Sponsored By

Barba

Members
  • Content Count

    16
  • Joined

  • Last visited

About Barba

  • Rank
    Member
  1. Barba

    Ready to clean

    Thank you, flashh4, I will message you if I have any problems and I will also come back in next week and make a contribution. I saw all the crap we deleted from here and it should run a lot better for me now. I hope you can kick that cold soon, and I will provide you with good comments and feed back. Barba
  2. Barba

    Ready to clean

    # DelFix v1.013 - Logfile created 13/03/2018 at 21:46:56 # Updated 17/04/2016 by Xplode # Username : Owner - OWNER-PC # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) ~ Removing disinfection tools ... Deleted : C:\_OTL Deleted : C:\AdwCleaner Deleted : C:\Users\Owner\Downloads\adwcleaner_7.0.8.0.exe Deleted : C:\Users\Owner\Downloads\Extras.Txt Deleted : C:\Users\Owner\Downloads\OTL.Txt Deleted : HKLM\SOFTWARE\OldTimer Tools Deleted : HKLM\SOFTWARE\AdwCleaner ~ Creating registry backup ... OK ~ Cleaning system restore ... Deleted : RP #618 [Windows Update | 02/12/2018 04:30:37] Deleted : RP #619 [Windows Update | 02/12/2018 04:34:20] Deleted : RP #620 [Windows Update | 02/19/2018 04:52:07] Deleted : RP #621 [Windows Update | 02/23/2018 03:43:05] Deleted : RP #622 [Installed Kaltura CaptureSpace Desktop Recorder | 03/03/2018 05:06:20] Deleted : RP #623 [Windows Update | 03/05/2018 05:35:27] Deleted : RP #624 [OTL Restore Point - 3/13/2018 9:18:30 PM | 03/14/2018 03:18:35] New restore point created ! ########## - EOF - ##########
  3. Barba

    Ready to clean

    All processes killed ========== OTL ========== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3F11430D-8047-4AFE-BF1B-FFDA8D860E6D}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3F11430D-8047-4AFE-BF1B-FFDA8D860E6D}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E714BD68-86C7-4FB4-A747-C7B61E962FC4}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E714BD68-86C7-4FB4-A747-C7B61E962FC4}\ not found. HKEY_USERS\S-1-5-21-1597461494-781392241-1313931377-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_USERS\S-1-5-21-1597461494-781392241-1313931377-1000\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}\ not found. Registry key HKEY_USERS\S-1-5-21-1597461494-781392241-1313931377-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully. C:\Users\Owner\AppData\Roaming\mozilla\Extensions folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\SystemExtensionsDev folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\browser-extension-data\[email protected] folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\browser-extension-data\[email protected] folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\browser-extension-data folder moved successfully. Folder C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\browser-extension-data\[email protected]\ not found. Folder C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\browser-extension-data\[email protected]\ not found. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\_locales\zh_TW folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\_locales\zh_CN folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\_locales\tr folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\_locales\ru folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\_locales\pt_PT folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\_locales\nl folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\_locales\ko folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\_locales\ja folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\_locales\it folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\_locales\fr folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\_locales\es folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\_locales\en_US folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\_locales\de folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\_locales folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\web-ext-artifacts folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\Tour folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\SiteLaunchObserver folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\provisioning folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\preferences folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\notificationPopup folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\META-INF folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\IntroTutorial folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\images\vault_4.0\sharing folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\images\vault_4.0\secureNoteIcons folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\images\vault_4.0\extension folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\images\vault_4.0 folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\images\site folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\images\newlogo folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\images\logos\sn folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\images\logos folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\images\lib folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\images\iconset5 folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\images\iconset4 folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\images\iconset3 folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\images\iconset2 folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\images folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\fonts\opensans\SemiboldItalic folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\fonts\opensans\Semibold folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\fonts\opensans\Regular folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\fonts\opensans\LightItalic folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\fonts\opensans\Light folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\fonts\opensans\Italic folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\fonts\opensans\ExtraBoldItalic folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\fonts\opensans\ExtraBold folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\fonts\opensans\BoldItalic folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\fonts\opensans\Bold folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\fonts\opensans folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\fonts folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\1minsignup\services folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\1minsignup\models folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\1minsignup\ContentScripts folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\1minsignup\chrome folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\1minsignup folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda} folder moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions folder moved successfully. Folder C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\ not found. Folder C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\images\vault_4.0\extension\ not found. C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\q3uh44w4.default-1495774073513-1504139498129\features\{a1f5e37f-04a4-46be-bb6e-0540d20ab7f2}\[email protected] moved successfully. C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\q3uh44w4.default-1495774073513-1504139498129\features\{f7b25f55-57e7-4950-8053-2ae32fd34cfe}\[email protected] moved successfully. C:\Program Files (x86)\Mozilla Firefox\browser\extensions folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_metadata folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\zh_TW folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\zh_CN folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\uk folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\tr folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\sv folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\sl folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\sk folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\ru folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\ro folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\pt folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\pl folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\nl folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\nb folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\ko folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\ja folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\it folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\hu folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\hr folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\fr folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\fi folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\eu folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\es folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\en_GB folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\en folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\de folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\da folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\cs folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\ca folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\lib\libs folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\lib folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\data\js\libs folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\data\js folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\data\images folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\data\css folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\data folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0 folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_metadata folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\vi folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\uk folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\tr folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\tl folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\th folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\sv folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\sk folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\ru folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\ro folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\pt-pt folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\pt-br folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\pl folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\nl folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\nb folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\ms folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\ko folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\ja folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\it folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\id folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\hu folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\hi folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\fr folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\fi folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\es-es folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\es folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\en folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\el folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\de folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\da folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales\cs folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\_locales folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\remote\ext\v3\html folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\remote\ext\v3 folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\remote\ext folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\remote folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\local\js folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\local\ext\v3\js folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\local\ext\v3\html folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\local\ext\v3 folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\local\ext folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\local folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\js folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\img\disabled folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\img folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\html folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0 folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen\14.830.1502_0\_metadata folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen\14.830.1502_0\src\js folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen\14.830.1502_0\src\icon folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen\14.830.1502_0\src\css folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen\14.830.1502_0\src folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen\14.830.1502_0 folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd\1.6.0.13_0\_metadata folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd\1.6.0.13_0\_locales\zh_TW folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd\1.6.0.13_0\_locales\zh_CN folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd\1.6.0.13_0\_locales\tr folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd\1.6.0.13_0\_locales\ru folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd\1.6.0.13_0\_locales\pt_BR folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd\1.6.0.13_0\_locales\nl folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd\1.6.0.13_0\_locales\ko folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd\1.6.0.13_0\_locales\ja folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd\1.6.0.13_0\_locales\it folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd\1.6.0.13_0\_locales\fr folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd\1.6.0.13_0\_locales\es folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd\1.6.0.13_0\_locales\en folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd\1.6.0.13_0\_locales\de folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd\1.6.0.13_0\_locales folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd\1.6.0.13_0\images folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd\1.6.0.13_0\helper_scripts folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd\1.6.0.13_0\content_scripts folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd\1.6.0.13_0\browser_actions folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd\1.6.0.13_0\background_scripts folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd\1.6.0.13_0 folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\_metadata folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\_locales\zh_TW folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\_locales\zh_CN folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\_locales\tr folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\_locales\ru folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\_locales\pt_PT folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\_locales\nl folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\_locales\ko folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\_locales\ja folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\_locales\it folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\_locales\fr folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\_locales\es folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\_locales\en_US folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\_locales\de folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\_locales folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\Tour folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\SiteLaunchObserver folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\provisioning folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\preferences folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\notificationPopup folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\IntroTutorial folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\images\vault_4.0\sharing folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\images\vault_4.0\secureNoteIcons folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\images\vault_4.0\extension folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\images\vault_4.0 folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\images\site folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\images\newlogo folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\images\logos\sn folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\images\logos folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\images\lib folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\images\iconset5 folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\images\iconset4 folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\images\iconset3 folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\images\iconset2 folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\images folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\fonts\opensans\SemiboldItalic folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\fonts\opensans\Semibold folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\fonts\opensans\Regular folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\fonts\opensans\LightItalic folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\fonts\opensans\Light folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\fonts\opensans\Italic folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\fonts\opensans\ExtraBoldItalic folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\fonts\opensans\ExtraBold folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\fonts\opensans\BoldItalic folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\fonts\opensans\Bold folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\fonts\opensans folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\fonts folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\1minsignup\services folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\1minsignup\models folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\1minsignup\ContentScripts folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\1minsignup\chrome folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\1minsignup folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1 folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_metadata folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\zh_TW folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\zh_CN folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\vi folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\uk folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\tr folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\th folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\sv folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\sr folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\sl folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\sk folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\ru folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\ro folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\pt_PT folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\pt_BR folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\pl folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\nl folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\nb folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\lv folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\lt folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\ko folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\ja folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\it folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\id folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\hu folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\hr folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\hi folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\fr folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\fil folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\fi folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\et folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\es_419 folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\es folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\en_GB folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\en folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\el folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\de folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\da folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\cs folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\ca folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales\bg folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\_locales folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\images folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\html folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\css folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0 folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_metadata folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\zh_TW folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\zh folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\vi folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\uk folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\tr folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\th folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\te folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\ta folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\sw folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\sv folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\sr folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\sl folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\sk folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\ru folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\ro folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\pt folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\pl folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\nl folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\nb folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\ms folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\mr folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\ml folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\lv folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\lt folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\ko folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\kn folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\ja folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\iw folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\it folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\id folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\hu folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\hr folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\hi folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\gu folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\fr folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\fil folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\fi folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\fa folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\et folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\es folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\en folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\el folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\de folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\da folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\cs folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\ca folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\bn folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\bg folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\ar folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales\am folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\_locales folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\cloud_route_details folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\cast_setup folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0 folder moved successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3ef64538-8b54-4573-b48f-4d34b0238ab2}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3ef64538-8b54-4573-b48f-4d34b0238ab2}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\MRI_DISABLED\ deleted successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ba00b7b1-0351-477a-b948-23e3ee5a73d4} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba00b7b1-0351-477a-b948-23e3ee5a73d4}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk moved successfully. File move failed. C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk scheduled to be moved on reboot. C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk moved successfully. C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk moved successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\cozi\ deleted successfully. File Protocol\Handler\cozi - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully. File Protocol\Handler\livecall - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully. File Protocol\Handler\ms-help - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully. File Protocol\Handler\msnim - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully. File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully. File Protocol\Handler\wlmailhtml - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully. File Protocol\Handler\wlpg - No CLSID value found not found. 64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. ========== COMMANDS ========== [EMPTYJAVA] User: All Users User: Default User: Default User User: Guest ->Java cache emptied: 6758127 bytes User: Owner ->Java cache emptied: 312922 bytes User: Public Total Java Files Cleaned = 7.00 mb [EMPTYFLASH] User: All Users User: Default ->Flash cache emptied: 315184 bytes User: Default User ->Flash cache emptied: 0 bytes User: Guest ->Flash cache emptied: 9698 bytes User: Owner ->Flash cache emptied: 11134 bytes User: Public Total Flash Files Cleaned = 0.00 mb [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Guest ->Temp folder emptied: 33598354 bytes ->Temporary Internet Files folder emptied: 13770251 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 7910589 bytes ->Flash cache emptied: 0 bytes User: Owner ->Temp folder emptied: 107680790 bytes ->Temporary Internet Files folder emptied: 44561624 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 46443676 bytes ->Google Chrome cache emptied: 411105424 bytes ->Flash cache emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 367291190 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 84921 bytes %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 743 bytes RecycleBin emptied: 1172173633 bytes Total Files Cleaned = 2,103.00 mb File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot. Error: Unble to create default HOSTS file! Restore point Set: OTL Restore Point OTL by OldTimer - Version 3.2.69.0 log created on 03132018_211456 Files\Folders moved on Reboot... File\Folder C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk not found! C:\Users\Owner\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cache\index moved successfully. File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot...
  4. Barba

    Ready to clean

    Ok, I think I got it this time. Thank you so much for your help here. I have had a really tough winter, lost two family members, and this is just one more thing I can check off my list now. I work tomorrow until 6:00 pm but will log back in here when I get home to see if we can finish this up. Again I really do appreciate the help. Barb
  5. Barba

