Sponsored By

marienottingham

Members
  • Content count

    18
  • Joined

  • Last visited

About marienottingham

  • Rank
    Member
  1. # DelFix v1.013 - Logfile created 04/03/2017 at 11:04:06 # Updated 17/04/2016 by Xplode # Username : Marie - MARIELT # Operating System : Windows 10 Home (64 bits) ~ Removing disinfection tools ... Deleted : C:\_OTL Deleted : C:\AdwCleaner Deleted : C:\Users\Marie\Desktop\JRT.txt Deleted : C:\Users\Marie\Downloads\adwcleaner_6.043.exe Deleted : C:\Users\Marie\Downloads\Extras.Txt Deleted : C:\Users\Marie\Downloads\JRT.exe Deleted : C:\Users\Marie\Downloads\OTL.Txt Deleted : HKLM\SOFTWARE\OldTimer Tools ~ Creating registry backup ... OK ~ Cleaning system restore ... Deleted : RP #24 [Windows Update | 02/09/2017 19:49:03] Deleted : RP #26 [Removed Rapport | 02/12/2017 16:44:13] Deleted : RP #27 [JRT Pre-Junkware Removal | 02/17/2017 01:46:56] Deleted : RP #28 [JRT Pre-Junkware Removal | 02/17/2017 18:51:37] Deleted : RP #29 [Windows Update | 02/25/2017 01:50:15] New restore point created ! ~ Resetting system settings ... OK ########## - EOF - ##########
  2. All processes killed ========== OTL ========== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF086FA7-30BE-4D83-8B55-599F22D663D4}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF086FA7-30BE-4D83-8B55-599F22D663D4}\ not found. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF086FA7-30BE-4D83-8B55-599F22D663D4}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF086FA7-30BE-4D83-8B55-599F22D663D4}\ not found. HKEY_USERS\S-1-5-21-891212858-715741461-1384353718-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_USERS\S-1-5-21-891212858-715741461-1384353718-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. C:\Users\Marie\AppData\Roaming\mozilla\Extensions folder moved successfully. C:\Users\Marie\AppData\Roaming\mozilla\Firefox\Profiles\ag0xvj42.default-1440197636424\extensions folder moved successfully. C:\Users\Marie\AppData\Roaming\mozilla\firefox\profiles\ag0xvj42.default-1440197636424\features\{16303b38-77c6-4ed7-9438-6a214bfe518d}\[email protected] moved successfully. C:\Users\Marie\AppData\Roaming\mozilla\firefox\profiles\ag0xvj42.default-1440197636424\features\{16303b38-77c6-4ed7-9438-6a214bfe518d}\[email protected] moved successfully. C:\Users\Marie\AppData\Roaming\mozilla\firefox\profiles\ag0xvj42.default-1440197636424\features\{6dea376f-c9f7-4a24-9525-3d170c954ddc}\[email protected] moved successfully. C:\Users\Marie\AppData\Roaming\mozilla\firefox\profiles\ag0xvj42.default-1440197636424\features\{6dea376f-c9f7-4a24-9525-3d170c954ddc}\[email protected] moved successfully. C:\Users\Marie\AppData\Roaming\mozilla\firefox\profiles\ag0xvj42.default-1440197636424\features\{6dea376f-c9f7-4a24-9525-3d170c954ddc}\[email protected] moved successfully. C:\Users\Marie\AppData\Roaming\mozilla\firefox\profiles\ag0xvj42.default-1440197636424\features\{6dea376f-c9f7-4a24-9525-3d170c954ddc}\[email protected] moved successfully. C:\Program Files (x86)\Mozilla Firefox\browser\extensions folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_metadata folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\zh_TW folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\zh folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\vi folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\uk folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\tr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\th folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\te folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\ta folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\sw folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\sv folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\sr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\sl folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\sk folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\ru folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\ro folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\pt_PT folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\pt_BR folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\pt folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\pl folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\nl folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\nb folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\ms folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\mr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\ml folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\lv folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\lt folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\ko folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\kn folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\ja folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\iw folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\it folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\id folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\hu folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\hr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\hi folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\gu folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\fr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\fil folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\fi folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\fa folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\et folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\es folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\en folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\el folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\de folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\da folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\cs folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\ca folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\bn folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\bg folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\ar folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\am folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\popup_partials folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\data folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\cast_setup folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0 folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_metadata folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\zh_TW folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\zh_CN folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\vi folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\ur folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\uk folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\tr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\th folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\sv folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\sr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\sl folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\sk folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\ru folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\ro folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\pt_PT folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\pt_BR folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\pl folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\nl folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\nb folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\ms folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\lv folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\lt folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\ko folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\ja folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\it folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\id folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\hu folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\hr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\hi folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\he folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\fr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\fi folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\fa folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\et folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\es folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\en_GB folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\en folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\el folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\de folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\da folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\cs folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\ca folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\bn folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\bg folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\be folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\ar folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\scripts folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\common\skin\img folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\common\skin\css folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\common\skin folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\common\scripts folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\common\libs folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\common folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0 folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_metadata folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\zh_TW folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\zh_CN folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\vi folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\uk folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\tr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\th folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\sv folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\sr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\sl folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\sk folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\ru folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\ro folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\pt_PT folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\pt_BR folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\pl folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\nl folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\nb folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\lv folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\lt folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\ko folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\ja folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\it folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\id folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\hu folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\hr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\hi folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\fr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\fil folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\fi folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\et folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\es_419 folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\es folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\en_GB folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\en folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\el folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\de folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\da folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\cs folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\ca folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\bg folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\images folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\html folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\css folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0 folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_metadata folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\zh_TW folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\zh folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\vi folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\uk folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\tr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\th folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\te folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ta folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\sw folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\sv folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\sr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\sl folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\sk folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ru folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ro folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\pt_PT folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\pt_BR folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\pt folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\pl folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\nl folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\nb folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ms folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\mr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ml folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\lv folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\lt folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ko folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\kn folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ja folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\iw folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\it folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\id folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\hu folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\hr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\hi folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\gu folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\fr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\fil folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\fi folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\fa folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\et folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\es folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\en folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\el folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\de folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\da folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\cs folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ca folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\bn folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\bg folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ar folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\am folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\cloud_route_details folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\cast_setup folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0 folder moved successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}\ not found. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\GarminExpressTrayApp deleted successfully. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\GarminExpressTrayApp not found. Registry value HKEY_USERS\S-1-5-21-891212858-715741461-1384353718-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 17.3.6764.0111 deleted successfully. Registry value HKEY_USERS\S-1-5-21-891212858-715741461-1384353718-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 17.3.6764.0111\amd64 deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully! 