cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2016.4.8.85 By Nicolas Coolman (2016/04/08)
~ Run by fatima (Administrator) (2016/04/09 23:38:12)
~ Web: http://www.nicolascoolman.com
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\fatima\Desktop\ZHPDiag.txt
~ Report: C:\Users\fatima\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 8, 64-bit (Build 9200)

---\\ Internet Browsers (2) - 0s
GCIE: Google Chrome v49.0.2623.112
MSIE: Internet Explorer v10.0.9200.17607

---\\ Windows Product Information (3) - 6s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK

---\\ System protection software (1) - 16s
Windows Defender W8 (Deactivate)

---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 8287.964 MB (66% free)
System Restore: Activé (Enable)
System drive C: has 651 GB () free of 699 GB

---\\ Connection to the system mode (3) - 0s
~ Computer Name: HOME
~ User Name: fatima
~ Logged in as Administrator

---\\ Enumeration of the disk units (1) - 0s
~ Drive C: has 651 GB free of 699 GB (System)

---\\ State of the Windows Security Center (11) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Search Generic System Files (24) - 3s
[MD5.928791755FDDEA721B053535EF84FA17] - 26/07/2012 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [2380440] =>.Microsoft Windows®
[MD5.3A6209AC494296C24C2065CB4392B5F4] - 26/07/2012 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [51712] =>.Microsoft Corporation
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - 26/07/2012 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [132608] =>.Microsoft Corporation
[MD5.513A0BEDC45862E8D89B52B272F0B4A3] - 15/12/2015 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [2240000] =>.Microsoft Corporation
[MD5.88B4DA29CF8C3628F3647447FD5CDAE5] - 17/11/2015 - (.Microsoft Corporation - Windows Logon Application.) -- C:\Windows\System32\Winlogon.exe [578048] =>.Microsoft Corporation
[MD5.9448F5740A037EC0C18F0E9177232DD0] - 26/07/2012 - (.Microsoft Corporation - Software Licensing Library.) -- C:\Windows\System32\sppcomapi.dll [273408] =>.Microsoft Corporation
[MD5.7904C03BF9C0C0337563FFAA97D0ACE8] - 09/10/2014 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [623616] =>.Microsoft Corporation
[MD5.0BE9606A1175C7400ED862991453A847] - 09/10/2014 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\Syswow64\dnsapi.dll [458240] =>.Microsoft Corporation
[MD5.8252EE6D7F87846EA409D0DA602FB1D9] - 13/10/2015 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [576512] =>.Microsoft Corporation
[MD5.A721FF570C2387E383BDDEA9632863C9] - 26/07/2012 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [25840] =>.Microsoft Windows®
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - 26/07/2012 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [108544] =>.Microsoft Corporation
[MD5.339BFF85D788268752DA8C9644B188EE] - 26/07/2012 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [174080] =>.Microsoft Corporation
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - 26/07/2012 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [118784] =>.Microsoft Corporation
[MD5.8D6810577E9C4F56DCB8E9BACAC7287B] - 26/07/2012 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [71168] =>.Microsoft Corporation
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - 26/07/2012 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [112640] =>.Microsoft Corporation
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - 26/07/2012 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [145920] =>.Microsoft Corporation
[MD5.6BA2A5D1C74E7CB3AFAF301A7E5D9E44] - 07/01/2015 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [403456] =>.Microsoft Corporation
[MD5.7CEC25C682D319D484630B3952C31A11] - 26/07/2012 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [331776] =>.Microsoft Corporation
[MD5.76929F4A69E425911A63B407E26C2589] - 02/02/2013 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1933544] =>.Microsoft Windows®
[MD5.4563DAF8C6A740AD7F501E219BD10766] - 26/07/2012 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [105984] =>.Microsoft Corporation
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - 26/07/2012 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [124928] =>.Microsoft Corporation
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - 26/07/2012 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [179712] =>.Microsoft Corporation
[MD5.217AEE5DAE1BEF81A1E9A184C4C0BF6A] - 13/10/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [129024] =>.Microsoft Corporation
[MD5.2FB3CDFD5EAF4CD9D4AFAF96877D13AE] - 26/07/2012 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [332016] =>.Microsoft Windows®

---\\ Non Microsoft non disabled Windows Services (9) - 2s
O23 - Service: BugreportW (BugreportW) . (...) - C:\Program Files (x86)\SpeedSearchesbnd\Bugreportauclt.exe {7E4DCE980C6E0D4545AFEBD224521FDD}
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: QQPCMgr RTP Service (QQPCRTP) . (.Tencent - 电脑管家-实时防护服务.) - C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCRTP.exe =>.Superfluous.Tencent
O23 - Service: (QQRepair69d) . (...) - C:\Program Files (x86)\Tencent\QQPCMgr\Plugins\QQRepair69d =>.Superfluous.Tencent
O23 - Service: QQRepairFixSVC (QQRepairFixSVC) . (...) - C:\Program Files (x86)\Tencent\QQPCMgr\Plugins\QQRepairFixSVC =>.Superfluous.Tencent
O23 - Service: SRepairDrv (SRepairDrv) . (.Tencent - Tencent SRepairDrv(电脑管家修复模块).) - C:\Program Files (x86)\Tencent\QQPCMgr\Plugins\SRepairDrv =>.Superfluous.Tencent
O23 - Service: Update Checked List (Update Checked List) . (...) - C:\Program Files (x86)\Checked List\updateCheckedList.exe {67A270911814D1DB9B0EFDA529F1F672} =>PUP.Optional.CheckedList
O23 - Service: Util Checked List (Util Checked List) . (...) - C:\Program Files (x86)\Checked List\bin\utilCheckedList.exe {67A270911814D1DB9B0EFDA529F1F672} =>PUP.Optional.CheckedList
O23 - Service: WinSvces (WinSvces) . (...) - C:\Program Files (x86)\WinSvces\WinSvces\WinSvces.exe {7E4DCE980C6E0D4545AFEBD224521FDD}

---\\ Services not Microsoft (SR=Run, SS=Stop) (13) - 18s

SS - Auto [09/04/2016] [ 1622648] BugreportW (BugreportW) . (...) - C:\Program Files (x86)\SpeedSearchesbnd\Bugreportauclt.exe {7E4DCE980C6E0D4545AFEBD224521FDD}
SS - Demand [06/03/2013] [ 279000] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe =>.Intel Corporation - pGFX®
SS - Auto [08/04/2016] [ 154440] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [08/04/2016] [ 154440] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SR - Auto [09/04/2016] [ 301728] QQPCMgr RTP Service (QQPCRTP) . (.Tencent.) - C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCRTP.exe =>.Superfluous.Tencent
SS - Auto [09/04/2016] [ 136512] (QQRepair69d) . (...) - C:\Program Files (x86)\Tencent\QQPCMgr\Plugins\QQRepair69d =>.Superfluous.Tencent
SS - Auto [09/04/2016] [ 136512] QQRepairFixSVC (QQRepairFixSVC) . (...) - C:\Program Files (x86)\Tencent\QQPCMgr\Plugins\QQRepairFixSVC =>.Superfluous.Tencent
SS - System [09/04/2016] [ 168568] SRepairDrv (SRepairDrv) . (.Tencent.) - C:\Program Files (x86)\Tencent\QQPCMgr\Plugins\SRepairDrv =>.Superfluous.Tencent
SR - Demand [09/04/2016] [ 297952] TAOFrame (TAOFrame) . (.Tencent.) - C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\TAOFrame.exe =>.Superfluous.Tencent
SR - Auto [09/04/2016] [ 652488] Update Checked List (Update Checked List) . (...) - C:\Program Files (x86)\Checked List\updateCheckedList.exe {67A270911814D1DB9B0EFDA529F1F672} =>PUP.Optional.CheckedList
SR - Auto [09/04/2016] [ 652488] Util Checked List (Util Checked List) . (...) - C:\Program Files (x86)\Checked List\bin\utilCheckedList.exe {67A270911814D1DB9B0EFDA529F1F672} =>PUP.Optional.CheckedList
SS - Auto [09/04/2016] [ 319432] WinSvces (WinSvces) . (...) - C:\Program Files (x86)\WinSvces\WinSvces\WinSvces.exe {7E4DCE980C6E0D4545AFEBD224521FDD}

---\\ Task Planned Automatically (15) - 5s
[MD5.00000000000000000000000000000000] [APT] [TaskName] (...) -- Task To Run (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.750446ED76A5D13E902174DDDDA1A62B] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440] (.Activate.) =>.Google Inc®
[MD5.750446ED76A5D13E902174DDDDA1A62B] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440] (.Activate.) =>.Google Inc®
[MD5.4754913F20B38A575728B00687C3F5C9] [APT] [JJYHQOWYMMWAPKJI] (.All rights reserved..) -- C:\ProgramData\Service5184\Service5184.exe [237568] (.Activate.) =>Heuristic.Graftor
[MD5.3A657B00905B850105E13A31024F3CFA] [APT] [MKVMX1] (.Poposhidu.) -- C:\ProgramData\Poposhidu\Poposhidu.exe [800256] (.Activate.) =>PUP.Optional.CrossRider
[MD5.AF9A8DA902C217A1EA6E2222EE434E9F] [APT] [WinTsks] (...) -- C:\Program Files (x86)\WinTsks\WinTsks\WinTsks.exe [365688] (.Activate.) {7E4DCE980C6E0D4545AFEBD224521FDD}
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1074] =>.Google Inc®
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1078] =>.Google Inc®
O39 - APT: JJYHQOWYMMWAPKJI - (.All rights reserved..) -- C:\Windows\Tasks\JJYHQOWYMMWAPKJI.job [354] =>Heuristic.Graftor
O39 - APT: MKVMX1 - (.Poposhidu.) -- C:\Windows\Tasks\MKVMX1.job [342] =>PUP.Optional.CrossRider
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3814] =>.Google Inc®
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [4050] =>.Google Inc®
O39 - APT: JJYHQOWYMMWAPKJI - (.All rights reserved..) -- C:\Windows\System32\Tasks\JJYHQOWYMMWAPKJI [3364] =>Heuristic.Graftor
O39 - APT: MKVMX1 - (.Poposhidu.) -- C:\Windows\System32\Tasks\MKVMX1 [2856] =>PUP.Optional.CrossRider
O39 - APT: WinTsks - (...) -- C:\Windows\System32\Tasks\WinTsks [15062] {7E4DCE980C6E0D4545AFEBD224521FDD}