    Ready to clean

    ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-0ee16916 IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{3F11430D-8047-4AFE-BF1B-FFDA8D860E6D}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-0ee16916 IE - HKLM\..\SearchScopes,DefaultScope = {B1F051B2-6C59-42D0-9C3C-1B2DF9EC981B} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{E714BD68-86C7-4FB4-A747-C7B61E962FC4}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1597461494-781392241-1313931377-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-1597461494-781392241-1313931377-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://aol.com/ IE - HKU\S-1-5-21-1597461494-781392241-1313931377-1000\..\SearchScopes,DefaultScope = {443789B7-F39C-4b5c-9287-DA72D38F4FE6} IE - HKU\S-1-5-21-1597461494-781392241-1313931377-1000\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-0ee16916&q={searchTerms} IE - HKU\S-1-5-21-1597461494-781392241-1313931377-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-1597461494-781392241-1313931377-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.cohort: "nov17-2" FF - prefs.js..browser.search.countryCode: "US" FF - prefs.js..browser.search.region: "US" FF - prefs.js..browser.search.widget.inNavBar: true FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.161.2: C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.161.2: C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\Owner\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online) FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Owner\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1702150-0-npoctoshape.dll (Octoshape ApS) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Owner\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Owner\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\[email protected] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter5\FirefoxAddOns\[email protected] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\WRData\PKG\FF_WEBEX [2018/02/26 22:47:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 58.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 58.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016/02/04 23:31:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions [2018/01/16 21:44:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\SystemExtensionsDev [2017/10/17 22:54:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\browser-extension-data [2017/10/17 22:54:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\browser-extension-data\[email protected] [2017/10/17 22:54:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\browser-extension-data\[email protected] [2018/02/26 22:49:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions [2018/02/26 22:49:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda} [2018/02/26 22:49:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\q3uh44w4.default-1495774073513-1504139498129\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\images\vault_4.0\extension [2017/10/17 22:55:09 | 000,132,293 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\q3uh44w4.default-1495774073513-1504139498129\features\{a1f5e37f-04a4-46be-bb6e-0540d20ab7f2}\[email protected] [2017/08/30 18:40:50 | 000,329,275 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\q3uh44w4.default-1495774073513-1504139498129\features\{f7b25f55-57e7-4950-8053-2ae32fd34cfe}\[email protected] [2018/01/31 22:25:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions ========== Chrome ========== CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\ CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\3.0.81_0\ CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen\14.830.1502_0\ CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd\1.6.0.13_0\ CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc\4.1.34_1\ CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\ CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\ O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Webroot Vault) - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll (Webroot) O2:64bit: - BHO: (Webroot Filtering Extension) - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Common Files\Webroot\WebFiltering\wrflt.dll (Webroot) O2:64bit: - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.) O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found. O2 - BHO: (no name) - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Webroot Vault) - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll (Webroot) O2 - BHO: (Webroot Filtering Extension) - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files (x86)\Common Files\Webroot\WebFiltering\wrflt.dll (Webroot) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (no name) - MRI_DISABLED - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.) O3:64bit: - HKLM\..\Toolbar: (Webroot Toolbar) - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar64.dll (Webroot) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (Webroot Toolbar) - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar.dll (Webroot) O3 - HKLM\..\Toolbar: (no name) - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3:64bit: - HKU\S-1-5-21-1597461494-781392241-1313931377-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [BYR_AGENT] C:\ProgramData\LGMOBILEAX\BYR_Client\VZWNotiAgent.exe (LG Electronics) O4 - HKLM..\Run: [HostManager] C:\Program Files (x86)\Common Files\AOL\1381157483\ee\aolsoftware.exe (AOL Inc.) O4 - HKLM..\Run: [WRSVC] C:\Program Files\Webroot\WRSA.exe (Webroot) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1597461494-781392241-1313931377-1000..\Run: [Google Update] C:\Users\Owner\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe (Google Inc.) O4 - HKU\S-1-5-21-1597461494-781392241-1313931377-1000..\Run: [Octoshape Streaming Services] C:\Users\Owner\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS) O4 - HKU\S-1-5-21-1597461494-781392241-1313931377-1000..\Run: [PCShowServer] C:\Users\Owner\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe (Cisco) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found O4 - Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-1597461494-781392241-1313931377-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O9:64bit: - Extra Button: Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\ProgramData\WRData\PKG\LPBar64.dll (Webroot) O9:64bit: - Extra 'Tools' menuitem : Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\ProgramData\WRData\PKG\LPBar64.dll (Webroot) O9:64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\ProgramData\WRData\PKG\LPBar.dll (Webroot) O9 - Extra 'Tools' menuitem : Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\ProgramData\WRData\PKG\LPBar.dll (Webroot) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKU\S-1-5-21-1597461494-781392241-1313931377-1000\..Trusted Domains: aol.com ([objects] * is out of zone range - 5) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (Reg Error: Key error.) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1D5A0D21-350C-42DA-B18A-C42E7C7318B1}: NameServer = 0.0.0.0 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B140487D-3D07-48A7-B15D-9F165829EBDE}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D66BA528-AA13-4635-A4E2-21D0ACEB7517}: DhcpNameServer = 192.168.42.129 O18:64bit: - Protocol\Handler\cozi - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\896\G2AWinLogon_x64.dll) - C:\Program Files (x86)\Citrix\GoToAssist\896\g2awinlogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 0 O33 - MountPoints2\{3ee30e66-4acf-11e3-ab31-c0cb38b3f14c}\Shell - "" = AutoRun O33 - MountPoints2\{3ee30e66-4acf-11e3-ab31-c0cb38b3f14c}\Shell\AutoRun\command - "" = E:\VZW_Software_upgrade_assistant_installer.exe O33 - MountPoints2\{685917da-73a1-11e0-9f5d-c0cb38b3f14c}\Shell - "" = AutoRun O33 - MountPoints2\{685917da-73a1-11e0-9f5d-c0cb38b3f14c}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a O33 - MountPoints2\{a68150a2-3f46-11e3-865d-c0cb38b3f14c}\Shell - "" = AutoRun O33 - MountPoints2\{a68150a2-3f46-11e3-865d-c0cb38b3f14c}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a O33 - MountPoints2\{aee570b3-bcc8-11e3-9bd1-c0cb38b3f14c}\Shell - "" = AutoRun O33 - MountPoints2\{aee570b3-bcc8-11e3-9bd1-c0cb38b3f14c}\Shell\AutoRun\command - "" = E:\VerizonSWUpgradeAssistantLauncher.exe O33 - MountPoints2\{bd21952b-0615-11e1-9b1b-c0cb38b3f14c}\Shell - "" = AutoRun O33 - MountPoints2\{bd21952b-0615-11e1-9b1b-c0cb38b3f14c}\Shell\AutoRun\command - "" = E:\TL_Bootstrap.exe O33 - MountPoints2\{cc135128-e323-11e1-9f01-f04da259ac8d}\Shell - "" = AutoRun O33 - MountPoints2\{cc135128-e323-11e1-9f01-f04da259ac8d}\Shell\AutoRun\command - "" = E:\TL-Bootstrap.exe O33 - MountPoints2\{ef51bbbf-12ad-11e3-b596-c0cb38b3f14c}\Shell - "" = AutoRun O33 - MountPoints2\{ef51bbbf-12ad-11e3-b596-c0cb38b3f14c}\Shell\AutoRun\command - "" = E:\TL_Bootstrap.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2018/03/12 20:34:16 | 000,045,960 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbam.sys [2018/03/12 20:10:38 | 000,109,800 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\farflt.sys [2018/03/12 20:10:38 | 000,092,280 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mwac.sys [2018/03/12 20:10:33 | 000,193,248 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\MbamChameleon.sys [2018/03/12 20:10:21 | 000,253,664 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys [2018/03/12 20:09:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes [2018/03/12 20:09:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2018/03/12 20:09:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes [2018/03/12 20:09:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Programs [2018/03/02 23:06:57 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Kaltura [2018/02/26 22:49:51 | 018,102,328 | ---- | C] (Webroot Software, Inc.) -- C:\Program Files (x86)\Common Files\wruninstall.exe [2018/02/26 22:49:07 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\lptmp [2018/02/26 22:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Webroot [2018/02/26 22:47:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Webroot [2018/02/26 22:47:46 | 000,068,384 | ---- | C] (Webroot) -- C:\Windows\SysNative\drivers\wrUrlFlt.sys [2018/02/26 22:47:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot SecureAnywhere [2018/02/26 22:47:35 | 000,182,704 | ---- | C] (Webroot) -- C:\Windows\SysWow64\WRusr.dll [2018/02/26 22:47:35 | 000,144,256 | ---- | C] (Webroot) -- C:\Windows\SysNative\drivers\WRkrn.sys [2018/02/26 22:47:35 | 000,115,248 | ---- | C] (Webroot) -- C:\Windows\SysNative\WRusr.dll [2018/02/26 22:47:31 | 000,000,000 | ---D | C] -- C:\Program Files\Webroot [2018/02/26 22:47:24 | 000,000,000 | ---D | C] -- C:\ProgramData\WRData [2018/02/18 22:51:24 | 005,782,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2018/02/18 22:51:24 | 005,581,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2018/02/18 22:51:22 | 004,834,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xpsrchvw.exe [2018/02/18 22:51:22 | 004,014,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2018/02/18 22:51:22 | 001,665,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2018/02/18 22:51:21 | 003,959,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2018/02/18 22:51:20 | 001,484,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2018/02/18 22:51:20 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2018/02/18 22:51:20 | 001,212,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll [2018/02/18 22:51:20 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2018/02/18 22:51:19 | 003,405,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xpsrchvw.exe [2018/02/18 22:51:19 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll [2018/02/18 22:51:19 | 000,708,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2018/02/18 22:51:19 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2018/02/18 22:51:19 | 000,631,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2018/02/18 22:51:19 | 000,577,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2018/02/18 22:51:18 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2018/02/18 22:51:18 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2018/02/18 22:51:18 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2018/02/18 22:51:17 | 002,058,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2018/02/18 22:51:17 | 000,807,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2018/02/18 22:51:17 | 000,404,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wisptis.exe [2018/02/18 22:51:17 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2018/02/18 22:51:17 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll [2018/02/18 22:51:17 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll [2018/02/18 22:51:16 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2018/02/18 22:51:16 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2018/02/18 22:51:16 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll [2018/02/18 22:51:16 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll [2018/02/18 22:51:16 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll [2018/02/18 22:51:16 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll [2018/02/18 22:51:16 | 000,377,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2018/02/18 22:51:16 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2018/02/18 22:51:16 | 000,262,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll [2018/02/18 22:51:16 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2018/02/18 22:51:16 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2018/02/18 22:51:16 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll [2018/02/18 22:51:16 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe [2018/02/18 22:51:16 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll [2018/02/18 22:51:16 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll [2018/02/18 22:51:15 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll [2018/02/18 22:51:15 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll [2018/02/18 22:51:15 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2018/02/18 22:51:15 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll [2018/02/18 22:51:14 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2018/02/18 22:51:14 | 000,969,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2018/02/18 22:51:14 | 000,287,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2018/02/18 22:51:13 | 000,383,720 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2018/02/18 22:51:13 | 000,309,480 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2018/02/18 22:51:13 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe [2018/02/18 22:51:13 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2018/02/18 22:51:13 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe [2018/02/18 22:51:13 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2018/02/18 22:51:13 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll [2018/02/18 22:51:13 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys [2018/02/18 22:51:13 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll [2018/02/18 22:51:13 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll [2018/02/18 22:51:13 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll [2018/02/18 22:51:13 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2018/02/18 22:51:13 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll [2018/02/18 22:51:13 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys [2018/02/18 22:51:13 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2018/02/18 22:51:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2018/02/18 22:51:13 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe [2018/02/18 22:51:12 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2018/02/18 22:51:12 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2018/02/18 22:51:12 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll [2018/02/18 22:51:12 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll [2018/02/18 22:51:12 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll [2018/02/18 22:51:12 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe [2018/02/18 22:51:12 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll [2018/02/18 22:51:12 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe [2018/02/18 22:51:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2018/02/18 22:51:12 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2018/02/18 22:51:11 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2018/02/18 22:51:11 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2018/02/18 22:51:11 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2018/02/18 22:51:11 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2018/02/18 22:51:11 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll [2018/02/18 22:51:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2018/02/18 22:51:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2018/02/18 22:51:10 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2018/02/18 22:51:10 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2018/02/18 22:51:10 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2018/02/18 22:51:10 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2018/02/18 22:51:10 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2018/02/18 22:51:10 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2018/02/18 22:51:09 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll [2018/02/18 22:51:09 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll [2018/02/18 22:51:09 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2018/02/18 22:51:09 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2018/02/18 22:51:09 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2018/02/18 22:51:09 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2018/02/18 22:51:09 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2018/02/18 22:51:09 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2018/02/18 22:51:09 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2018/02/18 22:51:09 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2018/02/18 22:51:09 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2018/02/18 22:51:09 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll [2018/02/18 22:51:09 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2018/02/18 22:51:09 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2018/02/18 22:51:09 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll [2018/02/18 22:51:09 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll [2018/02/18 22:51:09 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2018/02/18 22:51:09 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2018/02/18 22:51:09 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2018/02/18 22:51:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2018/02/18 22:51:09 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2018/02/18 22:51:08 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2018/02/18 22:51:08 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe [2018/02/18 22:51:08 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll [2018/02/18 22:51:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll [2018/02/18 22:51:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll [2018/02/18 22:51:08 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2018/02/18 22:51:08 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2018/02/18 22:51:08 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2018/02/18 22:51:08 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2018/02/18 22:51:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2018/02/18 22:51:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2018/02/18 22:51:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2018/02/18 22:51:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2018/02/18 22:51:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2018/02/18 22:51:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2018/02/18 22:51:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2018/02/18 22:51:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2018/02/18 22:51:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2018/02/18 22:51:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2018/02/18 22:51:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2018/02/18 22:51:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2018/02/18 22:51:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2018/02/18 22:51:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2018/02/18 22:51:07 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2018/02/18 22:51:07 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll [2018/02/18 22:51:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2018/02/18 22:51:06 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2018/02/18 22:51:06 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2018/02/18 22:51:06 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll [2018/02/18 22:51:06 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll [2018/02/18 22:51:06 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll [2018/02/18 22:51:06 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll [2018/02/18 22:51:05 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2018/02/18 22:51:05 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2018/02/18 22:27:34 | 001,569,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll [2018/02/18 22:27:34 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll [2018/02/18 22:27:34 | 000,654,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll [2018/02/18 22:27:34 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll [2018/02/18 22:27:34 | 000,450,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\centel.dll [2018/02/18 22:27:34 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll [2018/02/18 22:27:34 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll [2018/02/18 22:27:33 | 001,994,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aitstatic.exe [2018/02/18 22:27:33 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll [2018/02/18 22:27:33 | 000,136,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe [3 C:\Users\Owner\Documents\*.tmp files -> C:\Users\Owner\Documents\*.tmp -> ] [2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] [13 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2018/03/12 21:19:04 | 000,000,534 | ---- | M] () -- C:\Windows\tasks\G2MUpdateTask-S-1-5-21-1597461494-781392241-1313931377-1000.job [2018/03/12 20:46:01 | 000,000,630 | ---- | M] () -- C:\Windows\tasks\G2MUploadTask-S-1-5-21-1597461494-781392241-1313931377-1000.job [2018/03/12 20:42:33 | 000,022,464 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2018/03/12 20:42:33 | 000,022,464 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2018/03/12 20:39:37 | 000,783,532 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2018/03/12 20:39:37 | 000,663,132 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2018/03/12 20:39:37 | 000,122,710 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2018/03/12 20:34:17 | 000,109,800 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\farflt.sys [2018/03/12 20:34:17 | 000,092,280 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mwac.sys [2018/03/12 20:34:16 | 000,045,960 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbam.sys [2018/03/12 20:33:42 | 000,182,704 | ---- | M] (Webroot) -- C:\Windows\SysWow64\WRusr.dll [2018/03/12 20:33:42 | 000,115,248 | ---- | M] (Webroot) -- C:\Windows\SysNative\WRusr.dll [2018/03/12 20:33:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2018/03/12 20:33:18 | 3061,219,328 | -HS- | M] () -- C:\hiberfil.sys [2018/03/12 20:10:33 | 000,193,248 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MbamChameleon.sys [2018/03/12 20:10:21 | 000,253,664 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys [2018/03/12 20:09:54 | 000,001,869 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk [2018/03/02 23:11:26 | 531,531,892 | ---- | M] () -- C:\Windows\MEMORY.DMP [2018/03/02 23:07:03 | 000,003,051 | ---- | M] () -- C:\Users\Owner\Desktop\Kaltura CaptureSpace Desktop Recorder.lnk [2018/02/27 22:40:15 | 000,002,145 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2018/02/26 22:50:04 | 000,002,240 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2018/02/26 22:49:59 | 018,102,328 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files (x86)\Common Files\wruninstall.exe [2018/02/26 22:49:52 | 000,002,240 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2018/02/26 22:47:45 | 000,068,384 | ---- | M] (Webroot) -- C:\Windows\SysNative\drivers\wrUrlFlt.sys [2018/02/26 22:47:35 | 000,144,256 | ---- | M] (Webroot) -- C:\Windows\SysNative\drivers\WRkrn.sys [2018/02/18 23:25:12 | 000,338,288 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2018/02/18 23:02:52 | 130,067,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MRT-KB890830.exe [2018/02/18 22:58:15 | 000,776,146 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [3 C:\Users\Owner\Documents\*.tmp files -> C:\Users\Owner\Documents\*.tmp -> ] [2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] [13 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2018/03/12 20:09:54 | 000,001,869 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk [2018/03/12 20:09:51 | 000,076,200 | ---- | C] () -- C:\Windows\SysNative\drivers\mbae64.sys [2018/03/02 23:07:03 | 000,003,051 | ---- | C] () -- C:\Users\Owner\Desktop\Kaltura CaptureSpace Desktop Recorder.lnk [2018/03/02 23:07:03 | 000,003,011 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaltura CaptureSpace Desktop Recorder.lnk [2018/02/26 22:50:04 | 000,002,240 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2018/02/26 22:49:52 | 000,002,240 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2017/08/28 20:11:23 | 000,518,144 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2017/02/28 23:28:12 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll [2017/02/28 23:28:12 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll [2014/11/22 07:43:51 | 000,000,002 | ---- | C] () -- C:\Users\Owner\AppData\Local\DSI.DAT [2014/11/19 21:40:01 | 000,000,238 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\WB.CFG [2013/12/11 15:05:07 | 000,103,832 | ---- | C] () -- C:\Users\Owner\GoToAssistDownloadHelper.exe [2012/07/09 15:40:22 | 000,000,017 | ---- | C] () -- C:\Users\Owner\AppData\Local\resmon.resmoncfg [2012/03/14 10:30:15 | 000,017,408 | ---- | C] () -- C:\Users\Owner\AppData\Local\WebpageIcons.db [2011/06/14 14:44:13 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011/05/07 11:11:45 | 000,005,120 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== ZeroAccess Check ========== [2016/11/05 23:07:42 | 000,000,000 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-1597461494-781392241-1313931377-1000\$RHTGBZ9\l [2017/01/13 23:18:38 | 000,000,035 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-1597461494-781392241-1313931377-1000\$RI8MS8X\n [2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2017/12/31 20:18:30 | 014,183,936 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2017/12/31 20:00:12 | 012,880,384 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Purity Check ========== < End of report >
  6. Barba

