Sponsored By

beckypeterson

Members
  • Content count

    13
  • Joined

  • Last visited

About beckypeterson

  • Rank
    Member
  1. Thank-you so much! My computer is running better than ever. Pretty nice to have someone help when I don't know much about computers, and you were GREAT!
  2. # DelFix v1.013 - Logfile created 02/07/2016 at 07:42:11 # Updated 17/04/2016 by Xplode # Username : Becky - BECKYPC # Operating System : Windows 10 Home (64 bits) ~ Removing disinfection tools ... Deleted : C:\_OTL Deleted : C:\AdwCleaner Deleted : C:\Users\Becky\Desktop\dds.txt Deleted : C:\Users\Becky\Desktop\JRT.txt Deleted : C:\Users\Becky\Downloads\dds.com Deleted : C:\Users\Becky\Downloads\Extras.Txt Deleted : C:\Users\Becky\Downloads\JRT (1).exe Deleted : C:\Users\Becky\Downloads\JRT.exe Deleted : C:\Users\Becky\Downloads\OTL.Txt Deleted : HKLM\SOFTWARE\OldTimer Tools ~ Creating registry backup ... OK ~ Cleaning system restore ... Deleted : RP #23 [Scheduled Checkpoint | 06/08/2016 15:50:24] Deleted : RP #24 [Scheduled Checkpoint | 06/17/2016 16:44:57] Deleted : RP #25 [AA11 | 06/21/2016 20:45:58] Deleted : RP #26 [Scheduled Checkpoint | 06/29/2016 17:31:54] Deleted : RP #27 [JRT Pre-Junkware Removal | 07/01/2016 23:39:36] New restore point created ! ~ Resetting system settings ... OK ########## - EOF - ##########
  3. All processes killed ========== OTL ========== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. C:\Users\Becky\AppData\Roaming\mozilla\Extensions folder moved successfully. C:\Users\Becky\AppData\Roaming\mozilla\Firefox\Profiles\9lzft3vo.default\extensions folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\browser\extensions folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_metadata folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\zh_TW folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\zh_CN folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\vi folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\uk folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\tr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\th folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\sv folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\sr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\sl folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\sk folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ru folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ro folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\pt_PT folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\pt_BR folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\pl folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\no folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\nl folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ms folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\lv folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\lt folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ko folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ja folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\it folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\id folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\hu folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\hi folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\he folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\fr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\fil folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\fi folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\et folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\es_419 folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\es folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\en_US folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\en_GB folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\el folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\de folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\da folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\cs folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ca folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\bg folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ar folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0 folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_metadata folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\zh_TW folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\zh_CN folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\vi folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\uk folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\tr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\th folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sv folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sl folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sk folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ru folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ro folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pt_PT folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pt_BR folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pl folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\no folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\nl folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ms folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\lv folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\lt folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ko folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ja folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\it folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\id folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\hu folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\hi folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\he folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fil folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fi folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\et folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\es_419 folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\es folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\en_US folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\en_GB folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\el folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\de folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\da folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\cs folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ca folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\bg folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ar folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0 folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_metadata folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\zh_TW folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\zh_CN folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\vi folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\uk folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\tr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\th folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sv folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sl folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sk folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ru folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ro folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pt_PT folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pt_BR folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pl folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\no folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\nl folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ms folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\lv folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\lt folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ko folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ja folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\it folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\id folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hu folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hi folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\he folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fil folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fi folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\eu folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\et folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\es_419 folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\es folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\en_US folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\en_GB folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\el folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\de folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\da folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\cs folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ca folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\bg folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ar folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0 folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_metadata folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\zh_TW folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\zh_CN folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\vi folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\uk folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\tr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\th folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sv folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sl folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sk folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ru folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ro folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pt_PT folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pt_BR folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pl folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\no folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\nl folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\lv folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\lt folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ko folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ja folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\it folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\id folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hu folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hi folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\he folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fil folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fi folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\es folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\en folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\el folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\de folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\da folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\cs folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ca folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\bg folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ar folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0 folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_metadata folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\zh_TW folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\zh_CN folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\vi folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\uk folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\tr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\th folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\sv folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\sr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\sl folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\sk folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ru folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ro folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\pt_PT folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\pt_BR folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\pl folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\no folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\nl folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ms folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\lv folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\lt folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ko folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ja folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\it folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\id folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\hu folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\hi folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\he folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\fr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\fil folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\fi folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\et folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\es_419 folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\es folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\en_US folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\en_GB folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\el folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\de folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\da folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\cs folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ca folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\bg folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ar folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0 folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_metadata folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\zu folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\zh_TW folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\zh_HK folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\zh_CN folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\vi folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ur folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\uk folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\tr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\th folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\te folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ta folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\sw folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\sv folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\sr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\sl folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\sk folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\si folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ru folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ro folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\pt_PT folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\pt_BR folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\pl folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\no folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\nl folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ne folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ms folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\mr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\mn folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ml folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\lv folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\lt folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\lo folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ko folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\kn folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\km folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ka folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ja folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\iw folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\it folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\is folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\id folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\hy folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\hu folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\hr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\hi folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\gu folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\gl folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\fr_CA folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\fr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\fil folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\fi folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\fa folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\eu folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\et folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\es_419 folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\es folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\en_US folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\en_GB folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\el folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\de folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\da folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\cs folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ca folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\bn folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\bg folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\az folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ar folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\am folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\af folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1 folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_metadata folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\zh_TW folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\zh_CN folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\vi folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\uk folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\tr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\th folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\sv folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\sr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\sl folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\sk folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\ru folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\ro folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\pt_PT folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\pt_BR folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\pl folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\nl folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\nb folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\lv folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\lt folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\ko folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\ja folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\it folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\id folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\hu folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\hr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\hi folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\fr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\fil folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\fi folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\et folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\es_419 folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\es folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\en_GB folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\en folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\el folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\de folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\da folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\cs folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\ca folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\bg folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\images folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\html folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\css folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0 folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_metadata folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\zh_TW folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\zh_CN folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\vi folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\uk folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\tr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\th folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sl folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sk folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\se folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ru folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ro folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pt_PT folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pt_BR folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pl folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\no folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\nl folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\lv folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\lt folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ko folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ja folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\it folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\id folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hu folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hi folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fr folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fil folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fi folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\es folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\en folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\el folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\de folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\da folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\cs folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ca folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\bg folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ar folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales folder moved successfully. C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0 folder moved successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000001\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000002\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000003\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000004\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000005\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog_Before_Reset\Catalog_Entries\000000000001\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog_Before_Reset\Catalog_Entries\000000000002\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog_Before_Reset\Catalog_Entries\000000000003\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog_Before_Reset\Catalog_Entries\000000000004\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog_Before_Reset\Catalog_Entries\000000000016\ deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully! 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\osf\ deleted successfully. File Protocol\Handler\osf - No CLSID value found not found. 64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. ========== COMMANDS ========== [EMPTYJAVA] User: All Users User: Becky ->Java cache emptied: 0 bytes User: Default User: Default User User: Default.migrated User: Public Total Java Files Cleaned = 0.00 mb [EMPTYFLASH] User: All Users User: Becky ->Flash cache emptied: 291 bytes User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: Default.migrated User: Public Total Flash Files Cleaned = 0.00 mb [EMPTYTEMP] User: All Users User: Becky ->Temp folder emptied: 22149 bytes ->Temporary Internet Files folder emptied: 7798658 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Google Chrome cache emptied: 7796769 bytes ->Flash cache emptied: 0 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default.migrated User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 14486 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 15.00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully Restore point Set: OTL Restore Point OTL by OldTimer - Version 3.2.69.0 log created on 07012016_204914 Files\Folders moved on Reboot... File move failed. C:\Users\Becky\AppData\Local\Microsoft\Windows\INetCache\counters.dat scheduled to be moved on reboot. C:\WINDOWS\temp\BECKYPC-20160701-2023.log moved successfully. File\Folder C:\WINDOWS\temp\officeclicktorun.exe_c2ruidll(20160701202311824).log not found! File\Folder C:\WINDOWS\temp\officeclicktorun.exe_streamserver(20160701202316824).log not found! PendingFileRenameOperations files... Registry entries deleted on Reboot...
  4. All processes killed Error: Unable to interpret <IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}> in the current context! Error: Unable to interpret <IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}> in the current context! Error: Unable to interpret <IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC> in the current context! Error: Unable to interpret <IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}> in the current context! Error: Unable to interpret <IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02> in the current context! Error: Unable to interpret <FF - user.js - File not found> in the current context! Error: Unable to interpret <[2015/05/20 00:00:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Becky\AppData\Roaming\mozilla\Extensions> in the current context! Error: Unable to interpret <[2015/05/20 08:48:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Becky\AppData\Roaming\mozilla\Firefox\Profiles\9lzft3vo.default\extensions> in the current context! Error: Unable to interpret <[2015/04/11 08:22:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions> in the current context! Error: Unable to interpret <CHR - Extension: No name found = C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\> in the current context! Error: Unable to interpret <CHR - Extension: No name found = C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\> in the current context! Error: Unable to interpret <CHR - Extension: No name found = C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\> in the current context! Error: Unable to interpret <CHR - Extension: No name found = C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\> in the current context! Error: Unable to interpret <CHR - Extension: No name found = C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\> in the current context! Error: Unable to interpret <CHR - Extension: No name found = C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\> in the current context! Error: Unable to interpret <CHR - Extension: No name found = C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\> in the current context! Error: Unable to interpret <CHR - Extension: No name found = C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\> in the current context! Error: Unable to interpret <O4:64bit: - HKLM..\Run: [] File not found> in the current context! Error: Unable to interpret <O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000001 - CC:\Windows\system32\LavasoftTcpService64.dll File not found> in the current context! Error: Unable to interpret <O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000002 - CC:\Windows\system32\LavasoftTcpService64.dll File not found> in the current context! Error: Unable to interpret <O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000003 - CC:\Windows\system32\LavasoftTcpService64.dll File not found> in the current context! Error: Unable to interpret <O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000004 - CC:\Windows\system32\LavasoftTcpService64.dll File not found> in the current context! Error: Unable to interpret <O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000005 - CC:\Windows\system32\LavasoftTcpService64.dll File not found> in the current context! Error: Unable to interpret <O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000001 - %SystemRoot%\System32\winrnr.dll File not found> in the current context! Error: Unable to interpret <O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000002 - %SystemRoot%\System32\winrnr.dll File not found> in the current context! Error: Unable to interpret <O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000003 - %SystemRoot%\System32\winrnr.dll File not found> in the current context! Error: Unable to interpret <O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000004 - %SystemRoot%\System32\winrnr.dll File not found> in the current context! Error: Unable to interpret <O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000016 - %SystemRoot%\System32\winrnr.dll File not found> in the current context! Error: Unable to interpret <O1364bit: - gopher Prefix: missing> in the current context! Error: Unable to interpret <O13 - gopher Prefix: missing> in the current context! Error: Unable to interpret <O18:64bit: - Protocol\Handler\osf - No CLSID value found> in the current context! Error: Unable to interpret <O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.> in the current context! Error: Unable to interpret <O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! ========== COMMANDS ========== [EMPTYJAVA] User: All Users User: Becky ->Java cache emptied: 48336 bytes User: Default User: Default User User: Default.migrated User: Public Total Java Files Cleaned = 0.00 mb [EMPTYFLASH] User: All Users User: Becky ->Flash cache emptied: 57881 bytes User: Default ->Flash cache emptied: 57311 bytes User: Default User ->Flash cache emptied: 0 bytes User: Default.migrated User: Public Total Flash Files Cleaned = 0.00 mb [EMPTYTEMP] User: All Users User: Becky ->Temp folder emptied: 241337408 bytes ->Temporary Internet Files folder emptied: 7000255 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 2972408 bytes ->Google Chrome cache emptied: 15629453 bytes ->Flash cache emptied: 0 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default.migrated User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 187773202 bytes RecycleBin emptied: 29297040 bytes Total Files Cleaned = 462.00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully Restore point Set: OTL Restore Point OTL by OldTimer - Version 3.2.69.0 log created on 07012016_201849 Files\Folders moved on Reboot... File move failed. C:\Users\Becky\AppData\Local\Microsoft\Windows\INetCache\counters.dat scheduled to be moved on reboot. C:\WINDOWS\temp\BECKYPC-20160701-1809.log moved successfully. File\Folder C:\WINDOWS\temp\officeclicktorun.exe_c2ruidll(20160701180913834).log not found! File\Folder C:\WINDOWS\temp\officeclicktorun.exe_streamserver(20160701180918834).log not found! PendingFileRenameOperations files... Registry entries deleted on Reboot...