---\\ Process running (32) - 2s
[MD5.7D78C186F355BA160E6AD70532736A9B] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [171992] [PID.3564] =>.Intel Corporation - pGFX®
[MD5.035ACEA49CDB90DA2A73EF8CAAF2EE6F] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [399832] [PID.3620] =>.Intel Corporation - pGFX®
[MD5.D13E30F4A6805D862E5F2C1256C04454] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [442328] [PID.3644] =>.Intel Corporation - pGFX®
[MD5.4D4DE41DA750649505E884CEC4A1422F] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3933392] [PID.3776] =>.Tonec Inc.®
[MD5.04EDE063FE2061ADF0C7961FF5DE993A] - (.Internet Download Manager, Tonec Inc. - IDM Integration module.) -- C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe [73368] [PID.3992] =>.Tonec Inc.®
[MD5.B26B610E68F862777C491227B9616271] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [275608] [PID.4024] =>.Tonec Inc.®
[MD5.088CDF722F928A1A23F197556B34F5F7] - (...) -- C:\Users\fatima\Downloads\Programs\free_download_murder_mystery_games_for_pc_full_ver.exe [3653296] [PID.1400] {010CA9DF7294A6705BA91C975E6AFB7A}
[MD5.3A657B00905B850105E13A31024F3CFA] - (.Poposhidu - Application.) -- C:\ProgramData\Poposhidu\Poposhidu.exe [800256] [PID.1984] =>PUP.Optional.CrossRider
[MD5.3A657B00905B850105E13A31024F3CFA] - (.Poposhidu - Application.) -- C:\ProgramData\Poposhidu\Poposhidu.exe [800256] [PID.2208] =>PUP.Optional.CrossRider
[MD5.A78898900AA9B43CCD29ED50B22957EA] - (...) -- C:\Program Files (x86)\Checked List\bin\utilCheckedList.exe [652488] [PID.3032] {67A270911814D1DB9B0EFDA529F1F672} =>PUP.Optional.CheckedList
[MD5.A78898900AA9B43CCD29ED50B22957EA] - (...) -- C:\Program Files (x86)\Checked List\updateCheckedList.exe [652488] [PID.4580] {67A270911814D1DB9B0EFDA529F1F672} =>PUP.Optional.CheckedList
[MD5.CCF9287E75A2847D7C1E29D619CFC66D] - (...) -- C:\Program Files (x86)\Checked List\bin\CheckedList.expext.exe [115400] [PID.4508] {67A270911814D1DB9B0EFDA529F1F672} =>PUP.Optional.CheckedList
[MD5.B6657756A10DFAA17273F120A26183D9] - (...) -- C:\Program Files (x86)\Checked List\bin\CheckedList.PurBrowse64.exe [353480] [PID.4700] {67A270911814D1DB9B0EFDA529F1F672} =>PUP.Optional.CheckedList
[MD5.4BB92588F1E7982C4CFC4E2F57599DA6] - (...) -- C:\Program Files (x86)\Checked List\bin\CheckedList.BrowserAdapter.exe [108232] [PID.1884] {67A270911814D1DB9B0EFDA529F1F672} =>PUP.Optional.CheckedList
[MD5.F8D56BDCB63873CFC456469A47011629] - (...) -- C:\Program Files (x86)\Checked List\bin\CheckedList.BrowserAdapter64.exe [126152] [PID.4332] {67A270911814D1DB9B0EFDA529F1F672} =>PUP.Optional.CheckedList
[MD5.06D87DFF229A09BCFF6F532B5225B51D] - (...) -- C:\Users\fatima\AppData\Local\Temp\pps-qq-19.exe [3495936] [PID.4240]
[MD5.AA7DB05D83D4F7717CD70A782EFEAE20] - (.Tencent - 电脑管家-TAO.) -- C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\TAOFrame.exe [297952] [PID.1428] =>.Superfluous.Tencent
[MD5.275E01C715720AC0C965C5B977F5E490] - (.Tencent - 电脑管家-实时防护服务.) -- C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCRTP.exe [301728] [PID.3548] =>.Superfluous.Tencent
[MD5.53022367D5AD9B373ADD49AA2DA06D50] - (.Tencent - 电脑管家.) -- C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCTray.exe [355296] [PID.1568] =>.Superfluous.Tencent
[MD5.16E27465FC02E6974704FD2187E92144] - (.Tencent - 腾讯高速下载引擎.) -- C:\program files (x86)\common files\Tencent\qqdownload\130\tencentdl.exe [1097272] [PID.5536] =>.Superfluous.Tencent
[MD5.53022367D5AD9B373ADD49AA2DA06D50] - (.Tencent - 电脑管家.) -- C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCTray.exe [355296] [PID.6120] =>.Superfluous.Tencent
[MD5.ADA77EB19FCFA6D3F4ADB0BB970735BC] - (.Tencent - 电脑管家-网络流量监控.) -- C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\plugins\QMNetMon\QQPCNetFlow.exe [1186144] [PID.212] =>.Superfluous.Tencent
[MD5.7209C025DFE00CC2BA10FC726CE3DC89] - (.Tencent - 电脑管家-小火箭.) -- C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCRealTimeSpeedup.exe [629216] [PID.5360] =>.Superfluous.Tencent
[MD5.06FAA58219BF8B6D1BC25C2783763E11] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874648] [PID.5408] =>.Google Inc®
[MD5.06FAA58219BF8B6D1BC25C2783763E11] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874648] [PID.5392] =>.Google Inc®
[MD5.06FAA58219BF8B6D1BC25C2783763E11] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874648] [PID.6080] =>.Google Inc®
[MD5.06FAA58219BF8B6D1BC25C2783763E11] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874648] [PID.6196] =>.Google Inc®
[MD5.06FAA58219BF8B6D1BC25C2783763E11] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874648] [PID.6232] =>.Google Inc®
[MD5.06FAA58219BF8B6D1BC25C2783763E11] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874648] [PID.6296] =>.Google Inc®
[MD5.B83A2507C69E74B751EB8E9B5242114C] - (.Tencent - 电脑管家-自动清理.) -- C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QMAutoClean.exe [260448] [PID.2708] =>.Superfluous.Tencent
[MD5.06FAA58219BF8B6D1BC25C2783763E11] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874648] [PID.4440] =>.Google Inc®
[MD5.5A8CB601C4FA690FEE3E7181D3637566] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\fatima\Downloads\ZHPDiag3.exe [2179584] [PID.2260] =>.Nicolas Coolman

---\\ Google Chrome, Start,Search,Extensions (20) - 20s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://46.101.248.82
G0 - GCSP: Preferences [User Data\Default][HomePage] http://api.appsapi.info
G0 - GCSP: Preferences [User Data\Default][HomePage] http://files.appsapi.info
G0 - GCSP: Preferences [User Data\Default][HomePage] http://accounts.google.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://app.standsapp.org
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients2.google.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://play.google.com
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [ehdpbdpeaeioemgolmhaoaegfflafclk] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [lgblnfidahcdcjddiepkckcfdhpknnjh] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [nfldpcjokplkflgdmbfpcohljmhhabip] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [ooebklgpfnbcnpokahmdidgbmlcdepkm] 电脑管家上网防护 =>.Superfluous.Chrome
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (1) - 1s
P2 - FPN: [HKLM] [@qq.com/QQPCMgr] - (.Tencent Technology (Shenzhen) Company Limited.) -- C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\npQMExtensionsMozilla.dll =>.Superfluous.Tencent

---\\ Internet Explorer Extensions, Start, Search (17) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/ =>PUP.Optional.Browser
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/ =>PUP.Optional.Browser
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/ =>PUP.Optional.Browser
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1

---\\ Internet Explorer, Proxy Management (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation

---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Browser Helper Object (BHO) (2) - 0s
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll =>.Tonec Inc.®
O2 - BHO: TSWebMon [64Bits] - {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} (Orphean)

---\\ Auto loading programs from Registry and folders (7) - 1s
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe =>.Intel Corporation - pGFX®
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe =>.Intel Corporation - pGFX®
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe =>.Intel Corporation - pGFX®
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - HKLM\..\Wow6432Node\Run: [pps-qq-19] . (...) -- C:\Users\fatima\AppData\Local\Temp\pps-qq-19.exe
O4 - HKLM\..\Wow6432Node\Run: [ QQPCTray] . (.Tencent - 电脑管家.) -- C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCTray.exe =>.Superfluous.Tencent
O4 - HKUS\S-1-5-21-26951591-2763287332-981109241-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.®