    Ready to clean

    OTL logfile created on: 3/12/2018 10:01:19 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.18920) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.80 Gb Total Physical Memory | 1.32 Gb Available Physical Memory | 34.82% Memory free 7.60 Gb Paging File | 5.00 Gb Available in Paging File | 65.76% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 451.01 Gb Total Space | 364.80 Gb Free Space | 80.88% Space Free | Partition Type: NTFS Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2018/03/12 20:43:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL.scr PRC - [2018/02/26 22:50:04 | 001,883,136 | ---- | M] (Webroot) -- C:\ProgramData\WRData\PKG\npwebroot.exe PRC - [2018/02/26 22:47:31 | 001,252,856 | ---- | M] (Webroot) -- C:\Program Files\Webroot\WRSA.exe PRC - [2018/02/22 15:02:18 | 003,676,960 | ---- | M] (Malwarebytes) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe PRC - [2018/02/09 19:02:50 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2015/08/23 13:06:14 | 001,632,752 | ---- | M] (Cisco) -- C:\Users\Owner\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe PRC - [2015/08/23 13:06:14 | 001,384,416 | ---- | M] () -- C:\Users\Owner\AppData\Local\DIRECTV Player\NDSPCShowServer.exe PRC - [2014/10/08 18:18:56 | 000,211,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2014/10/08 18:18:50 | 000,534,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2014/08/01 06:43:43 | 000,500,016 | ---- | M] (Octoshape ApS) -- C:\Users\Owner\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe PRC - [2014/03/12 00:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE PRC - [2010/08/20 01:53:00 | 000,689,472 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe PRC - [2010/03/08 01:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\Common Files\AOL\1381157483\ee\aolsoftware.exe PRC - [2009/09/30 06:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2009/09/30 06:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2009/06/09 08:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe ========== Modules (No Company Name) ========== MOD - [2015/08/23 13:06:20 | 001,404,376 | ---- | M] () -- C:\Users\Owner\AppData\Local\DIRECTV Player\libxml2-2.dll MOD - [2015/08/23 13:06:20 | 000,340,440 | ---- | M] () -- C:\Users\Owner\AppData\Local\DIRECTV Player\ndsLogStore.dll MOD - [2015/08/23 13:06:20 | 000,093,128 | ---- | M] () -- C:\Users\Owner\AppData\Local\DIRECTV Player\z.dll MOD - [2015/08/23 13:06:18 | 000,690,152 | ---- | M] () -- C:\Users\Owner\AppData\Local\DIRECTV Player\libgstreamer-0.10.dll MOD - [2015/08/23 13:06:16 | 008,347,104 | ---- | M] () -- C:\Users\Owner\AppData\Local\DIRECTV Player\gsttspplugin.dll MOD - [2015/08/23 13:06:14 | 011,424,224 | ---- | M] () -- C:\Users\Owner\AppData\Local\DIRECTV Player\PCShowServer.dll MOD - [2015/08/23 13:06:14 | 001,384,416 | ---- | M] () -- C:\Users\Owner\AppData\Local\DIRECTV Player\NDSPCShowServer.exe MOD - [2015/08/23 13:06:12 | 003,301,344 | ---- | M] () -- C:\Users\Owner\AppData\Local\DIRECTV Player\DrmSingleton.dll MOD - [2015/08/23 13:06:12 | 002,101,224 | ---- | M] () -- C:\Users\Owner\AppData\Local\DIRECTV Player\DiscoveryManager.dll ========== Services (SafeList) ========== SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -- (InstallerService) SRV:64bit: - [2018/03/03 08:53:16 | 006,440,736 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe -- (MBAMService) SRV:64bit: - [2018/02/26 22:47:31 | 001,252,856 | ---- | M] (Webroot) [Auto | Running] -- C:\Program Files\Webroot\WRSA.exe -- (WRSVC) SRV:64bit: - [2018/02/10 01:06:41 | 000,116,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:64bit: - [2016/08/22 10:19:43 | 001,386,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack) SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2010/03/05 11:26:38 | 001,425,168 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV:64bit: - [2010/03/05 11:07:58 | 000,340,240 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV:64bit: - [2010/03/05 11:06:22 | 000,831,760 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV:64bit: - [2009/11/17 04:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters) SRV:64bit: - [2009/11/02 12:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV:64bit: - [2009/07/01 18:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:64bit: - [2009/06/09 08:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService) SRV - [2018/02/09 19:02:50 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2018/02/06 23:14:11 | 000,272,384 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2018/01/28 14:58:59 | 000,174,544 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2017/10/04 02:21:36 | 000,107,624 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2014/12/11 10:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2014/10/08 18:18:56 | 000,211,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2014/10/08 18:18:50 | 000,534,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2014/03/20 16:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2014/03/12 00:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE -- (BBUpdate) SRV - [2014/03/12 00:36:06 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE -- (BBSvc) SRV - [2013/12/11 15:05:20 | 000,013,720 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\896\g2aservice.exe -- (GoToAssist) SRV - [2010/08/20 01:53:00 | 000,689,472 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService) SRV - [2009/09/30 06:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2009/09/30 06:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2009/06/23 16:02:42 | 000,060,928 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe -- (InstallFilterService) SRV - [2006/10/23 06:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe -- (AOL ACS) ========== Driver Services (SafeList) ========== DRV:64bit: - [2018/03/12 20:34:17 | 000,109,800 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\farflt.sys -- (MBAMFarflt) DRV:64bit: - [2018/03/12 20:34:17 | 000,092,280 | ---- | M] (Malwarebytes) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebProtection) DRV:64bit: - [2018/03/12 20:34:16 | 000,045,960 | ---- | M] (Malwarebytes) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtection) DRV:64bit: - [2018/03/12 20:10:33 | 000,193,248 | ---- | M] (Malwarebytes) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\MbamChameleon.sys -- (MBAMChameleon) DRV:64bit: - [2018/03/12 20:10:21 | 000,253,664 | ---- | M] (Malwarebytes) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV:64bit: - [2018/02/26 22:47:45 | 000,068,384 | ---- | M] (Webroot) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wrUrlFlt.sys -- (wrUrlFlt) DRV:64bit: - [2018/02/26 22:47:35 | 000,144,256 | ---- | M] (Webroot) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WRkrn.sys -- (WRkrn) DRV:64bit: - [2018/01/18 09:03:38 | 000,076,200 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mbae64.sys -- (ESProtectionDriver) DRV:64bit: - [2014/10/08 18:18:54 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2014/10/08 18:18:54 | 000,029,352 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2014/10/08 18:18:54 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2014/10/08 18:18:50 | 000,766,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2013/10/01 20:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2013/02/11 22:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:64bit: - [2012/08/23 08:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012/02/15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/02/14 03:42:36 | 000,028,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag) DRV:64bit: - [2011/02/14 03:42:30 | 000,034,816 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem) DRV:64bit: - [2011/02/14 03:42:28 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus) DRV:64bit: - [2010/11/20 07:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/07/19 23:40:38 | 010,603,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2010/06/21 09:15:54 | 000,287,232 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2010/04/14 02:01:44 | 000,054,824 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt) DRV:64bit: - [2010/04/05 20:18:30 | 000,039,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd) DRV:64bit: - [2010/03/17 23:21:58 | 007,680,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) DRV:64bit: - [2009/11/02 12:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2009/10/13 04:00:20 | 000,293,936 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009/09/16 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:64bit: - [2009/07/24 00:13:02 | 000,023,912 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Acceler.sys -- (Acceler) DRV:64bit: - [2009/07/23 12:57:48 | 000,018,792 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdflt.sys -- (stdflt) DRV:64bit: - [2009/07/16 21:14:12 | 000,220,672 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/13 18:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:64bit: - [2009/07/13 18:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan) DRV:64bit: - [2009/07/09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2009/07/02 08:26:34 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2009/07/02 08:26:34 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2009/07/02 08:26:34 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2009/07/02 08:26:34 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2009/06/15 13:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt) DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2006/11/29 16:24:49 | 000,024,064 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wanatw64.sys -- (wanatw) DRV:64bit: - [2006/11/01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ==========
  7. Barba

