
C:\Users\Rebekah\AppData\Local\Temp\qi6oipoc.dll
C:\Users\Rebekah\AppData\Local\Temp\qiy7ajvr.dll
C:\Users\Rebekah\AppData\Local\Temp\qjiit-bl.dll
C:\Users\Rebekah\AppData\Local\Temp\qk2livxu.dll
C:\Users\Rebekah\AppData\Local\Temp\qkfmhbc-.dll
C:\Users\Rebekah\AppData\Local\Temp\qkoyee1p.dll
C:\Users\Rebekah\AppData\Local\Temp\qkzt1wzn.dll
C:\Users\Rebekah\AppData\Local\Temp\qmzr6ffo.dll
C:\Users\Rebekah\AppData\Local\Temp\qntjugew.dll
C:\Users\Rebekah\AppData\Local\Temp\qogdddpr.dll
C:\Users\Rebekah\AppData\Local\Temp\qouu00nk.dll
C:\Users\Rebekah\AppData\Local\Temp\qpgk09q-.dll
C:\Users\Rebekah\AppData\Local\Temp\qpn5oopo.dll
C:\Users\Rebekah\AppData\Local\Temp\qppkicbo.dll
C:\Users\Rebekah\AppData\Local\Temp\qr0syqkw.dll
C:\Users\Rebekah\AppData\Local\Temp\qraakkdk.dll
C:\Users\Rebekah\AppData\Local\Temp\qrx8szpb.dll
C:\Users\Rebekah\AppData\Local\Temp\qser598m.dll
C:\Users\Rebekah\AppData\Local\Temp\qu6qf8hk.dll
C:\Users\Rebekah\AppData\Local\Temp\quthezks.dll
C:\Users\Rebekah\AppData\Local\Temp\qvs6e9ie.dll
C:\Users\Rebekah\AppData\Local\Temp\qvxjsia2.dll
C:\Users\Rebekah\AppData\Local\Temp\qwsvdfoe.dll
C:\Users\Rebekah\AppData\Local\Temp\qwujuxlw.dll
C:\Users\Rebekah\AppData\Local\Temp\qxamais2.dll
C:\Users\Rebekah\AppData\Local\Temp\qxrbb3ji.dll
C:\Users\Rebekah\AppData\Local\Temp\qy1p_4rh.dll
C:\Users\Rebekah\AppData\Local\Temp\qydccde4.dll
C:\Users\Rebekah\AppData\Local\Temp\qywwep0e.dll
C:\Users\Rebekah\AppData\Local\Temp\r-ug1svz.dll
C:\Users\Rebekah\AppData\Local\Temp\r1wiovwb.dll
C:\Users\Rebekah\AppData\Local\Temp\r457owqh.dll
C:\Users\Rebekah\AppData\Local\Temp\r6lm5a_9.dll
C:\Users\Rebekah\AppData\Local\Temp\r9x8txir.dll
C:\Users\Rebekah\AppData\Local\Temp\raltns1i.dll
C:\Users\Rebekah\AppData\Local\Temp\ranlvd9k.dll
C:\Users\Rebekah\AppData\Local\Temp\rbuht_ny.dll
C:\Users\Rebekah\AppData\Local\Temp\rcany6bj.dll
C:\Users\Rebekah\AppData\Local\Temp\rcbjezsq.dll
C:\Users\Rebekah\AppData\Local\Temp\rdvifq9p.dll
C:\Users\Rebekah\AppData\Local\Temp\re6bysiy.dll
C:\Users\Rebekah\AppData\Local\Temp\rerv3tyu.dll
C:\Users\Rebekah\AppData\Local\Temp\rexqutf1.dll
C:\Users\Rebekah\AppData\Local\Temp\rf29f8by.dll
C:\Users\Rebekah\AppData\Local\Temp\rf7phpnq.dll
C:\Users\Rebekah\AppData\Local\Temp\rfci0ci_.dll
C:\Users\Rebekah\AppData\Local\Temp\rfjqnm_s.dll
C:\Users\Rebekah\AppData\Local\Temp\rfm0lmum.dll
C:\Users\Rebekah\AppData\Local\Temp\rgiyku9u.dll
C:\Users\Rebekah\AppData\Local\Temp\rgjpn0qt.dll
C:\Users\Rebekah\AppData\Local\Temp\rgm7wdc-.dll
C:\Users\Rebekah\AppData\Local\Temp\rgxbryr2.dll
C:\Users\Rebekah\AppData\Local\Temp\rhjnogri.dll
C:\Users\Rebekah\AppData\Local\Temp\riko79rx.dll
C:\Users\Rebekah\AppData\Local\Temp\rjunv8tc.dll
C:\Users\Rebekah\AppData\Local\Temp\rjy7n255.dll
C:\Users\Rebekah\AppData\Local\Temp\rk_24ovm.dll
C:\Users\Rebekah\AppData\Local\Temp\rmbnib3y.dll
C:\Users\Rebekah\AppData\Local\Temp\rmikvcy1.dll
C:\Users\Rebekah\AppData\Local\Temp\rnicmlfy.dll
C:\Users\Rebekah\AppData\Local\Temp\rnilxdmm.dll
C:\Users\Rebekah\AppData\Local\Temp\rnvwgrhq.dll
C:\Users\Rebekah\AppData\Local\Temp\ro6do35d.dll
C:\Users\Rebekah\AppData\Local\Temp\rpfeeksm.dll
C:\Users\Rebekah\AppData\Local\Temp\rppn9rsq.dll
C:\Users\Rebekah\AppData\Local\Temp\rqxohi7n.dll
C:\Users\Rebekah\AppData\Local\Temp\rrmltufs.dll
C:\Users\Rebekah\AppData\Local\Temp\rsbcyv9r.dll
C:\Users\Rebekah\AppData\Local\Temp\rstsajei.dll
C:\Users\Rebekah\AppData\Local\Temp\rt8vuhnb.dll
C:\Users\Rebekah\AppData\Local\Temp\rtrvrwz4.dll
C:\Users\Rebekah\AppData\Local\Temp\ruhapn5a.dll
C:\Users\Rebekah\AppData\Local\Temp\runsz3uo.dll
C:\Users\Rebekah\AppData\Local\Temp\rv1-s_zb.dll
C:\Users\Rebekah\AppData\Local\Temp\rvmlx_pd.dll
C:\Users\Rebekah\AppData\Local\Temp\rwlsgr4y.dll
C:\Users\Rebekah\AppData\Local\Temp\rxylnccs.dll
C:\Users\Rebekah\AppData\Local\Temp\rywpjylx.dll
C:\Users\Rebekah\AppData\Local\Temp\rztsc6wl.dll
C:\Users\Rebekah\AppData\Local\Temp\r_27c4tz.dll
C:\Users\Rebekah\AppData\Local\Temp\r_se4tg1.dll
C:\Users\Rebekah\AppData\Local\Temp\r_yqfmbo.dll
C:\Users\Rebekah\AppData\Local\Temp\s1jdq2qf.dll
C:\Users\Rebekah\AppData\Local\Temp\s1_behde.dll
C:\Users\Rebekah\AppData\Local\Temp\s2cbickr.dll
C:\Users\Rebekah\AppData\Local\Temp\s3o5achc.dll
C:\Users\Rebekah\AppData\Local\Temp\s5rvwcop.dll
C:\Users\Rebekah\AppData\Local\Temp\s6dekpwv.dll
C:\Users\Rebekah\AppData\Local\Temp\s6lzryz1.dll
C:\Users\Rebekah\AppData\Local\Temp\s7ax5ovk.dll
C:\Users\Rebekah\AppData\Local\Temp\s83ncrmj.dll
C:\Users\Rebekah\AppData\Local\Temp\s9p9oikg.dll
C:\Users\Rebekah\AppData\Local\Temp\sapgctsm.dll
C:\Users\Rebekah\AppData\Local\Temp\savtzcsl.dll
C:\Users\Rebekah\AppData\Local\Temp\sbzp5yif.dll
C:\Users\Rebekah\AppData\Local\Temp\scm6hiif.dll
C:\Users\Rebekah\AppData\Local\Temp\sco0eupx.dll
C:\Users\Rebekah\AppData\Local\Temp\scynai6u.dll
C:\Users\Rebekah\AppData\Local\Temp\sdds8gnm.dll
C:\Users\Rebekah\AppData\Local\Temp\sdoegb_b.dll
C:\Users\Rebekah\AppData\Local\Temp\sdssuksn.dll
C:\Users\Rebekah\AppData\Local\Temp\sdu6lduv.dll
C:\Users\Rebekah\AppData\Local\Temp\senj8o8n.dll
C:\Users\Rebekah\AppData\Local\Temp\sesrnxby.dll
C:\Users\Rebekah\AppData\Local\Temp\setbahn_.dll
C:\Users\Rebekah\AppData\Local\Temp\setup.exe
C:\Users\Rebekah\AppData\Local\Temp\sgctxbbl.dll
C:\Users\Rebekah\AppData\Local\Temp\sgxqivka.dll
C:\Users\Rebekah\AppData\Local\Temp\shaadpkw.dll
C:\Users\Rebekah\AppData\Local\Temp\shhod-pe.dll
C:\Users\Rebekah\AppData\Local\Temp\shmqegth.dll
C:\Users\Rebekah\AppData\Local\Temp\shwgwmqm.dll
C:\Users\Rebekah\AppData\Local\Temp\si12ak3h.dll
C:\Users\Rebekah\AppData\Local\Temp\sl9dcfjb.dll
C:\Users\Rebekah\AppData\Local\Temp\slg5eezq.dll
C:\Users\Rebekah\AppData\Local\Temp\snv7wqek.dll
C:\Users\Rebekah\AppData\Local\Temp\soxognks.dll
C:\Users\Rebekah\AppData\Local\Temp\spn-l2ug.dll
 