  5. I don't know what an OTL is or where it is!
  6. OTL Extras logfile created on: 7/1/2016 7:17:27 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Becky\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.10586.0) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 7.98 Gb Total Physical Memory | 4.85 Gb Available Physical Memory | 60.78% Memory free 9.23 Gb Paging File | 5.64 Gb Available in Paging File | 61.14% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 930.73 Gb Total Space | 887.04 Gb Free Space | 95.31% Space Free | Partition Type: NTFS Computer Name: BECKYPC | User Name: Becky | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) htmlfile [opennew] -- Reg Error: Key error. htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) htmlfile [opennew] -- Reg Error: Key error. http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = B4 B9 ED E7 77 4A D1 01 [binary data] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = 84 8F 05 E8 77 4A D1 01 [binary data] "DontEnumerateCommonFilesUpgradeExe" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = Reg Error: Unknown registry data type -- File not found ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{08891451-7F5D-4973-AD94-F6F19B49364E}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | "{2A63AA63-09AC-41D0-98D1-B314FF55C457}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | "{D1214CD9-1E6B-4307-A73E-0F0BD68F6B60}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe | "{D9DD9916-F5D1-41CE-B22D-75829EFCBD28}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{DB513D33-F8C0-4362-B045-9CA5009650FC}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe | "{EA335B12-3033-4C59-8657-044E5FDB4F49}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | "{F5C730CB-4C5B-49EC-A9AA-D83B88201CE4}" = lport=47995 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{054EB0C9-A667-4986-9D7B-EE7233A49F13}" = dir=out | name=@{12199asparion.asparionclock_4.0.1.65_neutral__f89vgcf3qm37t?ms-resource://12199asparion.asparionclock/resources/sstorename} | "{0B02D984-B899-4664-8EE2-B8D6F47A6F5B}" = dir=out | name=microsoft solitaire collection | "{0C83DD96-9D38-45F6-BA65-6B0455C821F0}" = dir=out | name=windows_ie_ac_001 | "{0D6F4257-B969-4061-9DDC-025A58CA7966}" = dir=in | name=@{microsoft.bingweather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} | "{0E26F820-8F30-4AB0-9329-4F7B63A8F26C}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | "{0F54A1F4-0745-4879-8A8C-49FFD97C7FAA}" = dir=out | name=@{microsoft.bingnews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} | "{1407136B-6C32-46E2-B5D7-9D9DD4E5CFAF}" = dir=in | name=@{microsoft.zunemusic_3.6.22051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | "{150C3F50-C7A5-4939-B066-6EC340E036CD}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | "{18CD6545-94F3-4F4E-AB79-BA39683AEAC2}" = dir=out | name=@{microsoft.zunemusic_2.2.41.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | "{23BA9E08-A606-4A22-8DA7-0F3AFC47BBF2}" = dir=out | name=amazon | "{26444E7B-F733-413A-AC3E-FF8E446A515E}" = dir=out | name=@{microsoft.windowsphone_10.1605.1661.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} | "{272DE2AF-D314-4391-88D2-897CB4DAA23D}" = dir=out | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} | "{2812987F-41D1-4C29-B773-78F733D82710}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.1.177_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | "{2EA0D506-6FDC-40DB-A3B3-92F2335F70EE}" = dir=out | name=@{microsoft.accountscontrol_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} | "{2F8CF380-231C-4005-B269-126D948DA2FC}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{39DF224A-6EB2-4A5E-B1FD-9EECF33A1425}" = dir=out | name=@{microsoft.messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} | "{3AB58597-8A8F-4080-BCBD-98A8080B11D8}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | "{3C307877-0C3B-4C08-84F5-B18A0D3A42F1}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | "{3C95B06D-4719-4D1D-A870-213A2FCE2258}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9600.16384_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | "{3D7E9F62-B112-44E4-BC6F-C9879B3E67EF}" = dir=out | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} | "{3E54C0A5-B8BB-4208-9727-A981885FCC5B}" = dir=in | name=@{microsoft.bingnews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} | "{41B53208-0AB9-4FD2-803C-5378F4E732E3}" = dir=out | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} | "{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn | "{434A6F94-D4C3-467F-A222-B89620876B31}" = dir=out | name=@{microsoft.bingweather_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | "{4429B225-05BE-475C-8B5F-46705BE3C36A}" = dir=in | name=@{microsoft.microsoftofficehub_17.7031.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} | "{479A61F3-848E-46B4-915F-FFEA6ED9B934}" = dir=in | name=@{microsoft.messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} | "{4B0A2B3A-D022-417E-A65B-84A247D2BB5B}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9600.16384_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | "{532BC6D8-0F78-4D7C-80E9-88868EDC6162}" = dir=in | app=c:\users\becky\appdata\local\microsoft\onedrive\onedrive.exe | "{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect | "{5947D2E1-DC21-4B9C-8EB0-BD49C4F6EA15}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{5C2A5F8E-EAF5-42DB-94FA-A1835E07B925}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} | "{5EF2CA15-2439-476E-A7AA-A99098158805}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} | "{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect | "{621B5EDA-50C0-4A45-95CD-3B681FBE10FD}" = dir=in | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} | "{65285591-1A65-41E5-9F6B-1A986250765F}" = dir=out | name=@{microsoft.bingweather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} | "{6780709D-288B-49B3-99C5-DC4054B47932}" = dir=out | name=@{microsoft.bingmaps_2.0.2009.2356_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | "{6D8AEDFB-2A70-4953-A00E-67C0360E732E}" = protocol=58 | dir=out | [email protected],-503 | "{6E86C555-EE7A-4C76-B73C-EAC5FE85347F}" = dir=out | name=@{microsoft.windowsstore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} | "{719DB2FF-BC63-45E0-BFA2-2E6E624E712F}" = dir=in | name=onenote | "{73F155B7-B7EC-42C6-866C-CE7833E4A75B}" = dir=out | name=@{microsoft.bingtravel_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | "{74542E44-2463-47B8-884D-2EE017C0EE89}" = dir=out | name=@{microsoft.xboxidentityprovider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} | "{7772361D-D6CE-496E-9EED-B1BE16711E87}" = dir=out | name=sway | "{7F548421-0CFA-44A2-9589-2987199F4702}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} | "{8A005C9C-3E91-4518-9FFB-8358A7354915}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | "{8C8F9956-6DED-4504-BA93-18087AED383F}" = dir=out | name=@{microsoft.lockapp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} | "{8C964EF2-2B2E-4774-9284-BD8F3E8CF6BC}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{8EEFA1B9-5F31-47F5-ACC3-6DE751F2159D}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{8EF417C6-6E15-429B-8002-CF235E8623CE}" = dir=out | name=@{microsoft.bingsports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} | "{95510556-53EA-478F-8FC3-D6FBAF8F42FC}" = dir=out | name=windows_ie_ac_001 | "{976D256B-C493-48E6-AB8F-94CCF2C4BF76}" = dir=in | name=sway | "{9D419783-7BC5-4ACF-B21E-1D9B0DAC53D8}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} | "{9D6E7E1A-97C8-4236-9FB0-268C47CB316D}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | "{9DC60EB3-13DB-4B4E-9A75-EFF9FE38A69C}" = dir=out | name=xbox | "{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{9F7F60F5-6A47-463F-92C9-7429A17AF500}" = dir=out | name=@{microsoft.xboxlivegames_2.0.20.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | "{A11C47D0-8B8A-454E-9298-024410D0B0A8}" = dir=out | name=@{microsoft.zunevideo_3.6.21441.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | "{A1628C3E-6711-444A-A300-BA009E5BE450}" = dir=out | name=@{microsoft.zunevideo_2.2.41.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | "{A25DD2C6-B419-4480-A733-A38B3DF70A83}" = dir=out | name=@{microsoft.3dbuilder_11.1.8.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} | "{A3713E5A-0283-4C94-A2C9-89991119CB88}" = dir=out | name=@{microsoft.windows.photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} | "{A3FF4CCC-A615-45F2-A811-E435B1BCF9E8}" = dir=out | name=@{microsoft.bingfinance_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | "{A6AF9A0E-430A-4FE7-9358-B28619BDB44E}" = protocol=58 | dir=in | app=system | "{A744D3FB-261C-4C68-AEDC-983C740EA897}" = dir=out | name=@{microsoft.getstarted_3.11.1.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} | "{A86EDBAE-CEFD-4A19-9B41-CB8FDC5B7AF0}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} | "{AB99B0BA-A53B-4686-AC00-05DF92D93C92}" = dir=out | name=@{microsoft.connectivitystore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} | "{AD0A0EC4-DEC4-4738-9203-6DC1CA6AFE2D}" = dir=out | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} | "{B0A86409-DB57-4C95-8D45-B3C476797539}" = dir=out | name=ebay | "{B30E8D3F-2DC6-4C5C-A554-F9BC3A0951FC}" = dir=out | name=onenote | "{B36F00F1-69B5-463B-8A2A-83703F1710D6}" = dir=out | name=twitter | "{B7A9CDF6-5332-408A-8F91-FC95F556B0C0}" = dir=out | name=the weather channel | "{BAC86FD7-ECA1-4388-ADBA-341C07E4F03C}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} | "{BDB4F4B3-9DA0-4454-80D0-A779CFBDBCCA}" = dir=out | name=@{microsoft.zunemusic_3.6.22051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | "{C02347E7-185F-474C-AF64-4CA95EDF8A09}" = dir=in | name=@{microsoft.zunevideo_3.6.21441.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | "{C0AC483D-5A25-4CC1-8A60-03B1EB5C7AC3}" = dir=in | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} | "{C0DA0851-49DF-411A-A560-095D117A7DE9}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{C1B6FBA0-D7F9-4112-8CA0-A104680624BB}" = dir=out | name=@{microsoft.bingsports_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | "{C3B2874B-27E3-441B-99D0-B76809D83130}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.1.176_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | "{C7371429-DB85-4853-9696-765438549EB5}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} | "{C83BFD38-B2AC-4414-A508-DDBE4E80451C}" = dir=in | name=skype | "{C9546463-7383-40B7-92AE-F988B947745F}" = dir=out | name=skype | "{C9DBE86B-C19B-46FA-A01E-DF061757F952}" = dir=out | name=candy crush soda saga | "{CE1BBD05-1BAE-410B-AA84-21152794D7BD}" = dir=out | name=facebook | "{CE6401C5-6674-4D1B-B5A6-FF72D62CF825}" = dir=out | name=@{microsoft.bingnews_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | "{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn | "{D8CBE71E-3060-4DD6-8D76-45DBE8DA888B}" = dir=out | name=@{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} | "{DAA34C7C-6B29-4559-8993-A601EF4C36E0}" = dir=out | name=@{microsoft.windowsfeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} | "{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn | "{DD92D11A-66D1-444B-9F31-13828A94D130}" = dir=out | name=messenger | "{DEFB9ADF-6DD3-448A-BB0D-6BC807D54655}" = dir=in | name=@{microsoft.windows.photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} | "{E20C8662-C25B-49F1-BC5D-C45EA7D757EB}" = dir=in | name=microsoft solitaire collection | "{EB67997C-3C29-4626-AB76-BC90D9693EBA}" = dir=in | name=@{microsoft.windowsstore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} | "{EBD05291-289B-4683-9250-72F22106DD27}" = dir=out | name=@{microsoft.people_10.0.10811.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} | "{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn | "{EDF0ADC5-D59E-4B6F-8138-04DE8F15EFF6}" = dir=out | name=@{microsoft.windowsmaps_5.1606.1670.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} | "{EE590349-D241-4081-B263-319C28309BA6}" = dir=in | name=@{microsoft.bingsports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} | "{F20A0CB7-58BB-4019-B310-B119BDCEF19C}" = dir=in | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} | "{F3528C1D-5778-4CC3-B6D8-0549AF99074D}" = dir=in | name=@{microsoft.bingfinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} | "{F62ACDA9-9E22-401B-B38A-04D29D5173E7}" = dir=out | name=@{microsoft.bingfinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} | "{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client | "{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client | "{FC7BCC3B-ECDD-4977-84F8-616B3304EEFE}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} | "{FDD1E98B-8D63-460F-ABD0-5BC8BD54F072}" = dir=in | name=xbox | "{FDEA5B3E-D3FF-4203-9DE8-35BF33534327}" = dir=out | name=@{microsoft.microsoftofficehub_17.7031.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} | "{FF2A7929-2E2A-4C98-9652-AC1C3B32CA22}" = dir=in | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0DC5FA19-8E63-4777-AEB7-FEFDA6C3C057}" = AntispamEngine "{115C1C6A-15A2-48B1-A599-79F1AA1A03F6}" = FirewallEngine "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{20334FA5-6CD5-48FC-B5F9-D34D75E07845}" = AntimalwareEngine "{26A24AE4-039D-4CA4-87B4-2F86418045F0}" = Java 8 Update 45 (64-bit) "{26F31E12-3722-45FD-903B-49012286BB4C}" = OnlineThreatsEngine "{28349A67-1D99-45A6-A1C1-C5B6D1DF937A}" = AvcEngine "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{7BFE8C40-F176-4320-91AC-39B08E1C623E}" = AdAwareInstaller "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component "{92565CD9-F8E0-4330-BEEC-A6041F79A880}" = AdAwareUpdater "{92565CD9-F8E0-4330-BEEC-A6041F79A880}_AdAwareUpdater" = Ad-Aware Antivirus "{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) "{A731A859-7426-DEB6-80A3-E6A2508DC85A}" = AMD Catalyst Install Manager "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 347.88 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 353.82 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 347.88 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.4.1.21 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 347.09 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.14.0702 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 2.4.1.21 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.33.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio" = NVIDIA Miracast Virtual Audio 347.88 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 2.4.1.21 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.27 "{E33E5772-1452-E3E5-3972-5C1C4ABA0D63}" = AMD Fuel "{F05C7CF7-B1BE-4217-5774-B3278C4C8454}" = ccc-utility64 "HomeStudentRetail - en-us" = Microsoft Office Home and Student 2013 - en-us "Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00633E47-C41F-BEE7-DFAD-21398510E468}" = CCC Help Chinese Traditional "{0BA237B0-EDC6-4818-6EA8-0215F9826730}" = Catalyst Control Center InstallProxy "{14351904-69E9-982D-1B20-FFA3F4F076B8}" = CCC Help Polish "{15A73E30-A288-BC71-1770-B57BB2B2262C}" = CCC Help Dutch "{15D62482-81B8-2160-8A3E-23F6F2167395}" = CCC Help Thai "{15EEB9A4-1BB1-3775-6413-A3E36EB07921}" = CCC Help Chinese Standard "{1D5BE6B5-7FD4-4A78-90F2-AF6B53BC8C1C}_is1" = ModifyRegistry version 0.1 "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform "{2675C048-9E5F-FD37-87FC-4DFE6633751F}" = CCC Help English "{26A24AE4-039D-4CA4-87B4-2F83218045F0}" = Java 8 Update 45 "{34927EBC-98D4-4D53-98BE-510DF5999F50}" = Adobe AIR "{37DC4BBF-7374-4990-A794-20932267D4AC}" = Cybertron Support "{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}" = QuickTime 7 "{3FA10333-1965-685D-F83B-D93DF7F02F8F}" = CCC Help Spanish "{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime "{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4B971A1D-B814-C43C-03C5-DD71526429CE}" = CCC Help French "{4D31651D-483C-87A9-530A-9374D366AB14}" = CCC Help Greek "{589ADAA3-1BC5-614A-F60C-3F6F65565F56}" = CCC Help Japanese "{5916A24B-59A4-4FDB-9753-499CB1F65362}" = LavasoftTcpService "{609C18EB-E051-BD7B-B9A4-AFD90D171169}" = CCC Help Korean "{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper "{67618D7E-2B03-3CC8-5356-F606D6121576}" = CCC Help German "{7086C429-C3F0-BD7A-1311-9A729739AC00}" = CCC Help Hungarian "{77B33B90-C724-CAFC-F72B-D953C9646388}" = CCC Help Portuguese "{7861AB19-1D29-1BBC-CC84-28E639167F8E}" = CCC Help Italian "{788CB152-AF1A-6BCE-C963-D161355853BC}" = CCC Help Norwegian "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{878080F3-1559-4923-9D40-C34EC26F07ED}" = Ad-Aware Web Companion "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{8CD48718-CD7B-1ADA-BFF5-80BC25B081D4}" = Catalyst Control Center Localization All "{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component "{90150000-008C-0409-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A923CF0A-44D9-4357-B2E8-0A2352151A3C}" = LavasoftTcpService "{AC76BA86-0804-1033-1959-001824184103}" = Adobe Refresh Manager "{AC76BA86-7AD7-1033-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC "{B455E95A-B804-439F-B533-336B1635AE97}" = NVIDIA PhysX "{B49946C0-053A-6BE3-AB2C-50B6F102C8EA}" = CCC Help Danish "{C0295676-3154-D038-368F-464CBDF02322}" = CCC Help Finnish "{C04FC198-5338-4645-2181-C905B6030B38}" = CCC Help Turkish "{C77DAA55-410F-4F9C-8AC7-FBC2AA63BFE6}" = Catalyst Control Center "{D66E3043-EE38-41C4-AA4E-8EBCFB5D2290}" = CCC Help Czech "{E669D12E-8709-8787-EF7C-5B4144ACBE8D}" = CCC Help Swedish "{eac538cd-0fa9-4fc3-a2ec-452f026d0239}" = Web Companion "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F5A000F9-E7D6-6696-4E5F-EB54A567816E}" = CCC Help Russian "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe AIR" = Adobe AIR "Google Chrome" = Google Chrome "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.2.1.1043 "Mozilla Firefox 37.0.1 (x86 en-US)" = Mozilla Firefox 37.0.1 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "VLC media player" = VLC media player ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Amazon Amazon Music" = Amazon Music "Chromium" = Chromium ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 7/1/2016 2:51:08 PM | Computer Name = BeckyPC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973 Description = Activation of app Microsoft.BingFoodAndDrink_8wekyb3d8bbwe!AppexFoodAndDrink failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error - 7/1/2016 4:35:33 