    Ready to clean

    ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{1A8BA6CE-822D-4888-89E2-ACBF4308F271}" = Intel(R) PROSet/Wireless WiFi Software "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{2937FD88-C9D6-4B82-B539-37CD0A572F42}" = Apple Application Support (64-bit) "{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}" = Apple Mobile Device Support "{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" = Malwarebytes version 3.4.4.2398 "{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor "{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}" = Bonjour "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010 "{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010 "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 "{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.7.1 "{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software "{A31C5565-90D9-4615-AE13-94D86C3836C7}" = iTunes "{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 "{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{BF8D7372-5200-4EC7-9FB0-5398D108F81C}" = Intel(R) Wireless Display "{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{E0C7523C-686B-3EE6-8FB1-CB4339E30EDD}" = Microsoft .NET Framework 4.7.1 "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) "MozillaMaintenanceService" = Mozilla Maintenance Service "ProInst" = Intel PROSet Wireless "SynTPDeinstKey" = Dell Touchpad [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{04f0c8c0-e0c8-4292-8676-db9174655d7a}" = DIRECTV Player "{04FED4B6-2CD9-4D93-AACA-6FD1F18EA380}" = Kaltura CaptureSpace Desktop Recorder "{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 "{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}" = Citrix Online Launcher "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0ECFCB07-9BFE-4970-ACA1-D568D982760B}" = Complete Care Business Service Agreement "{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup "{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1E26B9C2-ED08-4EEA-83C8-A786502B41E5}" = IBM SPSS Statistics 21 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0 "{26A24AE4-039D-4CA4-87B4-2F32180161F0}" = Java 8 Update 161 "{2A0F2CC5-3065-492C-8380-B03AA7106B1A}" = Dell Product Registration "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{3365E735-48A6-4194-9988-CE59AC5AE503}" = Bing Bar "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{35DAA04C-1720-4BE3-A920-A03731EC6A1D}" = Google Earth Pro "{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}" = Banctec Service Agreement "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries "{56EC47AA-5813-4FF6-8E75-544026FBEA83}" = Apple Software Update "{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{81F1C6DE-C053-4C6C-9DE8-ED23D28FA9AB}" = Cozi "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{87434D51-51DB-4109-B68F-A829ECDCF380}" = Accelerometer "{8C9AA2C1-D07A-48E8-9DD8-471A072947F4}" = Adobe AIR "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 "{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English "{903679E8-44C8-4C07-9600-05C92654FC50}" = QualxServ Service Agreement "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}" = Dell Home Systems Service Agreement "{AC76BA86-0804-1033-1959-001824265200}" = Adobe Refresh Manager "{AC76BA86-7AD7-1033-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC "{B03954CC-E130-4E57-BC83-869978685902}" = LG United Mobile Drivers "{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars "{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}" = Premium Service Agreement "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}" = Google SketchUp 8 "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}" = Accidental Damage Services Agreement "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement "{F6430171-B86B-4639-839E-374913E7911D}" = Google Earth "{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 "{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 "{F9B579C2-D854-300A-BE62-A09EB9D722E4}" = Google Talk Plugin "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}" = Apple Application Support (32-bit) "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 28 ActiveX "Adobe Flash Player NPAPI" = Adobe Flash Player 28 NPAPI "Adobe Flash Player PPAPI" = Adobe Flash Player 28 PPAPI "Adobe Shockwave Player" = Adobe Shockwave Player 12.2 "Advanced Audio FX Engine" = Advanced Audio FX Engine "AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove) "Dell Dock" = Dell Dock "Dell Webcam Central" = Dell Webcam Central "FF389026-F961-42C5-BACD-B4A3AA73E0F3" = Riverpoint Writer "Google Chrome" = Google Chrome "GoToAssist" = GoToAssist Corporate "Mozilla Firefox 58.0.1 (x86 en-US)" = Mozilla Firefox 58.0.1 (x86 en-US) "Office14.Click2Run" = Microsoft Office Click-to-Run 2010 "Office14.SingleImage" = Microsoft Office Home and Student 2010 "VLC media player" = VLC media player "WinLiveSuite" = Windows Live Essentials "WRUNINST" = Webroot SecureAnywhere "Zotero Standalone 4.0.29.10 (x86 en-US)" = Zotero Standalone 4.0.29.10 (x86 en-US) ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1597461494-781392241-1313931377-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{4AFCAFDC-D870-41FA-B9FB-1442B9DAFE76}" = ArcadeFrontier "AOL Toolbar" = AOL Toolbar "GoToMeeting" = GoToMeeting 8.22.0.8473 "Octoshape Streaming Services" = Infinite HD™ App ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 3/12/2018 8:13:04 AM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 3/12/2018 8:13:04 AM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 8003 Error - 3/12/2018 8:13:04 AM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 8003 Error - 3/12/2018 8:13:05 AM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 3/12/2018 8:13:05 AM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 9111 Error - 3/12/2018 8:13:05 AM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 9111 Error - 3/12/2018 9:58:23 PM | Computer Name = Owner-PC | Source = Application Virtualization Client | ID = 5009 Description = {tid=F94} The Application Virtualization Client could not connect to stream URL 'http://c2r.microsoft.com/ConsumerC2R/en-us/14.0.4763.1000/ConsumerC2R.en-us_14.0.7194.5000.sft' (rc 24600F0A-10000001, original rc 24600F0A-10000001). Error - 3/12/2018 9:58:23 PM | Computer Name = Owner-PC | Source = CVHSVC | ID = 100 Description = Information only. Click-2-Run package registration failure. Error - 3/12/2018 10:35:24 PM | Computer Name = Owner-PC | Source = Application Virtualization Client | ID = 5009 Description = {tid=E88} The Application Virtualization Client could not connect to stream URL 'http://c2r.microsoft.com/ConsumerC2R/en-us/14.0.4763.1000/ConsumerC2R.en-us_14.0.7194.5000.sft' (rc 2460420A-40002EFD, original rc 2460420A-40002EFD). Error - 3/12/2018 10:35:24 PM | Computer Name = Owner-PC | Source = CVHSVC | ID = 100 Description = Information only. Click-2-Run package registration failure. [ Dell Events ] Error - 2/12/2011 2:25:37 PM | Computer Name = Owner-PC | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 2/12/2011 2:25:37 PM | Computer Name = Owner-PC | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. [ System Events ] Error - 3/12/2018 9:54:54 PM | Computer Name = Owner-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003 Description = WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll Error - 3/12/2018 9:55:05 PM | Computer Name = Owner-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003 Description = WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll Error - 3/12/2018 9:55:05 PM | Computer Name = Owner-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003 Description = WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll Error - 3/12/2018 9:55:05 PM | Computer Name = Owner-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003 Description = WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll Error - 3/12/2018 9:55:09 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7038 Description = The WMPNetworkSvc service was unable to log on as NT AUTHORITY\NetworkService with the currently configured password due to the following error: %%50 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error - 3/12/2018 9:55:09 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000 Description = The Windows Media Player Network Sharing Service service failed to start due to the following error: %%1069 Error - 3/12/2018 9:56:46 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000 Description = The Service Installer TrueKey service failed to start due to the following error: %%2 Error - 3/12/2018 9:57:52 PM | Computer Name = Owner-PC | Source = DCOM | ID = 10016 Description = Error - 3/12/2018 10:33:51 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000 Description = The Service Installer TrueKey service failed to start due to the following error: %%2 Error - 3/12/2018 10:35:14 PM | Computer Name = Owner-PC | Source = DCOM | ID = 10016 Description = < End of report >
  8. Barba