Section 5
C:\Users\Rebekah\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Rebekah\AppData\Local\Temp\spsyhhp7.dll
C:\Users\Rebekah\AppData\Local\Temp\Sqlite3.dll
C:\Users\Rebekah\AppData\Local\Temp\srelbpmu.dll
C:\Users\Rebekah\AppData\Local\Temp\srf1exp0.dll
C:\Users\Rebekah\AppData\Local\Temp\ssnhaqks.dll
C:\Users\Rebekah\AppData\Local\Temp\swoqbmxa.dll
C:\Users\Rebekah\AppData\Local\Temp\sx7mx8_w.dll
C:\Users\Rebekah\AppData\Local\Temp\sy_o8wgd.dll
C:\Users\Rebekah\AppData\Local\Temp\t-byshqq.dll
C:\Users\Rebekah\AppData\Local\Temp\t1n_rolb.dll
C:\Users\Rebekah\AppData\Local\Temp\t3f1ce14.dll
C:\Users\Rebekah\AppData\Local\Temp\t3f_ajfu.dll
C:\Users\Rebekah\AppData\Local\Temp\t4vvxn_0.dll
C:\Users\Rebekah\AppData\Local\Temp\t5mfwka_.dll
C:\Users\Rebekah\AppData\Local\Temp\t7fkcwt3.dll
C:\Users\Rebekah\AppData\Local\Temp\t7j6alda.dll
C:\Users\Rebekah\AppData\Local\Temp\tandjhf8.dll
C:\Users\Rebekah\AppData\Local\Temp\tbvf8etn.dll
C:\Users\Rebekah\AppData\Local\Temp\tdkqc5te.dll
C:\Users\Rebekah\AppData\Local\Temp\tdlauwlp.dll
C:\Users\Rebekah\AppData\Local\Temp\tfh40xaj.dll
C:\Users\Rebekah\AppData\Local\Temp\tflzas4v.dll
C:\Users\Rebekah\AppData\Local\Temp\tg1jbeld.dll
C:\Users\Rebekah\AppData\Local\Temp\thgn-slg.dll
C:\Users\Rebekah\AppData\Local\Temp\thi-g07t.dll
C:\Users\Rebekah\AppData\Local\Temp\thqg-cpw.dll
C:\Users\Rebekah\AppData\Local\Temp\tk2mt4ig.dll
C:\Users\Rebekah\AppData\Local\Temp\tmomskld.dll
C:\Users\Rebekah\AppData\Local\Temp\tn2f-wsc.dll
C:\Users\Rebekah\AppData\Local\Temp\toh80jto.dll
C:\Users\Rebekah\AppData\Local\Temp\tpdzo5z-.dll
C:\Users\Rebekah\AppData\Local\Temp\trfzmkgj.dll
C:\Users\Rebekah\AppData\Local\Temp\trn2wdtk.dll
C:\Users\Rebekah\AppData\Local\Temp\tse-5kuc.dll
C:\Users\Rebekah\AppData\Local\Temp\tsye_4lr.dll
C:\Users\Rebekah\AppData\Local\Temp\tu1mgion.dll
C:\Users\Rebekah\AppData\Local\Temp\tv2zloot.dll
C:\Users\Rebekah\AppData\Local\Temp\tv8rcqqm.dll
C:\Users\Rebekah\AppData\Local\Temp\tvfy6o61.dll
C:\Users\Rebekah\AppData\Local\Temp\twcbjmbb.dll
C:\Users\Rebekah\AppData\Local\Temp\twnpckgd.dll
C:\Users\Rebekah\AppData\Local\Temp\tx4vjg_a.dll
C:\Users\Rebekah\AppData\Local\Temp\txyhogll.dll
C:\Users\Rebekah\AppData\Local\Temp\tyyj7khl.dll
C:\Users\Rebekah\AppData\Local\Temp\tzbinflb.dll
C:\Users\Rebekah\AppData\Local\Temp\tzs7bkxx.dll
C:\Users\Rebekah\AppData\Local\Temp\tzsnwivc.dll
C:\Users\Rebekah\AppData\Local\Temp\tzvgctjy.dll
C:\Users\Rebekah\AppData\Local\Temp\u0a8p5c0.dll
C:\Users\Rebekah\AppData\Local\Temp\u5tfmgkp.dll
C:\Users\Rebekah\AppData\Local\Temp\u62ohhjf.dll
C:\Users\Rebekah\AppData\Local\Temp\u6euamdm.dll
C:\Users\Rebekah\AppData\Local\Temp\u6ktavme.dll
C:\Users\Rebekah\AppData\Local\Temp\u6wywq1d.dll
C:\Users\Rebekah\AppData\Local\Temp\ua-2kydd.dll
C:\Users\Rebekah\AppData\Local\Temp\ualy_wx8.dll
C:\Users\Rebekah\AppData\Local\Temp\uavax-0a.dll
C:\Users\Rebekah\AppData\Local\Temp\ubj0bxeo.dll
C:\Users\Rebekah\AppData\Local\Temp\ublulmtk.dll
C:\Users\Rebekah\AppData\Local\Temp\uc_34tii.dll
C:\Users\Rebekah\AppData\Local\Temp\ue5cosjn.dll
C:\Users\Rebekah\AppData\Local\Temp\ueejt6a7.dll
C:\Users\Rebekah\AppData\Local\Temp\uergdejt.dll
C:\Users\Rebekah\AppData\Local\Temp\uevhrrdr.dll
C:\Users\Rebekah\AppData\Local\Temp\ufsc90bo.dll
C:\Users\Rebekah\AppData\Local\Temp\ugxwyg2o.dll
C:\Users\Rebekah\AppData\Local\Temp\uh9zqppu.dll
C:\Users\Rebekah\AppData\Local\Temp\uhrig2jx.dll
C:\Users\Rebekah\AppData\Local\Temp\ui6ifzbe.dll
C:\Users\Rebekah\AppData\Local\Temp\uigmgjky.dll
C:\Users\Rebekah\AppData\Local\Temp\uijsus9k.dll
C:\Users\Rebekah\AppData\Local\Temp\uimeznka.dll
C:\Users\Rebekah\AppData\Local\Temp\ujo3euoh.dll
C:\Users\Rebekah\AppData\Local\Temp\ujqpqceg.dll
C:\Users\Rebekah\AppData\Local\Temp\uk3dkfxi.dll
C:\Users\Rebekah\AppData\Local\Temp\ukrocfo8.dll
C:\Users\Rebekah\AppData\Local\Temp\umyifbbo.dll
C:\Users\Rebekah\AppData\Local\Temp\unhbvrj5.dll
C:\Users\Rebekah\AppData\Local\Temp\unmg5rjb.dll
C:\Users\Rebekah\AppData\Local\Temp\uoamc9zv.dll
C:\Users\Rebekah\AppData\Local\Temp\uojdg6ix.dll
C:\Users\Rebekah\AppData\Local\Temp\uomzj0iw.dll
C:\Users\Rebekah\AppData\Local\Temp\uotuyobl.dll
C:\Users\Rebekah\AppData\Local\Temp\upxponaj.dll
C:\Users\Rebekah\AppData\Local\Temp\upxsnb4x.dll
C:\Users\Rebekah\AppData\Local\Temp\uqahut-2.dll
C:\Users\Rebekah\AppData\Local\Temp\uqbdgv4c.dll
C:\Users\Rebekah\AppData\Local\Temp\urspvwfh.dll
C:\Users\Rebekah\AppData\Local\Temp\urzchge2.dll
C:\Users\Rebekah\AppData\Local\Temp\ux3evchk.dll
C:\Users\Rebekah\AppData\Local\Temp\uybcxue4.dll
C:\Users\Rebekah\AppData\Local\Temp\uycfig4u.dll
C:\Users\Rebekah\AppData\Local\Temp\uzrc6vfw.dll
C:\Users\Rebekah\AppData\Local\Temp\u_syc39g.dll
C:\Users\Rebekah\AppData\Local\Temp\v-c-dmf5.dll
C:\Users\Rebekah\AppData\Local\Temp\v0bgnt5q.dll
C:\Users\Rebekah\AppData\Local\Temp\v3uhxtca.dll
C:\Users\Rebekah\AppData\Local\Temp\v7avnprx.dll
C:\Users\Rebekah\AppData\Local\Temp\v81ympzm.dll
C:\Users\Rebekah\AppData\Local\Temp\vazr6114.dll
C:\Users\Rebekah\AppData\Local\Temp\vc2vqttu.dll
C:\Users\Rebekah\AppData\Local\Temp\vcy4xteb.dll
C:\Users\Rebekah\AppData\Local\Temp\vderqnpm.dll
C:\Users\Rebekah\AppData\Local\Temp\vff9vhbq.dll
C:\Users\Rebekah\AppData\Local\Temp\vfxcpnxy.dll
C:\Users\Rebekah\AppData\Local\Temp\vgeri-qj.dll
C:\Users\Rebekah\AppData\Local\Temp\vhwyihim.dll
C:\Users\Rebekah\AppData\Local\Temp\vifdgyyk.dll
C:\Users\Rebekah\AppData\Local\Temp\vjblvdu3.dll
C:\Users\Rebekah\AppData\Local\Temp\vjcsfvwb.dll
C:\Users\Rebekah\AppData\Local\Temp\vliigt8p.dll
C:\Users\Rebekah\AppData\Local\Temp\vne1htbv.dll
C:\Users\Rebekah\AppData\Local\Temp\vngeqpco.dll
C:\Users\Rebekah\AppData\Local\Temp\vnl3mtpc.dll
C:\Users\Rebekah\AppData\Local\Temp\voazgocz.dll
C:\Users\Rebekah\AppData\Local\Temp\voyqonlz.dll