---\\ Global shortcuts Startup (28) - 11s
O4 - GS\Desktop [Administrator]: Crystals Of Time.lnk . (.GamesPub Ltd. - .) C:\Program Files (x86)\ToomkyGames.com\Crystals Of Time\CrystalsOfTime.exe
O4 - GS\Desktop [Administrator]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - GS\Desktop [Administrator]: Island Of Death.lnk . (.GamesPub Ltd. - .) C:\Program Files (x86)\ToomkyGames.com\Island Of Death\IslandOfDeath.exe
O4 - GS\Desktop [Administrator]: Stray Souls - Dollhouse Story.lnk . (.GamesPub Ltd. - .) C:\Program Files (x86)\ToomkyGames.com\Stray Souls - Dollhouse Story\StraySoulsDollhouseStory.exe
O4 - GS\Desktop [Administrator]: The Lake House - Children of Silence.lnk . (.GamesPub Ltd. - .) C:\Program Files (x86)\ToomkyGames.com\The Lake House - Children of Silence\TheLakeHouseChildrenOfSilence.exe
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\fatima\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (...) C:\Program Files (x86)\SpeedSearchesbnd\ShortCccBoost.exe {7E4DCE980C6E0D4545AFEBD224521FDD}
O4 - GS\TaskBar [Administrator]: File Explorer.lnk . (...) C:\Users\fatima\AppData\Roaming\Microsoft\Windows\Libraries
O4 - GS\TaskBar [Administrator]: Google Chrome.lnk . (...) C:\Program Files (x86)\SpeedSearchesbnd\ShortCccBoost.exe {7E4DCE980C6E0D4545AFEBD224521FDD}
O4 - GS\Desktop [fatima]: Crystals Of Time.lnk . (.GamesPub Ltd. - .) C:\Program Files (x86)\ToomkyGames.com\Crystals Of Time\CrystalsOfTime.exe
O4 - GS\Desktop [fatima]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - GS\Desktop [fatima]: Island Of Death.lnk . (.GamesPub Ltd. - .) C:\Program Files (x86)\ToomkyGames.com\Island Of Death\IslandOfDeath.exe
O4 - GS\Desktop [fatima]: Stray Souls - Dollhouse Story.lnk . (.GamesPub Ltd. - .) C:\Program Files (x86)\ToomkyGames.com\Stray Souls - Dollhouse Story\StraySoulsDollhouseStory.exe
O4 - GS\Desktop [fatima]: The Lake House - Children of Silence.lnk . (.GamesPub Ltd. - .) C:\Program Files (x86)\ToomkyGames.com\The Lake House - Children of Silence\TheLakeHouseChildrenOfSilence.exe
O4 - GS\Desktop [fatima]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\fatima\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [fatima]: Google Chrome.lnk . (...) C:\Program Files (x86)\SpeedSearchesbnd\ShortCccBoost.exe {7E4DCE980C6E0D4545AFEBD224521FDD}
O4 - GS\TaskBar [fatima]: File Explorer.lnk . (...) C:\Users\fatima\AppData\Roaming\Microsoft\Windows\Libraries
O4 - GS\TaskBar [fatima]: Google Chrome.lnk . (...) C:\Program Files (x86)\SpeedSearchesbnd\ShortCccBoost.exe {7E4DCE980C6E0D4545AFEBD224521FDD}
O4 - GS\Desktop [Guest]: Crystals Of Time.lnk . (.GamesPub Ltd. - .) C:\Program Files (x86)\ToomkyGames.com\Crystals Of Time\CrystalsOfTime.exe
O4 - GS\Desktop [Guest]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - GS\Desktop [Guest]: Island Of Death.lnk . (.GamesPub Ltd. - .) C:\Program Files (x86)\ToomkyGames.com\Island Of Death\IslandOfDeath.exe
O4 - GS\Desktop [Guest]: Stray Souls - Dollhouse Story.lnk . (.GamesPub Ltd. - .) C:\Program Files (x86)\ToomkyGames.com\Stray Souls - Dollhouse Story\StraySoulsDollhouseStory.exe
O4 - GS\Desktop [Guest]: The Lake House - Children of Silence.lnk . (.GamesPub Ltd. - .) C:\Program Files (x86)\ToomkyGames.com\The Lake House - Children of Silence\TheLakeHouseChildrenOfSilence.exe
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\fatima\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (...) C:\Program Files (x86)\SpeedSearchesbnd\ShortCccBoost.exe {7E4DCE980C6E0D4545AFEBD224521FDD}
O4 - GS\TaskBar [Guest]: File Explorer.lnk . (...) C:\Users\fatima\AppData\Roaming\Microsoft\Windows\Libraries
O4 - GS\TaskBar [Guest]: Google Chrome.lnk . (...) C:\Program Files (x86)\SpeedSearchesbnd\ShortCccBoost.exe {7E4DCE980C6E0D4545AFEBD224521FDD}
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (...) C:\Program Files (x86)\SpeedSearchesbnd\ShortCccBoost.exe {7E4DCE980C6E0D4545AFEBD224521FDD}

---\\ Lop.com/Domain Hijackers (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{207D425E-6D45-47E8-B709-638E7041270F}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD2053B0-E228-4CED-AA47-E79A7892BDA1}: DhcpNameServer = 192.168.0.1

---\\ Extra protocols (21) - 2s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: mso-minsb-roaming.16 [64Bits] - {83C25742-A9F7-49FB-9138-434302C88D07} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: mso-minsb.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: osf-roaming.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: osf.16 [64Bits] - {5504BE45-A83B-4808-900A-3A5C36E7F77A} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation

---\\ AppInit_DLLs Registry value Autorun (1) - 0s
O20 - AppInit_DLLs: . (.Poposhidu - Application.) - C:\ProgramData\Poposhidu\SPOFJO64.dll =>PUP.Optional.CrossRider

---\\ Software installed (20) - 5s
O42 - Logiciel: AppHelper - (.AppHelper.) [HKLM][64Bits] -- AppHelper =>.Superfluous.AppHelper
O42 - Logiciel: Checked List - (.Checked List.) [HKLM][64Bits] -- Checked List {67A270911814D1DB9B0EFDA529F1F672} =>PUP.Optional.CheckedList
O42 - Logiciel: Crystals Of Time - (.ToomkyGames.com.) [HKLM][64Bits] -- Crystals Of Time_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: hohosearch - Uninstall - (...) [HKLM][64Bits] -- Uninstall - icb {5AECF166BFAD076C4EDF75C3CC251D24} =>.Superfluous.Hohosearch
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation - pGFX®
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager =>.Tonec Inc.®
O42 - Logiciel: Island Of Death - (.ToomkyGames.com.) [HKLM][64Bits] -- Island Of Death_is1
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- OneDriveSetup.exe =>.Microsoft Corporation®
O42 - Logiciel: Office 16 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008C-0000-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Office 16 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-007E-0000-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Office 16 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008C-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Poposhidu - (...) [HKLM][64Bits] -- Poposhidu
O42 - Logiciel: Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Qualcomm Atheros Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549} =>.Qualcomm Atheros®
O42 - Logiciel: REALTEK Wireless LAN Driver - (...) [HKLM][64Bits] -- {9DAABC60-A5EF-41FF-B2B9-17329590CD5} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Stray Souls - Dollhouse Story - (.ToomkyGames.com.) [HKLM][64Bits] -- Stray Souls - Dollhouse Story_is1
O42 - Logiciel: The Lake House - Children of Silence - (.ToomkyGames.com.) [HKLM][64Bits] -- The Lake House - Children of Silence_is1
O42 - Logiciel: Visual Studio 2012 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {8C775E70-A791-4DA8-BCC3-6AB7136F4484} =>.AVG Technologies
O42 - Logiciel: Visual Studio 2012 x86 Redistributables - (.AVG Technologies CZ, s.r.o..) [HKLM][64Bits] -- {98EFF19A-30AB-4E4B-B943-F06B1C63EBF8} =>.AVG Technologies CZ, s.r.o.

---\\ HKCU & HKLM Software Keys (39) - 5s
HKLM\SOFTWARE\Wow6432Node\AVG
HKLM\SOFTWARE\Wow6432Node\Big Fish Games
HKLM\SOFTWARE\Wow6432Node\Checked List =>PUP.Optional.CheckedList
HKLM\SOFTWARE\Wow6432Node\FreeDownloadManager.ORG
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\hohosearchSoftware =>.Superfluous.Hohosearch
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Internet Download Manager
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Licenses
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\Qualcomm Atheros Inc.
HKLM\SOFTWARE\Wow6432Node\REALTEK Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\RtWLan
HKLM\SOFTWARE\Wow6432Node\Tencent =>.Superfluous.Tencent
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\AVG
HKCU\SOFTWARE\Big Fish Games
HKCU\SOFTWARE\Checked List =>PUP.Optional.CheckedList
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\FreeDownloadManager.ORG
HKCU\SOFTWARE\FreeVPN
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Mine
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Tencent =>.Superfluous.Tencent
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software