    Ready to clean

    OTL Extras logfile created on: 3/12/2018 10:01:19 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.18920) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.80 Gb Total Physical Memory | 1.32 Gb Available Physical Memory | 34.82% Memory free 7.60 Gb Paging File | 5.00 Gb Available in Paging File | 65.76% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 451.01 Gb Total Space | 364.80 Gb Free Space | 80.88% Space Free | Partition Type: NTFS Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-1597461494-781392241-1313931377-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{098E3C34-BF13-4F94-ABE9-5BC23604E5B5}" = lport=137 | protocol=17 | dir=in | app=system | "{11442C6F-8100-4A07-AA75-061F318D0AFD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{13328537-0EB2-4352-B095-88005C15BE05}" = rport=445 | protocol=6 | dir=out | app=system | "{1A31D1A8-B488-4456-A136-F36C028DCF02}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{25E2D511-190B-40E7-91C7-422632DA4EAF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | "{3131A9C8-B505-4293-8BBC-1069989C70FA}" = rport=137 | protocol=17 | dir=out | app=system | "{320A7D1B-A5EF-43F8-9E71-92DE35D2F2A4}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | "{3820754C-A653-4CE1-9BE4-84082E950705}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{38D3188A-3843-47AD-9120-D79C140E86AA}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | "{38D896A2-7395-4CC3-BBE3-B2D1674AD0A8}" = lport=138 | protocol=17 | dir=in | app=system | "{3A0B0733-7B98-4552-B400-A43CBA09EA3E}" = lport=7681 | protocol=17 | dir=in | app=c:\program files (x86)\netratingsnetsight\netsight\nielsenonline.exe | "{4D21333A-C184-4199-86AE-820039D6C9A7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{502E1499-1BC5-4B8A-A627-6E2A7D3C9BE0}" = lport=7681 | protocol=6 | dir=in | app=c:\program files (x86)\netratingsnetsight\netsight\nielsenonline.exe | "{52041210-3F1F-4C4E-B2B6-BF2E99F6F4F7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{580D4649-5DAE-405D-9069-E9721BC6665D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{6288D0D4-9DF2-4A3F-A495-6B4E346649A1}" = rport=1723 | protocol=6 | dir=out | app=system | "{6967A2B1-206B-4719-B1C9-94E85FC6C49E}" = lport=139 | protocol=6 | dir=in | app=system | "{6A1DB561-0644-4E93-9E6C-38BBBDA59135}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{6F7586C4-0582-4D34-BE01-5438B37A4070}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{80E9E7D9-9065-4547-A21C-656082813E6F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{96A6E96F-521A-4D23-A031-658C20F34A7A}" = lport=1701 | protocol=17 | dir=in | app=system | "{A5E52565-7166-4AD7-97A2-C2B48CFCF604}" = lport=2869 | protocol=6 | dir=in | app=system | "{A6E86CA2-349C-4684-B770-8367A2A62C1E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{AC87C3C1-7CAC-4283-9F52-EC177B6BBD1B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{B51FA3FB-8E9D-43AD-B02C-3A3218B577C7}" = rport=138 | protocol=17 | dir=out | app=system | "{D17BAC51-44D8-4925-B012-11F4B4CAD542}" = lport=2869 | protocol=6 | dir=in | app=system | "{D6484AF7-88F2-4561-9ED2-C2D73F373C69}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{D65E3284-3449-43D8-A39E-D00FC6B069E6}" = lport=445 | protocol=6 | dir=in | app=system | "{E1C04EA0-EA35-4BFF-B6E7-939A58676623}" = lport=1723 | protocol=6 | dir=in | app=system | "{E63CF0B6-30A6-4E0C-B4E9-824D35724A57}" = rport=10243 | protocol=6 | dir=out | app=system | "{EBCD771A-373D-420D-B7F5-413991AA62D6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{ED4C5C07-0139-4D75-A634-14BF38E65101}" = rport=139 | protocol=6 | dir=out | app=system | "{EFB1ACCF-CF1C-44C4-A81C-A5D7C6D9EF55}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F1DDEEC3-05BD-4CEB-B53F-AFD85716C111}" = rport=1701 | protocol=17 | dir=out | app=system | "{F7A5D398-4573-4677-AE1D-9AA1ED516750}" = lport=10243 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0DA1986A-38F5-4A96-852A-6B9BA5322398}" = protocol=6 | dir=in | app=c:\program files (x86)\aol desktop 9.7a\waol.exe | "{0E5A6213-6C67-43E0-AFC2-2CBA357A6BD2}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{0F543CC2-F4B1-47CE-89CC-11F590898983}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{131F9425-468C-45D6-8AE6-AF0A3075EF9D}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{14181012-D9D6-4989-8E2E-D9D317115427}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{14BB2696-D015-4478-A7FE-3566AA3673B2}" = protocol=47 | dir=in | app=system | "{18CD4B02-B392-4DEB-AEBC-22DD449607BF}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{1B864239-2014-4C15-AF1C-BB1BA5EF4F40}" = protocol=17 | dir=in | app=c:\program files (x86)\aol desktop 9.7a\waol.exe | "{2230A2F9-E0F6-40DF-A07E-AA10A1BF5FF1}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{2CB3E6B2-E571-4E9C-8BF8-CBE493C781B1}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\microsoft shared\office14\office setup controller\promo.exe | "{3038785F-7FD0-4394-9AF8-ABA682760F13}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe | "{310DCEBE-B097-4D41-822F-F8D2CCF0B975}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1381157483\ee\aolsoftware.exe | "{3367AED9-0672-4A13-BCC0-A16868F75D2C}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe | "{3EEB2FF2-67A7-4DE7-8D19-1783AABFA571}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{4560D4CD-BD66-42A1-BB37-69739C9B63F4}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe | "{45B06C23-44C7-4CD4-8BFF-B6471D3D6F9C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{47AADAB9-18C3-4B27-A766-6D1AF0E6170E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{486EA874-B73D-452C-8EE7-FC436E10EE54}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{49B89D41-96AF-4A9F-AE48-7BF86C165DED}" = protocol=17 | dir=in | app=c:\users\owner\appdata\local\google\google talk plugin\googletalkplugin.exe | "{4A92EC2B-B350-4078-9B62-9D2167C68C90}" = protocol=6 | dir=in | app=c:\users\owner\appdata\local\google\google talk plugin\googletalkplugin.exe | "{5137609A-028C-475E-9367-43F5CCFA0F3E}" = protocol=17 | dir=in | app=c:\program files (x86)\aol desktop 9.7a\aol.exe | "{566A2CD8-21B8-4EF1-A92F-B7C1FF594201}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | "{633FB75D-31DE-49F1-91A8-E4534255571F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{64FF661D-0843-4E32-BD78-02DF2097C17A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{6D938D50-49CC-4B72-851B-B8DC71CA54D8}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{71540CF8-2DE2-4976-8A11-BF182C1A2DF8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{769486DC-8DA1-4A94-B042-FD4EB1E1A7B2}" = protocol=6 | dir=in | app=c:\program files (x86)\aol desktop 9.7\aolbrowser\aolbrowser.exe | "{78F16F72-F329-4569-A425-45225A290EAB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{7DAA2BE4-9AE9-44B8-8348-9DDB8CD563F6}" = protocol=58 | dir=out | [email protected],-28546 | "{7EE037BF-6F70-4032-8B3B-6ABB702BE1D9}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe | "{80E71FA4-C826-43AD-9FEC-395D5FF1727F}" = protocol=1 | dir=in | [email protected],-28543 | "{8589EFD3-41DD-4331-8D7E-53A8DD78E82A}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\microsoft shared\office14\office setup controller\promo.exe | "{871FEEF0-B4DC-4557-94FE-C69A925A38FD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{8758C39D-2D56-475C-8B1D-B2BBF29ACEA0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{8B0366CA-55EA-416E-9E68-AE4F27D8CCB2}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{8B2B1B9C-236D-49C3-8172-F2D2FCEE63F0}" = protocol=6 | dir=in | app=c:\program files (x86)\aol desktop 9.7a\aol.exe | "{8D4F857D-C3B0-481E-9E37-647CAEE16A30}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{8FEA3AE8-8195-42DF-B86D-E08F2CDF9DD6}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1381157483\ee\aolsoftware.exe | "{90587059-0069-4CD1-BFCB-BC1F76B4B069}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe | "{927CC27E-6742-4D66-A12E-AD12776D1C48}" = protocol=6 | dir=in | app=c:\program files (x86)\aol desktop 9.7a\aolbrowser\aolbrowser.exe | "{9306665B-FA35-4DF3-BCA5-6B797ADEA9DD}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{954327C4-D1F6-405D-8E4A-AC102F5F5986}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{9C4B76BE-FC60-4470-AADA-37F581088ECD}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe | "{9EA66A50-83A3-43CA-9768-6D318F521325}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe | "{A0B24491-32B7-4ACD-80F8-19D563A2D233}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe | "{A32A3C63-14C4-4814-AA41-82A962286CB6}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe | "{AC8885D6-F39A-4569-BD2F-3302D89C43E8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{B1700E46-C58C-44BD-9D53-CB3FA42EA027}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe | "{B828315E-50AE-47F8-B4BB-85DB837D3D49}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{BE5E6988-31D3-44A5-B65F-23887E67FB23}" = protocol=6 | dir=out | app=system | "{C14D40B3-FF11-4699-A2F8-36D40412C5DE}" = protocol=47 | dir=out | app=system | "{C15B4281-AC03-401E-9BE1-B5A28D992D54}" = protocol=1 | dir=out | [email protected],-28544 | "{D2D32BFB-8F14-40F3-AB49-D82C391209AA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D696B509-C476-42AA-B03C-E5902042092E}" = protocol=17 | dir=in | app=c:\program files (x86)\aol desktop 9.7\waol.exe | "{D87EF9B6-9B86-4A72-BE6D-C9437F3A91DC}" = dir=in | app=c:\program files\itunes\itunes.exe | "{DA8B3ADE-2E5A-4C3A-80F3-1D429591461C}" = protocol=17 | dir=in | app=c:\program files (x86)\aol desktop 9.7a\aolbrowser\aolbrowser.exe | "{E0ABA90E-1736-4ADD-8C9E-7C305901EBF3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{EBBB1B62-7660-44B0-AD65-E6F03305E986}" = protocol=58 | dir=in | [email protected],-28545 | "{ED603EF1-3A14-4F4F-A603-4E85DDA7ADCE}" = dir=in | app=c:\program files (x86)\intel corporation\intel wireless display\widiapp.exe | "{F7525877-CF6E-43B9-8F9F-6AEA1B808296}" = protocol=17 | dir=in | app=c:\program files (x86)\aol desktop 9.7\aolbrowser\aolbrowser.exe | "{FD9CD8F4-B1DB-40B0-9A39-B40CECCB156A}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | "{FEB2A381-EB83-463E-AD59-44BE28857C03}" = protocol=6 | dir=in | app=c:\program files (x86)\aol desktop 9.7\waol.exe | "TCP Query User{57976E31-CACF-492B-9A8C-D68B7B15B5E4}C:\users\owner\appdata\local\directv player\ndspcshowserver.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\local\directv player\ndspcshowserver.exe | "TCP Query User{7B189598-0BB0-4D62-B40F-72C71B21055F}C:\program files (x86)\ibm\spss\statistics\21\stats.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ibm\spss\statistics\21\stats.exe | "TCP Query User{C400F978-B65B-48D6-B658-046E6DA662B6}C:\users\owner\appdata\local\directv player\ndspcshowserver.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\local\directv player\ndspcshowserver.exe | "TCP Query User{D50BDB1D-995C-4B9E-9E5A-74CA94E94D51}C:\program files (x86)\ibm\spss\statistics\21\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ibm\spss\statistics\21\jre\bin\javaw.exe | "TCP Query User{F07B72F1-E786-4938-B0C4-FF150D595F26}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | "TCP Query User{F84BBA71-3B4D-4F19-8E03-195B44B07A42}C:\program files (x86)\ibm\spss\statistics\21\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ibm\spss\statistics\21\jre\bin\javaw.exe | "UDP Query User{29296940-3AD6-4D2B-AA3A-C7C555ED2AF1}C:\users\owner\appdata\local\directv player\ndspcshowserver.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\local\directv player\ndspcshowserver.exe | "UDP Query User{4158B9A6-7BB7-494A-8AF5-1B98D8DD1562}C:\program files (x86)\ibm\spss\statistics\21\stats.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ibm\spss\statistics\21\stats.exe | "UDP Query User{7FACC56C-5603-456F-AD23-70DE4AD74FC5}C:\users\owner\appdata\local\directv player\ndspcshowserver.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\local\directv player\ndspcshowserver.exe | "UDP Query User{895BE6B0-74A5-40A7-9D98-5BAADA3F8757}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | "UDP Query User{CE4A71C4-63DC-41D1-95E6-640866FD11C8}C:\program files (x86)\ibm\spss\statistics\21\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ibm\spss\statistics\21\jre\bin\javaw.exe | "UDP Query User{F86D30A1-EF8B-4BBB-A345-7FE33694CC67}C:\program files (x86)\ibm\spss\statistics\21\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ibm\spss\statistics\21\jre\bin\javaw.exe |
  9. Barba

    Ready to clean

    ok I started the scan again
  10. Barba

    Ready to clean

    No the report part disappeared I still have the old timer box up but the report box went away.
  11. Barba