C:\Users\Rebekah\AppData\Local\Temp\vozewd9t.dll
C:\Users\Rebekah\AppData\Local\Temp\vp5s8xsh.dll
C:\Users\Rebekah\AppData\Local\Temp\vqulvkco.dll
C:\Users\Rebekah\AppData\Local\Temp\vqunxoap.dll
C:\Users\Rebekah\AppData\Local\Temp\vr-u9mjr.dll
C:\Users\Rebekah\AppData\Local\Temp\vrrq-n04.dll
C:\Users\Rebekah\AppData\Local\Temp\vshfvqmi.dll
C:\Users\Rebekah\AppData\Local\Temp\vsk5qeq_.dll
C:\Users\Rebekah\AppData\Local\Temp\vstuynqs.dll
C:\Users\Rebekah\AppData\Local\Temp\vtgiaou2.dll
C:\Users\Rebekah\AppData\Local\Temp\vtnyiign.dll
C:\Users\Rebekah\AppData\Local\Temp\vuk2eao8.dll
C:\Users\Rebekah\AppData\Local\Temp\vvbeijo4.dll
C:\Users\Rebekah\AppData\Local\Temp\vvkodn5r.dll
C:\Users\Rebekah\AppData\Local\Temp\vvkteymp.dll
C:\Users\Rebekah\AppData\Local\Temp\vw5q4uao.dll
C:\Users\Rebekah\AppData\Local\Temp\vwak04fe.dll
C:\Users\Rebekah\AppData\Local\Temp\vxmfbb4e.dll
C:\Users\Rebekah\AppData\Local\Temp\vyebxl1a.dll
C:\Users\Rebekah\AppData\Local\Temp\v_a1qn1h.dll
C:\Users\Rebekah\AppData\Local\Temp\v_vpgtz4.dll
C:\Users\Rebekah\AppData\Local\Temp\v_wnathe.dll
C:\Users\Rebekah\AppData\Local\Temp\w-7hlx5y.dll
C:\Users\Rebekah\AppData\Local\Temp\w1_gyqw-.dll
C:\Users\Rebekah\AppData\Local\Temp\w2xfrpll.dll
C:\Users\Rebekah\AppData\Local\Temp\w3lwv_7d.dll
C:\Users\Rebekah\AppData\Local\Temp\w43uuao3.dll
C:\Users\Rebekah\AppData\Local\Temp\w63y7bl9.dll
C:\Users\Rebekah\AppData\Local\Temp\w6b2idno.dll
C:\Users\Rebekah\AppData\Local\Temp\w6nvtmmm.dll
C:\Users\Rebekah\AppData\Local\Temp\w7duvxsr.dll
C:\Users\Rebekah\AppData\Local\Temp\w7jpwhz2.dll
C:\Users\Rebekah\AppData\Local\Temp\w8laibvd.dll
C:\Users\Rebekah\AppData\Local\Temp\w8mdinyv.dll
C:\Users\Rebekah\AppData\Local\Temp\w90eamta.dll
C:\Users\Rebekah\AppData\Local\Temp\wahw7z9l.dll
C:\Users\Rebekah\AppData\Local\Temp\wbhbtl9f.dll
C:\Users\Rebekah\AppData\Local\Temp\wcfvafey.dll
C:\Users\Rebekah\AppData\Local\Temp\wdyq2hko.dll
C:\Users\Rebekah\AppData\Local\Temp\wesom7iy.dll
C:\Users\Rebekah\AppData\Local\Temp\wfcm6nvr.dll
C:\Users\Rebekah\AppData\Local\Temp\wfiv6_t-.dll
C:\Users\Rebekah\AppData\Local\Temp\wfufbace.dll
C:\Users\Rebekah\AppData\Local\Temp\wg9bubw_.dll
C:\Users\Rebekah\AppData\Local\Temp\wggtsbst.dll
C:\Users\Rebekah\AppData\Local\Temp\whgwycfm.dll
C:\Users\Rebekah\AppData\Local\Temp\wi2qdfk1.dll
C:\Users\Rebekah\AppData\Local\Temp\wjdh7324.dll
C:\Users\Rebekah\AppData\Local\Temp\wjuxd1al.dll
C:\Users\Rebekah\AppData\Local\Temp\wjv4t3-h.dll
C:\Users\Rebekah\AppData\Local\Temp\wjzfigfu.dll
C:\Users\Rebekah\AppData\Local\Temp\wkldm-fg.dll
C:\Users\Rebekah\AppData\Local\Temp\wmcczenw.dll
C:\Users\Rebekah\AppData\Local\Temp\wnjktv-m.dll
C:\Users\Rebekah\AppData\Local\Temp\wnqgmylo.dll
C:\Users\Rebekah\AppData\Local\Temp\wnr1m-bf.dll
C:\Users\Rebekah\AppData\Local\Temp\wona-coa.dll
C:\Users\Rebekah\AppData\Local\Temp\wophhw9e.dll
C:\Users\Rebekah\AppData\Local\Temp\wp5ki39d.dll
C:\Users\Rebekah\AppData\Local\Temp\wpdk9dvv.dll
C:\Users\Rebekah\AppData\Local\Temp\wsntushm.dll
C:\Users\Rebekah\AppData\Local\Temp\wtq64q8j.dll
C:\Users\Rebekah\AppData\Local\Temp\wuod5xgw.dll
C:\Users\Rebekah\AppData\Local\Temp\wusygqrj.dll
C:\Users\Rebekah\AppData\Local\Temp\wvxwehw-.dll
C:\Users\Rebekah\AppData\Local\Temp\wwohz-3e.dll
C:\Users\Rebekah\AppData\Local\Temp\wxnopoar.dll
C:\Users\Rebekah\AppData\Local\Temp\wyiik9rg.dll
C:\Users\Rebekah\AppData\Local\Temp\x2hu-j7h.dll
C:\Users\Rebekah\AppData\Local\Temp\x39oilhl.dll
C:\Users\Rebekah\AppData\Local\Temp\x3z2okqq.dll
C:\Users\Rebekah\AppData\Local\Temp\x5rrckl5.dll
C:\Users\Rebekah\AppData\Local\Temp\x6t1u4kp.dll
C:\Users\Rebekah\AppData\Local\Temp\x6tgroos.dll
C:\Users\Rebekah\AppData\Local\Temp\x7ap2s2x.dll
C:\Users\Rebekah\AppData\Local\Temp\xa5_xntf.dll
C:\Users\Rebekah\AppData\Local\Temp\xa7_dfx9.dll
C:\Users\Rebekah\AppData\Local\Temp\xafrchou.dll
C:\Users\Rebekah\AppData\Local\Temp\xapci3na.dll
C:\Users\Rebekah\AppData\Local\Temp\xbcu5mou.dll
C:\Users\Rebekah\AppData\Local\Temp\xbnfbgf1.dll
C:\Users\Rebekah\AppData\Local\Temp\xcghgwib.dll
C:\Users\Rebekah\AppData\Local\Temp\xclu20s9.dll
C:\Users\Rebekah\AppData\Local\Temp\xdqhpd60.dll
C:\Users\Rebekah\AppData\Local\Temp\xdqshurl.dll
C:\Users\Rebekah\AppData\Local\Temp\xeabgson.dll
C:\Users\Rebekah\AppData\Local\Temp\xezdmrgw.dll
C:\Users\Rebekah\AppData\Local\Temp\xgg0ok0-.dll
C:\Users\Rebekah\AppData\Local\Temp\xh-0pt9w.dll
C:\Users\Rebekah\AppData\Local\Temp\xhquozdr.dll
C:\Users\Rebekah\AppData\Local\Temp\xjahs8r-.dll
C:\Users\Rebekah\AppData\Local\Temp\xjmp4efh.dll
C:\Users\Rebekah\AppData\Local\Temp\xkpu59hu.dll
C:\Users\Rebekah\AppData\Local\Temp\xkz_bg9j.dll
C:\Users\Rebekah\AppData\Local\Temp\xl3ngb2s.dll
C:\Users\Rebekah\AppData\Local\Temp\xlptibzu.dll
C:\Users\Rebekah\AppData\Local\Temp\xlwudpqt.dll
C:\Users\Rebekah\AppData\Local\Temp\xmeyelog.dll
C:\Users\Rebekah\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Rebekah\AppData\Local\Temp\xmqedaxd.dll
C:\Users\Rebekah\AppData\Local\Temp\xmtzh5lg.dll
C:\Users\Rebekah\AppData\Local\Temp\xnfkwdhr.dll
C:\Users\Rebekah\AppData\Local\Temp\xnivxan0.dll
C:\Users\Rebekah\AppData\Local\Temp\xoaerrtw.dll
C:\Users\Rebekah\AppData\Local\Temp\xoibdiuh.dll
C:\Users\Rebekah\AppData\Local\Temp\xpxijsho.dll
C:\Users\Rebekah\AppData\Local\Temp\xqz74l97.dll
C:\Users\Rebekah\AppData\Local\Temp\xq_z5qy5.dll
C:\Users\Rebekah\AppData\Local\Temp\xr6s35cj.dll
C:\Users\Rebekah\AppData\Local\Temp\xtt-jikc.dll
C:\Users\Rebekah\AppData\Local\Temp\xu08dgi0.dll
C:\Users\Rebekah\AppData\Local\Temp\xu7h4qah.dll
C:\Users\Rebekah\AppData\Local\Temp\xumb2lwg.dll
C:\Users\Rebekah\AppData\Local\Temp\xw9jafyi.dll
C:\Users\Rebekah\AppData\Local\Temp\xw9ufcwx.dll
C:\Users\Rebekah\AppData\Local\Temp\xwll7g6-.dll
C:\Users\Rebekah\AppData\Local\Temp\xwx0xprf.dll