---\\ Contents of the Common Files folders (115) - 94s
O43 - CFD: 09/04/2016 - [] D -- C:\Program Files\Common Files
O43 - CFD: 09/04/2016 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 08/04/2016 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation®
O43 - CFD: 08/04/2016 - [] D -- C:\Program Files\Microsoft Office 15 =>.Microsoft Corporation®
O43 - CFD: 26/07/2012 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 09/04/2016 - [] D -- C:\Program Files\Windows Defender =>.Microsoft Windows®
O43 - CFD: 09/04/2016 - [] D -- C:\Program Files\Windows Journal
O43 - CFD: 26/07/2012 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 09/04/2016 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 26/07/2012 - [] D -- C:\Program Files\Windows Multimedia Platform
O43 - CFD: 26/07/2012 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 09/04/2016 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation®
O43 - CFD: 26/07/2012 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 26/07/2012 - [] SHD -- C:\Program Files\Windows Sidebar
O43 - CFD: 09/04/2016 - [] HD -- C:\Program Files\WindowsApps =>.Microsoft Corporation®
O43 - CFD: 08/04/2016 - [] D -- C:\Program Files (x86)\AVG
O43 - CFD: 09/04/2016 - [] D -- C:\Program Files (x86)\Checked List {67A270911814D1DB9B0EFDA529F1F672} =>PUP.Optional.CheckedList
O43 - CFD: 09/04/2016 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 07/04/2016 - [] D -- C:\Program Files (x86)\Free Download Manager
O43 - CFD: 08/04/2016 - [] D -- C:\Program Files (x86)\Google =>.Google Inc®
O43 - CFD: 08/04/2016 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information =>.Realtek Semiconductor Corp®
O43 - CFD: 07/04/2016 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation - pGFX®
O43 - CFD: 07/04/2016 - [] D -- C:\Program Files (x86)\Internet Download Manager =>.Tonec Inc.®
O43 - CFD: 09/04/2016 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 08/04/2016 - [] D -- C:\Program Files (x86)\Microsoft OneDrive =>.Microsoft Corporation®
O43 - CFD: 08/04/2016 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 08/04/2016 - [] D -- C:\Program Files (x86)\REALTEK
O43 - CFD: 08/04/2016 - [] D -- C:\Program Files (x86)\REALTEK PCIE Wireless LAN Driver
O43 - CFD: 09/04/2016 - [] D -- C:\Program Files (x86)\SpeedSearchesbnd {7E4DCE980C6E0D4545AFEBD224521FDD}
O43 - CFD: 09/04/2016 - [] D -- C:\Program Files (x86)\Tencent =>.Superfluous.Tencent
O43 - CFD: 08/04/2016 - [] D -- C:\Program Files (x86)\ToomkyGames.com
O43 - CFD: 09/04/2016 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 26/07/2012 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 09/04/2016 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 26/07/2012 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 26/07/2012 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 09/04/2016 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation®
O43 - CFD: 26/07/2012 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 26/07/2012 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 09/04/2016 - [] D -- C:\Program Files (x86)\WinSvces {7E4DCE980C6E0D4545AFEBD224521FDD}
O43 - CFD: 09/04/2016 - [] D -- C:\Program Files (x86)\WinTsks {7E4DCE980C6E0D4545AFEBD224521FDD}
O43 - CFD: 26/07/2012 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 09/04/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 26/07/2012 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 07/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 26/07/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 08/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
O43 - CFD: 26/07/2012 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 26/07/2012 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 26/07/2012 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 08/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ToomkyGames
O43 - CFD: 09/04/2016 - [] D -- C:\ProgramData\12db864551ae4c578eb17db1a9f5d3cf =>Adware.Suspect
O43 - CFD: 26/07/2012 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 08/04/2016 - [] D -- C:\ProgramData\Avg
O43 - CFD: 08/04/2016 - [] D -- C:\ProgramData\Big Fish
O43 - CFD: 08/04/2016 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 26/07/2012 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 26/07/2012 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 07/04/2016 - [] D -- C:\ProgramData\Free Download Manager
O43 - CFD: 07/04/2016 - [] D -- C:\ProgramData\FreeDownloadManager.ORG
O43 - CFD: 07/04/2016 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 09/04/2016 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 08/04/2016 - [] D -- C:\ProgramData\Microsoft OneDrive
O43 - CFD: 09/04/2016 - [] D -- C:\ProgramData\Poposhidu
O43 - CFD: 07/04/2016 - [] D -- C:\ProgramData\PRICache
O43 - CFD: 08/04/2016 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 09/04/2016 - [] D -- C:\ProgramData\Service5184 =>Heuristic.Graftor
O43 - CFD: 26/07/2012 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 08/04/2016 - [0] AD -- C:\ProgramData\TEMP
O43 - CFD: 26/07/2012 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 09/04/2016 - [] D -- C:\ProgramData\Tencent =>.Superfluous.Tencent
O43 - CFD: 09/04/2016 - [] D -- C:\ProgramData\TXQMPC
O43 - CFD: 09/04/2016 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 26/07/2012 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 26/07/2012 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 09/04/2016 - [] D -- C:\Program Files (x86)\Common Files\Tencent =>.Superfluous.Tencent
O43 - CFD: 07/04/2016 - [] D -- C:\Users\fatima\AppData\Roaming\Adobe
O43 - CFD: 09/04/2016 - [] D -- C:\Users\fatima\AppData\Roaming\AlawarEntertainment
O43 - CFD: 09/04/2016 - [] D -- C:\Users\fatima\AppData\Roaming\DMCache
O43 - CFD: 08/04/2016 - [] D -- C:\Users\fatima\AppData\Roaming\DominiGames
O43 - CFD: 07/04/2016 - [] D -- C:\Users\fatima\AppData\Roaming\FreeDownloadManager.ORG
O43 - CFD: 09/04/2016 - [] D -- C:\Users\fatima\AppData\Roaming\FreeVPN
O43 - CFD: 08/04/2016 - [] D -- C:\Users\fatima\AppData\Roaming\IDM
O43 - CFD: 07/04/2016 - [] D -- C:\Users\fatima\AppData\Roaming\Macromedia
O43 - CFD: 08/04/2016 - [] SD -- C:\Users\fatima\AppData\Roaming\Microsoft
O43 - CFD: 08/04/2016 - [] D -- C:\Users\fatima\AppData\Roaming\OpenCandy =>PUP.Optional.OpenCandy
O43 - CFD: 09/04/2016 - [] D -- C:\Users\fatima\AppData\Roaming\RVLGames
O43 - CFD: 09/04/2016 - [] D -- C:\Users\fatima\AppData\Roaming\Tencent =>.Superfluous.Tencent
O43 - CFD: 08/04/2016 - [] D -- C:\Users\fatima\AppData\Roaming\ToomkyGames.com
O43 - CFD: 09/04/2016 - [] D -- C:\Users\fatima\AppData\Roaming\ZHP
O43 - CFD: 09/04/2016 - [] D -- C:\Users\fatima\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
O43 - CFD: 07/04/2016 - [0] SHD -- C:\Users\fatima\AppData\Local\Application Data
O43 - CFD: 09/04/2016 - [] D -- C:\Users\fatima\AppData\Local\Apps
O43 - CFD: 08/04/2016 - [] D -- C:\Users\fatima\AppData\Local\Avg
O43 - CFD: 08/04/2016 - [] D -- C:\Users\fatima\AppData\Local\AvgSetupLog
O43 - CFD: 08/04/2016 - [] D -- C:\Users\fatima\AppData\Local\Big Fish
O43 - CFD: 07/04/2016 - [] D -- C:\Users\fatima\AppData\Local\Diagnostics
O43 - CFD: 08/04/2016 - [] D -- C:\Users\fatima\AppData\Local\Google
O43 - CFD: 07/04/2016 - [0] SHD -- C:\Users\fatima\AppData\Local\History
O43 - CFD: 09/04/2016 - [] D -- C:\Users\fatima\AppData\Local\Microsoft
O43 - CFD: 08/04/2016 - [] D -- C:\Users\fatima\AppData\Local\Packages
O43 - CFD: 07/04/2016 - [] D -- C:\Users\fatima\AppData\Local\Programs
O43 - CFD: 09/04/2016 - [] D -- C:\Users\fatima\AppData\Local\Temp
O43 - CFD: 07/04/2016 - [0] SHD -- C:\Users\fatima\AppData\Local\Temporary Internet Files
O43 - CFD: 09/04/2016 - [] D -- C:\Users\fatima\AppData\Local\VirtualStore
O43 - CFD: 07/04/2016 - [0] D -- C:\Users\fatima\AppData\Local\Programs\Common
O43 - CFD: 26/07/2012 - [] RD -- C:\Users\fatima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 26/07/2012 - [] RD -- C:\Users\fatima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 09/04/2016 - [] RD -- C:\Users\fatima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 08/04/2016 - [] D -- C:\Users\fatima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
O43 - CFD: 07/04/2016 - [] D -- C:\Users\fatima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 26/07/2012 - [] D -- C:\Users\fatima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 09/04/2016 - [] RD -- C:\Users\fatima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 26/07/2012 - [] RD -- C:\Users\fatima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 09/04/2016 - [] D -- C:\Users\fatima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件

---\\ Latest files created in Prefetcher (12) - 22s
O45 - LFCP:[MD5.8B5987370DAE530E420409D61F5ABED6] 09/04/2016 A -- C:\Windows\Prefetch\CHECKEDLIST.BROWSERADAPTER.EX-D81B5EE9.pf =>PUP.Optional.CheckedList
O45 - LFCP:[MD5.95E6B9A0826CC62BA8D14438E79A7E66] 09/04/2016 A -- C:\Windows\Prefetch\CHECKEDLIST.BROWSERADAPTER64.-A2C2623B.pf =>PUP.Optional.CheckedList
O45 - LFCP:[MD5.74D51416CBCAD81F2EA95D5D190C66EC] 09/04/2016 A -- C:\Windows\Prefetch\CHECKEDLIST.EXE-94A36B3C.pf =>PUP.Optional.CheckedList
O45 - LFCP:[MD5.F9E1905F3999755FEB4ED3C6C21F1278] 09/04/2016 A -- C:\Windows\Prefetch\CHECKEDLIST.EXPEXT.EXE-F328FB76.pf =>PUP.Optional.CheckedList
O45 - LFCP:[MD5.258D67602850C58C8B86CF9017628FA9] 09/04/2016 A -- C:\Windows\Prefetch\CHECKEDLIST.PURBROWSE64.EXE-BEBBED3F.pf =>PUP.Optional.CheckedList
O45 - LFCP:[MD5.78F60F43D68E82565B83FEC926B9B712] 09/04/2016 A -- C:\Windows\Prefetch\CHECKEDLIST_SETUP.EXE-FE6D19C7.pf =>PUP.Optional.CheckedList
O45 - LFCP:[MD5.8941C9301EDA56168475B5758AD58B34] 09/04/2016 A -- C:\Windows\Prefetch\HOHOSEARCH.EXE-25B630C9.pf =>.Superfluous.Hohosearch
O45 - LFCP:[MD5.9B8B322E0C33F080BC8F78025A01CC45] 09/04/2016 A -- C:\Windows\Prefetch\SERVICE5184.EXE-80BF5431.pf =>Heuristic.Graftor
O45 - LFCP:[MD5.4FE3D99D77A01AD08DC644B1F8FBBA9B] 09/04/2016 A -- C:\Windows\Prefetch\TENCENTDL.EXE-148D6B9C.pf =>.Superfluous.Tencent
O45 - LFCP:[MD5.7D42911E689CF02130B0BEDEC6004151] 09/04/2016 A -- C:\Windows\Prefetch\TENCENTDL.EXE-C83FB433.pf =>.Superfluous.Tencent
O45 - LFCP:[MD5.D5D054EF781D6B2E1EDE5E6587AC5EE4] 09/04/2016 A -- C:\Windows\Prefetch\UPDATECHECKEDLIST.EXE-E4392390.pf =>PUP.Optional.CheckedList
O45 - LFCP:[MD5.05A6A14B9BFA5AF1B26356364FFDC65F] 09/04/2016 A -- C:\Windows\Prefetch\UTILCHECKEDLIST.EXE-54E41AA8.pf =>PUP.Optional.CheckedList

---\\ ShellIconOverlayIdentifiers (SIOI) (8) - 1s
O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\fatima\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\fatima\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\fatima\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\fatima\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\fatima\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) [ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) [ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 3 (InSync) [ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL =>.Microsoft Corporation®