PM | Computer Name = BeckyPC | Source = Application Hang | ID = 1002 Description = The program iexplore.exe version 11.0.10586.420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 2650 Start Time: 01d1d3d7d9f59e91 Termination Time: 70 Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Report Id: 592854a9-3fcb-11e6-842e-fcaa1483ae03 Faulting package full name: Faulting package-relative application ID: Error - 7/1/2016 4:36:40 PM | Computer Name = BeckyPC | Source = Application Hang | ID = 1002 Description = The program iexplore.exe version 11.0.10586.420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 2184 Start Time: 01d1d3d833a7c679 Termination Time: 60 Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Report Id: 815a8938-3fcb-11e6-842e-fcaa1483ae03 Faulting package full name: Faulting package-relative application ID: Error - 7/1/2016 4:43:39 PM | Computer Name = BeckyPC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973 Description = Activation of app Microsoft.BingFoodAndDrink_8wekyb3d8bbwe!AppexFoodAndDrink failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error - 7/1/2016 5:38:18 PM | Computer Name = BeckyPC | Source = Application Error | ID = 1000 Description = Faulting application name: SystemPosixSpawnServer.exe, version: 0.0.0.0, time stamp: 0x5734233c Faulting module name: osmeta.dll, version: 0.0.0.0, time stamp: 0x57634ff8 Exception code: 0xc0000005 Fault offset: 0x00561b63 Faulting process id: 0x14bc Faulting application start time: 0x01d1d3cd2da64f0a Faulting application path: C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\SystemPosixSpawnServer.exe Faulting module path: C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\osmeta.dll Report Id: 562d6cda-3afb-408b-b632-5373086c3ca4 Faulting package full name: Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt Faulting package-relative application ID: App Error - 7/1/2016 6:47:57 PM | Computer Name = BeckyPC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973 Description = Activation of app Microsoft.BingFoodAndDrink_8wekyb3d8bbwe!AppexFoodAndDrink failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error - 7/1/2016 7:27:54 PM | Computer Name = BeckyPC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973 Description = Activation of app Microsoft.BingFoodAndDrink_8wekyb3d8bbwe!AppexFoodAndDrink failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error - 7/1/2016 7:39:50 PM | Computer Name = BeckyPC | Source = Microsoft-Windows-CAPI2 | ID = 513 Description = Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error - 7/1/2016 8:07:59 PM | Computer Name = BeckyPC | Source = Application Error | ID = 1000 Description = Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x501fefb5 Faulting module name: Device.dll, version: 4.1.0.0, time stamp: 0x4f55e10b Exception code: 0xc0000005 Fault offset: 0x00000000000033c1 Faulting process id: 0x864 Faulting application start time: 0x01d1d3efecca89ee Faulting application path: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe Faulting module path: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll Report Id: e322bb3a-915e-49cc-8040-b4c5876cd65f Faulting package full name: Faulting package-relative application ID: Error - 7/1/2016 8:10:49 PM | Computer Name = BeckyPC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973 Description = Activation of app Microsoft.BingFoodAndDrink_8wekyb3d8bbwe!AppexFoodAndDrink failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error - 7/1/2016 8:53:59 PM | Computer Name = BeckyPC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973 Description = Activation of app Microsoft.BingFoodAndDrink_8wekyb3d8bbwe!AppexFoodAndDrink failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. [ System Events ] Error - 7/1/2016 7:45:52 PM | Computer Name = BeckyPC | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_4cd31 service to connect. Error - 7/1/2016 7:45:52 PM | Computer Name = BeckyPC | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the Sync Host_4cd31 service to connect. Error - 7/1/2016 8:07:50 PM | Computer Name = BeckyPC | Source = DCOM | ID = 10016 Description = Error - 7/1/2016 8:07:50 PM | Computer Name = BeckyPC | Source = Service Control Manager | ID = 7031 Description = The Sync Host_4cd31 service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error - 7/1/2016 8:07:50 PM | Computer Name = BeckyPC | Source = Service Control Manager | ID = 7031 Description = The Contact Data_4cd31 service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error - 7/1/2016 8:07:50 PM | Computer Name = BeckyPC | Source = Service Control Manager | ID = 7031 Description = The User Data Storage_4cd31 service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error - 7/1/2016 8:07:50 PM | Computer Name = BeckyPC | Source = Service Control Manager | ID = 7031 Description = The User Data Access_4cd31 service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error - 7/1/2016 8:07:59 PM | Computer Name = BeckyPC | Source = Service Control Manager | ID = 7034 Description = The AMD FUEL Service service terminated unexpectedly. It has done this 1 time(s). Error - 7/1/2016 8:15:53 PM | Computer Name = BeckyPC | Source = DCOM | ID = 10016 Description = Error - 7/1/2016 8:15:53 PM | Computer Name = BeckyPC | Source = DCOM | ID = 10016 Description = < End of report >
  7. OTL logfile created on: 7/1/2016 7:17:27 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Becky\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.10586.0) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 7.98 Gb Total Physical Memory | 4.85 Gb Available Physical Memory | 60.78% Memory free 9.23 Gb Paging File | 5.64 Gb Available in Paging File | 61.14% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 930.73 Gb Total Space | 887.04 Gb Free Space | 95.31% Space Free | Partition Type: NTFS Computer Name: BECKYPC | User Name: Becky | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found -- PRC - [2016/07/01 19:16:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Becky\Downloads\OTL.scr PRC - [2016/06/30 08:08:57 | 000,762,880 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\WinUAPEntry.exe PRC - [2016/06/23 08:42:52 | 000,762,880 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.317180B0BB486_75.494.64789.0_x86__8xx8rvfyw5nnt\WinUAPEntry.exe PRC - [2016/06/15 03:15:34 | 000,941,720 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2016/05/24 18:00:49 | 005,908,968 | ---- | M] () -- C:\Users\Becky\AppData\Local\Amazon Music\Amazon Music Helper.exe PRC - [2016/05/23 19:44:20 | 000,554,184 | ---- | M] (Microsoft Corporation) -- C:\Users\Becky\AppData\Local\Microsoft\OneDrive\OneDrive.exe PRC - [2016/04/22 08:56:22 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2016/04/19 08:37:47 | 000,144,384 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe PRC - [2016/04/12 09:23:28 | 000,094,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe PRC - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe PRC - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe PRC - [2016/03/10 14:07:20 | 009,926,112 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe PRC - [2015/12/08 05:40:16 | 000,195,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe PRC - [2015/03/27 21:45:04 | 002,673,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe PRC - [2015/03/27 21:45:01 | 001,878,672 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe PRC - [2015/03/13 09:38:38 | 000,410,768 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe ========== Modules (No Company Name) ========== MOD - [2016/06/30 08:09:05 | 000,439,808 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\WP8MSVCBridge.dll MOD - [2016/06/30 08:09:05 | 000,148,480 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\z_osmeta.dll MOD - [2016/06/30 08:09:05 | 000,012,800 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\WP8MSVCCommon.dll MOD - [2016/06/30 08:08:57 | 000,762,880 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\WinUAPEntry.exe MOD - [2016/06/30 08:08:56 | 028,091,855 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\WebCore_osmeta.dll MOD - [2016/06/30 08:08:56 | 004,451,256 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\WebKit_osmeta.dll MOD - [2016/06/30 08:08:56 | 002,108,344 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\WebKitLegacy_osmeta.dll MOD - [2016/06/30 08:08:56 | 000,158,208 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\WinMediaFoundation_osmeta.dll MOD - [2016/06/30 08:08:56 | 000,078,336 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\WinPhoneBridge_osmeta.dll MOD - [2016/06/30 08:08:55 | 003,295,744 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\SystemResources_osmeta.dll MOD - [2016/06/30 08:08:55 | 000,080,398 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\unwind_osmeta.dll MOD - [2016/06/30 08:08:54 | 057,356,761 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\osmeta.dll MOD - [2016/06/30 08:08:54 | 001,213,952 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\System_osmeta.dll MOD - [2016/06/30 08:08:54 | 000,107,008 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\pthreadVC_osmeta.dll MOD - [2016/06/30 08:08:54 | 000,078,848 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\system_malloc_osmeta.dll MOD - [2016/06/30 08:08:52 | 001,115,136 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\GLESv2_osmeta.dll MOD - [2016/06/30 08:08:52 | 001,079,808 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\iconv_osmeta.dll MOD - [2016/06/30 08:08:52 | 000,702,464 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\ffmpeg_osmeta.dll MOD - [2016/06/30 08:08:52 | 000,585,728 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\CrossPortability_osmeta.dll MOD - [2016/06/30 08:08:52 | 000,384,000 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\OpenAL_osmeta.dll MOD - [2016/06/30 08:08:52 | 000,151,040 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\exif_osmeta.dll MOD - [2016/06/30 08:08:52 | 000,122,368 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\EGL_osmeta.dll MOD - [2016/06/30 08:08:51 | 001,025,536 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\c++_osmeta.dll MOD - [2016/06/30 08:08:50 | 145,839,107 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\App.dll MOD - [2016/06/23 08:56:34 | 000,148,480 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.317180B0BB486_75.494.64789.0_x86__8xx8rvfyw5nnt\z_osmeta.dll MOD - [2016/06/23 08:56:25 | 004,482,488 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.317180B0BB486_75.494.64789.0_x86__8xx8rvfyw5nnt\WebKit_osmeta.dll MOD - [2016/06/23 08:56:25 | 002,121,144 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.317180B0BB486_75.494.64789.0_x86__8xx8rvfyw5nnt\WebKitLegacy_osmeta.dll MOD - [2016/06/23 08:56:25 | 000,158,720 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.317180B0BB486_75.494.64789.0_x86__8xx8rvfyw5nnt\WinMediaFoundation_osmeta.dll MOD - [2016/06/23 08:56:25 | 000,078,336 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.317180B0BB486_75.494.64789.0_x86__8xx8rvfyw5nnt\WinPhoneBridge_osmeta.dll MOD - [2016/06/23 08:56:24 | 028,077,007 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.317180B0BB486_75.494.64789.0_x86__8xx8rvfyw5nnt\WebCore_osmeta.dll MOD - [2016/06/23 08:56:23 | 000,080,398 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.317180B0BB486_75.494.64789.0_x86__8xx8rvfyw5nnt\unwind_osmeta.dll MOD - [2016/06/23 08:56:22 | 003,295,744 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.317180B0BB486_75.494.64789.0_x86__8xx8rvfyw5nnt\SystemResources_osmeta.dll MOD - [2016/06/23 08:56:22 | 001,196,032 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.317180B0BB486_75.494.64789.0_x86__8xx8rvfyw5nnt\System_osmeta.dll MOD - [2016/06/23 08:56:22 | 000,105,984 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.317180B0BB486_75.494.64789.0_x86__8xx8rvfyw5nnt\pthreadVC_osmeta.dll MOD - [2016/06/23 08:56:22 | 000,078,848 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.317180B0BB486_75.494.64789.0_x86__8xx8rvfyw5nnt\system_malloc_osmeta.dll MOD - [2016/06/23 08:56:21 | 057,888,729 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.317180B0BB486_75.494.64789.0_x86__8xx8rvfyw5nnt\osmeta.dll MOD - [2016/06/23 08:51:00 | 000,378,368 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.317180B0BB486_75.494.64789.0_x86__8xx8rvfyw5nnt\OpenAL_osmeta.dll MOD - [2016/06/23 08:50:53 | 001,138,176 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.317180B0BB486_75.494.64789.0_x86__8xx8rvfyw5nnt\GLESv2_osmeta.dll MOD - [2016/06/23 08:50:50 | 000,699,392 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.317180B0BB486_75.494.64789.0_x86__8xx8rvfyw5nnt\ffmpeg_osmeta.dll MOD - [2016/06/23 08:50:48 | 000,151,040 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.317180B0BB486_75.494.64789.0_x86__8xx8rvfyw5nnt\exif_osmeta.dll MOD - [2016/06/23 08:50:46 | 000,591,360 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.317180B0BB486_75.494.64789.0_x86__8xx8rvfyw5nnt\CrossPortability_osmeta.dll MOD - [2016/06/23 08:50:46 | 000,122,368 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.317180B0BB486_75.494.64789.0_x86__8xx8rvfyw5nnt\EGL_osmeta.dll MOD - [2016/06/23 08:50:44 | 001,024,512 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.317180B0BB486_75.494.64789.0_x86__8xx8rvfyw5nnt\c++_osmeta.dll MOD - [2016/06/23 08:50:42 | 086,352,899 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.317180B0BB486_75.494.64789.0_x86__8xx8rvfyw5nnt\App.dll MOD - [2016/06/23 08:42:52 | 000,762,880 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.317180B0BB486_75.494.64789.0_x86__8xx8rvfyw5nnt\WinUAPEntry.exe MOD - [2016/06/23 08:42:52 | 000,445,952 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.317180B0BB486_75.494.64789.0_x86__8xx8rvfyw5nnt\WP8MSVCBridge.dll MOD - [2016/06/23 08:42:52 | 000,012,800 | ---- | M] () -- C:\Program Files\WindowsApps\Facebook.317180B0BB486_75.494.64789.0_x86__8xx8rvfyw5nnt\WP8MSVCCommon.dll MOD - [2016/06/15 03:15:10 | 001,745,560 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll MOD - [2016/06/15 03:15:04 | 000,091,288 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll MOD - [2016/05/24 18:00:49 | 005,908,968 | ---- | M] () -- C:\Users\Becky\AppData\Local\Amazon Music\Amazon Music Helper.exe MOD - [2016/05/23 19:44:18 | 000,679,624 | ---- | M] () -- C:\Users\Becky\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll MOD - [2016/04/19 08:38:49 | 022,284,800 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll MOD - [2016/04/19 08:37:47 | 000,144,384 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe MOD - [2016/04/19 08:37:44 | 000,141,312 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll MOD - [2016/03/29 03:37:57 | 001,862,008 | ---- | M] () -- C:\Windows\SysWOW64\CoreUIComponents.dll MOD - [2016/02/23 09:45:41 | 000,325,824 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll MOD - [2016/02/23 09:31:46 | 000,325,824 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\appvisvstream32.dll MOD - [2015/03/27 21:45:04 | 000,011,920 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll ========== Services (SafeList) ========== SRV:64bit: - [2016/06/10 12:31:34 | 000,730,496 | ---- | M] () [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareService.exe -- (LavasoftAdAwareService11) SRV:64bit: - [2016/05/27 23:49:54 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:64bit: - [2016/05/27 22:24:38 | 000,072,704 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker) SRV:64bit: - [2016/05/27 22:22:46 | 000,368,640 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc) SRV:64bit: - [2016/05/27 22:22:06 | 000,163,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc) SRV:64bit: - [2016/05/27 22:21:09 | 000,207,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc) SRV:64bit: - [2016/05/27 22:18:23 | 000,380,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:64bit: - [2016/05/27 22:17:50 | 000,278,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc) SRV:64bit: - [2016/05/27 22:16:00 | 000,503,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc) SRV:64bit: - [2016/05/27 22:13:48 | 000,587,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:64bit: - [2016/05/27 22:09:51 | 001,073,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo) SRV:64bit: - [2016/05/27 22:00:13 | 002,168,320 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc) SRV:64bit: - [2016/05/27 03:19:02 | 003,009,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc) SRV:64bit: - [2016/05/05 22:03:20 | 000,649,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc) SRV:64bit: - [2016/05/05 21:49:14 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc) SRV:64bit: - [2016/04/22 23:24:13 | 000,754,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar) SRV:64bit: - [2016/04/22 22:20:58 | 000,606,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:64bit: - [2016/03/29 01:51:06 | 000,087,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate) SRV:64bit: - [2016/03/29 01:27:45 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService) SRV:64bit: - [2016/03/29 01:20:21 | 000,948,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager) SRV:64bit: - [2016/03/29 00:32:15 | 001,098,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc) SRV:64bit: - [2016/03/28 23:45:48 | 000,338,432 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService) SRV:64bit: - [2016/02/24 03:34:50 | 001,613,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack) SRV:64bit: - [2016/02/24 03:28:35 | 003,449,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService) SRV:64bit: - [2016/02/24 02:43:01 | 000,625,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC) SRV:64bit: - [2016/02/24 01:19:10 | 000,145,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc) SRV:64bit: - [2016/02/24 01:07:53 | 000,252,928 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc) SRV:64bit: - [2016/02/24 00:59:32 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:64bit: - [2016/02/24 00:40:53 | 001,224,704 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc) SRV:64bit: - [2016/02/24 00:18:37 | 001,490,432 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc) SRV:64bit: - [2016/02/23 03:20:41 | 001,139,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave) SRV:64bit: - [2016/02/23 02:29:35 | 000,591,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter) SRV:64bit: - [2016/02/23 