    Ready to clean

    I don't see another report It didn't bring anything up,
  12. Barba

    Ready to clean

    I don't see another report
  13. Barba

    Ready to clean

    OTL Extras logfile created on: 3/12/2018 8:46:31 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.18920) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.80 Gb Total Physical Memory | 1.74 Gb Available Physical Memory | 45.80% Memory free 7.60 Gb Paging File | 5.25 Gb Available in Paging File | 69.02% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 451.01 Gb Total Space | 364.80 Gb Free Space | 80.89% Space Free | Partition Type: NTFS Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-1597461494-781392241-1313931377-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{098E3C34-BF13-4F94-ABE9-5BC23604E5B5}" = lport=137 | protocol=17 | dir=in | app=system | "{11442C6F-8100-4A07-AA75-061F318D0AFD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{13328537-0EB2-4352-B095-88005C15BE05}" = rport=445 | protocol=6 | dir=out | app=system | "{1A31D1A8-B488-4456-A136-F36C028DCF02}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{25E2D511-190B-40E7-91C7-422632DA4EAF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | "{3131A9C8-B505-4293-8BBC-1069989C70FA}" = rport=137 | protocol=17 | dir=out | app=system | "{320A7D1B-A5EF-43F8-9E71-92DE35D2F2A4}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | "{3820754C-A653-4CE1-9BE4-84082E950705}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{38D3188A-3843-47AD-9120-D79C140E86AA}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | "{38D896A2-7395-4CC3-BBE3-B2D1674AD0A8}" = lport=138 | protocol=17 | dir=in | app=system | "{3A0B0733-7B98-4552-B400-A43CBA09EA3E}" = lport=7681 | protocol=17 | dir=in | app=c:\program files (x86)\netratingsnetsight\netsight\nielsenonline.exe | "{4D21333A-C184-4199-86AE-820039D6C9A7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{502E1499-1BC5-4B8A-A627-6E2A7D3C9BE0}" = lport=7681 | protocol=6 | dir=in | app=c:\program files (x86)\netratingsnetsight\netsight\nielsenonline.exe | "{52041210-3F1F-4C4E-B2B6-BF2E99F6F4F7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{580D4649-5DAE-405D-9069-E9721BC6665D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{6288D0D4-9DF2-4A3F-A495-6B4E346649A1}" = rport=1723 | protocol=6 | dir=out | app=system | "{6967A2B1-206B-4719-B1C9-94E85FC6C49E}" = lport=139 | protocol=6 | dir=in | app=system | "{6A1DB561-0644-4E93-9E6C-38BBBDA59135}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{6F7586C4-0582-4D34-BE01-5438B37A4070}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{80E9E7D9-9065-4547-A21C-656082813E6F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{96A6E96F-521A-4D23-A031-658C20F34A7A}" = lport=1701 | protocol=17 | dir=in | app=system | "{A5E52565-7166-4AD7-97A2-C2B48CFCF604}" = lport=2869 | protocol=6 | dir=in | app=system | "{A6E86CA2-349C-4684-B770-8367A2A62C1E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{AC87C3C1-7CAC-4283-9F52-EC177B6BBD1B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{B51FA3FB-8E9D-43AD-B02C-3A3218B577C7}" = rport=138 | protocol=17 | dir=out | app=system | "{D17BAC51-44D8-4925-B012-11F4B4CAD542}" = lport=2869 | protocol=6 | dir=in | app=system | "{D6484AF7-88F2-4561-9ED2-C2D73F373C69}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{D65E3284-3449-43D8-A39E-D00FC6B069E6}" = lport=445 | protocol=6 | dir=in | app=system | "{E1C04EA0-EA35-4BFF-B6E7-939A58676623}" = lport=1723 | protocol=6 | dir=in | app=system | "{E63CF0B6-30A6-4E0C-B4E9-824D35724A57}" = rport=10243 | protocol=6 | dir=out | app=system | "{EBCD771A-373D-420D-B7F5-413991AA62D6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{ED4C5C07-0139-4D75-A634-14BF38E65101}" = rport=139 | protocol=6 | dir=out | app=system | "{EFB1ACCF-CF1C-44C4-A81C-A5D7C6D9EF55}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F1DDEEC3-05BD-4CEB-B53F-AFD85716C111}" = rport=1701 | protocol=17 | dir=out | app=system | "{F7A5D398-4573-4677-AE1D-9AA1ED516750}" = lport=10243 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0DA1986A-38F5-4A96-852A-6B9BA5322398}" = protocol=6 | dir=in | app=c:\program files (x86)\aol desktop 9.7a\waol.exe | "{0E5A6213-6C67-43E0-AFC2-2CBA357A6BD2}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{0F543CC2-F4B1-47CE-89CC-11F590898983}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{131F9425-468C-45D6-8AE6-AF0A3075EF9D}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{14181012-D9D6-4989-8E2E-D9D317115427}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{14BB2696-D015-4478-A7FE-3566AA3673B2}" = protocol=47 | dir=in | app=system | "{18CD4B02-B392-4DEB-AEBC-22DD449607BF}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{1B864239-2014-4C15-AF1C-BB1BA5EF4F40}" = protocol=17 | dir=in | app=c:\program files (x86)\aol desktop 9.7a\waol.exe | "{2230A2F9-E0F6-40DF-A07E-AA10A1BF5FF1}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{2CB3E6B2-E571-4E9C-8BF8-CBE493C781B1}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\microsoft shared\office14\office setup controller\promo.exe | "{3038785F-7FD0-4394-9AF8-ABA682760F13}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe | "{310DCEBE-B097-4D41-822F-F8D2CCF0B975}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1381157483\ee\aolsoftware.exe | "{3367AED9-0672-4A13-BCC0-A16868F75D2C}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe | "{3EEB2FF2-67A7-4DE7-8D19-1783AABFA571}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{4560D4CD-BD66-42A1-BB37-69739C9B63F4}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe | "{45B06C23-44C7-4CD4-8BFF-B6471D3D6F9C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{47AADAB9-18C3-4B27-A766-6D1AF0E6170E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{486EA874-B73D-452C-8EE7-FC436E10EE54}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{49B89D41-96AF-4A9F-AE48-7BF86C165DED}" = protocol=17 | dir=in | app=c:\users\owner\appdata\local\google\google talk plugin\googletalkplugin.exe | "{4A92EC2B-B350-4078-9B62-9D2167C68C90}" = protocol=6 | dir=in | app=c:\users\owner\appdata\local\google\google talk plugin\googletalkplugin.exe | "{5137609A-028C-475E-9367-43F5CCFA0F3E}" = protocol=17 | dir=in | app=c:\program files (x86)\aol desktop 9.7a\aol.exe | "{566A2CD8-21B8-4EF1-A92F-B7C1FF594201}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | "{633FB75D-31DE-49F1-91A8-E4534255571F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{64FF661D-0843-4E32-BD78-02DF2097C17A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{6D938D50-49CC-4B72-851B-B8DC71CA54D8}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{71540CF8-2DE2-4976-8A11-BF182C1A2DF8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{769486DC-8DA1-4A94-B042-FD4EB1E1A7B2}" = protocol=6 | dir=in | app=c:\program files (x86)\aol desktop 9.7\aolbrowser\aolbrowser.exe | "{78F16F72-F329-4569-A425-45225A290EAB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{7DAA2BE4-9AE9-44B8-8348-9DDB8CD563F6}" = protocol=58 | dir=out | [email protected],-28546 | "{7EE037BF-6F70-4032-8B3B-6ABB702BE1D9}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe | "{80E71FA4-C826-43AD-9FEC-395D5FF1727F}" = protocol=1 | dir=in | [email protected],-28543 | "{8589EFD3-41DD-4331-8D7E-53A8DD78E82A}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\microsoft shared\office14\office setup controller\promo.exe | "{871FEEF0-B4DC-4557-94FE-C69A925A38FD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{8758C39D-2D56-475C-8B1D-B2BBF29ACEA0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{8B0366CA-55EA-416E-9E68-AE4F27D8CCB2}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{8B2B1B9C-236D-49C3-8172-F2D2FCEE63F0}" = protocol=6 | dir=in | app=c:\program files (x86)\aol desktop 9.7a\aol.exe | "{8D4F857D-C3B0-481E-9E37-647CAEE16A30}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{8FEA3AE8-8195-42DF-B86D-E08F2CDF9DD6}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1381157483\ee\aolsoftware.exe | "{90587059-0069-4CD1-BFCB-BC1F76B4B069}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe | "{927CC27E-6742-4D66-A12E-AD12776D1C48}" = protocol=6 | dir=in | app=c:\program files (x86)\aol desktop 9.7a\aolbrowser\aolbrowser.exe | "{9306665B-FA35-4DF3-BCA5-6B797ADEA9DD}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{954327C4-D1F6-405D-8E4A-AC102F5F5986}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{9C4B76BE-FC60-4470-AADA-37F581088ECD}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe | "{9EA66A50-83A3-43CA-9768-6D318F521325}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe | "{A0B24491-32B7-4ACD-80F8-19D563A2D233}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe | "{A32A3C63-14C4-4814-AA41-82A962286CB6}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe | "{AC8885D6-F39A-4569-BD2F-3302D89C43E8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{B1700E46-C58C-44BD-9D53-CB3FA42EA027}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe | "{B828315E-50AE-47F8-B4BB-85DB837D3D49}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{BE5E6988-31D3-44A5-B65F-23887E67FB23}" = protocol=6 | dir=out | app=system | "{C14D40B3-FF11-4699-A2F8-36D40412C5DE}" = protocol=47 | dir=out | app=system | "{C15B4281-AC03-401E-9BE1-B5A28D992D54}" = protocol=1 | dir=out | [email protected],-28544 | "{D2D32BFB-8F14-40F3-AB49-D82C391209AA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D696B509-C476-42AA-B03C-E5902042092E}" = protocol=17 | dir=in | app=c:\program files (x86)\aol desktop 9.7\waol.exe | "{D87EF9B6-9B86-4A72-BE6D-C9437F3A91DC}" = dir=in | app=c:\program files\itunes\itunes.exe | "{DA8B3ADE-2E5A-4C3A-80F3-1D429591461C}" = protocol=17 | dir=in | app=c:\program files (x86)\aol desktop 9.7a\aolbrowser\aolbrowser.exe | "{E0ABA90E-1736-4ADD-8C9E-7C305901EBF3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{EBBB1B62-7660-44B0-AD65-E6F03305E986}" = protocol=58 | dir=in | [email protected],-28545 | "{ED603EF1-3A14-4F4F-A603-4E85DDA7ADCE}" = dir=in | app=c:\program files (x86)\intel corporation\intel wireless display\widiapp.exe | "{F7525877-CF6E-43B9-8F9F-6AEA1B808296}" = protocol=17 | dir=in | app=c:\program files (x86)\aol desktop 9.7\aolbrowser\aolbrowser.exe | "{FD9CD8F4-B1DB-40B0-9A39-B40CECCB156A}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | "{FEB2A381-EB83-463E-AD59-44BE28857C03}" = protocol=6 | dir=in | app=c:\program files (x86)\aol desktop 9.7\waol.exe | "TCP Query User{57976E31-CACF-492B-9A8C-D68B7B15B5E4}C:\users\owner\appdata\local\directv player\ndspcshowserver.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\local\directv player\ndspcshowserver.exe | "TCP Query User{7B189598-0BB0-4D62-B40F-72C71B21055F}C:\program files (x86)\ibm\spss\statistics\21\stats.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ibm\spss\statistics\21\stats.exe | "TCP Query User{C400F978-B65B-48D6-B658-046E6DA662B6}C:\users\owner\appdata\local\directv player\ndspcshowserver.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\local\directv player\ndspcshowserver.exe | "TCP Query User{D50BDB1D-995C-4B9E-9E5A-74CA94E94D51}C:\program files (x86)\ibm\spss\statistics\21\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ibm\spss\statistics\21\jre\bin\javaw.exe | "TCP Query User{F07B72F1-E786-4938-B0C4-FF150D595F26}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | "TCP Query User{F84BBA71-3B4D-4F19-8E03-195B44B07A42}C:\program files (x86)\ibm\spss\statistics\21\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ibm\spss\statistics\21\jre\bin\javaw.exe | "UDP Query User{29296940-3AD6-4D2B-AA3A-C7C555ED2AF1}C:\users\owner\appdata\local\directv player\ndspcshowserver.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\local\directv player\ndspcshowserver.exe | "UDP Query User{4158B9A6-7BB7-494A-8AF5-1B98D8DD1562}C:\program files (x86)\ibm\spss\statistics\21\stats.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ibm\spss\statistics\21\stats.exe | "UDP Query User{7FACC56C-5603-456F-AD23-70DE4AD74FC5}C:\users\owner\appdata\local\directv player\ndspcshowserver.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\local\directv player\ndspcshowserver.exe | "UDP Query User{895BE6B0-74A5-40A7-9D98-5BAADA3F8757}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | "UDP Query User{CE4A71C4-63DC-41D1-95E6-640866FD11C8}C:\program files (x86)\ibm\spss\statistics\21\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ibm\spss\statistics\21\jre\bin\javaw.exe | "UDP Query User{F86D30A1-EF8B-4BBB-A345-7FE33694CC67}C:\program files (x86)\ibm\spss\statistics\21\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ibm\spss\statistics\21\jre\bin\javaw.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{1A8BA6CE-822D-4888-89E2-ACBF4308F271}" = Intel(R) PROSet/Wireless WiFi Software "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{2937FD88-C9D6-4B82-B539-37CD0A572F42}" = Apple Application Support (64-bit) "{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}" = Apple Mobile Device Support "{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" = Malwarebytes version 3.4.4.2398 "{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor "{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}" = Bonjour "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010 "{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010 "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 "{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.7.1 "{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software "{A31C5565-90D9-4615-AE13-94D86C3836C7}" = iTunes "{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 "{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{BF8D7372-5200-4EC7-9FB0-5398D108F81C}" = Intel(R) Wireless Display "{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{E0C7523C-686B-3EE6-8FB1-CB4339E30EDD}" = Microsoft .NET Framework 4.7.1 "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) "MozillaMaintenanceService" = Mozilla Maintenance Service "ProInst" = Intel PROSet Wireless "SynTPDeinstKey" = Dell Touchpad [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{04f0c8c0-e0c8-4292-8676-db9174655d7a}" = DIRECTV Player "{04FED4B6-2CD9-4D93-AACA-6FD1F18EA380}" = Kaltura CaptureSpace Desktop Recorder "{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 "{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}" = Citrix Online Launcher "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0ECFCB07-9BFE-4970-ACA1-D568D982760B}" = Complete Care Business Service Agreement "{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup "{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1E26B9C2-ED08-4EEA-83C8-A786502B41E5}" = IBM SPSS Statistics 21 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0 "{26A24AE4-039D-4CA4-87B4-2F32180161F0}" = Java 8 Update 161 "{2A0F2CC5-3065-492C-8380-B03AA7106B1A}" = Dell Product Registration "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{3365E735-48A6-4194-9988-CE59AC5AE503}" = Bing Bar "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{35DAA04C-1720-4BE3-A920-A03731EC6A1D}" = Google Earth Pro "{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}" = Banctec Service Agreement "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries "{56EC47AA-5813-4FF6-8E75-544026FBEA83}" = Apple Software Update "{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{81F1C6DE-C053-4C6C-9DE8-ED23D28FA9AB}" = Cozi "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{87434D51-51DB-4109-B68F-A829ECDCF380}" = Accelerometer "{8C9AA2C1-D07A-48E8-9DD8-471A072947F4}" = Adobe AIR "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 "{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English "{903679E8-44C8-4C07-9600-05C92654FC50}" = QualxServ Service Agreement "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}" = Dell Home Systems Service Agreement "{AC76BA86-0804-1033-1959-001824265200}" = Adobe Refresh Manager "{AC76BA86-7AD7-1033-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC "{B03954CC-E130-4E57-BC83-869978685902}" = LG United Mobile Drivers "{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars "{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}" = Premium Service Agreement "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}" = Google SketchUp 8 "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}" = Accidental Damage Services Agreement "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement "{F6430171-B86B-4639-839E-374913E7911D}" = Google Earth "{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 "{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 "{F9B579C2-D854-300A-BE62-A09EB9D722E4}" = Google Talk Plugin "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}" = Apple Application Support (32-bit) "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 28 ActiveX "Adobe Flash Player NPAPI" = Adobe Flash Player 28 NPAPI "Adobe Flash Player PPAPI" = Adobe Flash Player 28 PPAPI "Adobe Shockwave Player" = Adobe Shockwave Player 12.2 "Advanced Audio FX Engine" = Advanced Audio FX Engine "AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove) "Dell Dock" = Dell Dock "Dell Webcam Central" = Dell Webcam Central "FF389026-F961-42C5-BACD-B4A3AA73E0F3" = Riverpoint Writer "Google Chrome" = Google Chrome "GoToAssist" = GoToAssist Corporate "Mozilla Firefox 58.0.1 (x86 en-US)" = Mozilla Firefox 58.0.1 (x86 en-US) "Office14.Click2Run" = Microsoft Office Click-to-Run 2010 "Office14.SingleImage" = Microsoft Office Home and Student 2010 "VLC media player" = VLC media player "WinLiveSuite" = Windows Live Essentials "WRUNINST" = Webroot SecureAnywhere "Zotero Standalone 4.0.29.10 (x86 en-US)" = Zotero Standalone 4.0.29.10 (x86 en-US) ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1597461494-781392241-1313931377-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{4AFCAFDC-D870-41FA-B9FB-1442B9DAFE76}" = ArcadeFrontier "AOL Toolbar" = AOL Toolbar "GoToMeeting" = GoToMeeting 8.22.0.8473 "Octoshape Streaming Services" = Infinite HD™ App ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 3/12/2018 8:13:04 AM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 3/12/2018 8:13:04 AM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 8003 Error - 3/12/2018 8:13:04 AM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 8003 Error - 3/12/2018 8:13:05 AM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 3/12/2018 8:13:05 AM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 9111 Error - 3/12/2018 8:13:05 AM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 9111 Error - 3/12/2018 9:58:23 PM | Computer Name = Owner-PC | Source = Application Virtualization Client | ID = 5009 Description = {tid=F94} The Application Virtualization Client could not connect to stream URL 'http://c2r.microsoft.com/ConsumerC2R/en-us/14.0.4763.1000/ConsumerC2R.en-us_14.0.7194.5000.sft' (rc 24600F0A-10000001, original rc 24600F0A-10000001). Error - 3/12/2018 9:58:23 PM | Computer Name = Owner-PC | Source = CVHSVC | ID = 100 Description = Information only. Click-2-Run package registration failure. Error - 3/12/2018 10:35:24 PM | Computer Name = Owner-PC | Source = Application Virtualization Client | ID = 5009 Description = {tid=E88} The Application Virtualization Client could not connect to stream URL 'http://c2r.microsoft.com/ConsumerC2R/en-us/14.0.4763.1000/ConsumerC2R.en-us_14.0.7194.5000.sft' (rc 2460420A-40002EFD, original rc 2460420A-40002EFD). Error - 3/12/2018 10:35:24 PM | Computer Name = Owner-PC | Source = CVHSVC | ID = 100 Description = Information only. Click-2-Run package registration failure. [ Dell Events ] Error - 2/12/2011 2:25:37 PM | Computer Name = Owner-PC | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 2/12/2011 2:25:37 PM | Computer Name = Owner-PC | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. [ System Events ] Error - 3/12/2018 9:54:54 PM | Computer Name = Owner-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003 Description = WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll Error - 3/12/2018 9:55:05 PM | Computer Name = Owner-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003 Description = WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll Error - 3/12/2018 9:55:05 PM | Computer Name = Owner-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003 Description = WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll Error - 3/12/2018 9:55:05 PM | Computer Name = Owner-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003 Description = WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll Error - 3/12/2018 9:55:09 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7038 Description = The WMPNetworkSvc service was unable to log on as NT AUTHORITY\NetworkService with the currently configured password due to the following error: %%50 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error - 3/12/2018 9:55:09 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000 Description = The Windows Media Player Network Sharing Service service failed to start due to the following error: %%1069 Error - 3/12/2018 9:56:46 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000 Description = The Service Installer TrueKey service failed to start due to the following error: %%2 Error - 3/12/2018 9:57:52 PM | Computer Name = Owner-PC | Source = DCOM | ID = 10016 Description = Error - 3/12/2018 10:33:51 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000 Description = The Service Installer TrueKey service failed to start due to the following error: %%2 Error - 3/12/2018 10:35:14 PM | Computer Name = Owner-PC | Source = DCOM | ID = 10016 Description = < End of report >
  14. Barba