---\\ System Drivers List (43) - 18s
O58 - SDL:2012/07/26 15:00:49 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys [106736] =>.Microsoft Windows®
O58 - SDL:2012/07/26 15:00:49 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [492272] =>.Microsoft Windows®
O58 - SDL:2012/07/26 15:00:48 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [340720] =>.Microsoft Windows®
O58 - SDL:2012/07/26 15:00:49 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [184048] =>.Microsoft Windows®
O58 - SDL:2012/07/26 15:00:49 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [76016] =>.Microsoft Windows®
O58 - SDL:2012/07/26 15:00:49 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [258288] =>.Microsoft Windows®
O58 - SDL:2012/07/26 15:00:48 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [26352] =>.Microsoft Windows®
O58 - SDL:2012/07/26 15:00:49 A . (.PMC-Sierra, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [104688] =>.Microsoft Windows®
O58 - SDL:2012/07/26 15:00:48 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [108272] =>.Microsoft Windows®
O58 - SDL:2012/07/26 15:00:49 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [539376] =>.Microsoft Windows®
O58 - SDL:2012/07/26 15:00:52 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3295984] =>.Microsoft Windows®
O58 - SDL:2012/07/17 18:12:08 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys [62784] =>.Intel Corporation®
O58 - SDL:2012/07/26 15:00:52 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [64752] =>.Microsoft Windows®
O58 - SDL:2012/07/26 15:00:52 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [411888] =>.Microsoft Windows®
O58 - SDL:2016/01/28 19:20:10 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [209056] =>.Tonec Inc.®
O58 - SDL:2013/03/06 03:02:18 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [5358016] =>.Intel Corporation
O58 - SDL:2012/07/26 15:00:52 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [45296] =>.Microsoft Windows®
O58 - SDL:2012/06/03 00:31:31 A . (.Qualcomm Atheros Co., Ltd. - Qualcomm Atheros Ar81xx series PCI-E Gigabi.) -- C:\Windows\System32\drivers\L1C63x64.sys [100864] =>.Qualcomm Atheros Co., Ltd.
O58 - SDL:2012/07/26 15:00:52 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [108784] =>.Microsoft Windows®
O58 - SDL:2012/07/26 15:00:52 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [92400] =>.Microsoft Windows®
O58 - SDL:2012/07/26 15:00:52 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [116976] =>.Microsoft Windows®
O58 - SDL:2012/07/26 15:00:52 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys [81136] =>.Microsoft Windows®
O58 - SDL:2012/07/26 15:00:52 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [51952] =>.Microsoft Windows®
O58 - SDL:2012/07/26 15:00:52 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [353008] =>.Microsoft Windows®
O58 - SDL:2012/07/26 15:00:55 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys [64240] =>.Microsoft Windows®
O58 - SDL:2012/07/26 15:00:55 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [52464] =>.Microsoft Windows®
O58 - SDL:2012/07/26 15:00:55 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [150256] =>.Microsoft Windows®
O58 - SDL:2012/07/26 15:00:55 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [168176] =>.Microsoft Windows®
O58 - SDL:2014/04/30 20:59:28 A . (.Realtek Semiconductor Corporation - Realtek PCIE NDIS Driverr.) -- C:\Windows\System32\drivers\rtwlane.sys [3421040] =>.Realtek Semiconductor Corp®
O58 - SDL:2012/07/26 18:11:43 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2012/07/26 15:00:55 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [44784] =>.Microsoft Windows®
O58 - SDL:2012/07/26 15:00:56 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [81648] =>.Microsoft Windows®
O58 - SDL:2012/07/26 15:00:55 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys [30960] =>.Microsoft Windows®
O58 - SDL:2016/04/09 23:28:48 A . (.Tencent - 电脑管家-TAO游戏启动加速驱动.) -- C:\Windows\System32\drivers\TAOAccelerator64.sys [88632] =>.Superfluous.Tencent
O58 - SDL:2016/04/09 23:28:49 A . (.Tencent Technology(Shenzhen) Company Limited - TAOKernel.) -- C:\Windows\System32\drivers\TAOKernel64.sys [274232] =>.Superfluous.Tencent
O58 - SDL:2016/04/09 23:28:49 A . (.电脑管家 - 电脑管家-驱动模块.) -- C:\Windows\System32\drivers\TFsFltX64.sys [87864] =>.Superfluous.Tencent
O58 - SDL:2012/08/02 01:42:08 A . (.Windows (R) Win 7 DDK provider - Toshiba Hotkey Driver.) -- C:\Windows\System32\drivers\Thotkey.sys [28632] =>.TOSHIBA CORPORATION®
O58 - SDL:2013/11/01 03:22:28 A . (.TOSHIBA Corporation - TOSHIBA Bluetooth EC Driver.) -- C:\Windows\System32\drivers\tosrfec.sys [27032] =>.TOSHIBA CORPORATION®
O58 - SDL:2013/08/15 01:13:32 A . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and.) -- C:\Windows\System32\drivers\TVALZ_O.SYS [32832] =>.TOSHIBA CORPORATION®
O58 - SDL:2012/07/26 15:00:58 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [19184] =>.Microsoft Windows®
O58 - SDL:2012/07/26 15:00:58 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [164080] =>.Microsoft Windows®
O58 - SDL:2012/07/26 15:00:58 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS [322800] =>.Microsoft Windows®
O58 - SDL:2016/04/09 04:02:22 A . (.StdLib - StdLib.) -- C:\Windows\System32\drivers\{fc3cdbfe-8a8e-406c-954a-8cb7370cfc8e}Gw64.sys [48744] {67A270911814D1DB9B0EFDA529F1F672} =>PUP.Optional.LinkiDoo