C:\Users\Rebekah\AppData\Local\Temp\xxdxl9qn.dll
C:\Users\Rebekah\AppData\Local\Temp\xyttfwod.dll
C:\Users\Rebekah\AppData\Local\Temp\y1cea_xj.dll
C:\Users\Rebekah\AppData\Local\Temp\y1l90iza.dll
C:\Users\Rebekah\AppData\Local\Temp\y1ssw57f.dll
C:\Users\Rebekah\AppData\Local\Temp\y3ej87qd.dll
C:\Users\Rebekah\AppData\Local\Temp\y7vm_exv.dll
C:\Users\Rebekah\AppData\Local\Temp\y8drbw6a.dll
C:\Users\Rebekah\AppData\Local\Temp\yb9xujcn.dll
C:\Users\Rebekah\AppData\Local\Temp\ydht07oq.dll
C:\Users\Rebekah\AppData\Local\Temp\ydml2unh.dll
C:\Users\Rebekah\AppData\Local\Temp\ye8m7hnh.dll
C:\Users\Rebekah\AppData\Local\Temp\yebdk7yk.dll
C:\Users\Rebekah\AppData\Local\Temp\yegriuij.dll
C:\Users\Rebekah\AppData\Local\Temp\yfbvnb07.dll
C:\Users\Rebekah\AppData\Local\Temp\yinrcjk7.dll
C:\Users\Rebekah\AppData\Local\Temp\yjalgntz.dll
C:\Users\Rebekah\AppData\Local\Temp\yjlkmzx5.dll
C:\Users\Rebekah\AppData\Local\Temp\ykoycc2r.dll
C:\Users\Rebekah\AppData\Local\Temp\yl7u2bek.dll
C:\Users\Rebekah\AppData\Local\Temp\ylcih7si.dll
C:\Users\Rebekah\AppData\Local\Temp\ymstdrzw.dll
C:\Users\Rebekah\AppData\Local\Temp\ymt2ruex.dll
C:\Users\Rebekah\AppData\Local\Temp\ymudk-5l.dll
C:\Users\Rebekah\AppData\Local\Temp\ynbb2lhp.dll
C:\Users\Rebekah\AppData\Local\Temp\yncsesja.dll
C:\Users\Rebekah\AppData\Local\Temp\yob5jwu7.dll
C:\Users\Rebekah\AppData\Local\Temp\yokitw15.dll
C:\Users\Rebekah\AppData\Local\Temp\yokkxyct.dll
C:\Users\Rebekah\AppData\Local\Temp\yqc4cemb.dll
C:\Users\Rebekah\AppData\Local\Temp\yrfu5jq1.dll
C:\Users\Rebekah\AppData\Local\Temp\yrosnlcl.dll
C:\Users\Rebekah\AppData\Local\Temp\yrzqqjm_.dll
C:\Users\Rebekah\AppData\Local\Temp\yshehpui.dll
C:\Users\Rebekah\AppData\Local\Temp\ytf5aytd.dll
C:\Users\Rebekah\AppData\Local\Temp\ytjsbt3s.dll
C:\Users\Rebekah\AppData\Local\Temp\ytwq6sfy.dll
C:\Users\Rebekah\AppData\Local\Temp\yu1yvy8a.dll
C:\Users\Rebekah\AppData\Local\Temp\yupa3yjo.dll
C:\Users\Rebekah\AppData\Local\Temp\yuwmetek.dll
C:\Users\Rebekah\AppData\Local\Temp\yuyamx_l.dll
C:\Users\Rebekah\AppData\Local\Temp\yuziuuqt.dll
C:\Users\Rebekah\AppData\Local\Temp\yuzu-ocj.dll
C:\Users\Rebekah\AppData\Local\Temp\yvzowbbz.dll
C:\Users\Rebekah\AppData\Local\Temp\ywffup8q.dll
C:\Users\Rebekah\AppData\Local\Temp\yyxav49s.dll
C:\Users\Rebekah\AppData\Local\Temp\yz6u2dwj.dll
C:\Users\Rebekah\AppData\Local\Temp\yzcmkaxg.dll
C:\Users\Rebekah\AppData\Local\Temp\yzlgksi6.dll
C:\Users\Rebekah\AppData\Local\Temp\y_dvyfow.dll
C:\Users\Rebekah\AppData\Local\Temp\z4dbu298.dll
C:\Users\Rebekah\AppData\Local\Temp\z4w73jzu.dll
C:\Users\Rebekah\AppData\Local\Temp\z5bhhtb3.dll
C:\Users\Rebekah\AppData\Local\Temp\z62vvej1.dll
C:\Users\Rebekah\AppData\Local\Temp\z6twizmk.dll
C:\Users\Rebekah\AppData\Local\Temp\z7nxjrk_.dll
C:\Users\Rebekah\AppData\Local\Temp\z9zwzne7.dll
C:\Users\Rebekah\AppData\Local\Temp\zalgdeqo.dll
C:\Users\Rebekah\AppData\Local\Temp\zarudgh6.dll
C:\Users\Rebekah\AppData\Local\Temp\zayk_dcb.dll
C:\Users\Rebekah\AppData\Local\Temp\zbjxjnrf.dll
C:\Users\Rebekah\AppData\Local\Temp\zbwm3vyh.dll
C:\Users\Rebekah\AppData\Local\Temp\zcuwdmb8.dll
C:\Users\Rebekah\AppData\Local\Temp\zcv31spe.dll
C:\Users\Rebekah\AppData\Local\Temp\zcxooffm.dll
C:\Users\Rebekah\AppData\Local\Temp\zd8fnkns.dll
C:\Users\Rebekah\AppData\Local\Temp\zd_sstqp.dll
C:\Users\Rebekah\AppData\Local\Temp\zesmr7p8.dll
C:\Users\Rebekah\AppData\Local\Temp\zgqduw-b.dll
C:\Users\Rebekah\AppData\Local\Temp\zgr8eb3n.dll
C:\Users\Rebekah\AppData\Local\Temp\zhyfaoj2.dll
C:\Users\Rebekah\AppData\Local\Temp\zifjgrna.dll
C:\Users\Rebekah\AppData\Local\Temp\zj8hznsw.dll
C:\Users\Rebekah\AppData\Local\Temp\zjclcmsw.dll
C:\Users\Rebekah\AppData\Local\Temp\zjp8ctyt.dll
C:\Users\Rebekah\AppData\Local\Temp\zk8w2fjc.dll
C:\Users\Rebekah\AppData\Local\Temp\zkzu1jwm.dll
C:\Users\Rebekah\AppData\Local\Temp\znfdvqvh.dll
C:\Users\Rebekah\AppData\Local\Temp\zoydytpk.dll
C:\Users\Rebekah\AppData\Local\Temp\zoyt7kwb.dll
C:\Users\Rebekah\AppData\Local\Temp\zpdsga5o.dll
C:\Users\Rebekah\AppData\Local\Temp\zpot0noi.dll
C:\Users\Rebekah\AppData\Local\Temp\zpqfdeoa.dll
C:\Users\Rebekah\AppData\Local\Temp\zqsftnvw.dll
C:\Users\Rebekah\AppData\Local\Temp\zrr1a5z2.dll
C:\Users\Rebekah\AppData\Local\Temp\zs0dtneo.dll
C:\Users\Rebekah\AppData\Local\Temp\zsytzm8e.dll
C:\Users\Rebekah\AppData\Local\Temp\zundeq-g.dll
C:\Users\Rebekah\AppData\Local\Temp\zv0omkv-.dll
C:\Users\Rebekah\AppData\Local\Temp\zvwcediu.dll
C:\Users\Rebekah\AppData\Local\Temp\zyytr-fa.dll
C:\Users\Rebekah\AppData\Local\Temp\zzanayug.dll
C:\Users\Rebekah\AppData\Local\Temp\zzp5hzcv.dll
C:\Users\Rebekah\AppData\Local\Temp\_-lzsg7h.dll
C:\Users\Rebekah\AppData\Local\Temp\_3cgspr_.dll
C:\Users\Rebekah\AppData\Local\Temp\_673i9ng.dll
C:\Users\Rebekah\AppData\Local\Temp\_7daqesw.dll
C:\Users\Rebekah\AppData\Local\Temp\_7hmo2ga.dll
C:\Users\Rebekah\AppData\Local\Temp\_7kl5omz.dll
C:\Users\Rebekah\AppData\Local\Temp\_8mi7yes.dll
C:\Users\Rebekah\AppData\Local\Temp\_alov8is.dll
C:\Users\Rebekah\AppData\Local\Temp\_c6p8imm.dll
C:\Users\Rebekah\AppData\Local\Temp\_d8zowxw.dll
C:\Users\Rebekah\AppData\Local\Temp\_hls5c08.dll
C:\Users\Rebekah\AppData\Local\Temp\_irzncwd.dll
C:\Users\Rebekah\AppData\Local\Temp\_jb8m_7c.dll
C:\Users\Rebekah\AppData\Local\Temp\_lg1qpjr.dll
C:\Users\Rebekah\AppData\Local\Temp\_lseay_h.dll
C:\Users\Rebekah\AppData\Local\Temp\_ltdkafv.dll
C:\Users\Rebekah\AppData\Local\Temp\_mcqqnti.dll
C:\Users\Rebekah\AppData\Local\Temp\_mu_7xqt.dll
C:\Users\Rebekah\AppData\Local\Temp\_olk-4ts.dll
C:\Users\Rebekah\AppData\Local\Temp\_oqyvukr.dll
C:\Users\Rebekah\AppData\Local\Temp\_ttcpuue.dll
C:\Users\Rebekah\AppData\Local\Temp\_u3p3fv7.dll
C:\Users\Rebekah\AppData\Local\Temp\_wa5n5wd.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-14 11:35