02:28:32 | 000,275,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:64bit: - [2016/02/23 02:20:42 | 000,847,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:64bit: - [2016/02/23 01:58:02 | 000,163,840 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker) SRV:64bit: - [2016/01/15 23:24:56 | 002,057,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:64bit: - [2016/01/08 19:10:50 | 001,035,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc) SRV:64bit: - [2016/01/04 19:49:33 | 000,749,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc) SRV:64bit: - [2016/01/04 19:43:47 | 000,912,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager) SRV:64bit: - [2015/10/30 01:19:28 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:64bit: - [2015/10/30 01:19:26 | 000,504,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness) SRV:64bit: - [2015/10/30 01:19:26 | 000,497,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService) SRV:64bit: - [2015/10/30 01:18:46 | 000,168,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:64bit: - [2015/10/30 01:18:43 | 001,872,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc) SRV:64bit: - [2015/10/30 01:18:41 | 000,117,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:64bit: - [2015/10/30 01:18:19 | 001,297,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService) SRV:64bit: - [2015/10/30 01:18:18 | 000,729,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:64bit: - [2015/10/30 01:18:14 | 000,081,408 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:64bit: - [2015/10/30 01:18:01 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService) SRV:64bit: - [2015/10/30 01:18:01 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker) SRV:64bit: - [2015/10/30 01:18:01 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc) SRV:64bit: - [2015/10/30 01:18:01 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager) SRV:64bit: - [2015/10/30 01:17:59 | 002,745,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository) SRV:64bit: - [2015/10/30 01:17:59 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode) SRV:64bit: - [2015/10/30 01:17:59 | 000,023,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter) SRV:64bit: - [2015/10/30 01:17:58 | 000,287,744 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc) SRV:64bit: - [2015/10/30 01:17:53 | 000,097,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:64bit: - [2015/10/30 01:17:53 | 000,060,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:64bit: - [2015/10/30 01:17:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC) SRV:64bit: - [2015/10/30 01:17:52 | 000,181,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum) SRV:64bit: - [2015/10/30 01:17:51 | 000,031,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service) SRV:64bit: - [2015/10/30 01:17:50 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc) SRV:64bit: - [2015/10/30 01:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_601cb) SRV:64bit: - [2015/10/30 01:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_47e55) SRV:64bit: - [2015/10/30 01:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_601cb) SRV:64bit: - [2015/10/30 01:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_47e55) SRV:64bit: - [2015/10/30 01:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_601cb) SRV:64bit: - [2015/10/30 01:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_47e55) SRV:64bit: - [2015/10/30 01:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_601cb) SRV:64bit: - [2015/10/30 01:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_47e55) SRV:64bit: - [2015/10/30 01:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_601cb) SRV:64bit: - [2015/10/30 01:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_47e55) SRV:64bit: - [2015/10/30 01:17:48 | 000,444,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:64bit: - [2015/10/30 01:17:48 | 000,205,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:64bit: - [2015/10/30 01:17:47 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost) SRV:64bit: - [2015/10/30 01:17:46 | 000,290,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService) SRV:64bit: - [2015/10/30 01:17:46 | 000,186,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc) SRV:64bit: - [2015/10/30 01:17:46 | 000,118,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:64bit: - [2015/10/30 01:17:46 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:64bit: - [2015/10/30 01:17:45 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc) SRV:64bit: - [2015/10/30 01:17:43 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice) SRV:64bit: - [2015/10/30 01:17:41 | 000,052,736 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService) SRV:64bit: - [2015/10/30 01:17:39 | 000,547,840 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:64bit: - [2015/10/30 01:17:37 | 000,364,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc) SRV:64bit: - [2015/10/30 01:17:37 | 000,024,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend) SRV:64bit: - [2015/10/30 01:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss) SRV:64bit: - [2015/10/30 01:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession) SRV:64bit: - [2015/10/30 01:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:64bit: - [2015/10/30 01:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:64bit: - [2015/10/30 01:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv) SRV:64bit: - [2015/10/30 01:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:64bit: - [2015/10/30 01:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV:64bit: - [2015/10/30 01:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface) SRV:64bit: - [2015/10/30 01:17:18 | 000,326,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv) SRV:64bit: - [2015/06/22 03:49:50 | 000,036,504 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService) SRV:64bit: - [2015/03/27 21:45:00 | 001,152,144 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService) SRV:64bit: - [2015/03/27 21:44:59 | 022,995,600 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc) SRV:64bit: - [2012/08/06 13:24:22 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV - [2016/05/27 23:49:54 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2016/05/27 22:14:46 | 000,200,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc) SRV - [2016/04/22 21:45:56 | 000,461,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar) SRV - [2016/04/22 08:56:22 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2016/02/24 00:07:45 | 000,949,248 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc) SRV - [2015/10/30 01:18:31 | 002,179,584 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository) SRV - [2015/10/30 01:18:31 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\lfsvc.dll -- (lfsvc) SRV - [2015/10/30 01:18:23 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost) SRV - [2015/04/02 23:37:50 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2015/03/27 21:45:01 | 001,878,672 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService) SRV - [2015/03/13 09:38:38 | 000,410,768 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) ========== Driver Services (SafeList) ========== DRV:64bit: - [2016/07/01 18:18:10 | 000,192,216 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy) DRV:64bit: - [2016/05/27 23:22:08 | 000,211,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:64bit: - [2016/05/27 23:08:25 | 000,258,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000) DRV:64bit: - [2016/05/27 22:24:38 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu) DRV:64bit: - [2016/04/28 17:20:32 | 000,485,512 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Trufos.sys -- (Trufos) DRV:64bit: - [2016/04/28 17:20:32 | 000,161,592 | ---- | M] (BitDefender LLC) [File_System | On_Demand | Running] -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.129.0\gzflt.sys -- (gzflt) DRV:64bit: - [2016/04/22 23:24:37 | 000,099,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc) DRV:64bit: - [2016/04/22 23:11:14 | 000,131,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys) DRV:64bit: - [2016/04/22 22:56:52 | 000,534,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3) DRV:64bit: - [2016/04/22 22:34:19 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2016/04/22 22:33:59 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101) DRV:64bit: - [2016/04/22 22:29:32 | 000,087,552 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt) DRV:64bit: - [2016/03/29 04:23:38 | 000,277,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2016/03/29 02:21:40 | 000,378,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI) DRV:64bit: - [2016/03/29 02:16:55 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid) DRV:64bit: - [2016/03/29 01:23:41 | 000,694,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi) DRV:64bit: - [2016/03/10 14:09:10 | 000,065,408 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl) DRV:64bit: - [2016/03/10 14:08:54 | 000,027,008 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2016/02/23 03:20:35 | 000,238,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip) DRV:64bit: - [2016/02/16 16:52:38 | 000,115,800 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.1.0\Drivers\bdfwfpf.sys -- (bdfwfpf) DRV:64bit: - [2016/02/16 16:52:38 | 000,107,496 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bdfndisf6.sys -- (BdfNdisf) DRV:64bit: - [2016/01/08 19:10:46 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg) DRV:64bit: - [2016/01/08 19:10:46 | 000,095,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor) DRV:64bit: - [2016/01/05 12:45:28 | 001,600,512 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3) DRV:64bit: - [2016/01/05 12:45:28 | 000,775,424 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf) DRV:64bit: - [2016/01/05 12:45:28 | 000,282,000 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avchv.sys -- (avchv) DRV:64bit: - [2015/10/30 03:07:05 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:64bit: - [2015/10/30 03:06:56 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2015/10/30 01:19:39 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:64bit: - [2015/10/30 01:18:42 | 000,052,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr) DRV:64bit: - [2015/10/30 01:18:09 | 000,930,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1) DRV:64bit: - [2015/10/30 01:18:09 | 000,385,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS) DRV:64bit: - [2015/10/30 01:18:08 | 000,218,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache) DRV:64bit: - [2015/10/30 01:18:03 | 000,200,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt) DRV:64bit: - [2015/10/30 01:18:03 | 000,106,520 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT) DRV:64bit: - [2015/10/30 01:18:03 | 000,078,848 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt) DRV:64bit: - [2015/10/30 01:18:03 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv) DRV:64bit: - [2015/10/30 01:18:03 | 000,031,584 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2015/10/30 01:18:03 | 000,026,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ioqos.sys -- (IoQos) DRV:64bit: - [2015/10/30 01:18:01 | 000,154,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS) DRV:64bit: - [2015/10/30 01:17:57 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS) DRV:64bit: - [2015/10/30 01:17:52 | 000,163,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101) DRV:64bit: - [2015/10/30 01:17:52 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000) DRV:64bit: - [2015/10/30 01:17:52 | 000,039,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist) DRV:64bit: - [2015/10/30 01:17:51 | 000,155,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2) DRV:64bit: - [2015/10/30 01:17:51 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass) DRV:64bit: - [2015/10/30 01:17:51 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx) DRV:64bit: - [2015/10/30 01:17:51 | 000,074,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx) DRV:64bit: - [2015/10/30 01:17:51 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf) DRV:64bit: - [2015/10/30 01:17:50 | 000,199,008 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof) DRV:64bit: - [2015/10/30 01:17:46 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam) DRV:64bit: - [2015/10/30 01:17:46 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv) DRV:64bit: - [2015/10/30 01:17:42 | 000,126,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:64bit: - [2015/10/30 01:17:42 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus) DRV:64bit: - [2015/10/30 01:17:39 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp) DRV:64bit: - [2015/10/30 01:17:37 | 000,293,216 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter) DRV:64bit: - [2015/10/30 01:17:37 | 000,209,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000) DRV:64bit: - [2015/10/30 01:17:37 | 000,127,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex) DRV:64bit: - [2015/10/30 01:17:37 | 000,118,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv) DRV:64bit: - [2015/10/30 01:17:37 | 000,061,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt) DRV:64bit: - [2015/10/30 01:17:37 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx) DRV:64bit: - [2015/10/30 01:17:37 | 000,044,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot) DRV:64bit: - [2015/10/30 01:17:37 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf) DRV:64bit: - [2015/10/30 01:17:26 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy) DRV:64bit: - [2015/10/30 01:17:25 | 000,046,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32) DRV:64bit: - [2015/10/30 01:17:25 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2015/10/30 01:17:25 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea) DRV:64bit: - [2015/10/30 01:17:25 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys) DRV:64bit: - [2015/10/30 01:17:25 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig) DRV:64bit: - [2015/10/30 01:17:23 | 000,705,376 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus) DRV:64bit: - [2015/10/30 01:17:23 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64) DRV:64bit: - [2015/10/30 01:17:23 | 000,532,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport) DRV:64bit: - [2015/10/30 01:17:23 | 000,424,800 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus) DRV:64bit: - [2015/10/30 01:17:23 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:64bit: - [2015/10/30 01:17:23 | 000,133,984 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci) DRV:64bit: - [2015/10/30 01:17:23 | 000,104,800 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i) DRV:64bit: - [2015/10/30 01:17:23 | 000,099,168 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i) DRV:64bit: - [2015/10/30 01:17:23 | 000,094,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea) DRV:64bit: - [2015/10/30 01:17:23 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS) DRV:64bit: - [2015/10/30 01:17:23 | 000,079,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme) DRV:64bit: - [2015/10/30 01:17:23 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor) DRV:64bit: - [2015/10/30 01:17:23 | 000,076,128 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr) DRV:64bit: - [2015/10/30 01:17:23 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis) DRV:64bit: - [2015/10/30 01:17:23 | 000,059,232 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs) DRV:64bit: - [2015/10/30 01:17:23 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i) DRV:64bit: - [2015/10/30 01:17:23 | 000,058,208 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i) DRV:64bit: - [2015/10/30 01:17:23 | 000,055,808 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay) DRV:64bit: - [2015/10/30 01:17:23 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi) DRV:64bit: - [2015/10/30 01:17:23 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender) DRV:64bit: - [2015/10/30 01:17:23 | 000,034,144 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs) DRV:64bit: - [2015/10/30 01:17:23 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2015/10/30 01:17:23 | 000,026,976 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad) DRV:64bit: - [2015/10/30 01:17:22 | 003,436,896 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2015/10/30 01:17:22 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX) DRV:64bit: - [2015/10/30 01:17:22 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV) DRV:64bit: - [2015/10/30 01:17:22 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2015/10/30 01:17:22 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2015/10/30 01:17:22 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware) DRV:64bit: - [2015/10/30 01:17:22 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2015/10/30 01:17:22 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2015/10/30 01:17:22 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt) DRV:64bit: - [2015/10/30 01:17:22 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter) DRV:64bit: - [2015/10/30 01:17:22 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI) DRV:64bit: - [2015/10/30 01:17:22 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2015/10/30 01:17:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic) DRV:64bit: - [2015/10/30 01:17:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn) DRV:64bit: - [2015/10/30 01:17:22 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime) DRV:64bit: - [2015/10/30 01:17:22 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr) DRV:64bit: - [2015/10/30 01:17:22 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2) DRV:64bit: - [2015/10/30 01:17:22 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn.sys -- (bcmfn) DRV:64bit: - [2015/10/30 01:17:18 | 000,165,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C) DRV:64bit: - [2015/10/30 01:17:18 | 000,117,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:64bit: - [2015/10/30 01:17:18 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C) DRV:64bit: - [2015/10/30 01:17:18 | 000,081,408 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c) DRV:64bit: - [2015/10/30 01:17:18 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci) DRV:64bit: - [2015/10/30 01:17:18 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum) DRV:64bit: - [2015/10/30 01:17:18 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc) DRV:64bit: - [2015/10/30 01:17:18 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c) DRV:64bit: - [2015/10/30 01:17:18 | 000,046,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep) DRV:64bit: - [2015/10/30 01:17:18 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:64bit: - [2015/10/30 01:17:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys -- (CompositeBus) DRV:64bit: - [2015/10/30 01:17:18 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO) DRV:64bit: - [2015/10/30 01:17:18 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2015/10/30 01:17:18 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid) DRV:64bit: - [2015/10/30 01:17:18 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd) DRV:64bit: - [2015/10/30 01:17:18 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter) DRV:64bit: - [2015/08/29 01:31:12 | 000,206,152 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2015/06/22 03:49:50 | 000,701,136 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV:64bit: - [2015/03/27 21:44:59 | 000,019,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms) DRV:64bit: - [2014/11/22 04:46:30 | 000,038,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible) DRV:64bit: - [2014/11/12 18:20:36 | 000,039,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvvadarm.sys -- (NVVADARM) DRV:64bit: - [2014/01/22 08:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:64bit: - [2014/01/22 08:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:64bit: - [2012/07/23 11:35:12 | 000,079,528 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata) DRV:64bit: - [2012/07/23 11:35:12 | 000,026,280 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata) DRV:64bit: - [2012/07/15 23:46:20 | 000,017,064 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) DRV:64bit: - [2012/06/18 16:07:50 | 000,057,000 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:64bit: - [2012/03/05 17:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1) DRV - [2015/10/30 01:17:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys -- (CompositeBus) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DD 6E E1 D9 8E 92 D0 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.countryCode: "US" FF - prefs.js..browser.search.region: "US" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:37.0.1 FF - prefs.js..browser.search.selectedEngine: "Yahoo®" FF - prefs.js..browser.search.defaultenginename: "Yahoo®" FF - prefs.js..browser.search.suggest.enabled: true FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/05/20 00:00:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Becky\AppData\Roaming\mozilla\Extensions [2015/05/20 08:48:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Becky\AppData\Roaming\mozilla\Firefox\Profiles\9lzft3vo.default\extensions [2015/04/11 08:22:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2015/04/11 08:22:01 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - Extension: No name found = C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\ CHR - Extension: No name found = C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\ CHR - Extension: No name found = C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\ CHR - Extension: No name found = C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\ CHR - Extension: No name found = C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\ CHR - Extension: No name found = C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\ CHR - Extension: No name found = C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\ CHR - Extension: No name found = C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\ O1 HOSTS File: ([2013/08/22 07:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [] File not found O4:64bit: - HKLM..\Run: [AdAwareTray] C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareTray.exe () O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKCU..\Run: [Amazon Music] C:\Users\Becky\AppData\Local\Amazon Music\Amazon Music Helper.exe () O4 - HKCU..\Run: [OneDrive] C:\Users\Becky\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) O4 - HKLM..\RunOnce: [Lerulehamo] C:\WINDOWS\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Becky\AppData\Local\696BC8~1\Dugatec.dat" File not found O4 - Startup: C:\Users\Becky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation) O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation) O9:64bit: - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation) O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000001 - CC:\Windows\system32\LavasoftTcpService64.dll File not found O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000002 - CC:\Windows\system32\LavasoftTcpService64.dll File not found O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000003 - CC:\Windows\system32\LavasoftTcpService64.dll File not found O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000004 - CC:\Windows\system32\LavasoftTcpService64.dll File not found O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000005 - CC:\Windows\system32\LavasoftTcpService64.dll File not found O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000001 - %SystemRoot%\System32\winrnr.dll File not found O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000002 - %SystemRoot%\System32\winrnr.dll File not found O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000003 - %SystemRoot%\System32\winrnr.dll File not found O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000004 - %SystemRoot%\System32\winrnr.dll File not found O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000016 - %SystemRoot%\System32\winrnr.dll File not found O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: localhost ([]* in Trusted sites) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 67.215.21.202 72.21.70.3 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{c71d8142-b8e1-4995-9499-09df8597fcdc}: DhcpNameServer = 67.215.21.202 72.21.70.3 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{c71d8142-b8e1-4995-9499-09df8597fcdc}: NameServer = 8.8.8.8,8.8.4.4 O18:64bit: - Protocol\Handler\osf - No CLSID value found O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll (Microsoft Corporation) O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2016/07/01 17:53:24 | 000,192,216 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys [2016/07/01 17:52:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware [2016/07/01 17:52:51 | 000,140,672 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys [2016/07/01 17:52:51 | 000,065,408 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys [2016/07/01 17:52:51 | 000,027,008 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys [2016/07/01 17:52:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware [2016/07/01 17:52:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2016/07/01 17:20:57 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2016/07/01 15:41:42 | 000,000,000 | -H-D | C] -- C:\OneDriveTemp [2016/06/24 06:52:59 | 000,000,000 | ---D | C] -- C:\Users\Becky\AppData\Local\Programs [2016/06/21 21:13:52 | 001,061,776 | ---- | C] (BitDefender S.R.L.) -- C:\WINDOWS\SysNative\bdsmtpp.dll [2016/06/21 21:13:52 | 000,209,984 | ---- | C] (BitDefender) -- C:\WINDOWS\SysNative\BdFirewallSDK.dll [2016/06/21 21:13:52 | 000,195,016 | ---- | C] (BitDefender) -- C:\WINDOWS\SysNative\httproxy.dll [2016/06/21 21:13:52 | 000,155,912 | ---- | C] (BitDefender S.R.L.) -- C:\WINDOWS\SysNative\bdpop3p.dll [2016/06/21 21:13:52 | 000,122,928 | ---- | C] (BitDefender) -- C:\WINDOWS\SysNative\OEMbdpredir.dll [2016/06/21 21:13:52 | 000,096,160 | ---- | C] (BitDefender) -- C:\WINDOWS\SysNative\bdpredir.dll [2016/06/21 14:49:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lavasoft [2016/06/17 11:17:40 | 000,535,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll [2016/06/17 11:17:40 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.dll [2016/06/17 11:17:40 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll [2016/06/17 11:17:39 | 005,323,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll [2016/06/17 11:17:39 | 000,890,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxPackaging.dll [2016/06/17 11:17:39 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll [2016/06/17 11:17:38 | 001,582,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll [2016/06/17 11:17:38 | 000,703,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe [2016/06/17 11:17:38 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppContracts.dll [2016/06/17 11:17:38 | 000,415,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StoreAgent.dll [2016/06/17 11:17:38 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VEEventDispatcher.dll [2016/06/17 11:17:38 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgent.exe [2016/06/17 11:17:38 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\updatepolicy.dll [2016/06/17 11:17:38 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdlrecover.exe [2016/06/17 11:17:37 | 009,918,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll [2016/06/17 11:17:37 | 005,660,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll [2016/06/17 11:17:37 | 001,445,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRHInproc.dll [2016/06/17 11:17:37 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRH.dll [2016/06/17 11:17:36 | 006,295,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mos.dll [2016/06/17 11:17:36 | 005,205,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingMaps.dll [2016/06/17 11:17:36 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JpMapControl.dll [2016/06/17 11:17:36 | 000,784,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NMAA.dll [2016/06/17 11:17:36 | 000,711,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapControlCore.dll [2016/06/17 11:17:36 | 000,501,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupEngine.dll [2016/06/17 11:17:36 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SyncController.dll [2016/06/17 11:17:36 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapConfiguration.dll [2016/06/17 11:17:36 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\polstore.dll [2016/06/17 11:17:36 | 000,097,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll [2016/06/17 11:17:36 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapsBtSvc.dll [2016/06/17 11:17:36 | 000,084,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupApi.dll [2016/06/17 11:17:36 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MosStorage.dll [2016/06/17 11:17:36 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FwRemoteSvr.dll [2016/06/17 11:17:36 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MosHostClient.dll [2016/06/17 11:17:35 | 018,674,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll [2016/06/17 11:17:35 | 002,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll [2016/06/17 11:17:35 | 001,707,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActiveSyncProvider.dll [2016/06/17 11:17:35 | 000,254,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockAppHost.exe [2016/06/17 11:17:33 | 004,074,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe [2016/06/17 11:17:33 | 001,185,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LocationFramework.dll [2016/06/17 11:17:33 | 000,546,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe [2016/06/17 11:17:33 | 000,316,256 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll [2016/06/17 11:17:33 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dhcpcore6.dll [2016/06/17 11:17:33 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll [2016/06/17 11:17:33 | 000,037,376 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll [2016/06/17 11:17:32 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MessagingDataModel2.dll [2016/06/17 11:17:32 | 000,360,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll [2016/06/17 11:16:54 | 000,684,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StructuredQuery.dll [2016/06/17 11:16:54 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppContracts.dll [2016/06/17 11:16:54 | 000,211,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tpm.sys [2016/06/17 11:16:50 | 000,258,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ufx01000.sys [2016/06/17 11:16:49 | 003,590,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys [2016/06/17 11:16:49 | 001,797,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll [2016/06/17 11:16:49 | 001,387,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys [2016/06/17 11:16:48 | 001,390,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Shell.dll [2016/06/17 11:16:48 | 000,808,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe [2016/06/17 11:16:48 | 000,550,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StoreAgent.dll [2016/06/17 11:16:48 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tileobjserver.dll [2016/06/17 11:16:48 | 000,430,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ws2_32.dll [2016/06/17 11:16:48 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll [2016/06/17 11:16:48 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocore.dll [2016/06/17 11:16:48 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VEEventDispatcher.dll [2016/06/17 11:16:48 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgent.exe [2016/06/17 11:16:48 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe [2016/06/17 11:16:48 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdlrecover.exe [2016/06/17 11:16:48 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatepolicy.dll [2016/06/17 11:16:48 | 000,026,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe [2016/06/17 11:16:47 | 011,545,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll [2016/06/17 11:16:47 | 000,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll [2016/06/17 11:16:46 | 001,716,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRHInproc.dll [2016/06/17 11:16:46 | 000,965,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll [2016/06/17 11:16:45 | 004,387,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupapi.dll [2016/06/17 11:16:45 | 000,990,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SharedStartModel.dll [2016/06/17 11:16:44 | 007,832,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll [2016/06/17 11:16:44 | 004,896,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll [2016/06/17 11:16:44 | 003,994,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll [2016/06/17 11:16:44 | 002,609,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkMobileSettings.dll [2016/06/17 11:16:44 | 000,764,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll [2016/06/17 11:16:44 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll [2016/06/17 11:16:44 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Privacy.dll [2016/06/17 11:16:44 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ngcpopkeysrv.dll [2016/06/17 11:16:40 | 003,585,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsThresholdAdminFlowUI.dll [2016/06/17 11:16:39 | 001,073,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXService.dll [2016/06/17 11:16:39 | 000,610,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll [2016/06/17 11:16:39 | 000,591,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnike.dll [2016/06/17 11:16:39 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXTaskFactory.dll [2016/06/17 11:16:38 | 007,474,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe [2016/06/17 11:16:37 | 000,693,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupEngine.dll [2016/06/17 11:16:37 | 000,511,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.dll [2016/06/17 11:16:37 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupSvc.dll [2016/06/17 11:16:37 | 000,170,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkUXBroker.exe [2016/06/17 11:16:37 | 000,115,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupApi.dll [2016/06/17 11:16:36 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MBMediaManager.dll [2016/06/17 11:16:36 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\polstore.dll [2016/06/17 11:16:36 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Ndu.sys [2016/06/17 11:16:36 | 000,111,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll [2016/06/17 11:16:36 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FwRemoteSvr.dll [2016/06/17 11:16:34 | 007,977,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mos.dll [2016/06/17 11:16:34 | 000,988,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NMAA.dll [2016/06/17 11:16:34 | 000,693,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\internetmail.dll [2016/06/17 11:16:34 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncController.dll [2016/06/17 11:16:34 | 000,269,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshostcore.dll [2016/06/17 11:16:34 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll [2016/06/17 11:16:34 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosStorage.dll [2016/06/17 11:16:34 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshost.dll [2016/06/17 11:16:34 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosHostClient.dll [2016/06/17 11:16:33 | 007,200,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll [2016/06/17 11:16:33 | 002,582,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll [2016/06/17 11:16:33 | 001,996,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActiveSyncProvider.dll [2016/06/17 11:16:33 | 001,056,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JpMapControl.dll [2016/06/17 11:16:33 | 000,939,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapControlCore.dll [2016/06/17 11:16:33 | 000,853,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsStore.dll [2016/06/17 11:16:33 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapConfiguration.dll [2016/06/17 11:16:33 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsBtSvc.dll [2016/06/17 11:16:33 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsCSP.dll [2016/06/17 11:16:33 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mapsupdatetask.dll [2016/06/17 11:16:32 | 000,730,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Shell.Broker.dll [2016/06/17 11:16:32 | 000,577,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys [2016/06/17 11:16:32 | 000,303,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockAppHost.exe [2016/06/17 11:16:32 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll [2016/06/17 11:16:31 | 022,379,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll [2016/06/17 11:16:31 | 000,784,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll [2016/06/17 11:16:28 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\httpprxm.dll [2016/06/17 11:16:28 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adhsvc.dll [2016/06/17 11:16:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\httpprxp.dll [2016/06/17 11:16:27 | 001,534,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LocationFramework.dll [2016/06/17 11:16:27 | 000,428,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll [2016/06/17 11:16:27 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GnssAdapter.dll [2016/06/17 11:16:27 | 000,131,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpapi.dll [2016/06/17 11:16:26 | 001,594,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll [2016/06/17 11:16:26 | 000,636,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe [2016/06/17 11:16:26 | 000,379,232 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll [2016/06/17 11:16:26 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll [2016/06/17 11:16:26 | 000,045,568 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll [2016/06/17 11:16:25 | 004,515,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [2016/06/17 11:16:25 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll [2016/06/17 11:16:25 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmmigrator.dll [2016/06/17 11:16:25 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll [2016/06/17 11:16:24 | 002,548,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll [2016/06/17 11:16:24 | 000,649,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll [2016/06/17 11:16:24 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Management.dll [2016/06/17 11:16:24 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcore6.dll [2016/06/17 11:16:24 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcsvc6.dll [2016/06/17 11:16:24 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsdport.sys [2016/06/17 11:16:23 | 006,973,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll [2016/06/17 11:16:23 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll [2016/06/17 11:16:23 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceEnroller.exe [2016/06/17 11:16:22 | 001,401,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll [2016/06/17 11:16:22 | 001,322,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll [2016/06/17 11:16:22 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcertinst.exe [2016/06/17 11:16:22 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\omadmclient.exe [2016/06/17 11:16:22 | 000,092,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll [2016/06/17 11:16:22 | 000,046,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe [2016/06/17 11:16:19 | 000,982,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxPackaging.dll [2016/06/17 11:16:17 | 000,587,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll [2016/06/17 11:16:17 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll [2016/06/17 11:16:16 | 000,431,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcryptprimitives.dll [2016/06/17 11:16:16 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BrokerLib.dll [2016/06/17 11:16:12 | 002,168,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll [2016/06/17 11:16:12 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll [2016/06/17 11:16:12 | 001,184,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll [2016/06/17 11:16:12 | 000,514,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll [2016/06/17 11:16:12 | 000,290,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll [2016/06/17 11:16:11 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MessagingDataModel2.dll [2016/06/17 11:16:11 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvr.exe [2016/06/17 11:16:11 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tetheringservice.dll [2016/06/17 11:16:11 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidclass.sys [2016/06/17 11:16:11 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppCapture.dll [1 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2016/07/01 18:50:00 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2016/07/01 18:18:10 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys [2016/07/01 18:11:26 | 000,002,409 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk [2016/07/01 18:10:58 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2016/07/01 18:09:57 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2016/07/01 18:08:56 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2016/07/01 17:52:57 | 000,001,171 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2016/06/17 19:51:31 | 000,002,260 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2016/06/17 18:58:58 | 000,240,560 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2016/06/17 08:49:15 | 000,000,240 | ---- | M] () -- C:\Users\Becky\AppData\Roaming\WB.CFG [2016/06/14 12:33:01 | 000,828,408 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe [2016/06/14 12:33:01 | 000,176,632 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl [2016/06/07 08:08:49 | 000,002,124 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk [2016/06/02 14:51:13 | 000,001,296 | ---- | M] () -- C:\Users\Becky\Desktop\Amazon Music.lnk [1 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ] ========== Files Created - No Company Name ========== [2016/07/01 17:52:57 | 000,001,171 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2016/06/21 21:13:52 | 000,156,936 | ---- | C] () -- C:\WINDOWS\SysNative\bdfwcore.dll [2016/06/07 08:08:49 | 000,002,457 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [2016/06/07 08:08:49 | 000,002,124 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk [2016/05/02 16:40:24 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2016/04/12 17:58:42 | 001,862,008 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll [2016/04/12 17:57:05 | 000,162,816 | ---- | C] () -- C:\WINDOWS\SysWow64\MTF.dll [2016/02/14 11:19:12 | 000,000,240 | ---- | C] () -- C:\Users\Becky\AppData\Roaming\WB.CFG [2016/01/08 18:18:12 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2015/10/30 01:24:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2015/10/30 01:24:43 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2015/10/30 01:18:39 | 000,164,224 | ---- | C] () -- C:\WINDOWS\SysWow64\weretw.dll [2015/10/30 01:18:36 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat [2015/10/30 01:18:36 | 000,047,104 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2015/10/30 01:18:34 | 000,019,968 | ---- | C] () -- C:\WINDOWS\SysWow64\GamePanelExternalHook.dll [2015/10/30 01:18:31 | 000,252,928 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll [2015/10/30 01:18:31 | 000,029,184 | ---- | C] () -- C:\WINDOWS\SysWow64\dtdump.exe [2015/10/30 01:18:29 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2015/10/30 01:18:29 | 000,293,376 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll [2015/10/30 01:18:26 | 000,022,528 | ---- | C] () -- C:\WINDOWS\SysWow64\efsext.dll [2015/10/30 01:18:25 | 000,002,269 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini [2015/10/30 01:18:23 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat [2015/10/30 01:17:40 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [2015/08/29 01:31:10 | 037,759,272 | ---- | C] () -- C:\WINDOWS\SysWow64\nvcompiler.dll [2014/08/11 11:20:32 | 001,186,161 | ---- | C] () -- C:\WINDOWS\unins000.exe [2014/08/11 11:20:32 | 000,001,164 | ---- | C] () -- C:\WINDOWS\unins000.dat [2014/08/11 11:16:10 | 000,207,400 | R--- | C] () -- C:\WINDOWS\GSetup.exe [2014/08/11 11:16:10 | 000,000,010 | ---- | C] () -- C:\WINDOWS\GSetup.ini ========== ZeroAccess Check ========== [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\windows.storage.dll -- [2016/04/22 23:08:45 | 006,605,504 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\windows.storage.dll -- [2016/04/22 23:09:27 | 005,240,960 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2015/10/30 01:17:43 | 000,987,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2015/10/30 01:18:21 | 000,765,440 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2015/10/30 01:17:45 | 000,518,656 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Alternate Data Streams ========== @Alternate Data Stream - 220 bytes -> C:\Users\Becky\OneDrive:ms-properties < End of report >
  8. 4 Internet Explorer: 11.0.10586.420 BrowserJavaVersion: 11.45.2 Run by Becky at 19:06:09 on 2016-07-01 Microsoft Windows 10 Home 10.0.10586.0.1252.1.1033.18.8174.5214 [GMT -6:00] . AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Ad-Aware Antivirus *Disabled/Outdated* {B0CC18C6-E527-6EE6-874C-9D19920E5619} SP: Ad-Aware Antivirus *Disabled/Outdated* {0BADF922-C31D-6168-BDFC-A66BE9891CA4} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Ad-Aware Firewall *Disabled* {88F799E3-AF48-6FBE-AC13-342C6CDD1162} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k RPCSS C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\WINDOWS\system32\dwm.exe C:\WINDOWS\system32\svchost.exe -k netsvcs C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\WINDOWS\system32\nvvsvc.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\System32\spoolsv.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe C:\WINDOWS\System32\svchost.exe -k utcsvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe C:\WINDOWS\system32\dashost.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareService.exe C:\WINDOWS\system32\viakaraokesrv.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\WINDOWS\system32\svchost.exe -k appmodel C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe C:\WINDOWS\system32\sihost.exe C:\WINDOWS\system32\taskhostw.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Windows\System32\RuntimeBroker.exe C:\WINDOWS\Explorer.EXE C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\SettingSyncHost.exe C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareTray.exe C:\Users\Becky\AppData\Local\Amazon Music\Amazon Music Helper.exe C:\Users\Becky\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\WINDOWS\system32\fontdrvhost.exe C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe C:\WINDOWS\system32\ApplicationFrameHost.exe C:\Program Files\WindowsApps\Facebook.Facebook_58.501.54211.0_x86__8xx8rvfyw5nnt\WinUAPEntry.exe C:\Program Files\WindowsApps\Facebook.317180B0BB486_75.494.64789.0_x86__8xx8rvfyw5nnt\WinUAPEntry.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\Windows Defender\MpCmdRun.exe svchost.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\WINDOWS\system32\SearchFilterHost.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com mStart Page = about:blank BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll uRun: [Amazon Music] "C:\Users\Becky\AppData\Local\Amazon Music\Amazon Music Helper.exe" uRun: [OneDrive] "C:\Users\Becky\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRunOnce: [Lerulehamo] C:\WINDOWS\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Becky\AppData\Local\696BC8~1\Dugatec.dat" StartupFolder: C:\Users\Becky\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE mPolicies-System: DSCAutomationHostEnabled = dword:2 IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll Trusted Zone: localhost TCP: NameServer = 8.8.8.8,8.8.8.4 TCP: NameServer = 67.215.21.202 72.21.70.3 TCP: Interfaces\{c71d8142-b8e1-4995-9499-09df8597fcdc} : NameServer = 8.8.8.8,8.8.4.4 TCP: Interfaces\{c71d8142-b8e1-4995-9499-09df8597fcdc} : DHCPNameServer = 67.215.21.202 72.21.70.3 Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll SSODL: WebCheck - <orphaned> LSA: Security Packages = "" mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\WINDOWS\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll x64-mStart Page = about:blank x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" x64-Run: [ShadowPlay] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStart x64-Run: [AdAwareTray] "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareTray.exe" x64-mPolicies-System: DSCAutomationHostEnabled = dword:2 x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned> x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll x64-SSODL: WebCheck - <orphaned> x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Becky\AppData\Roaming\Mozilla\Firefox\Profiles\9lzft3vo.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo® FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\WINDOWS\System32\drivers\amd_sata.sys [2014-8-11 79528] R0 amd_xata;amd_xata;C:\WINDOWS\System32\drivers\amd_xata.sys [2014-8-11 26280] R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520] R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944] R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-30 199008] R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-10-30 218624] R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;C:\WINDOWS\System32\drivers\bdfndisf6.sys [2016-2-16 107496] R1 bdfwfpf;bdfwfpf;C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.1.0\Drivers\bdfwfpf.sys [2016-2-16 115800] R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2016-5-11 87552] R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-8-6 361984] R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888] R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2015-5-20 3009776] R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944] R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-10-30 43944] R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944] R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-11-17 1152144] R2 LavasoftAdAwareService11;Ad-Aware Service 11;C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.11.898.9090\AdAwareService.exe [2016-6-10 730496] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-7-1 1514464] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-7-1 1136608] R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-8-11 1878672] R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-8-11 22995600] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-4-11 410768] R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-30 78848] R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944] R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944] R2 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\WINDOWS\System32\ViakaraokeSrv.exe [2015-6-22 36504] R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944] R3 avc3;avc3;C:\WINDOWS\System32\drivers\avc3.sys [2016-1-5 1600512] R3 avchv;avchv Function Driver;C:\WINDOWS\System32\drivers\avchv.sys [2015-7-29 282000] R3 avckf;avckf;C:\WINDOWS\System32\drivers\avckf.sys [2016-1-5 775424] R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944] R3 gzflt;gzflt;C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.129.0\gzflt.sys [2016-4-28 161592] R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944] R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944] R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\drivers\mbam.sys [2016-7-1 27008] R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [2016-7-1 192216] R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\WINDOWS\System32\drivers\mwac.sys [2016-7-1 65408] R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944] R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480] R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-8-11 19600] R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2015-1-13 38032] R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2015-10-30 589824] R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944] R3 usbfilter;AMD USB Filter Driver;C:\WINDOWS\System32\drivers\usbfilter.sys [2014-8-11 57000] R3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\WINDOWS\System32\drivers\viahduaa.sys [2015-6-22 701136] R3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-30 118112] R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-30 364464] S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-10-30 43944] S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-10-30 1135456] S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944] S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-30 43944] S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728] S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-30 9728] S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944] S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376] S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2016-1-8 117248] S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944] S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2014-1-22 108800] S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744] S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944] S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944] S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944] S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944] S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944] S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992] S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016] S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408] S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888] S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128] S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152] S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-30 673120] S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800] S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-10-30 117760] S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-30 46432] S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-10-30 26624] S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800] S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168] S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376] S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128] S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944] S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944] S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944] S3 NVVADARM;NVIDIA Miracast Audio;C:\WINDOWS\System32\drivers\nvvadarm.sys [2014-12-5 39056] S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208] S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720] S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944] S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-10-30 