---\\ Last modified or created user files (369) - 66s
O61 - LFC: 2016/04/08 04:43:50 A . (.ToomkyGames.com.) -- C:\Users\fatima\Downloads\Programs\CrystalsOfTimeSetup.exe [172527249]
O61 - LFC: 2016/04/09 23:11:32 A . (..) -- C:\Users\fatima\Downloads\Programs\free_download_murder_mystery_games_for_pc_full_ver.exe [3653296] {010CA9DF7294A6705BA91C975E6AFB7A}
O61 - LFC: 2016/04/08 04:38:41 A . (.ToomkyGames.com.) -- C:\Users\fatima\Downloads\Programs\IslandOfDeathSetup.exe [359529844]
O61 - LFC: 2016/04/08 23:17:57 A . (.ToomkyGames.com.) -- C:\Users\fatima\Downloads\Programs\StraySoulsDollhouseStorySetup.exe [219830367]
O61 - LFC: 2016/04/08 05:46:55 A . (.ToomkyGames.com.) -- C:\Users\fatima\Downloads\Programs\TheLakeHouseChildrenOfSilenceSetup.exe [496197320]
O61 - LFC: 2016/04/09 23:13:56 A . (..) -- C:\Users\fatima\AppData\Roaming\FreeVPN\FreeVPN.exe [77316]
O61 - LFC: 2016/04/07 23:47:04 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\AC\INetCache\Z63Y0IHE\00000040-01a5-0002-c1c8-f109a19cb2e0[1].bin [11484]
O61 - LFC: 2016/04/07 23:40:29 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\AC\INetCache\Z63Y0IHE\01000000-03a2-0002-c1c8-f109a19cb2e0[1].bin [1992]
O61 - LFC: 2016/04/07 23:46:35 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\AC\INetCache\Z63Y0IHE\01000000-03ec-0002-c1c8-f109a19cb2e0[1].bin [2528]
O61 - LFC: 2016/04/07 23:47:02 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\AC\INetCache\W2IT7HSO\00000040-01a4-0002-c1c8-f109a19cb2e0[1].bin [14080]
O61 - LFC: 2016/04/07 23:40:57 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\AC\INetCache\W2IT7HSO\00400000-0008-0003-c1c8-f109a19cb2e0[1].bin [24432]
O61 - LFC: 2016/04/07 23:41:20 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\AC\INetCache\W2IT7HSO\01000000-0348-0002-c1c8-f109a19cb2e0[1].bin [748]
O61 - LFC: 2016/04/07 23:40:34 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\AC\INetCache\W2IT7HSO\01000000-0353-0002-c1c8-f109a19cb2e0[1].bin [876]
O61 - LFC: 2016/04/07 23:38:38 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\AC\INetCache\W2IT7HSO\01000000-03ef-0002-c1c8-f109a19cb2e0[1].bin [748]
O61 - LFC: 2016/04/07 23:46:34 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\AC\INetCache\W2IT7HSO\01000000-040f-0002-c1c8-f109a19cb2e0[1].bin [1772]
O61 - LFC: 2016/04/07 23:41:17 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\AC\INetCache\L0EVDRRF\01000000-034e-0002-c1c8-f109a19cb2e0[1].bin [964]
O61 - LFC: 2016/04/07 23:46:37 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\AC\INetCache\L0EVDRRF\01000000-03a9-0002-c1c8-f109a19cb2e0[1].bin [1488]
O61 - LFC: 2016/04/07 23:41:24 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\AC\INetCache\L0EVDRRF\01000000-03fb-0002-c1c8-f109a19cb2e0[1].bin [1716]
O61 - LFC: 2016/04/07 23:40:43 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\AC\INetCache\L0EVDRRF\01000000-0406-0002-c1c8-f109a19cb2e0[1].bin [2344]
O61 - LFC: 2016/04/07 23:40:52 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\AC\INetCache\918XIRZF\01000000-0347-0002-c1c8-f109a19cb2e0[1].bin [3544]
O61 - LFC: 2016/04/07 23:38:37 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\AC\INetCache\918XIRZF\01000000-038c-0002-c1c8-f109a19cb2e0[1].bin [1148]
O61 - LFC: 2016/04/07 23:40:36 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\AC\INetCache\918XIRZF\01000000-038d-0002-c1c8-f109a19cb2e0[1].bin [1680]
O61 - LFC: 2016/04/07 23:40:38 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\AC\INetCache\918XIRZF\01000000-0398-0002-c1c8-f109a19cb2e0[1].bin [1800]
O61 - LFC: 2016/04/07 23:41:27 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\AC\INetCache\918XIRZF\01000000-03df-0002-c1c8-f109a19cb2e0[1].bin [744]
O61 - LFC: 2016/04/07 23:46:26 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\AC\INetCache\918XIRZF\01000000-0401-0002-c1c8-f109a19cb2e0[1].bin [1200]
O61 - LFC: 2016/04/07 23:40:32 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\AC\INetCache\918XIRZF\01000000-040c-0002-c1c8-f109a19cb2e0[1].bin [1628]
O61 - LFC: 2016/04/09 20:59:22 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\LocalState\Microsoft.Xbox\pop.bin [1309]
O61 - LFC: 2016/04/09 21:14:07 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\LocalState\DiskCache\DiskCache.bin [2331]
O61 - LFC: 2016/04/08 00:52:53 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\Windows\1033\StructuredQuerySchema.bin [326629]
O61 - LFC: 2016/04/08 04:06:05 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\MicrosoftAd439beb82#\142e1647eef872c7fdcde8a6efbe78b8\MicrosoftAdvertising_MMPPF.ni.dll [24064]
O61 - LFC: 2016/04/08 04:05:54 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Microsoft.Xbox\b4969192e65beadbc04c3209224b98eb\Microsoft.Xbox.ni.dll [491008]
O61 - LFC: 2016/04/08 04:06:00 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Microsoft.G42d2c636#\b6c72a70a78e000ee61fe6f7802b32ac\Microsoft.Games.Sentient.ni.dll [44032]
O61 - LFC: 2016/04/08 04:05:57 A . (.Copyright © 2013.) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\CEServices\c09b7f958fc83a4a30f3f2d0e71381d6\CEServices.ni.dll [236032]
O61 - LFC: 2016/04/08 04:05:48 A . (.Copyright © 2013.) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Xaba8eb3bf#\740f574cd306b97a1678601d5f4375d0\Arkadium.Xaml.Toolkit.ni.dll [122368]
O61 - LFC: 2016/04/08 04:05:46 A . (.Copyright © 2013.) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Wi4bbc307d#\766ef13d153255d76383d488320f5279\Arkadium.WindowsStoreModule.ni.dll [279552]
O61 - LFC: 2016/04/08 04:05:48 A . (.Copyright © 2013.) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Wi3ea2618e#\7900ef1f57bebc723833a650ed4ec458\Arkadium.Win8.PuzzleMode.ni.dll [912896]
O61 - LFC: 2016/04/08 04:06:02 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Sh130cfbe4#\8bede61d18aa0664f7cabb2337119e36\Arkadium.SharpDXEngine.AudioLoader.ni.dll [13824]
O61 - LFC: 2016/04/08 04:05:47 A . (.Copyright © 2013.) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Le816657bc#\06fe6eb628cd8f0878111f921bdab83f\Arkadium.LeaderboardModule.ni.dll [300544]
O61 - LFC: 2016/04/08 04:05:43 A . (.Copyright © 2013.) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Dae4911807#\67b7a7733fcefc62ec9e46b976de05c6\Arkadium.DailyChallengeModule.ni.dll [1677824]
O61 - LFC: 2016/04/08 04:05:51 A . (.Copyright © 2013.) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.CdnModule\788b982d16d1237ea801d8bec73500a3\Arkadium.CdnModule.ni.dll [249856]
O61 - LFC: 2016/04/08 04:05:47 A . (.Copyright © 2013.) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Awd4f12c8f#\8182cc3d39664d76fba7a193c155c007\Arkadium.AwardsModule.ni.dll [255488]
O61 - LFC: 2016/04/08 04:05:57 A . (.Copyright © 2013.) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Ap4e5cc921#\e6eab333c3b0d3026de8f838fa825614\Arkadium.ApplicationFramework.ni.dll [132608]
O61 - LFC: 2016/04/08 04:05:50 A . (.Copyright © 2013.) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Ad1735b4ba#\2fbfe040eb88db7500b7424cbbfc0536\Arkadium.Advertisement.ni.dll [625152]
O61 - LFC: 2016/04/08 04:05:50 A . (.Copyright © 2013.) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Acc213f109#\ad5db1b8e9f0cd55a94f0ecd4422a1d0\Arkadium.AchievementsModule.ni.dll [148992]
O61 - LFC: 2016/04/09 21:17:36 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\LocalState\Microsoft.Xbox\pop.bin [1297]
O61 - LFC: 2016/04/08 00:47:08 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\LocalState\DiskCache\DiskCache.bin [1354]
O61 - LFC: 2016/04/08 00:48:02 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\AC\Microsoft\Windows\1033\StructuredQuerySchema.bin [326629]
O61 - LFC: 2016/04/08 04:05:05 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Microsoft.Xbox\b4969192e65beadbc04c3209224b98eb\Microsoft.Xbox.ni.dll [491008]
O61 - LFC: 2016/04/08 04:05:09 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Microsoft.G42d2c636#\b6c72a70a78e000ee61fe6f7802b32ac\Microsoft.Games.Sentient.ni.dll [44032]
O61 - LFC: 2016/04/08 04:05:26 A . (.Copyright © 2011.) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\MahjonggCla307edc05#\d49ccaa0b2ad1749c2bf7f3e2fa4cecc\MahjonggClassicUIWin8_DP4.ni.dll [892416]
O61 - LFC: 2016/04/08 04:05:03 A . (.Copyright © Microsoft 2011.) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Mahjong\c29b89fbb62840cb3fe82925cdb55cb5\Mahjong.ni.exe [1897984]
O61 - LFC: 2016/04/08 04:05:20 A . (.Copyright © 2013.) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\CEServices\c09b7f958fc83a4a30f3f2d0e71381d6\CEServices.ni.dll [236032]
O61 - LFC: 2016/04/08 04:05:11 A . (.Copyright © 2013.) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Xaba8eb3bf#\8dfb778705c0a78b511c3921f125e461\Arkadium.Xaml.Toolkit.ni.dll [122368]
O61 - LFC: 2016/04/08 04:05:10 A . (.Copyright © 2013.) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Wi4bbc307d#\c2d64de50006fc36bb5b556e0fb032fd\Arkadium.WindowsStoreModule.ni.dll [279552]
O61 - LFC: 2016/04/08 04:05:26 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Sh130cfbe4#\8bede61d18aa0664f7cabb2337119e36\Arkadium.SharpDXEngine.AudioLoader.ni.dll [13824]
O61 - LFC: 2016/04/08 04:05:11 A . (.Copyright © 2013.) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Le816657bc#\eb446cffdce2815d1d978020fef4b6e0\Arkadium.LeaderboardModule.ni.dll [300544]
O61 - LFC: 2016/04/08 04:05:13 A . (.Copyright © 2013.) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Dae4911807#\5355af32d802811b054f4530ecfb9d48\Arkadium.DailyChallengeModule.ni.dll [1677824]
O61 - LFC: 2016/04/08 04:05:14 A . (.Copyright © 2013.) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.CdnModule\788b982d16d1237ea801d8bec73500a3\Arkadium.CdnModule.ni.dll [249856]
O61 - LFC: 2016/04/08 04:05:11 A . (.Copyright © 2013.) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Awd4f12c8f#\6dad870e83a0a724e9a1448971e4c933\Arkadium.AwardsModule.ni.dll [255488]
O61 - LFC: 2016/04/08 04:05:09 A . (.Copyright © 2013.) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Ap4e5cc921#\e6eab333c3b0d3026de8f838fa825614\Arkadium.ApplicationFramework.ni.dll [132608]
O61 - LFC: 2016/04/08 04:05:14 A . (.Copyright © 2013.) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Ad1735b4ba#\ba54c911dc4e7d83978973b003035e42\Arkadium.Advertisement.ni.dll [621568]
O61 - LFC: 2016/04/08 04:05:13 A . (.Copyright © 2013.) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Acc213f109#\fb727aa53148816ab4cc1aedb332298e\Arkadium.AchievementsModule.ni.dll [148992]
O61 - LFC: 2016/04/08 03:30:20 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\LocalState\Cache\cacheWeatherInteractiveMapsClusterCache\_CacheMetadata.bin [1175]
O61 - LFC: 2016/04/08 03:30:20 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\LocalState\Cache\cacheTodayAdFeedCache\_CacheMetadata.bin [499]
O61 - LFC: 2016/04/08 03:30:20 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\LocalState\Cache\cacheStaticMapsImageCache\_CacheMetadata.bin [6005]
O61 - LFC: 2016/04/08 03:30:20 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\LocalState\Cache\cacheNextStepsCache\_CacheMetadata.bin [460]
O61 - LFC: 2016/04/08 03:30:20 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\LocalState\Cache\cacheNearbyResortsByLatLongCache\_CacheMetadata.bin [1039]
O61 - LFC: 2016/04/08 03:30:20 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\LocalState\Cache\cacheMapsImageFrameCache\_CacheMetadata.bin [4733]
O61 - LFC: 2016/04/08 03:30:20 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\LocalState\Cache\cacheHourlyForecastWeatherCache\_CacheMetadata.bin [1587]
O61 - LFC: 2016/04/08 03:30:20 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\LocalState\Cache\cacheHistoricalWeatherCache\_CacheMetadata.bin [1635]
O61 - LFC: 2016/04/08 03:30:20 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\LocalState\Cache\cacheGetStartedCache\_CacheMetadata.bin [464]
O61 - LFC: 2016/04/08 03:30:20 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\LocalState\Cache\cacheCurrentConditionsAndForecastCache\_CacheMetadata.bin [2013]
O61 - LFC: 2016/04/08 03:30:20 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\LocalState\Cache\cacheConfigurationCache\_CacheMetadata.bin [535]
O61 - LFC: 2016/04/08 03:27:59 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\Microsoft\Windows\1033\StructuredQuerySchema.bin [327130]
O61 - LFC: 2016/04/08 04:05:13 A . (.Copyright © 2012.) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.W64cef312#\7dc2c0dd8ef20dc17980747d99cf4d3a\Microsoft.WindowsAzure.Messaging.Managed.ni.dll [1037824]
O61 - LFC: 2016/04/08 04:05:10 A . (..) -- C:\Users\fatima\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.PerfTrack\1e938e49ee9ee879228e7f6e4c1e22ab\Microsoft.PerfTrack.ni.dll [26624]
O61 - LFC: 2016/04/08 01:13:26 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\Windows\1033\StructuredQuerySchema.bin [327130]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000000.bin [73728]
O61 - LFC: 2016/04/08 23:16:17 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000001.bin [32768]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000005.bin [14458]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000006.bin [19235]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000007.bin [1604]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000008.bin [2232]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000009.bin [3679]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000000A.bin [13030]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000000D.bin [5386]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000000E.bin [7374]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000000G.bin [4847]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000000H.bin [2210]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000000I.bin [1657]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000000J.bin [3879]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000000K.bin [13084]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000000M.bin [2332]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000000N.bin [4181]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000000O.bin [22634]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000000P.bin [16003]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000000Q.bin [17289]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000000R.bin [4490]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000000S.bin [8184]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000000T.bin [4181]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000000U.bin [4190]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000000V.bin [13737]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000010.bin [4081]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000011.bin [1924]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000012.bin [2599]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000013.bin [11449]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000014.bin [14553]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000015.bin [11332]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000016.bin [13241]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000017.bin [1570]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000018.bin [11886]
O61 - LFC: 2016/04/08 23:15:53 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000019.bin [2270]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000003L.bin [167936]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000003M.bin [8192]
O61 - LFC: 2016/04/08 23:15:54 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000003N.bin [4096]
O61 - LFC: 2016/04/08 23:15:54 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000003O.bin [32768]
O61 - LFC: 2016/04/08 23:15:54 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000049.bin [49152]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000005J.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000005K.bin [8192]
O61 - LFC: 2016/04/08 23:16:15 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000005L.bin [40884]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000005M.bin [12288]
O61 - LFC: 2016/04/08 23:16:15 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000005N.bin [24268]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000005O.bin [12288]
O61 - LFC: 2016/04/08 23:16:15 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000005P.bin [39010]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000005Q.bin [12288]
O61 - LFC: 2016/04/08 23:16:15 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000005R.bin [59707]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000005S.bin [12288]
O61 - LFC: 2016/04/08 23:16:15 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000005T.bin [27862]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000005U.bin [32768]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000005V.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000060.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000061.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000062.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000063.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000064.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000065.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000066.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000067.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000068.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000069.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000006A.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000006B.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000006C.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000006D.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000006E.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000006F.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000006G.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000006H.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000006I.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000006J.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000006K.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000006L.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000006M.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000006N.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000006O.bin [4096]
O61 - LFC: 2016/04/08 23:16:15 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000006P.bin [4096]