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully. File Protocol\Handler\wlpg - No CLSID value found not found. 64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. 64bit-Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages:livessp deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages:livessp deleted successfully. Folder move failed. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\f85c351a-9c5e-4488-b7de-74f3761b382b\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell scheduled to be moved on reboot. Folder move failed. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\f85c351a-9c5e-4488-b7de-74f3761b382b scheduled to be moved on reboot. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\db1308bc-9564-449a-b400-5b80dc310752\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\db1308bc-9564-449a-b400-5b80dc310752 folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\c1062c5b-18a5-4cfb-8ac4-da0991984b33\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\c1062c5b-18a5-4cfb-8ac4-da0991984b33 folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\a8409b3c-9db2-411e-84a2-baf4dfb3bb8a\PCDoctor_6855.400_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\a8409b3c-9db2-411e-84a2-baf4dfb3bb8a folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\9abfb38a-6ec7-471d-a9e7-43374ee942a4\PCDoctor_6817.200_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\9abfb38a-6ec7-471d-a9e7-43374ee942a4 folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\8b2ac388-517d-4b78-9a96-7effe8b42d38\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\8b2ac388-517d-4b78-9a96-7effe8b42d38 folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\710b757c-de22-4f17-b735-0d430cbb46ac\PCDoctor_6817.200_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\710b757c-de22-4f17-b735-0d430cbb46ac folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\5e3678d2-145d-446c-a3e8-72527f4c2277\PCDoctor_6817.200_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\5e3678d2-145d-446c-a3e8-72527f4c2277 folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\434e93f3-7750-4a8c-9041-de922b9d38b5\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\434e93f3-7750-4a8c-9041-de922b9d38b5 folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\399ab112-d017-4f2a-8bea-85c1e7d369b1\PCDoctor_6817.200_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\399ab112-d017-4f2a-8bea-85c1e7d369b1 folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\29cd6c11-e800-4e44-8aad-62e459239ec9\PCDoctor_6817.200_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\29cd6c11-e800-4e44-8aad-62e459239ec9 folder moved successfully. Folder move failed. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\293b37e8-7898-48b8-820a-0ef488435bfb\PCDoctor_6855.400_windows_appupdaterrules_dell scheduled to be moved on reboot. Folder move failed. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\293b37e8-7898-48b8-820a-0ef488435bfb scheduled to be moved on reboot. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\2507aa44-00c3-4610-ac45-ac95bc87a0bf\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\2507aa44-00c3-4610-ac45-ac95bc87a0bf folder moved successfully. Folder move failed. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\1a34e344-7447-40ea-bdf2-2a729c98901d\PCDoctor_6817.200_windows_appupdaterrules_dell scheduled to be moved on reboot. Folder move failed. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\1a34e344-7447-40ea-bdf2-2a729c98901d scheduled to be moved on reboot. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\16d49d8b-7d77-4216-8e41-72ee4c8cc1f6\PCDoctor_6817.200_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\16d49d8b-7d77-4216-8e41-72ee4c8cc1f6 folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\012c6869-9759-4c2b-b257-209068d7c457\PCDoctor_6817.200_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\012c6869-9759-4c2b-b257-209068d7c457 folder moved successfully. Folder move failed. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules scheduled to be moved on reboot. Folder move failed. C:\Users\Marie\AppData\Roaming\PCDr\Update\Logs scheduled to be moved on reboot. C:\Users\Marie\AppData\Roaming\PCDr\Update\Binaries folder moved successfully. Folder move failed. C:\Users\Marie\AppData\Roaming\PCDr\Update scheduled to be moved on reboot. C:\Users\Marie\AppData\Roaming\PCDr\Installer\Logs folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Installer folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Downloads\DriverScan\Resources folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Downloads\DriverScan folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Downloads\4557d140-9eca-4e5f-b498-3ecaac28bb73 folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Downloads folder moved successfully. Folder move failed. C:\Users\Marie\AppData\Roaming\PCDr scheduled to be moved on reboot. ========== COMMANDS ========== [EMPTYJAVA] User: All Users User: Default User: Default User User: Default.migrated User: Marie User: Public Total Java Files Cleaned = 0.00 mb [EMPTYFLASH] User: All Users User: Default User: Default User User: Default.migrated User: Marie ->Flash cache emptied: 101244 bytes User: Public Total Flash Files Cleaned = 0.00 mb [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default.migrated User: Marie ->Temp folder emptied: 223484703 bytes ->Temporary Internet Files folder emptied: 13063839 bytes ->FireFox cache emptied: 376920929 bytes ->Google Chrome cache emptied: 113925465 bytes ->Flash cache emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 226068249 bytes RecycleBin emptied: 852872 bytes Total Files Cleaned = 910.00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully Restore point Set: OTL Restore Point OTL by OldTimer - Version 3.2.69.0 log created on 03042017_101319 Files\Folders moved on Reboot... C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\f85c351a-9c5e-4488-b7de-74f3761b382b\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\f85c351a-9c5e-4488-b7de-74f3761b382b folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\293b37e8-7898-48b8-820a-0ef488435bfb\PCDoctor_6855.400_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\293b37e8-7898-48b8-820a-0ef488435bfb folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\1a34e344-7447-40ea-bdf2-2a729c98901d\PCDoctor_6817.200_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\1a34e344-7447-40ea-bdf2-2a729c98901d folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Logs folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr folder moved successfully. C:\Users\Marie\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully. File move failed. C:\WINDOWS\temp\_avast_\AvLock.txt scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170120183723.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170120183728.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170120184201.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170120184209.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170120184232.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170120185214.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170120185245.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170120185309.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170121070952.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170121070953.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170209124444.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170209124449.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170209124517.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170216185114.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170216185115.log scheduled to be moved on reboot. C:\WINDOWS\temp\FXSAPIDebugLogFile.txt moved successfully. C:\WINDOWS\temp\FXSTIFFDebugLogFile.txt moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot...