==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Rebekah at 2015-03-16 21:43:45
Running from C:\Users\Rebekah\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PU4CIANK
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABC2Win Beta (HKLM-x32\...\ABC2Win Beta) (Version: 2.02.0124 - jimvintSystems)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Amazon MP3 Downloader 1.0.15 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.15 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version: - )
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2214 - AVAST Software)
Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother HL-2170W (HKLM-x32\...\{6852F055-275D-4F4D-A7CD-1A2CBB776929}) (Version: 1.00 - Brother)
Brother HL-3070CW (HKLM-x32\...\{AA7E6616-FFB1-4664-AFA5-C2950257C33E}) (Version: 1.00 - Brother)
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.3.11062.3 - Cisco Consumer Products LLC)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.2.0011 - Dell, Inc.)
Dell Dock (HKLM\...\{E60B7350-EA5F-41E0-9D6F-E508781E36D2}) (Version: 2.0.0 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (Support Software) (HKLM-x32\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.5.09100 - Dell)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
Dell Wireless WLAN Card Utility (HKLM\...\Dell Wireless WLAN Card Utility) (Version: 5.30.21.0 - Dell Inc.)
Dropbox (HKU\S-1-5-21-3904439425-939549074-3371034818-1000\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java(TM) 6 Update 30 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416030FF}) (Version: 6.0.300 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 11.5.1.0 - Lightworks)
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{67635FB6-2F63-4FFB-830B-D4C01597EBA4}) (Version: 1.2.1 - DELL)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 en-US)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
OpenOffice.org 3.2 (HKLM-x32\...\{6ADD0603-16EF-400D-9F9E-486432835002}) (Version: 3.2.9483 - OpenOffice.org)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.6.6 - Dell Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
R for Windows 2.14.1 (HKLM\...\R for Windows 2.14.1_is1) (Version: 2.14.1 - R Development Core Team)
Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.01 - Roxio)
RStudio (HKLM-x32\...\RStudio) (Version: 0.95.258 - RStudio)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Toolbars (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.3.7280 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Snap.Do (HKLM-x32\...\{D5E50D52-C658-4C16-9722-9F9B057B5F0F}) (Version: 11.74.1.17518 - ReSoft Ltd.) <==== ATTENTION
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 1.9 - Krzysztof Kowalczyk)
VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3904439425-939549074-3371034818-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3904439425-939549074-3371034818-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3904439425-939549074-3371034818-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3904439425-939549074-3371034818-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3904439425-939549074-3371034818-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3904439425-939549074-3371034818-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3904439425-939549074-3371034818-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3904439425-939549074-3371034818-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3904439425-939549074-3371034818-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3904439425-939549074-3371034818-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points =========================