O61 - LFC: 2016/04/08 23:16:16 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000006Q.bin [4096]
O61 - LFC: 2016/04/08 23:16:16 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000006R.bin [4096]
O61 - LFC: 2016/04/08 23:16:16 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000006S.bin [4096]
O61 - LFC: 2016/04/08 23:16:16 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000006T.bin [4096]
O61 - LFC: 2016/04/08 23:16:16 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000006U.bin [4096]
O61 - LFC: 2016/04/08 23:16:16 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000006V.bin [4096]
O61 - LFC: 2016/04/08 23:16:16 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000070.bin [8192]
O61 - LFC: 2016/04/08 23:16:16 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000071.bin [20480]
O61 - LFC: 2016/04/08 23:16:16 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000072.bin [22203]
O61 - LFC: 2016/04/08 23:16:16 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000073.bin [8192]
O61 - LFC: 2016/04/08 23:16:16 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000074.bin [52945]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000075.bin [12288]
O61 - LFC: 2016/04/08 23:16:16 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000076.bin [25622]
O61 - LFC: 2016/04/08 23:16:16 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000077.bin [20480]
O61 - LFC: 2016/04/08 23:16:16 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000078.bin [15740]
O61 - LFC: 2016/04/08 23:16:16 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000079.bin [12288]
O61 - LFC: 2016/04/08 23:16:16 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000007A.bin [55804]
O61 - LFC: 2016/04/08 23:16:16 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000007B.bin [12288]
O61 - LFC: 2016/04/08 23:16:16 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000007C.bin [41893]
O61 - LFC: 2016/04/08 23:16:16 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000007D.bin [12288]
O61 - LFC: 2016/04/08 23:16:16 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000007E.bin [14177]
O61 - LFC: 2016/04/08 23:16:16 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000007F.bin [49152]
O61 - LFC: 2016/04/08 23:16:16 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000007G.bin [4096]
O61 - LFC: 2016/04/08 23:16:16 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000007H.bin [12654]
O61 - LFC: 2016/04/08 23:16:16 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000007I.bin [4096]
O61 - LFC: 2016/04/08 23:16:16 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000007J.bin [2695]
O61 - LFC: 2016/04/08 23:16:16 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000007K.bin [4096]
O61 - LFC: 2016/04/08 23:16:16 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000007L.bin [11040]
O61 - LFC: 2016/04/08 23:16:16 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000007M.bin [4096]
O61 - LFC: 2016/04/08 23:16:16 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000007N.bin [2268]
O61 - LFC: 2016/04/08 23:16:16 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000007O.bin [784]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000007P.bin [8192]
O61 - LFC: 2016/04/08 23:16:16 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000007Q.bin [3009]
O61 - LFC: 2016/04/08 23:16:16 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000007R.bin [2266]
O61 - LFC: 2016/04/08 23:16:16 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000007S.bin [4096]
O61 - LFC: 2016/04/08 23:16:16 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000007T.bin [99293]
O61 - LFC: 2016/04/08 23:16:16 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000007U.bin [4096]
O61 - LFC: 2016/04/08 23:16:16 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000007V.bin [2898]
O61 - LFC: 2016/04/08 23:16:16 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000080.bin [4096]
O61 - LFC: 2016/04/08 23:16:16 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000081.bin [29187]
O61 - LFC: 2016/04/08 23:16:16 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000082.bin [4096]
O61 - LFC: 2016/04/08 23:16:16 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000083.bin [4819]
O61 - LFC: 2016/04/08 23:16:16 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000084.bin [4096]
O61 - LFC: 2016/04/08 23:16:16 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000085.bin [1717]
O61 - LFC: 2016/04/08 23:16:16 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000086.bin [4096]
O61 - LFC: 2016/04/08 23:16:16 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000087.bin [3555]
O61 - LFC: 2016/04/08 23:16:16 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000088.bin [4096]
O61 - LFC: 2016/04/08 23:16:16 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000089.bin [3428]
O61 - LFC: 2016/04/08 23:16:16 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000008A.bin [4096]
O61 - LFC: 2016/04/08 23:16:16 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000008B.bin [65589]
O61 - LFC: 2016/04/08 23:16:17 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000008C.bin [4096]
O61 - LFC: 2016/04/08 23:16:17 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000008D.bin [1873]
O61 - LFC: 2016/04/08 23:16:17 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000008E.bin [4096]
O61 - LFC: 2016/04/08 23:16:17 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000008F.bin [5465]
O61 - LFC: 2016/04/08 23:16:17 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000008G.bin [3361]
O61 - LFC: 2016/04/08 23:16:17 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000008H.bin [4096]
O61 - LFC: 2016/04/08 23:16:17 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000008I.bin [140755]
O61 - LFC: 2016/04/08 23:16:17 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000008J.bin [4096]
O61 - LFC: 2016/04/08 23:16:17 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000008K.bin [129887]
O61 - LFC: 2016/04/08 23:16:17 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000008L.bin [4096]
O61 - LFC: 2016/04/08 23:16:17 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000008M.bin [84941]
O61 - LFC: 2016/04/08 23:16:17 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000008N.bin [4096]
O61 - LFC: 2016/04/08 23:16:17 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000008O.bin [1569]
O61 - LFC: 2016/04/08 23:16:17 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000008P.bin [4096]
O61 - LFC: 2016/04/08 23:16:17 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000008Q.bin [40035]
O61 - LFC: 2016/04/08 23:16:17 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000008R.bin [4096]
O61 - LFC: 2016/04/08 23:16:17 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000008S.bin [242903]
O61 - LFC: 2016/04/08 23:16:17 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000008T.bin [4096]
O61 - LFC: 2016/04/08 23:16:17 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000008U.bin [70028]
O61 - LFC: 2016/04/08 23:16:17 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000008V.bin [4096]
O61 - LFC: 2016/04/08 23:16:18 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000091.bin [4096]
O61 - LFC: 2016/04/08 23:16:18 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000092.bin [47294]
O61 - LFC: 2016/04/08 23:16:18 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000093.bin [4096]
O61 - LFC: 2016/04/08 23:16:18 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000094.bin [347]
O61 - LFC: 2016/04/08 23:16:18 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000095.bin [4096]
O61 - LFC: 2016/04/08 23:16:18 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000096.bin [827]
O61 - LFC: 2016/04/08 23:16:18 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000097.bin [4096]
O61 - LFC: 2016/04/08 23:16:18 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000098.bin [4410]
O61 - LFC: 2016/04/08 23:16:18 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\00000099.bin [4096]
O61 - LFC: 2016/04/08 23:16:18 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000009A.bin [136726]
O61 - LFC: 2016/04/08 23:16:18 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000009B.bin [4096]
O61 - LFC: 2016/04/08 23:16:18 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000009C.bin [5136]
O61 - LFC: 2016/04/08 23:16:18 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000009D.bin [4096]
O61 - LFC: 2016/04/08 23:16:18 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000009F.bin [4096]
O61 - LFC: 2016/04/08 23:16:18 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000009G.bin [79656]
O61 - LFC: 2016/04/08 23:16:18 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000009H.bin [4096]
O61 - LFC: 2016/04/08 23:16:18 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000009J.bin [4096]
O61 - LFC: 2016/04/08 23:16:18 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000009K.bin [68633]
O61 - LFC: 2016/04/08 23:16:18 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000009L.bin [4096]
O61 - LFC: 2016/04/08 23:16:18 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000009M.bin [11043]
O61 - LFC: 2016/04/08 23:16:18 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000009N.bin [4096]
O61 - LFC: 2016/04/08 23:16:18 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000009O.bin [647]
O61 - LFC: 2016/04/08 23:16:18 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000009P.bin [4096]
O61 - LFC: 2016/04/08 23:16:18 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000009Q.bin [52912]
O61 - LFC: 2016/04/08 23:16:18 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000009R.bin [4096]
O61 - LFC: 2016/04/08 23:16:18 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000009T.bin [4096]
O61 - LFC: 2016/04/08 23:16:18 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000009U.bin [977]
O61 - LFC: 2016/04/08 23:16:18 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\0000009V.bin [4096]
O61 - LFC: 2016/04/08 23:16:18 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000A0.bin [34299]
O61 - LFC: 2016/04/08 23:16:18 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000A1.bin [4096]
O61 - LFC: 2016/04/08 23:16:18 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000A2.bin [10056]
O61 - LFC: 2016/04/08 23:16:18 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000A3.bin [4096]
O61 - LFC: 2016/04/08 23:16:18 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000A4.bin [84097]
O61 - LFC: 2016/04/08 23:16:18 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000A5.bin [4096]
O61 - LFC: 2016/04/08 23:16:18 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000A6.bin [64118]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000A7.bin [4096]
O61 - LFC: 2016/04/08 23:16:19 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000A8.bin [65998]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000A9.bin [8192]
O61 - LFC: 2016/04/08 23:16:19 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000AA.bin [32656]
O61 - LFC: 2016/04/08 23:16:19 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000AB.bin [12824]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000AG.bin [4096]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000AI.bin [4096]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000AK.bin [4096]
O61 - LFC: 2016/04/08 23:16:19 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000AL.bin [2033]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000AM.bin [4096]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000AO.bin [4096]
O61 - LFC: 2016/04/08 23:16:19 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000AP.bin [59832]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000AQ.bin [4096]
O61 - LFC: 2016/04/08 23:16:19 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000AR.bin [33032]
O61 - LFC: 2016/04/08 23:16:19 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000AS.bin [12180]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000AT.bin [4096]
O61 - LFC: 2016/04/08 23:16:19 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000AU.bin [2104]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000AV.bin [4096]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000B1.bin [4096]
O61 - LFC: 2016/04/08 23:16:19 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000B2.bin [36740]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000B3.bin [4096]
O61 - LFC: 2016/04/08 23:16:19 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000B4.bin [53259]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000B5.bin [4096]
O61 - LFC: 2016/04/08 23:16:19 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000B6.bin [60924]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000B7.bin [4096]
O61 - LFC: 2016/04/08 23:16:19 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000B8.bin [515]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000B9.bin [4096]
O61 - LFC: 2016/04/08 23:16:19 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000BA.bin [1547]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000BB.bin [4096]
O61 - LFC: 2016/04/08 23:16:19 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000BC.bin [95763]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000BD.bin [4096]
O61 - LFC: 2016/04/08 23:16:19 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000BE.bin [67991]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000BF.bin [4096]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000BH.bin [4096]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000BJ.bin [4096]
O61 - LFC: 2016/04/08 23:16:19 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000BK.bin [86187]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000BL.bin [4096]
O61 - LFC: 2016/04/08 23:16:19 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000BM.bin [11197]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000BN.bin [4096]
O61 - LFC: 2016/04/08 23:16:19 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000BO.bin [19920]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000BP.bin [8192]
O61 - LFC: 2016/04/08 23:16:19 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000BQ.bin [179460]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000BR.bin [4096]
O61 - LFC: 2016/04/08 23:16:19 RA . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000BS.bin [109698]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000BT.bin [4096]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000BV.bin [4096]
O61 - LFC: 2016/04/08 23:16:19 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000C0.bin [12288]
O61 - LFC: 2016/04/08 23:16:20 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000C2.bin [20480]
O61 - LFC: 2016/04/08 23:16:20 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000C4.bin [12288]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000C6.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000C7.bin [12288]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000C8.bin [20480]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000C9.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000CA.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000CB.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000CC.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000CD.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000CE.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000CF.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000CG.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000CH.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000CI.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000CJ.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000CK.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000CL.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000CM.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000CN.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000CO.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000CP.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000CQ.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000CR.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000CS.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000CT.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000CU.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000CV.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000D0.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000D1.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000D2.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000D3.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000D4.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000D5.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000D6.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000D7.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000D8.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000D9.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000DA.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000DB.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000DC.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000DD.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000DE.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000DF.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000DG.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000DH.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000DI.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000DJ.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000DK.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000DL.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000DM.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000DN.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000DO.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000DP.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000DQ.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000DR.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000DS.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000DT.bin [4096]
O61 - LFC: 2016/04/08 23:16:33 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000DU.bin [4096]
O61 - LFC: 2016/04/09 23:31:48 A . (..) -- C:\Users\fatima\AppData\Local\Microsoft\OneNote\16.0\cache\000000DV.bin [4096]
O61 - LFC: 2016/04/07 18:02:46 A . (.Copyright © 2016.) -- C:\Users\fatima\AppData\Local\Apps\2.0\abril.exe [124928]