  3. All processes killed ========== OTL ========== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF086FA7-30BE-4D83-8B55-599F22D663D4}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF086FA7-30BE-4D83-8B55-599F22D663D4}\ not found. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF086FA7-30BE-4D83-8B55-599F22D663D4}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF086FA7-30BE-4D83-8B55-599F22D663D4}\ not found. HKEY_USERS\S-1-5-21-891212858-715741461-1384353718-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_USERS\S-1-5-21-891212858-715741461-1384353718-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. C:\Users\Marie\AppData\Roaming\mozilla\Extensions folder moved successfully. C:\Users\Marie\AppData\Roaming\mozilla\Firefox\Profiles\ag0xvj42.default-1440197636424\extensions folder moved successfully. C:\Users\Marie\AppData\Roaming\mozilla\firefox\profiles\ag0xvj42.default-1440197636424\features\{16303b38-77c6-4ed7-9438-6a214bfe518d}\[email protected] moved successfully. C:\Users\Marie\AppData\Roaming\mozilla\firefox\profiles\ag0xvj42.default-1440197636424\features\{16303b38-77c6-4ed7-9438-6a214bfe518d}\[email protected] moved successfully. C:\Users\Marie\AppData\Roaming\mozilla\firefox\profiles\ag0xvj42.default-1440197636424\features\{6dea376f-c9f7-4a24-9525-3d170c954ddc}\[email protected] moved successfully. C:\Users\Marie\AppData\Roaming\mozilla\firefox\profiles\ag0xvj42.default-1440197636424\features\{6dea376f-c9f7-4a24-9525-3d170c954ddc}\[email protected] moved successfully. C:\Users\Marie\AppData\Roaming\mozilla\firefox\profiles\ag0xvj42.default-1440197636424\features\{6dea376f-c9f7-4a24-9525-3d170c954ddc}\[email protected] moved successfully. C:\Users\Marie\AppData\Roaming\mozilla\firefox\profiles\ag0xvj42.default-1440197636424\features\{6dea376f-c9f7-4a24-9525-3d170c954ddc}\[email protected] moved successfully. C:\Program Files (x86)\Mozilla Firefox\browser\extensions folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_metadata folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\zh_TW folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\zh folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\vi folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\uk folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\tr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\th folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\te folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\ta folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\sw folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\sv folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\sr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\sl folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\sk folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\ru folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\ro folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\pt_PT folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\pt_BR folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\pt folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\pl folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\nl folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\nb folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\ms folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\mr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\ml folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\lv folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\lt folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\ko folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\kn folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\ja folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\iw folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\it folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\id folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\hu folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\hr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\hi folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\gu folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\fr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\fil folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\fi folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\fa folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\et folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\es folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\en folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\el folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\de folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\da folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\cs folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\ca folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\bn folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\bg folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\ar folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales\am folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\_locales folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\popup_partials folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\data folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\cast_setup folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0 folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_metadata folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\zh_TW folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\zh_CN folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\vi folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\ur folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\uk folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\tr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\th folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\sv folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\sr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\sl folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\sk folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\ru folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\ro folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\pt_PT folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\pt_BR folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\pl folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\nl folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\nb folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\ms folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\lv folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\lt folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\ko folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\ja folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\it folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\id folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\hu folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\hr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\hi folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\he folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\fr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\fi folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\fa folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\et folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\es folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\en_GB folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\en folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\el folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\de folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\da folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\cs folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\ca folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\bn folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\bg folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\be folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales\ar folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\_locales folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\scripts folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\common\skin\img folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\common\skin\css folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\common\skin folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\common\scripts folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\common\libs folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\common folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0 folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_metadata folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\zh_TW folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\zh_CN folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\vi folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\uk folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\tr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\th folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\sv folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\sr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\sl folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\sk folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\ru folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\ro folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\pt_PT folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\pt_BR folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\pl folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\nl folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\nb folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\lv folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\lt folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\ko folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\ja folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\it folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\id folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\hu folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\hr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\hi folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\fr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\fil folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\fi folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\et folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\es_419 folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\es folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\en_GB folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\en folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\el folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\de folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\da folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\cs folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\ca folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\bg folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\images folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\html folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\css folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0 folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_metadata folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\zh_TW folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\zh folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\vi folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\uk folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\tr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\th folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\te folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ta folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\sw folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\sv folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\sr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\sl folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\sk folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ru folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ro folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\pt_PT folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\pt_BR folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\pt folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\pl folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\nl folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\nb folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ms folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\mr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ml folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\lv folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\lt folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ko folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\kn folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ja folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\iw folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\it folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\id folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\hu folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\hr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\hi folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\gu folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\fr folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\fil folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\fi folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\fa folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\et folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\es folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\en folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\el folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\de folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\da folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\cs folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ca folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\bn folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\bg folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ar folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\am folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\cloud_route_details folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\cast_setup folder moved successfully. C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0 folder moved successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}\ not found. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\GarminExpressTrayApp deleted successfully. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\GarminExpressTrayApp not found. Registry value HKEY_USERS\S-1-5-21-891212858-715741461-1384353718-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 17.3.6764.0111 deleted successfully. Registry value HKEY_USERS\S-1-5-21-891212858-715741461-1384353718-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 17.3.6764.0111\amd64 deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully! 