03-03-2015 00:39:10 Windows Update
06-03-2015 04:00:53 Windows Update
08-03-2015 20:23:59 Removed Dell DataSafe Online.
10-03-2015 23:01:43 Windows Update
13-03-2015 03:02:09 Windows Update
15-03-2015 20:20:36 Windows Update
16-03-2015 20:33:48 avast! antivirus system restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2011-09-17 23:12 - 00436898 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {07D70AA9-29CF-4391-A34A-FEE405B3EE7C} - \d2540970 No Task File <==== ATTENTION
Task: {0E1CBD33-C7E2-436C-BC47-98ECD9E7EDA0} - \1714022976 No Task File <==== ATTENTION
Task: {147E118F-AA84-4C08-A03E-83D08D7B67D9} - System32\Tasks\{3774FB2B-7BD1-41B1-8F8E-007EC6AB63AF} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {158FEF86-B55C-43BB-9503-CE537979F210} - \3917498896 No Task File <==== ATTENTION
Task: {16078F74-5D36-40CE-99BF-9BAB3741889D} - \75f0dff8 No Task File <==== ATTENTION
Task: {1B8B8B0F-991A-431B-8DC9-E9F82BB1A4E5} - \11627520 No Task File <==== ATTENTION
Task: {272A5B07-61FE-461B-894E-D496FE0F21C9} - \8dd6a78 No Task File <==== ATTENTION
Task: {27E89503-DC95-41A5-A011-7546DF9831AA} - \2307985320 No Task File <==== ATTENTION
Task: {2D9E8FF5-380A-45C7-A85E-FA3FEECC2028} - \3879446144 No Task File <==== ATTENTION
Task: {3AA3889A-8373-4111-81FF-C0B3AC01C374} - \567456604 No Task File <==== ATTENTION
Task: {47166B2B-7E77-413B-8328-A01EE2710575} - \1470091520 No Task File <==== ATTENTION
Task: {53450C58-8CEE-461D-9615-1ED88EF5E9C6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-08] (Adobe Systems Incorporated)
Task: {701D66DB-F258-455A-9CAA-35E82DE89D2F} - \2837591840 No Task File <==== ATTENTION
Task: {7777B7F4-A065-490E-8652-3CB2C685F474} - \2289319488 No Task File <==== ATTENTION
Task: {7F48B00E-9184-422C-BDD7-DB21B3763DA2} - \302264068 No Task File <==== ATTENTION
Task: {84AE439B-F682-4D95-AC86-B08C5EE3B7C8} - \3951926752 No Task File <==== ATTENTION
Task: {8D52A192-A912-41D4-8C80-A62A74492735} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {8FF21669-5382-4E4D-AC7C-DFAE79D0374F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9B484549-6AE9-400E-A36A-310611EB8019} - \1845243480 No Task File <==== ATTENTION
Task: {9C913A17-DBAB-4595-BD78-F98B059042B6} - \12744978 No Task File <==== ATTENTION
Task: {9D0F1F77-339A-4394-BB1B-A851C2BC7432} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3904439425-939549074-3371034818-1000
Task: {9D37040F-165F-463D-B887-0E60DA8F89B5} - \3012853344 No Task File <==== ATTENTION
Task: {A79EB28E-AF71-42BE-B063-81C75704239A} - \4145784768 No Task File <==== ATTENTION
Task: {AA4FE09B-CECF-4825-BB69-663E9C714BF5} - \2120198272 No Task File <==== ATTENTION
Task: {B219F05B-854F-4F3C-922C-13E677EF7D0F} - System32\Tasks\win4036e0 => \\.\globalroot\Device\HarddiskVolume3\Users\Rebekah\AppData\Local\Temp\win4036e0.dat <==== ATTENTION
Task: {B752B5A4-1CE8-46FF-9622-E1B5D37AB0C7} - \1736475904 No Task File <==== ATTENTION
Task: {BB3A6993-0FA5-46EB-A2B8-4F50FF973160} - \3033724048 No Task File <==== ATTENTION
Task: {CDAEA43B-83AA-449F-9A87-2CB915BA4284} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-03-16] (Avast Software s.r.o.)
Task: {DA08A4A3-0F72-4E9E-9871-2C2BB810BEDD} - System32\Tasks\D5JXW9L1\Administrator - Start WLAN Tray Applet => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE [2009-07-16] (Dell Inc.)
Task: {EE452FE2-A0BC-46F5-8737-0F57CA5DAB57} - \2019022140 No Task File <==== ATTENTION
Task: {F0D65CC3-2557-4C90-B38B-E4D87F21FD27} - \2077825344 No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) ==============