    Ready to clean

    Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 3/12/18 Scan Time: 8:19 PM Log File: eda2e506-2664-11e8-89b6-c0cb38b3f14c.json Administrator: Yes -Software Information- Version: 3.4.4.2398 Components Version: 1.0.322 Update Package Version: 1.0.4322 License: Trial -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Owner-PC\Owner -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 323303 Threats Detected: 184 Threats Quarantined: 184 Time Elapsed: 8 min, 11 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 49 PUP.Optional.ArcadeFrontier, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{6C8DB2EC-499B-4897-A784-0E3186C97E9D}, Quarantined, [3142], [175496],1.0.4322 PUP.Optional.ArcadeFrontier, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{6C8DB2EC-499B-4897-A784-0E3186C97E9D}, Quarantined, [3142], [175496],1.0.4322 PUP.Optional.ArcadeFrontier, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{6C8DB2EC-499B-4897-A784-0E3186C97E9D}, Quarantined, [3142], [175496],1.0.4322 PUP.Optional.ArcadeFrontier, HKU\S-1-5-21-1597461494-781392241-1313931377-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{6C8DB2EC-499B-4897-A784-0E3186C97E9D}, Quarantined, [3142], [175496],1.0.4322 PUP.Optional.ArcadeFrontier, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{6C8DB2EC-499B-4897-A784-0E3186C97E9D}, Quarantined, [3142], [175496],1.0.4322 PUP.Optional.ArcadeFrontier, HKU\S-1-5-21-1597461494-781392241-1313931377-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{6C8DB2EC-499B-4897-A784-0E3186C97E9D}, Quarantined, [3142], [175496],1.0.4322 PUP.Optional.ArcadeFrontier, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{6C8DB2EC-499B-4897-A784-0E3186C97E9D}, Quarantined, [3142], [175496],1.0.4322 PUP.Optional.ArcadeFrontier, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{6C8DB2EC-499B-4897-A784-0E3186C97E9D}\InprocServer32, Quarantined, [3142], [175496],1.0.4322 PUP.Optional.ArcadeFrontier, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{6C8DB2EC-499B-4897-A784-0E3186C97E9D}\InprocServer32, Quarantined, [3142], [175496],1.0.4322 PUP.Optional.MindSpark, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\APPDATALOW\SOFTWARE\CursorMania_7l, Quarantined, [236], [240440],1.0.4322 PUP.Optional.FunWebProducts, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\APPDATALOW\SOFTWARE\Fun Web Products, Quarantined, [8620], [238589],1.0.4322 PUP.Optional.FunWebProducts, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\APPDATALOW\SOFTWARE\FunWebProducts, Quarantined, [8620], [238590],1.0.4322 PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\Updater.AmiUpd, Quarantined, [6], [235425],1.0.4322 PUP.Optional.Conduit.Generic, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\JHBBMMGBNJALCCAMLAEFHEPNAJFMGOPB, Quarantined, [1777], [443284],1.0.4322 PUP.Optional.Conduit.Generic, HKU\S-1-5-21-1597461494-781392241-1313931377-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\jhbbmmgbnjalccamlaefhepnajfmgopb, Quarantined, [1777], [443284],1.0.4322 PUP.Optional.BetterBrain, HKLM\SOFTWARE\WOW6432NODE\BetterBrain_1.10.0.2, Quarantined, [9609], [235766],1.0.4322 PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{21111111-1111-1111-1111-110111991162}, Quarantined, [204], [237508],1.0.4322 PUP.Optional.MindSpark, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\CursorMania_7l, Quarantined, [236], [240556],1.0.4322 PUP.Optional.Conduit.Generic, HKU\S-1-5-21-1597461494-781392241-1313931377-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\CHCT3315828, Quarantined, [1777], [443523],1.0.4322 PUP.Optional.ASK, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{3701ae53-8d45-4479-89e5-53f77550a256}, Quarantined, [480], [245523],1.0.4322 PUP.Optional.MyWebSearch, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{56256A51-B582-467e-B8D4-7786EDA79AE0}, Quarantined, [1976], [241108],1.0.4322 PUP.Optional.SaveValet, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\SOCIALBIT\IE\SaveValet, Quarantined, [9846], [242570],1.0.4322 PUP.Optional.Vosteran, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\oilkkkefbalmbfppgjmgjoefbclebkce, Quarantined, [6685], [244631],1.0.4322 PUP.Optional.ArcadeFrontier, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9BC285BF-A07F-4A55-883F-8A0F9AAA6071}, Quarantined, [3142], [235560],1.0.4322 PUP.Optional.ArcadeFrontier, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{9BC285BF-A07F-4A55-883F-8A0F9AAA6071}, Quarantined, [3142], [235560],1.0.4322 PUP.Optional.ArcadeFrontier, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ArcadeFrontier, Quarantined, [3142], [235560],1.0.4322 PUP.Optional.OpenCandy, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OpenCandyHelperRunAsStandardUserA1C8E64CD0B64286BD1353E0D1936F63, Quarantined, [478], [241417],1.0.4322 PUP.Optional.OpenCandy, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OpenCandyHelperRunOnce1F8B86E01479407EB76366F0711D8866, Quarantined, [478], [241417],1.0.4322 PUP.Optional.Vosteran, HKLM\SOFTWARE\CLASSES\APPID\{4CB3598A-82E8-4D1F-983F-061238AE696E}, Quarantined, [6685], [160319],1.0.4322 PUP.Optional.Vosteran, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{4CB3598A-82E8-4D1F-983F-061238AE696E}, Quarantined, [6685], [160319],1.0.4322 PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{4CB3598A-82E8-4D1F-983F-061238AE696E}, Quarantined, [6685], [160319],1.0.4322 PUP.Optional.ASK, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{07B18EA9-A523-4961-B6BB-170DE4475CCA}, Quarantined, [480], [407902],1.0.4322 PUP.Optional.ASK, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{07B18EA9-A523-4961-B6BB-170DE4475CCA}, Quarantined, [480], [407902],1.0.4322 PUP.Optional.Wajam, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}, Quarantined, [73], [168989],1.0.4322 PUP.Optional.Wajam, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}, Quarantined, [73], [168989],1.0.4322 PUP.Optional.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Quarantined, [73], [-1],0.0.0 PUP.Optional.Yontoo, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}, Quarantined, [30], [169049],1.0.4322 PUP.Optional.Yontoo, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}, Quarantined, [30], [169049],1.0.4322 PUP.Optional.Yontoo, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, Quarantined, [30], [-1],0.0.0 PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME, Quarantined, [30], [-1],0.0.0 PUP.Optional.Yontoo, HKLM\SOFTWARE\POLICIES\CHROMIUM, Quarantined, [30], [-1],0.0.0 PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\POLICIES\CHROMIUM, Quarantined, [30], [-1],0.0.0 PUP.Optional.MindSpark, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{76CAB667-1CD5-410F-8047-B08AB01A92A2}, Quarantined, [236], [168351],1.0.4322 PUP.Optional.MindSpark, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{76CAB667-1CD5-410F-8047-B08AB01A92A2}, Quarantined, [236], [168351],1.0.4322 PUP.Optional.MindSpark, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{936D1CC6-4508-4607-9638-8C714E9DC809}, Quarantined, [236], [168384],1.0.4322 PUP.Optional.MindSpark, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{936D1CC6-4508-4607-9638-8C714E9DC809}, Quarantined, [236], [168384],1.0.4322 PUP.Optional.MindSpark, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{2D38D9EF-B94E-4ED8-8564-3AC2CF8B88F7}, Quarantined, [236], [168255],1.0.4322 PUP.Optional.MindSpark, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{2D38D9EF-B94E-4ED8-8564-3AC2CF8B88F7}, Quarantined, [236], [168255],1.0.4322 PUP.Optional.ASK, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D4027C7F-154A-4066-A1AD-4243D8127440}, Quarantined, [480], [306571],1.0.4322 Registry Value: 26 PUP.Optional.Conduit.Generic, HKU\S-1-5-21-1597461494-781392241-1313931377-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\jhbbmmgbnjalccamlaefhepnajfmgopb|PATH, Quarantined, [1777], [443284],1.0.4322 PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{21111111-1111-1111-1111-110111991162}|APPNAME, Quarantined, [204], [237508],1.0.4322 PUP.Optional.Conduit.Generic, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\jhbbmmgbnjalccamlaefhepnajfmgopb|PATH, Quarantined, [1777], [443285],1.0.4322 PUP.Optional.ASK, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{3701ae53-8d45-4479-89e5-53f77550a256}|DISPLAYNAME, Quarantined, [480], [245523],1.0.4322 PUP.Optional.ASK, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{3701ae53-8d45-4479-89e5-53f77550a256}|URL, Quarantined, [480], [245522],1.0.4322 PUP.Optional.MyWebSearch, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{56256A51-B582-467e-B8D4-7786EDA79AE0}|URL, Quarantined, [1976], [241108],1.0.4322 PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|[email protected], Quarantined, [236], [240765],1.0.4322 PUP.Optional.ASK, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{07B18EA9-A523-4961-B6BB-170DE4475CCA}, Quarantined, [480], [407902],1.0.4322 PUP.Optional.Wajam, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [73], [-1],0.0.0 PUP.Optional.Wajam, HKU\S-1-5-19\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [73], [-1],0.0.0 PUP.Optional.Wajam, HKU\S-1-5-20\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [73], [-1],0.0.0 PUP.Optional.Wajam, HKU\S-1-5-21-1597461494-781392241-1313931377-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [73], [-1],0.0.0 PUP.Optional.Wajam, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [73], [-1],0.0.0 PUP.Optional.Wajam, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, Quarantined, [73], [-1],0.0.0 PUP.Optional.Wajam, HKU\S-1-5-21-1597461494-781392241-1313931377-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, Quarantined, [73], [-1],0.0.0 PUP.Optional.Wajam, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, Quarantined, [73], [-1],0.0.0 PUP.Optional.Wajam, HKU\S-1-5-21-1597461494-781392241-1313931377-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, Quarantined, [73], [-1],0.0.0 PUP.Optional.Wajam, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [73], [-1],0.0.0 PUP.Optional.Wajam, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, Quarantined, [73], [-1],0.0.0 PUP.Optional.Wajam, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, Quarantined, [73], [-1],0.0.0 PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [73], [-1],0.0.0 PUP.Optional.MindSpark, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{2D38D9EF-B94E-4ED8-8564-3AC2CF8B88F7}, Quarantined, [236], [168255],1.0.4322 PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{2D38D9EF-B94E-4ED8-8564-3AC2CF8B88F7}, Quarantined, [236], [168255],1.0.4322 PUP.Optional.MindSpark, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{2D38D9EF-B94E-4ED8-8564-3AC2CF8B88F7}, Quarantined, [236], [168255],1.0.4322 PUP.Optional.ASK, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{07B18EA9-A523-4961-B6BB-170DE4475CCA}, Quarantined, [480], [407902],1.0.4322 PUP.Optional.MindSpark, HKU\S-1-5-21-1597461494-781392241-1313931377-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{5b9e2a0b-c94b-46a5-b53c-5892834c0d3e}, Quarantined, [236], [168319],1.0.4322 Registry Data: 2 PUM.Optional.DisableShowSearch, HKU\S-1-5-21-1597461494-781392241-1313931377-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|START_SHOWSEARCH, Replaced, [14129], [293317],1.0.4322 PUM.Optional.DisableShowSearch, HKU\S-1-5-21-1597461494-781392241-1313931377-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|START_SHOWSEARCH, Replaced, [14129], [293317],1.0.4322 Data Stream: 0 (No malicious items detected) Folder: 13 PUP.Optional.ArcadeFrontier, C:\USERS\OWNER\APPDATA\LOCAL\ARCADEFRONTIER, Quarantined, [3142], [175496],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\_metadata, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\config, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\icons, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\js, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Extension