930656] S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944] S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944] S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408] S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944] S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-30 155488] S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-10-30 43944] S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2014-1-22 206080] S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-30 79200] S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144] S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2015-10-30 290304] S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2016-5-11 63488] S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592] S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-30 45056] S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-10-30 28512] S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2016-6-17 258912] S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048] S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-5-11 131424] S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512] S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-30 57696] S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488] S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744] S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944] S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944] S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944] S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2016-4-12 694784] S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944] S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-30 26976] S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-30 59232] S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944] S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-10-30 43944] S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2015-10-30 216064] S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944] S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944] S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2016-3-9 238592] S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944] S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-4-12 26112] S4 CDPSvc;Connected Device Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944] S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944] . =============== File Associations =============== . FileExt: .txt: txtfile="C:\WINDOWS\System32\NOTEPAD.EXE" %1 FileExt: .ini: inifile="C:\WINDOWS\System32\NOTEPAD.EXE" %1 FileExt: .inf: inffile="C:\WINDOWS\System32\NOTEPAD.EXE" %1 . =============== Created Last 30 ================ . 2016-07-02 00:21:23 12007136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{12FE0C22-23E3-49E0-9B7F-41B201EB4B63}\mpengine.dll 2016-07-01 23:53:24 192216 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys 2016-07-01 23:52:51 65408 ----a-w- C:\WINDOWS\System32\drivers\mwac.sys 2016-07-01 23:52:51 27008 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys 2016-07-01 23:52:51 140672 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys 2016-07-01 23:52:51 -------- d-----w- C:\ProgramData\Malwarebytes 2016-07-01 23:52:51 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-07-01 23:44:26 12007136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2016-07-01 23:20:57 -------- d-----w- C:\AdwCleaner 2016-07-01 21:41:42 -------- d--h--w- C:\OneDriveTemp 2016-06-24 12:52:59 -------- d-----w- C:\Users\Becky\AppData\Local\Programs 2016-06-22 03:13:52 96160 ----a-w- C:\WINDOWS\System32\bdpredir.dll 2016-06-22 03:13:52 209984 ----a-w- C:\WINDOWS\System32\BdFirewallSDK.dll 2016-06-22 03:13:52 195016 ----a-w- C:\WINDOWS\System32\httproxy.dll 2016-06-22 03:13:52 156936 ----a-w- C:\WINDOWS\System32\bdfwcore.dll 2016-06-22 03:13:52 155912 ----a-w- C:\WINDOWS\System32\bdpop3p.dll 2016-06-22 03:13:52 122928 ----a-w- C:\WINDOWS\System32\OEMbdpredir.dll 2016-06-22 03:13:52 1061776 ----a-w- C:\WINDOWS\System32\bdsmtpp.dll 2016-06-21 20:49:07 -------- d-----w- C:\Program Files\Common Files\Lavasoft 2016-06-17 17:16:54 684544 ----a-w- C:\WINDOWS\System32\StructuredQuery.dll 2016-06-17 14:46:37 1167568 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0155F0C0-F9B1-46C7-ADD1-260D6E2B409D}\gapaengine.dll . ==================== Find3M ==================== . 2016-06-15 20:40:57 484008 ------w- C:\WINDOWS\System32\MpSigStub.exe 2016-06-14 18:33:01 828408 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe 2016-06-14 18:33:01 176632 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl 2016-05-28 06:13:27 46784 ----a-w- C:\WINDOWS\System32\CompatTelRunner.exe 2016-05-28 06:13:24 92352 ----a-w- C:\WINDOWS\System32\acmigration.dll 2016-05-28 06:13:24 514752 ----a-w- C:\WINDOWS\System32\devinv.dll 2016-05-28 06:13:24 290496 ----a-w- C:\WINDOWS\System32\invagent.dll 2016-05-28 06:13:24 1401024 ----a-w- C:\WINDOWS\System32\appraiser.dll 2016-05-28 06:13:24 1184960 ----a-w- C:\WINDOWS\System32\aeinv.dll 2016-05-28 05:55:39 2718208 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll 2016-05-28 05:25:42 4268880 ----a-w- C:\WINDOWS\SysWow64\setupapi.dll 2016-05-28 05:23:29 388384 ----a-w- C:\WINDOWS\SysWow64\ws2_32.dll 2016-05-28 05:23:28 312160 ----a-w- C:\WINDOWS\SysWow64\mswsock.dll 2016-05-28 05:22:29 7474528 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe 2016-05-28 05:22:11 118624 ----a-w- C:\WINDOWS\System32\drivers\partmgr.sys 2016-05-28 05:22:08 211296 ----a-w- C:\WINDOWS\System32\drivers\tpm.sys 2016-05-28 05:22:02 4387680 ----a-w- C:\WINDOWS\System32\setupapi.dll 2016-05-28 05:20:21 430312 ----a-w- C:\WINDOWS\System32\ws2_32.dll 2016-05-28 05:18:49 357216 ----a-w- C:\WINDOWS\System32\mswsock.dll 2016-05-28 05:09:52 84832 ----a-w- C:\WINDOWS\SysWow64\NetSetupApi.dll 2016-05-28 05:09:50 501600 ----a-w- C:\WINDOWS\SysWow64\NetSetupEngine.dll 2016-05-28 05:09:27 170848 ----a-w- C:\WINDOWS\System32\NetworkUXBroker.exe 2016-05-28 05:08:59 693600 ----a-w- C:\WINDOWS\System32\NetSetupEngine.dll 2016-05-28 05:08:51 115040 ----a-w- C:\WINDOWS\System32\NetSetupApi.dll 2016-05-28 05:08:25 258912 ----a-w- C:\WINDOWS\System32\drivers\ufx01000.sys 2016-05-28 05:07:46 957608 ----a-w- C:\WINDOWS\SysWow64\ole32.dll 2016-05-28 05:07:45 331616 ----a-w- C:\WINDOWS\System32\drivers\pci.sys 2016-05-28 05:07:40 703840 ----a-w- C:\WINDOWS\SysWow64\WWAHost.exe 2016-05-28 05:07:19 1322248 ----a-w- C:\WINDOWS\System32\ole32.dll 2016-05-28 05:07:12 808288 ----a-w- C:\WINDOWS\System32\WWAHost.exe 2016-05-28 05:06:36 254656 ----a-w- C:\WINDOWS\SysWow64\LockAppHost.exe 2016-05-28 05:06:09 4074160 ----a-w- C:\WINDOWS\SysWow64\explorer.exe 2016-05-28 05:06:05 730344 ----a-w- C:\WINDOWS\System32\Windows.Internal.Shell.Broker.dll 2016-05-28 05:06:05 303216 ----a-w- C:\WINDOWS\System32\LockAppHost.exe 2016-05-28 05:05:38 4515264 ----a-w- C:\WINDOWS\explorer.exe 2016-05-28 05:04:44 161632 ----a-w- C:\WINDOWS\System32\drivers\ksecpkg.sys 2016-05-28 05:04:42 604928 ----a-w- C:\WINDOWS\System32\drivers\cng.sys 2016-05-28 05:04:41 111064 ----a-w- C:\WINDOWS\System32\ncryptsslp.dll 2016-05-28 05:04:37 97096 ----a-w- C:\WINDOWS\SysWow64\ncryptsslp.dll 2016-05-28 05:04:37 360480 ----a-w- C:\WINDOWS\SysWow64\bcryptprimitives.dll 2016-05-28 05:04:34 431296 ----a-w- C:\WINDOWS\System32\bcryptprimitives.dll 2016-05-28 05:03:58 131248 ----a-w- C:\WINDOWS\System32\gpapi.dll 2016-05-28 04:58:04 379232 ----a-w- C:\WINDOWS\System32\atmfd.dll 2016-05-28 04:58:02 1996640 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys 2016-05-28 04:57:58 649792 ----a-w- C:\WINDOWS\System32\dxgi.dll 2016-05-28 04:57:58 2548944 ----a-w- C:\WINDOWS\System32\d3d10warp.dll 2016-05-28 04:57:56 316256 ----a-w- C:\WINDOWS\SysWow64\atmfd.dll 2016-05-28 04:57:55 636304 ----a-w- C:\WINDOWS\System32\fontdrvhost.exe 2016-05-28 04:57:53 577376 ----a-w- C:\WINDOWS\System32\drivers\dxgmms2.sys 2016-05-28 04:57:42 2195632 ----a-w- C:\WINDOWS\SysWow64\d3d10warp.dll 2016-05-28 04:57:41 521664 ----a-w- C:\WINDOWS\SysWow64\dxgi.dll 2016-05-28 04:57:40 546456 ----a-w- C:\WINDOWS\SysWow64\fontdrvhost.exe 2016-05-28 04:57:30 1594416 ----a-w- C:\WINDOWS\System32\gdi32.dll 2016-05-28 04:57:05 1372312 ----a-w- C:\WINDOWS\SysWow64\gdi32.dll 2016-05-28 04:35:16 89088 ----a-w- C:\WINDOWS\System32\MapsCSP.dll 2016-05-28 04:35:13 123392 ----a-w- C:\WINDOWS\System32\tdlrecover.exe 2016-05-28 04:35:09 31744 ----a-w- C:\WINDOWS\System32\drivers\dumpsdport.sys 2016-05-28 04:31:21 91648 ----a-w- C:\WINDOWS\SysWow64\tdlrecover.exe 2016-05-28 04:31:15 88576 ----a-w- C:\WINDOWS\SysWow64\olepro32.dll 2016-05-28 04:31:14 66560 ----a-w- C:\WINDOWS\System32\MosHostClient.dll 2016-05-28 04:29:59 79360 ----a-w- C:\WINDOWS\System32\adhsvc.dll 2016-05-28 04:29:39 19456 ----a-w- C:\WINDOWS\System32\httpprxp.dll 2016-05-28 04:29:23 45568 ----a-w- C:\WINDOWS\System32\atmlib.dll 2016-05-28 04:29:04 22379008 ----a-w- C:\WINDOWS\System32\edgehtml.dll 2016-05-28 04:28:22 90112 ----a-w- C:\WINDOWS\System32\FwRemoteSvr.dll 2016-05-28 04:28:19 118272 ----a-w- C:\WINDOWS\System32\fontsub.dll 2016-05-28 04:28:11 166400 ----a-w- C:\WINDOWS\System32\MusNotification.exe 2016-05-28 04:27:48 28672 ----a-w- C:\WINDOWS\System32\mapsupdatetask.dll 2016-05-28 04:27:06 50176 ----a-w- C:\WINDOWS\SysWow64\MosHostClient.dll 2016-05-28 04:26:55 199168 ----a-w- C:\WINDOWS\System32\InstallAgent.exe 2016-05-28 04:26:52 50176 ----a-w- C:\WINDOWS\apppatch\apppatch64\acspecfc.dll 2016-05-28 04:26:45 74752 ----a-w- C:\WINDOWS\System32\MosStorage.dll 2016-05-28 04:26:16 157184 ----a-w- C:\WINDOWS\System32\dmcertinst.exe 2016-05-28 04:26:12 145920 ----a-w- C:\WINDOWS\System32\omadmclient.exe 2016-05-28 04:26:11 120320 ----a-w- C:\WINDOWS\System32\MapsBtSvc.dll 2016-05-28 04:25:22 37376 ----a-w- C:\WINDOWS\SysWow64\atmlib.dll 2016-05-28 04:24:38 72704 ----a-w- C:\WINDOWS\System32\moshost.dll 2016-05-28 04:24:38 124928 ----a-w- C:\WINDOWS\System32\drivers\Ndu.sys 2016-05-28 04:24:35 91136 ----a-w- C:\WINDOWS\System32\browserbroker.dll 2016-05-28 04:24:20 67072 ----a-w- C:\WINDOWS\System32\dhcpcsvc6.dll 2016-05-28 04:24:20 53760 ----a-w- C:\WINDOWS\SysWow64\FwRemoteSvr.dll 2016-05-28 04:24:17 93696 ----a-w- C:\WINDOWS\SysWow64\fontsub.dll 2016-05-28 04:24:13 218624 ----a-w- C:\WINDOWS\System32\cdd.dll 2016-05-28 04:24:01 86528 ----a-w- C:\WINDOWS\System32\AppCapture.dll 2016-05-28 04:23:26 155136 ----a-w- C:\WINDOWS\System32\drivers\hidclass.sys 2016-05-28 04:22:59 464896 ----a-w- C:\WINDOWS\apppatch\AcSpecfc.dll 2016-05-28 04:22:55 161280 ----a-w- C:\WINDOWS\SysWow64\InstallAgent.exe 2016-05-28 04:22:46 368640 ----a-w- C:\WINDOWS\System32\usocore.dll 2016-05-28 04:22:45 59904 ----a-w- C:\WINDOWS\SysWow64\MosStorage.dll 2016-05-28 04:22:43 79872 ----a-w- C:\WINDOWS\System32\cryptsvc.dll 2016-05-28 04:22:39 406528 ----a-w- C:\WINDOWS\System32\MusUpdateHandlers.dll 2016-05-28 04:22:37 278528 ----a-w- C:\WINDOWS\System32\drivers\netbt.sys 2016-05-28 04:22:17 269824 ----a-w- C:\WINDOWS\System32\moshostcore.dll 2016-05-28 04:22:11 87040 ----a-w- C:\WINDOWS\SysWow64\MapsBtSvc.dll 2016-05-28 04:22:06 163328 ----a-w- C:\WINDOWS\System32\tetheringservice.dll 2016-05-28 04:21:48 239104 ----a-w- C:\WINDOWS\System32\BrokerLib.dll 2016-05-28 04:21:29 550912 ----a-w- C:\WINDOWS\System32\StoreAgent.dll 2016-05-28 04:21:27 190464 ----a-w- C:\WINDOWS\System32\wscsvc.dll 2016-05-28 04:21:09 207360 ----a-w- C:\WINDOWS\System32\NetSetupSvc.dll 2016-05-28 04:20:54 199168 ----a-w- C:\WINDOWS\System32\GnssAdapter.dll . ============= FINISH: 19:07:28.01 ===============
  9. . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 10 Home Boot Device: \Device\HarddiskVolume1 Install Date: 1/8/2016 6:08:19 PM System Uptime: 7/1/2016 6:08:46 PM (1 hours ago) . Motherboard: Gigabyte Technology Co., Ltd. | | GA-78LMT-USB3 Processor: AMD FX(tm)-6300 Six-Core Processor | Socket M2 | 3500/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 931 GiB total, 887.551 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: Description: MX300 series Device ID: USB\VID_04A9&PID_1727&MI_00\8&18DA6F33&0&0000 Manufacturer: Name: MX300 series PNP Device ID: USB\VID_04A9&PID_1727&MI_00\8&18DA6F33&0&0000 Service: . ==== System Restore Points =================== . RP23: 6/8/2016 9:50:24 AM - Scheduled Checkpoint RP24: 6/17/2016 10:44:57 AM - Scheduled Checkpoint RP25: 6/21/2016 2:45:58 PM - AA11 RP26: 6/29/2016 11:31:54 AM - Scheduled Checkpoint RP27: 7/1/2016 5:39:36 PM - JRT Pre-Junkware Removal . ==== Installed Programs ====================== . Ad-Aware Antivirus Ad-Aware Web Companion AdAwareInstaller AdAwareUpdater Adobe Acrobat Reader DC Adobe AIR Adobe Refresh Manager Amazon Music AMD APP SDK Runtime AMD Catalyst Install Manager AMD Fuel AntimalwareEngine AntispamEngine Apple Application Support Apple Software Update AvcEngine Catalyst Control Center Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Chromium Cybertron Support FirewallEngine Google Chrome Google Update Helper Java 8 Update 45 Java 8 Update 45 (64-bit) Java Auto Updater LavasoftTcpService Malwarebytes Anti-Malware version 2.2.1.1043 Microsoft ASP.NET MVC 4 Runtime Microsoft Office Home and Student 2013 - en-us Microsoft Silverlight Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) ModifyRegistry version 0.1 Mozilla Firefox 37.0.1 (x86 en-US) Mozilla Maintenance Service NVIDIA 3D Vision Controller Driver 347.09 NVIDIA 3D Vision Driver 347.88 NVIDIA Control Panel 353.82 NVIDIA GeForce Experience 2.4.1.21 NVIDIA GeForce Experience Service NVIDIA Graphics Driver 347.88 NVIDIA HD Audio Driver 1.3.33.0 NVIDIA Install Application NVIDIA LED Visualizer 1.0 NVIDIA Miracast Virtual Audio 347.88 NVIDIA Network Service NVIDIA PhysX NVIDIA PhysX System Software 9.14.0702 NVIDIA ShadowPlay 2.4.1.21 NVIDIA Stereoscopic 3D Driver NVIDIA Update 2.4.1.21 NVIDIA Update Core NVIDIA Virtual Audio 1.2.27 Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component OnlineThreatsEngine Platform QuickTime 7 Realtek Ethernet Controller Driver SHIELD Streaming SHIELD Wireless Controller Driver VIA Platform Device Manager VLC media player Web Companion . ==== Event Viewer Messages From Past Week ======== . 7/1/2016 6:15:53 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user BeckyPC\Becky SID (S-1-5-21-985922411-3085202454-4168001255-1002) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool. 7/1/2016 6:07:59 PM, Error: Service Control Manager [7034] - The AMD FUEL Service service terminated unexpectedly. It has done this 1 time(s). 7/1/2016 6:07:50 PM, Error: Service Control Manager [7031] - The User Data Storage_4cd31 service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 7/1/2016 6:07:50 PM, Error: Service Control Manager [7031] - The User Data Access_4cd31 service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 7/1/2016 6:07:50 PM, Error: Service Control Manager [7031] - The Sync Host_4cd31 service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 7/1/2016 6:07:50 PM, Error: Service Control Manager [7031] - The Contact Data_4cd31 service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 7/1/2016 6:07:50 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. 7/1/2016 5:45:52 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_4cd31 service to connect. 7/1/2016 5:45:52 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Sync Host_4cd31 service to connect. 7/1/2016 5:45:42 PM, Error: Service Control Manager [7031] - The User Data Storage_4cd31 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 7/1/2016 5:45:42 PM, Error: Service Control Manager [7031] - The User Data Access_4cd31 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 7/1/2016 5:45:42 PM, Error: Service Control Manager [7031] - The Sync Host_4cd31 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 7/1/2016 5:45:42 PM, Error: Service Control Manager [7031] - The Contact Data_4cd31 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 7/1/2016 5:40:07 PM, Error: Service Control Manager [7034] - The NVIDIA Streamer Service service terminated unexpectedly. It has done this 1 time(s). 7/1/2016 5:40:07 PM, Error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s). 7/1/2016 5:25:06 PM, Error: Service Control Manager [7031] - The User Data Storage_283fc1e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 7/1/2016 5:25:06 PM, Error: Service Control Manager [7031] - The User Data Access_283fc1e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 7/1/2016 5:25:06 PM, Error: Service Control Manager [7031] - The Sync Host_283fc1e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 7/1/2016 5:25:06 PM, Error: Service Control Manager [7031] - The Contact Data_283fc1e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 7/1/2016 5:24:50 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running. 7/1/2016 5:24:25 PM, Error: Service Control Manager [7023] - The Print Spooler service terminated with the following error: Not enough resources are available to complete this operation. 7/1/2016 5:24:20 PM, Error: Service Control Manager [7034] - The VIA Karaoke digital mixer Service service terminated unexpectedly. It has done this 1 time(s). 7/1/2016 5:24:20 PM, Error: Service Control Manager [7034] - The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly. It has done this 1 time(s). 7/1/2016 5:24:20 PM, Error: Service Control Manager [7034] - The NVIDIA Network Service service terminated unexpectedly. It has done this 1 time(s). 7/1/2016 5:24:20 PM, Error: Service Control Manager [7034] - The NVIDIA GeForce Experience Service service terminated unexpectedly. It has done this 1 time(s). 7/1/2016 5:24:20 PM, Error: Service Control Manager [7034] - The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s). 7/1/2016 5:24:20 PM, Error: Service Control Manager [7034] - The Ad-Aware Service 11 service terminated unexpectedly. It has done this 1 time(s). 7/1/2016 5:24:20 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 7/1/2016 5:24:20 PM, Error: Service Control Manager [7031] - The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. 7/1/2016 5:24:20 PM, Error: Service Control Manager [7031] - The WC Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 7/1/2016 5:24:20 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 7/1/2016 5:24:20 PM, Error: Service Control Manager [7031] - The Microsoft Office ClickToRun Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. 