2010-03-12 16:44 - 2009-07-16 19:06 - 00033280 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
2010-03-12 16:44 - 2009-07-16 19:06 - 00058368 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlrmt.dll
2012-03-31 10:16 - 2009-11-04 13:18 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxeadrpp.dll
2014-02-06 21:19 - 2014-02-06 21:19 - 00032288 _____ () C:\Program Files (x86)\LPT\srpts.exe
2014-10-27 09:04 - 2014-10-27 09:04 - 00028160 _____ () C:\Users\Rebekah\AppData\Local\RGMService\RGMUpdater.exe
2014-12-01 10:01 - 2014-12-01 10:01 - 00974848 _____ () C:\Users\Rebekah\AppData\Local\RGMService\RGMLoader.exe
2010-01-02 08:42 - 2010-01-02 08:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-03-12 16:56 - 2011-08-18 09:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2010-02-09 12:34 - 2010-02-09 12:34 - 01807680 _____ () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
2009-12-15 20:14 - 2009-12-15 20:14 - 00498160 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
2009-12-15 20:14 - 2009-12-15 20:14 - 01169904 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
2011-06-24 22:56 - 2011-06-24 22:56 - 00087328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 01241888 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-06 21:19 - 2014-02-06 21:19 - 00070176 _____ () C:\Program Files (x86)\LPT\srpt.dll
2014-02-06 21:19 - 2014-02-06 21:19 - 00022048 _____ () C:\Program Files (x86)\LPT\srptc.dll
2014-02-06 21:18 - 2014-02-06 21:18 - 00018976 _____ () C:\Program Files (x86)\LPT\Smartbar.Common.dll
2014-12-01 10:01 - 2014-12-01 10:01 - 01686016 _____ () C:\Users\Rebekah\AppData\Local\RGMService\RGMHost.dll
2014-12-01 10:01 - 2014-12-01 10:01 - 02745856 _____ () C:\Users\Rebekah\AppData\Local\RGMService\MonetizationToolsManager.dll
2014-12-01 10:02 - 2014-12-01 10:02 - 01592832 _____ () C:\Users\Rebekah\AppData\Local\RGMService\ProtectorsManager.dll
2014-08-28 15:49 - 2014-08-28 15:49 - 00052256 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-08-28 15:50 - 2014-08-28 15:50 - 00087584 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\srau.dll
2014-08-28 15:50 - 2014-08-28 15:50 - 00167456 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-08-28 15:49 - 2014-08-28 15:49 - 02426912 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-08-28 15:50 - 2014-08-28 15:50 - 00068640 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\spbl.dll
2014-08-28 15:50 - 2014-08-28 15:50 - 00160288 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-08-28 15:49 - 2014-08-28 15:49 - 00015904 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\siem.dll
2014-08-28 15:50 - 2014-08-28 15:50 - 00069152 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\sppsm.dll
2014-08-28 15:49 - 2014-08-28 15:49 - 00698400 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-08-28 15:49 - 2014-08-28 15:49 - 00016416 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-08-28 15:49 - 2014-08-28 15:49 - 00080416 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-08-28 15:50 - 2014-08-28 15:50 - 00028704 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-08-28 15:50 - 2014-08-28 15:50 - 00071712 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\srut.dll
2014-08-28 15:50 - 2014-08-28 15:50 - 00030752 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\srsbs.dll
2014-08-28 15:50 - 2014-08-28 15:50 - 00067104 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-08-28 15:50 - 2014-08-28 15:50 - 00152096 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\smti.dll
2014-08-28 15:50 - 2014-08-28 15:50 - 00075296 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\smsp.dll
2014-08-28 15:49 - 2014-08-28 15:49 - 00011808 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\sidc.dll
2014-08-28 15:50 - 2014-08-28 15:50 - 00032288 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\smtu.dll
2014-08-28 15:50 - 2014-08-28 15:50 - 00040480 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\smta.dll
2014-08-28 15:50 - 2014-08-28 15:50 - 00032800 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\srom.dll
2014-08-28 15:50 - 2014-08-28 15:50 - 00049184 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\srbu.dll
2014-08-28 15:49 - 2014-08-28 15:49 - 00025632 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\sgml.dll
2014-08-28 15:50 - 2014-08-28 15:50 - 00063520 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-08-28 15:50 - 2014-08-28 15:50 - 00026656 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\srpdm.dll
2014-08-28 15:49 - 2014-08-28 15:49 - 00045088 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-08-28 15:50 - 2014-08-28 15:50 - 00036896 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-08-28 15:49 - 2014-08-28 15:49 - 00194592 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\sgmu.dll
2014-05-11 19:46 - 2014-05-11 19:46 - 00061440 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
2014-08-28 15:50 - 2014-08-28 15:50 - 00257056 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\srns.dll
2010-02-09 12:34 - 2010-02-09 12:34 - 00275776 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
2009-11-13 16:15 - 2009-11-13 16:15 - 00058608 _____ () C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
2010-02-09 12:34 - 2010-02-09 12:34 - 00095552 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
2010-02-09 12:34 - 2010-02-09 12:34 - 00152896 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
2010-02-09 12:34 - 2010-02-09 12:34 - 00017728 _____ () C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll
2015-03-04 16:08 - 2015-03-04 16:08 - 00750080 _____ () C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-16 19:25 - 2015-03-16 19:25 - 00043008 _____ () c:\users\rebekah\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplsdlsn.dll
2015-03-04 16:08 - 2015-03-04 16:08 - 00047616 _____ () C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 16:08 - 2015-03-04 16:08 - 00865280 _____ () C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 16:07 - 2015-03-04 16:07 - 00200704 _____ () C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-16 19:22 - 2015-03-16 19:22 - 00098816 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\win32api.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 00110080 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\pywintypes27.dll
2015-03-16 19:22 - 2015-03-16 19:22 - 00364544 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\pythoncom27.dll
2015-03-16 19:22 - 2015-03-16 19:22 - 00044032 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\_socket.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 01157120 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\_ssl.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 00320512 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\win32com.shell.shell.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 00712192 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\_hashlib.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 01175040 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\wx._core_.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 00805888 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\wx._gdi_.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 00811008 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\wx._windows_.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 01062400 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\wx._controls_.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 00735232 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\wx._misc_.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 00128512 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\_elementtree.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 00127488 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\pyexpat.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 00557056 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\pysqlite2._sqlite.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 00087040 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\_ctypes.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 00119808 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\win32file.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 00108544 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\win32security.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 00018432 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\win32event.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 00038912 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\win32inet.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 00122368 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\wx._wizard.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 00070656 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\wx._html2.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 00026624 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\_multiprocessing.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 00010240 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\select.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 00024064 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\win32pipe.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 00686080 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\unicodedata.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 00025600 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\win32pdh.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 00525640 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\windows._lib_cacheinvalidation.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 00011264 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\win32crypt.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 00035840 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\win32process.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 00017408 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\win32profile.pyd
2015-03-16 19:22 - 2015-03-16 19:22 - 00022528 _____ () C:\Users\Rebekah\AppData\Local\Temp\_MEI27482\win32ts.pyd
2009-12-15 20:13 - 2009-12-15 20:13 - 00588272 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\BBEngineAS.dll
2009-11-15 20:58 - 2009-11-15 20:58 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll
2015-03-16 20:36 - 2015-03-16 20:36 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-16 20:36 - 2015-03-16 20:36 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-03-16 20:37 - 2015-03-16 20:37 - 02913792 _____ () C:\Program Files\AVAST Software\Avast\defs\15030201\algo.dll
2015-03-16 20:42 - 2015-03-16 20:42 - 02922496 _____ () C:\Program Files\AVAST Software\Avast\defs\15031600\algo.dll
2015-03-16 20:37 - 2015-03-16 20:37 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-03-16 20:36 - 2015-03-16 20:37 - 01359872 _____ () C:\Program Files\AVAST Software\Avast\libglesv2.dll
2015-03-16 20:36 - 2015-03-16 20:36 - 00212992 _____ () C:\Program Files\AVAST Software\Avast\libegl.dll
2014-08-28 15:49 - 2014-08-28 15:49 - 00025120 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\Lrcnta.exe
2014-08-28 15:49 - 2014-08-28 15:49 - 00034848 _____ () C:\Users\Rebekah\AppData\Local\Smartbar\Application\lrcnt.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3904439425-939549074-3371034818-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Rebekah\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1 - 205.171.2.25