Settings\dnflpnhpbffehddplcdlohealbgbbamk, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL EXTENSION SETTINGS\DNFLPNHPBFFEHDDPLCDLOHEALBGBBAMK, Quarantined, [236], [420408],1.0.4322 PUP.Optional.WinYahoo.TskLnk, C:\USERS\OWNER\APPDATA\LOCAL\{F3E0C5BC-D748-A904-BAD0-8CEC9EB87074}, Quarantined, [486], [484244],1.0.4322 PUP.Optional.FunSafeTab.Generic, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjnlbdpolmifimkefonejdjlghkmgnej\0.7_1\_metadata, Quarantined, [7313], [495186],1.0.4322 PUP.Optional.FunSafeTab.Generic, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjnlbdpolmifimkefonejdjlghkmgnej\0.7_1, Quarantined, [7313], [495186],1.0.4322 PUP.Optional.FunSafeTab.Generic, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\GJNLBDPOLMIFIMKEFONEJDJLGHKMGNEJ, Quarantined, [7313], [495186],1.0.4322 File: 94 PUP.Optional.ArcadeFrontier, C:\Users\Owner\AppData\Local\ArcadeFrontier\ArcadeFrontier.dll, Quarantined, [3142], [175496],1.0.4322 PUP.Optional.ArcadeFrontier, C:\Users\Owner\AppData\Local\ArcadeFrontier\user.ini, Quarantined, [3142], [175496],1.0.4322 PUP.Optional.ArcadeFrontier, C:\WINDOWS\TASKS\ARCADEFRONTIER.JOB, Quarantined, [3142], [235557],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dnflpnhpbffehddplcdlohealbgbbamk\000003.log, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dnflpnhpbffehddplcdlohealbgbbamk\CURRENT, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dnflpnhpbffehddplcdlohealbgbbamk\LOCK, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dnflpnhpbffehddplcdlohealbgbbamk\LOG, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dnflpnhpbffehddplcdlohealbgbbamk\MANIFEST-000001, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\config\config.json, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\config\extension-config.json, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\config\extension-dev-config.json, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\icons\icon128.png, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\icons\icon16.png, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\icons\icon19disabled.png, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\icons\icon19on.png, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\icons\icon48.png, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\js\ajax.js, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\js\background.js, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\js\chrome.js, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\js\content_script.js, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\js\dlp.js, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\js\dlpHelper.js, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\js\extension_detect.js, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\js\genericLoadRemoteSettings.js, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\js\index.js, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\js\initOfferCEF.js, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\js\logger.js, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\js\offerService.js, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\js\pageUtils.js, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\js\PartnerId.js, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\js\product.js, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\js\storage.js, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\js\TabManager.js, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\js\TemplateParser.js, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\js\ul.js, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\js\urlFragmentActions.js, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\js\urlUtils.js, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\js\util.js, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\js\webtooltabAPI.js, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\_metadata\verified_contents.json, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\dynamicNewTab.html, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\manifest.json, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\productnewtab.html, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnflpnhpbffehddplcdlohealbgbbamk\13.421.12.41215_1\stubby.html, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dnflpnhpbffehddplcdlohealbgbbamk\000003.log, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dnflpnhpbffehddplcdlohealbgbbamk\CURRENT, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dnflpnhpbffehddplcdlohealbgbbamk\LOCK, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dnflpnhpbffehddplcdlohealbgbbamk\LOG, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dnflpnhpbffehddplcdlohealbgbbamk\LOG.old, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dnflpnhpbffehddplcdlohealbgbbamk\MANIFEST-000001, Quarantined, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [236], [420408],1.0.4322 PUP.Optional.MindSpark, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Replaced, [236], [420408],1.0.4322 PUP.Optional.WinYahoo.TskLnk, C:\USERS\OWNER\APPDATA\LOCAL\{F3E0C5BC-D748-A904-BAD0-8CEC9EB87074}\dana, Quarantined, [486], [484244],1.0.4322 PUP.Optional.WinYahoo.TskLnk, C:\Users\Owner\AppData\Local\{F3E0C5BC-D748-A904-BAD0-8CEC9EB87074}\config.dat, Quarantined, [486], [484244],1.0.4322 PUP.Optional.WinYahoo.TskLnk, C:\Users\Owner\AppData\Local\{F3E0C5BC-D748-A904-BAD0-8CEC9EB87074}\info.dat, Quarantined, [486], [484244],1.0.4322 PUP.Optional.WinYahoo.TskLnk, C:\Users\Owner\AppData\Local\{F3E0C5BC-D748-A904-BAD0-8CEC9EB87074}\install.log, Quarantined, [486], [484244],1.0.4322 PUP.Optional.WinYahoo.TskLnk, C:\Users\Owner\AppData\Local\{F3E0C5BC-D748-A904-BAD0-8CEC9EB87074}\Sqlite3.dll, Quarantined, [486], [484244],1.0.4322 PUP.Optional.WinYahoo.TskLnk, C:\Users\Owner\AppData\Local\{F3E0C5BC-D748-A904-BAD0-8CEC9EB87074}\STTL.DAT, Quarantined, [486], [484244],1.0.4322 PUP.Optional.WinYahoo.TskLnk, C:\Users\Owner\AppData\Local\{F3E0C5BC-D748-A904-BAD0-8CEC9EB87074}\TTL.DAT, Quarantined, [486], [484244],1.0.4322 PUP.Optional.WinYahoo.TskLnk, C:\Users\Owner\AppData\Local\{F3E0C5BC-D748-A904-BAD0-8CEC9EB87074}\uninst.dat, Quarantined, [486], [484244],1.0.4322 PUP.Optional.FunSafeTab.Generic, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [7313], [495186],1.0.4322 PUP.Optional.FunSafeTab.Generic, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [7313], [495186],1.0.4322 PUP.Optional.FunSafeTab.Generic, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Replaced, [7313], [495186],1.0.4322 PUP.Optional.FunSafeTab.Generic, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\GJNLBDPOLMIFIMKEFONEJDJLGHKMGNEJ\0.7_1\MANIFEST.JSON, Quarantined, [7313], [495186],1.0.4322 PUP.Optional.FunSafeTab.Generic, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjnlbdpolmifimkefonejdjlghkmgnej\0.7_1\_metadata\verified_contents.json, Quarantined, [7313], [495186],1.0.4322 PUP.Optional.FunSafeTab.Generic, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjnlbdpolmifimkefonejdjlghkmgnej\0.7_1\background.js, Quarantined, [7313], [495186],1.0.4322 PUP.Optional.FunSafeTab.Generic, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjnlbdpolmifimkefonejdjlghkmgnej\0.7_1\logo.png, Quarantined, [7313], [495186],1.0.4322 PUP.Optional.FunSafeTab.Generic, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjnlbdpolmifimkefonejdjlghkmgnej\0.7_1\redirect.html, Quarantined, [7313], [495186],1.0.4322 PUP.Optional.FunSafeTab.Generic, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjnlbdpolmifimkefonejdjlghkmgnej\0.7_1\redirect.js, Quarantined, [7313], [495186],1.0.4322 PUP.Optional.APNToolBar, C:\USERS\OWNER\APPDATA\LOCAL\DOWNLOADED INSTALLATIONS\{7A3198DD-50DC-4BD2-816B-536AA0D573DE}\THE WEATHER CHANNEL APP.MSI, Quarantined, [6035], [76243],1.0.4322 PUP.Optional.APNToolBar, C:\USERS\OWNER\APPDATA\LOCAL\DOWNLOADED INSTALLATIONS\{BF3589D3-BF62-48FE-9405-C2FB81574783}\THE WEATHER CHANNEL APP.MSI, Quarantined, [6035], [76243],1.0.4322 PUP.Optional.WinYahoo, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Replaced, [58], [454790],1.0.4322 PUP.Optional.WinYahoo, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [58], [454790],1.0.4322 PUP.Optional.Binkiland, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Replaced, [2346], [455060],1.0.4322 PUP.Optional.Binkiland, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [2346], [455060],1.0.4322 PUP.Optional.Conduit, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Replaced, [529], [454832],1.0.4322 PUP.Optional.Conduit, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [529], [454832],1.0.4322 PUP.Optional.Vosteran, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [6685], [455253],1.0.4322 PUP.Optional.Binkiland, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Replaced, [2346], [455060],1.0.4322 PUP.Optional.Binkiland, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [2346], [455060],1.0.4322 PUP.Optional.ASK, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Replaced, [480], [454827],1.0.4322 PUP.Optional.ASK, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [480], [454827],1.0.4322 PUP.Optional.Conduit, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [529], [454832],1.0.4322 PUP.Optional.Binkiland, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [2346], [455060],1.0.4322 PUP.Optional.WinYahoo, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Replaced, [58], [454790],1.0.4322 PUP.Optional.WinYahoo, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [58], [454790],1.0.4322 PUP.Optional.Conduit, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [529], [454832],1.0.4322 PUP.Optional.Vosteran, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Replaced, [6685], [455253],1.0.4322 PUP.Optional.Vosteran, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [6685], [455253],1.0.4322 PUP.Optional.Conduit, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [529], [454832],1.0.4322 PUP.Optional.Binkiland, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Replaced, [2346], [455060],1.0.4322 PUP.Optional.Binkiland, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [2346], [455060],1.0.4322 PUP.Optional.Vosteran, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [6685], [455253],1.0.4322 Physical Sector: 0 (No malicious items detected) (end)
  15. Barba

    Ready to clean

    # AdwCleaner 7.0.8.0 - Logfile created on Tue Mar 13 01:54:44 2018 # Updated on 2018/08/02 by Malwarebytes # Running on Windows 7 Home Premium (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services deleted. ***** [ Folders ] ***** Deleted: C:\Windows\System32\config\systemprofile\AppData\Local\YSearchUtil Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil Deleted: C:\Users\Owner\AppData\Local\YSearchUtil Deleted: C:\Program Files (x86)\Yahoo!\yset ***** [ Files ] ***** Deleted: C:\Users\Owner\Downloads\DRIVERUPDATE-SETUP.EXE ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\cloudfront.net Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\d2m2wsoho8qq12.cloudfront.net Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.aol.com Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BingProvidedSearch Deleted: [Key] - HKU\S-1-5-21-1597461494-781392241-1313931377-1000\Software\BingProvidedSearch Deleted: [Key] - HKCU\Software\BingProvidedSearch Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{07B18EA9-A523-4961-B6BB-170DE4475CCA} Deleted: [Key] - HKU\S-1-5-21-1597461494-781392241-1313931377-1000\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief. Deleted: [Key] - HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** Plugin deleted: PDFConverterHQ - Plugin deleted: FunSafeTab - SearchProvider deleted: Ask - websearch.ask.com SearchProvider deleted: Conduit - search.conduit.com ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[C1].txt - [69511 B] - [2016/2/23 18:51:14] C:/AdwCleaner/AdwCleaner[S1].txt - [2859 B] - [2016/2/23 18:49:4] ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########