---\\ File Associations Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S

---\\ Start Menu Internet (8) - 1s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation

---\\ Search Browser Infection (2) - 0s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/

---\\ Search Svchost Services (34) - 0s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [204288] =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [149504] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [149504] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\system32\srvsvc.dll [309248] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [1366016] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [1160192] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [99840] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [358400] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [107520] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\sens.dll [62976] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [438784] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [305664] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [3286016] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [826368] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [565760] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [894464] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [30720] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [70144] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\system32\iscsiexe.dll [151552] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [105472] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\system32\schedsvc.dll [1287680] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [219648] =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\system32\mmcss.dll [80384] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [134144] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [210432] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [291328] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84992] =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\system32\kmsvc.dll [97792] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [190464] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\Windows\system32\wlidsvc.dll [1964544] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\system32\themeservice.dll [47104] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\Windows\System32\DeviceSetupManager.dll [207872] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\Windows\System32\ncasvc.dll [161792] =>.Microsoft Corporation
O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - System Events Broker.) -- C:\Windows\System32\SystemEventsBrokerServer.dll [180224] =>.Microsoft Corporation

---\\ Search Tracing Registry Key (4) - 1s
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateCheckedList_RASAPI32 =>PUP.Optional.CheckedList
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateCheckedList_RASMANCS =>PUP.Optional.CheckedList
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilCheckedList_RASAPI32 =>PUP.Optional.CheckedList
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilCheckedList_RASMANCS =>PUP.Optional.CheckedList

---\\ Additional Scan (O88) (52) - 0s
HKLM\SOFTWARE\Checked List =>PUP.Optional.CheckedList
HKCU\SOFTWARE\Checked List =>PUP.Optional.CheckedList
C:\Program Files (x86)\Checked List =>PUP.Optional.CheckedList
HKLM\SYSTEM\CurrentControlSet\Services\Update Checked List =>PUP.Optional.CheckedList
C:\Program Files (x86)\Checked List\updateCheckedList.exe =>PUP.Optional.CheckedList
HKLM\SYSTEM\CurrentControlSet\Services\Util Checked List =>PUP.Optional.CheckedList
C:\Program Files (x86)\Checked List\bin\utilCheckedList.exe =>PUP.Optional.CheckedList
C:\ProgramData\Service5184 =>Heuristic.Graftor
C:\ProgramData\Service5184\Service5184.exe =>Heuristic.Graftor
C:\ProgramData\Poposhidu\Poposhidu.exe =>PUP.Optional.CrossRider
C:\Windows\Tasks\JJYHQOWYMMWAPKJI.job =>Heuristic.Graftor
C:\Windows\Tasks\MKVMX1.job =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\JJYHQOWYMMWAPKJI =>Heuristic.Graftor
C:\Windows\System32\Tasks\MKVMX1 =>PUP.Optional.CrossRider
C:\Program Files (x86)\Checked List\bin\CheckedList.expext.exe =>PUP.Optional.CheckedList
C:\Program Files (x86)\Checked List\bin\CheckedList.PurBrowse64.exe =>PUP.Optional.CheckedList
C:\Program Files (x86)\Checked List\bin\CheckedList.BrowserAdapter.exe =>PUP.Optional.CheckedList
C:\Program Files (x86)\Checked List\bin\CheckedList.BrowserAdapter64.exe =>PUP.Optional.CheckedList
C:\Users\fatima\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm =>.Superfluous.Chrome
C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\npQMExtensionsMozilla.dll =>.Superfluous.Tencent
C:\ProgramData\Poposhidu\SPOFJO64.dll =>PUP.Optional.CrossRider
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Checked List =>PUP.Optional.CheckedList
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AppHelper =>.Superfluous.AppHelper
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Uninstall - icb =>.Superfluous.Hohosearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AppHelper =>.Superfluous.AppHelper
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Uninstall - icb =>.Superfluous.Hohosearch
HKLM\SOFTWARE\Wow6432Node\Checked List =>PUP.Optional.CheckedList
HKLM\SOFTWARE\Wow6432Node\hohosearchSoftware =>.Superfluous.Hohosearch
HKLM\SOFTWARE\Wow6432Node\Tencent =>.Superfluous.Tencent
HKCU\SOFTWARE\Tencent =>.Superfluous.Tencent
C:\ProgramData\12db864551ae4c578eb17db1a9f5d3cf =>Adware.Suspect
C:\ProgramData\Tencent =>.Superfluous.Tencent
C:\Program Files (x86)\Common Files\Tencent =>.Superfluous.Tencent
C:\Users\fatima\AppData\Roaming\OpenCandy =>PUP.Optional.OpenCandy
C:\Users\fatima\AppData\Roaming\Tencent =>.Superfluous.Tencent
C:\Windows\Prefetch\CHECKEDLIST.BROWSERADAPTER.EX-D81B5EE9.pf =>PUP.Optional.CheckedList
C:\Windows\Prefetch\CHECKEDLIST.BROWSERADAPTER64.-A2C2623B.pf =>PUP.Optional.CheckedList
C:\Windows\Prefetch\CHECKEDLIST.EXE-94A36B3C.pf =>PUP.Optional.CheckedList
C:\Windows\Prefetch\CHECKEDLIST.EXPEXT.EXE-F328FB76.pf =>PUP.Optional.CheckedList
C:\Windows\Prefetch\CHECKEDLIST.PURBROWSE64.EXE-BEBBED3F.pf =>PUP.Optional.CheckedList
C:\Windows\Prefetch\CHECKEDLIST_SETUP.EXE-FE6D19C7.pf =>PUP.Optional.CheckedList
C:\Windows\Prefetch\HOHOSEARCH.EXE-25B630C9.pf =>.Superfluous.Hohosearch
C:\Windows\Prefetch\SERVICE5184.EXE-80BF5431.pf =>Heuristic.Graftor
C:\Windows\Prefetch\TENCENTDL.EXE-148D6B9C.pf =>.Superfluous.Tencent
C:\Windows\Prefetch\TENCENTDL.EXE-C83FB433.pf =>.Superfluous.Tencent
C:\Windows\Prefetch\UPDATECHECKEDLIST.EXE-E4392390.pf =>PUP.Optional.CheckedList
C:\Windows\Prefetch\UTILCHECKEDLIST.EXE-54E41AA8.pf =>PUP.Optional.CheckedList
C:\Windows\System32\drivers\{fc3cdbfe-8a8e-406c-954a-8cb7370cfc8e}Gw64.sys =>PUP.Optional.LinkiDoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateCheckedList_RASAPI32 =>PUP.Optional.CheckedList
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateCheckedList_RASMANCS =>PUP.Optional.CheckedList
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilCheckedList_RASAPI32 =>PUP.Optional.CheckedList
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilCheckedList_RASMANCS =>PUP.Optional.CheckedList

---\\ Summary of the elements found (13) - 0s
http://www.nicolascoolman.fr/?p=368 =>.Superfluous.Tencent
http://www.nicolascoolman.fr/pup-optional-checkedlist/ =>PUP.Optional.CheckedList
http://www.nicolascoolman.fr/?p=4664 =>Heuristic.Graftor
http://www.nicolascoolman.fr/?p=180 =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Chrome
http://www.nicolascoolman.fr/hijacker-browser/ =>Hijacker.Browser
http://www.nicolascoolman.fr/?p=546 =>PUP.Optional.Browser
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.AppHelper
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Hohosearch
http://www.nicolascoolman.fr/?p=4664 =>Adware.Suspect
http://www.nicolascoolman.fr/?p=197 =>PUP.Optional.OpenCandy
http://www.nicolascoolman.fr/?p=62 =>PUP.Optional.LinkiDoo
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.SystemaLimited

~ End of the scan, 17297 items in 00h05mn20s (995)(0)

Publicité


Signaler le contenu de ce document

Publicité