7/1/2016 5:24:20 PM, Error: Service Control Manager [7031] - The LavasoftTcpService service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 7/1/2016 3:41:13 PM, Error: Service Control Manager [7031] - The User Data Storage_1c753be service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 7/1/2016 3:41:13 PM, Error: Service Control Manager [7031] - The User Data Access_1c753be service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 7/1/2016 3:41:13 PM, Error: Service Control Manager [7031] - The Sync Host_1c753be service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 7/1/2016 3:41:13 PM, Error: Service Control Manager [7031] - The Contact Data_1c753be service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 7/1/2016 12:57:12 PM, Error: Service Control Manager [7031] - The User Data Storage_f4a8d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 7/1/2016 12:57:12 PM, Error: Service Control Manager [7031] - The User Data Access_f4a8d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 7/1/2016 12:57:12 PM, Error: Service Control Manager [7031] - The Sync Host_f4a8d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 7/1/2016 12:57:12 PM, Error: Service Control Manager [7031] - The Contact Data_f4a8d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/30/2016 8:25:28 PM, Error: Service Control Manager [7031] - The User Data Storage_445b0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/30/2016 8:25:28 PM, Error: Service Control Manager [7031] - The User Data Access_445b0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/30/2016 8:25:28 PM, Error: Service Control Manager [7031] - The Sync Host_445b0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/30/2016 8:25:28 PM, Error: Service Control Manager [7031] - The Contact Data_445b0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/30/2016 7:45:17 AM, Error: Service Control Manager [7031] - The User Data Storage_458dd service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/30/2016 7:45:17 AM, Error: Service Control Manager [7031] - The User Data Access_458dd service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/30/2016 7:45:17 AM, Error: Service Control Manager [7031] - The Sync Host_458dd service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/30/2016 7:45:17 AM, Error: Service Control Manager [7031] - The Contact Data_458dd service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/30/2016 2:29:02 PM, Error: Service Control Manager [7031] - The User Data Storage_11e9574 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/30/2016 2:29:02 PM, Error: Service Control Manager [7031] - The User Data Access_11e9574 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/30/2016 2:29:02 PM, Error: Service Control Manager [7031] - The Sync Host_11e9574 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/30/2016 2:29:02 PM, Error: Service Control Manager [7031] - The Contact Data_11e9574 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/30/2016 11:21:37 AM, Error: Service Control Manager [7031] - The User Data Storage_41e60 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/30/2016 11:21:37 AM, Error: Service Control Manager [7031] - The User Data Access_41e60 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/30/2016 11:21:37 AM, Error: Service Control Manager [7031] - The Sync Host_41e60 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/30/2016 11:21:37 AM, Error: Service Control Manager [7031] - The Contact Data_41e60 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/29/2016 8:46:24 PM, Error: Service Control Manager [7031] - The User Data Storage_82549 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/29/2016 8:46:24 PM, Error: Service Control Manager [7031] - The User Data Access_82549 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/29/2016 8:46:24 PM, Error: Service Control Manager [7031] - The Sync Host_82549 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/29/2016 8:46:24 PM, Error: Service Control Manager [7031] - The Contact Data_82549 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/28/2016 9:05:44 PM, Error: Service Control Manager [7031] - The User Data Storage_40237 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/28/2016 9:05:44 PM, Error: Service Control Manager [7031] - The User Data Access_40237 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/28/2016 9:05:44 PM, Error: Service Control Manager [7031] - The Sync Host_40237 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/28/2016 9:05:44 PM, Error: Service Control Manager [7031] - The Contact Data_40237 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/28/2016 4:23:52 PM, Error: Service Control Manager [7031] - The User Data Storage_4b385 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/28/2016 4:23:52 PM, Error: Service Control Manager [7031] - The User Data Access_4b385 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/28/2016 4:23:52 PM, Error: Service Control Manager [7031] - The Sync Host_4b385 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/28/2016 4:23:52 PM, Error: Service Control Manager [7031] - The Contact Data_4b385 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/27/2016 9:23:58 PM, Error: Service Control Manager [7031] - The User Data Storage_129e41 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/27/2016 9:23:58 PM, Error: Service Control Manager [7031] - The User Data Access_129e41 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/27/2016 9:23:58 PM, Error: Service Control Manager [7031] - The Sync Host_129e41 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/27/2016 9:23:58 PM, Error: Service Control Manager [7031] - The Contact Data_129e41 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/26/2016 9:39:15 PM, Error: Service Control Manager [7031] - The User Data Storage_31f24bd service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/26/2016 9:39:15 PM, Error: Service Control Manager [7031] - The User Data Access_31f24bd service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/26/2016 9:39:15 PM, Error: Service Control Manager [7031] - The Sync Host_31f24bd service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/26/2016 9:39:15 PM, Error: Service Control Manager [7031] - The Contact Data_31f24bd service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/26/2016 4:39:01 PM, Error: Service Control Manager [7031] - The User Data Storage_7ec65 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/26/2016 4:39:01 PM, Error: Service Control Manager [7031] - The User Data Access_7ec65 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/26/2016 4:39:01 PM, Error: Service Control Manager [7031] - The Sync Host_7ec65 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/26/2016 4:39:01 PM, Error: Service Control Manager [7031] - The Contact Data_7ec65 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/25/2016 9:55:04 PM, Error: Service Control Manager [7031] - The User Data Storage_19cfa9b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/25/2016 9:55:04 PM, Error: Service Control Manager [7031] - The User Data Access_19cfa9b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/25/2016 9:55:04 PM, Error: Service Control Manager [7031] - The Sync Host_19cfa9b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/25/2016 9:55:04 PM, Error: Service Control Manager [7031] - The Contact Data_19cfa9b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/25/2016 9:38:54 PM, Error: Service Control Manager [7031] - The User Data Storage_fc4dcf service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/25/2016 9:38:54 PM, Error: Service Control Manager [7031] - The User Data Access_fc4dcf service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/25/2016 9:38:54 PM, Error: Service Control Manager [7031] - The Sync Host_fc4dcf service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/25/2016 9:38:54 PM, Error: Service Control Manager [7031] - The Contact Data_fc4dcf service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/25/2016 7:37:48 AM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca as Unavailable/Unavailable. The error: "31" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca 6/25/2016 4:50:57 PM, Error: Service Control Manager [7031] - The User Data Storage_eb37e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/25/2016 4:50:57 PM, Error: Service Control Manager [7031] - The User Data Access_eb37e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/25/2016 4:50:57 PM, Error: Service Control Manager [7031] - The Sync Host_eb37e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/25/2016 4:50:57 PM, Error: Service Control Manager [7031] - The Contact Data_eb37e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/24/2016 7:48:13 PM, Error: Service Control Manager [7031] - The User Data Storage_1d008b0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/24/2016 7:48:13 PM, Error: Service Control Manager [7031] - The User Data Access_1d008b0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/24/2016 7:48:13 PM, Error: Service Control Manager [7031] - The Sync Host_1d008b0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/24/2016 7:48:13 PM, Error: Service Control Manager [7031] - The Contact Data_1d008b0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/24/2016 11:31:15 AM, Error: Service Control Manager [7031] - The User Data Storage_13725d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/24/2016 11:31:15 AM, Error: Service Control Manager [7031] - The User Data Access_13725d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/24/2016 11:31:15 AM, Error: Service Control Manager [7031] - The Sync Host_13725d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 6/24/2016 11:31:15 AM, Error: Service Control Manager [7031] - The Contact Data_13725d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. . ==== End Of File ===========================
  10. Ran the Malware but could not copy and paste. It quarantined around 38 objects and deleted.
  11. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.6 (04.25.2016) Operating System: Windows 10 Home x64 Ran by Becky (Administrator) on Fri 07/01/2016 at 17:39:32.69 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 1 Successfully deleted: C:\WINDOWS\SysWOW64\RENFABE.tmp (File) Registry: 1 Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_6AE0261EF2DEB2F6E63F6491F595ACD6 (Registry Value) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Fri 07/01/2016 at 17:41:43.79 End of JRT log
  12. # AdwCleaner v5.201 - Logfile created 01/07/2016 at 17:24:22 # Updated 30/06/2016 by ToolsLib # Database : 2016-07-01.1 [Server] # Operating system : Windows 10 Home (X64) # Username : Becky - BECKYPC # Running from : C:\Users\Becky\AppData\Local\Microsoft\Windows\INetCache\IE\ND32V217\adwcleaner_5.201.exe # Option : Clean # Support : https://toolslib.net/forum ***** [ Services ] ***** [-] Service Deleted : LavasoftTcpService [-] Service Deleted : WCAssistantService ***** [ Folders ] ***** [-] Folder Deleted : C:\ProgramData\lavasoft\web companion [-] Folder Deleted : C:\ProgramData\0cc7bfab-0323-0 [-] Folder Deleted : C:\ProgramData\0cc7bfab-7873-1 [-] Folder Deleted : C:\ProgramData\8b1ac7b3 [-] Folder Deleted : C:\ProgramData\{17349571-412c-0} [-] Folder Deleted : C:\ProgramData\{1c4b8341-412c-1} [#] Folder Deleted : C:\ProgramData\Application Data\lavasoft\web companion [#] Folder Deleted : C:\ProgramData\Application Data\0cc7bfab-0323-0 [#] Folder Deleted : C:\ProgramData\Application Data\0cc7bfab-7873-1 [#] Folder Deleted : C:\ProgramData\Application Data\8b1ac7b3 [#] Folder Deleted : C:\ProgramData\Application Data\{17349571-412c-0} [#] Folder Deleted : C:\ProgramData\Application Data\{1c4b8341-412c-1} [-] Folder Deleted : C:\Program Files (x86)\lavasoft\web companion [-] Folder Deleted : C:\Program Files (x86)\NowUSeeItPlayer [-] Folder Deleted : C:\Users\Becky\AppData\Roaming\lavasoft\web companion ***** [ Files ] ***** [-] File Deleted : C:\searchplugins\yahoo-lavasoft.xml [-] File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk [-] File Deleted : C:\WINDOWS\SysWOW64\lavasofttcpservice.dll [-] File Deleted : C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini [-] File Deleted : C:\Users\Becky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk [-] File Deleted : C:\Users\Becky\AppData\Roaming\Mozilla\Firefox\Profiles\9lzft3vo.default\searchplugins\yahoo-lavasoft.xml [-] File Deleted : C:\WINDOWS\SysNative\LavasoftTcpService64.dll [-] File Deleted : C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini ***** [ DLLs ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled tasks ] ***** ***** [ Registry ] ***** [-] Key Deleted : HKLM\SOFTWARE\Classes\s [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com [-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com [-] Key Deleted : HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8b1ac7b3} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105} [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057} [-] Key Deleted : HKCU\Software\PRODUCTSETUP [-] Key Deleted : HKCU\Software\System Healer [-] Key Deleted : HKCU\Software\yahooprovidedsearch [-] Key Deleted : HKCU\Software\NowUSeeItPlayer [-] Key Deleted : HKCU\Software\csastats [-] Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp [-] Key Deleted : HKLM\SOFTWARE\Lavasoft\Web Companion [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564 [-] Key Deleted : [x64] HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b [-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] [-] Data Restored : HKU\S-1-5-21-985922411-3085202454-4168001255-1002\Software\Microsoft\Internet Explorer\Main [Start Page] [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} [-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353} [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} [-] Data Restored : HKU\S-1-5-21-985922411-3085202454-4168001255-1002\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] [-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{c71d8142-b8e1-4995-9499-09df8597fcdc} [NameServer] [-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\bestpriceninja.com [-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\coupontime.co [-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\eshopcomp.com [-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pstatic.bestpriceninja.com [-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pstatic.eshopcomp.com [-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.coupontime00.coupontime.co [-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\utop.it [-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\bestpriceninja.com [-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\coupontime.co [-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\eshopcomp.com [-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pstatic.bestpriceninja.com [-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pstatic.eshopcomp.com [-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.coupontime00.coupontime.co [-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\utop.it [-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Web Companion] [#] Value Deleted : HKU\S-1-5-21-985922411-3085202454-4168001255-1002\Software\Microsoft\Windows\CurrentVersion\Run [Web Companion] [-] Value Deleted : HKU\S-1-5-21-985922411-3085202454-4168001255-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Web Companion] [-] Value Deleted : HKU\S-1-5-21-985922411-3085202454-4168001255-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [NowUSeeIt Player] ***** [ Web browsers ] ***** [-] [C:\Users\Becky\AppData\Roaming\Mozilla\Firefox\Profiles\9lzft3vo.default\prefs.js] Deleted : user_pref("browser.startup.homepage", "hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10140_cnet_150520__yaff"); [-] [C:\Users\Becky\AppData\Roaming\Mozilla\Firefox\Profiles\9lzft3vo.default\prefs.js] Deleted : user_pref("browser.newtab.url", "hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10140_cnet_150520__yaff"); [-] [C:\Users\Becky\AppData\Roaming\Mozilla\Firefox\Profiles\9lzft3vo.default\prefs.js] Deleted : user_pref("browser.newtabpage.url", "hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10140_cnet_150520__yaff"); [-] [C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com [-] [C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com [-] [C:\Users\Becky\AppData\Local\Chromium\User Data\Default\Web Data] [Search Provider] Deleted : search provided by yahoo [-] [C:\Users\Becky\AppData\Local\Chromium\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxps://us.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_10_orgnl&param1=1&param2=f%3D7%26b%3Dchmm%26cc%3Dus%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1Qzu0F0C0A0AtCyEzztA0A0EtDtA0AtCtAyDtN0D0Tzu0StCyDtBzztN1L2XzutAtFtCyBtFzytFtCtN1L1Czu1M1Q1CtBtBtFtCtFtDtN1L1G1B1V1N2Y1L1Qzu2SyEyDtDyDyBtAyEyBtGyEzztAzytG0E0Fzy0FtGyByD0E0CtG0C0A0F0CtByCtAtByC0A0FtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0Czyzz0FyD0D0DtGyBzyyDtAtGyEyB0CyDtGzzyE0D0AtGyEtA0EyDzztCtBzytByDyByB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyEyBtB%26cr%3D1613870629%26a%3Dhdr_s_16_10_orgnl%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&uref=chmm [-] [C:\Users\Becky\AppData\Local\Chromium\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxps://us.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_10_orgnl&param1=1&param2=f%3D1%26b%3Dchmm%26cc%3Dus%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1Qzu0F0C0A0AtCyEzztA0A0EtDtA0AtCtAyDtN0D0Tzu0StCyDtBzztN1L2XzutAtFtCyBtFzytFtCtN1L1Czu1M1Q1CtBtBtFtCtFtDtN1L1G1B1V1N2Y1L1Qzu2SyEyDtDyDyBtAyEyBtGyEzztAzytG0E0Fzy0FtGyByD0E0CtG0C0A0F0CtByCtAtByC0A0FtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0Czyzz0FyD0D0DtGyBzyyDtAtGyEyB0CyDtGzzyE0D0AtGyEtA0EyDzztCtBzytByDyByB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyEyBtB%26cr%3D1613870629%26a%3Dhdr_s_16_10_orgnl%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&uref=chmm ************************* :: "Tracing" keys deleted :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C1].txt - [11460 bytes] - [01/07/2016 17:24:22] C:\AdwCleaner\AdwCleaner[S1].txt - [12416 bytes] - [01/07/2016 17:22:28] ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [11608 bytes] ##########
  13. Having problems with "your computer is infected-call this number!" also "hello new user." I would like it gone, please.