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-3904439425-939549074-3371034818-500 - Administrator - Disabled)
Guest (S-1-5-21-3904439425-939549074-3371034818-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3904439425-939549074-3371034818-1002 - Limited - Enabled)
Rebekah (S-1-5-21-3904439425-939549074-3371034818-1000 - Administrator - Enabled) => C:\Users\Rebekah

==================== Faulty Device Manager Devices =============

Name: Dell Touchpad
Description: Dell Touchpad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Alps Electric
Service: i8042prt
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Name: qknfd
Description: qknfd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: qknfd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/16/2015 08:34:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary pbeqyhnb.

System Error:
The system cannot find the file specified.
.

Error: (03/16/2015 07:27:55 PM) (Source: TOASTER.EXE) (EventID: 0) (User: )
Description: An Unhandled Exception occured.
The file 'C:\Users\Rebekah\AppData\local\\softthinks\scheduler.xml' already exists.
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.File.InternalCopy(String sourceFileName, String destFileName, Boolean overwrite)
at System.IO.File.Copy(String sourceFileName, String destFileName)
at Toaster.SchedulerReader.read()
at Toaster.Notifications.FullSystemBackup.FsbHelper.IsFsbScheduledNow()
at Toaster.Notifications.FullSystemBackup.FsbHelper.CheckReminder()
at Toaster.Helper.CheckReminders(ObservableCollection`1 notificationHelpers)
at Toaster.MainWindowViewModel.NotificationsTimerTick(Object sender, EventArgs e)
at System.Windows.Threading.DispatcherTimer.FireTick(Object unused)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Boolean isSingleParameter)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)

Error: (03/16/2015 07:08:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 61769797

Error: (03/16/2015 07:08:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 61769797

Error: (03/16/2015 07:08:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/16/2015 07:08:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 61768736

Error: (03/16/2015 07:08:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 61768736

Error: (03/16/2015 07:08:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/16/2015 01:59:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17893

Error: (03/16/2015 01:59:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17893


System errors:
=============
Error: (03/16/2015 09:17:32 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (03/16/2015 07:30:04 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
%%5

Error: (03/16/2015 07:29:02 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (03/16/2015 07:21:32 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (03/16/2015 07:21:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/16/2015 07:20:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
qknfd

Error: (03/16/2015 07:19:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater14.2.0 service failed to start due to the following error:
%%2

Error: (03/16/2015 07:15:13 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.

Error: (03/16/2015 07:11:40 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.193.2608.0

Update Source: %NT AUTHORITY59

Update Stage: 4.7.0205.00

Source Path: 4.7.0205.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (03/16/2015 07:11:40 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.193.2608.0

Update Source: %NT AUTHORITY59

Update Stage: 4.7.0205.00

Source Path: 4.7.0205.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608


Microsoft Office Sessions:
=========================
Error: (03/16/2015 08:34:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary pbeqyhnb.

System Error:
The system cannot find the file specified.

Error: (03/16/2015 07:27:55 PM) (Source: TOASTER.EXE) (EventID: 0) (User: )
Description: An Unhandled Exception occured.
The file 'C:\Users\Rebekah\AppData\local\\softthinks\scheduler.xml' already exists.
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.File.InternalCopy(String sourceFileName, String destFileName, Boolean overwrite)
at System.IO.File.Copy(String sourceFileName, String destFileName)
at Toaster.SchedulerReader.read()
at Toaster.Notifications.FullSystemBackup.FsbHelper.IsFsbScheduledNow()
at Toaster.Notifications.FullSystemBackup.FsbHelper.CheckReminder()
at Toaster.Helper.CheckReminders(ObservableCollection`1 notificationHelpers)
at Toaster.MainWindowViewModel.NotificationsTimerTick(Object sender, EventArgs e)
at System.Windows.Threading.DispatcherTimer.FireTick(Object unused)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Boolean isSingleParameter)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)

Error: (03/16/2015 07:08:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 61769797

Error: (03/16/2015 07:08:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 61769797

Error: (03/16/2015 07:08:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/16/2015 07:08:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 61768736

Error: (03/16/2015 07:08:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 61768736

Error: (03/16/2015 07:08:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/16/2015 01:59:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17893

Error: (03/16/2015 01:59:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17893


CodeIntegrity Errors:
===================================
Date: 2012-10-29 16:42:41.152
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-10-29 16:42:40.871
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-09-01 14:08:11.245
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-09-01 14:08:11.182
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz
Percentage of memory in use: 86%
Total physical RAM: 3032.36 MB
Available physical RAM: 414.88 MB
Total Pagefile: 6062.91 MB
Available Pagefile: 2378.72 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:189.45 GB) (Free:56.88 GB) NTFS
Drive d: (NOOMA_DISC_1) (CDROM) (Total:6.21 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 880B8533)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=189.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=28.7 GB) - (Type=05)

==================== End Of Log ============================
 
My poor computer, I don't even know where to start. She has some adware and probably malware issues. I think there is even some kind of virus. runs incredibly slow.

Anything you can do to make her a little bit healthier would be much appreciated!!!
 
Welcome aboard

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=================================

redtarget.gif
You're running two AV programs, MSE and Avast.
You must uninstall one of them.

redtarget.gif
Uninstall Snap.Do.
Let me know if it uninstalled without a problem.

redtarget.gif

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

redtarget.gif
After running above fix go Start>Control Panel>Programs & Features and you should see LPT System Updater Service listed there.
Uninstall it.

Let me know how everything went.
 

Attachments

  • fixlist.txt
    78 bytes · Views: 1
1. uninstalled MSE
2. Uninstalled snap.do I've done this 3 or 4 time now and it seems to come back how can we keep it gone?
3. I can't figure out how to run FRST(FRS64)
 
It was there yesterday, but it's not now. I have a folder called FRST64 but not the actual icon. I've tried re-downloading it but nothing happens when I do that.
 
Thanks Broni! I think it worked! Sorry for the delay, I'm making progress I've just been super busy with work over the weekend.. I'll post an update soon!!!
 
This topic is marked as abandoned and closed due to inactivity.

This member will NOT be eligible to receive any more help in malware removal forum.
 
Status
Not open for further replies.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
827
uber_beetle
uber_beetle
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A

Latest posts

Back