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully. File Protocol\Handler\wlpg - No CLSID value found not found. 64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. 64bit-Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages:livessp deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages:livessp deleted successfully. Folder move failed. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\f85c351a-9c5e-4488-b7de-74f3761b382b\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell scheduled to be moved on reboot. Folder move failed. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\f85c351a-9c5e-4488-b7de-74f3761b382b scheduled to be moved on reboot. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\db1308bc-9564-449a-b400-5b80dc310752\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\db1308bc-9564-449a-b400-5b80dc310752 folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\c1062c5b-18a5-4cfb-8ac4-da0991984b33\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\c1062c5b-18a5-4cfb-8ac4-da0991984b33 folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\a8409b3c-9db2-411e-84a2-baf4dfb3bb8a\PCDoctor_6855.400_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\a8409b3c-9db2-411e-84a2-baf4dfb3bb8a folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\9abfb38a-6ec7-471d-a9e7-43374ee942a4\PCDoctor_6817.200_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\9abfb38a-6ec7-471d-a9e7-43374ee942a4 folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\8b2ac388-517d-4b78-9a96-7effe8b42d38\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\8b2ac388-517d-4b78-9a96-7effe8b42d38 folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\710b757c-de22-4f17-b735-0d430cbb46ac\PCDoctor_6817.200_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\710b757c-de22-4f17-b735-0d430cbb46ac folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\5e3678d2-145d-446c-a3e8-72527f4c2277\PCDoctor_6817.200_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\5e3678d2-145d-446c-a3e8-72527f4c2277 folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\434e93f3-7750-4a8c-9041-de922b9d38b5\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\434e93f3-7750-4a8c-9041-de922b9d38b5 folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\399ab112-d017-4f2a-8bea-85c1e7d369b1\PCDoctor_6817.200_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\399ab112-d017-4f2a-8bea-85c1e7d369b1 folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\29cd6c11-e800-4e44-8aad-62e459239ec9\PCDoctor_6817.200_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\29cd6c11-e800-4e44-8aad-62e459239ec9 folder moved successfully. Folder move failed. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\293b37e8-7898-48b8-820a-0ef488435bfb\PCDoctor_6855.400_windows_appupdaterrules_dell scheduled to be moved on reboot. Folder move failed. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\293b37e8-7898-48b8-820a-0ef488435bfb scheduled to be moved on reboot. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\2507aa44-00c3-4610-ac45-ac95bc87a0bf\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\2507aa44-00c3-4610-ac45-ac95bc87a0bf folder moved successfully. Folder move failed. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\1a34e344-7447-40ea-bdf2-2a729c98901d\PCDoctor_6817.200_windows_appupdaterrules_dell scheduled to be moved on reboot. Folder move failed. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\1a34e344-7447-40ea-bdf2-2a729c98901d scheduled to be moved on reboot. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\16d49d8b-7d77-4216-8e41-72ee4c8cc1f6\PCDoctor_6817.200_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\16d49d8b-7d77-4216-8e41-72ee4c8cc1f6 folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\012c6869-9759-4c2b-b257-209068d7c457\PCDoctor_6817.200_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\012c6869-9759-4c2b-b257-209068d7c457 folder moved successfully. Folder move failed. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules scheduled to be moved on reboot. Folder move failed. C:\Users\Marie\AppData\Roaming\PCDr\Update\Logs scheduled to be moved on reboot. C:\Users\Marie\AppData\Roaming\PCDr\Update\Binaries folder moved successfully. Folder move failed. C:\Users\Marie\AppData\Roaming\PCDr\Update scheduled to be moved on reboot. C:\Users\Marie\AppData\Roaming\PCDr\Installer\Logs folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Installer folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Downloads\DriverScan\Resources folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Downloads\DriverScan folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Downloads\4557d140-9eca-4e5f-b498-3ecaac28bb73 folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Downloads folder moved successfully. Folder move failed. C:\Users\Marie\AppData\Roaming\PCDr scheduled to be moved on reboot. ========== COMMANDS ========== [EMPTYJAVA] User: All Users User: Default User: Default User User: Default.migrated User: Marie User: Public Total Java Files Cleaned = 0.00 mb [EMPTYFLASH] User: All Users User: Default User: Default User User: Default.migrated User: Marie ->Flash cache emptied: 101244 bytes User: Public Total Flash Files Cleaned = 0.00 mb [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default.migrated User: Marie ->Temp folder emptied: 223484703 bytes ->Temporary Internet Files folder emptied: 13063839 bytes ->FireFox cache emptied: 376920929 bytes ->Google Chrome cache emptied: 113925465 bytes ->Flash cache emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 226068249 bytes RecycleBin emptied: 852872 bytes Total Files Cleaned = 910.00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully Restore point Set: OTL Restore Point OTL by OldTimer - Version 3.2.69.0 log created on 03042017_101319 Files\Folders moved on Reboot... C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\f85c351a-9c5e-4488-b7de-74f3761b382b\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\f85c351a-9c5e-4488-b7de-74f3761b382b folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\293b37e8-7898-48b8-820a-0ef488435bfb\PCDoctor_6855.400_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\293b37e8-7898-48b8-820a-0ef488435bfb folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\1a34e344-7447-40ea-bdf2-2a729c98901d\PCDoctor_6817.200_windows_appupdaterrules_dell folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules\1a34e344-7447-40ea-bdf2-2a729c98901d folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Rules folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update\Logs folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr\Update folder moved successfully. C:\Users\Marie\AppData\Roaming\PCDr folder moved successfully. C:\Users\Marie\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully. File move failed. C:\WINDOWS\temp\_avast_\AvLock.txt scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170120183723.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170120183728.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170120184201.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170120184209.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170120184232.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170120185214.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170120185245.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170120185309.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170121070952.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170121070953.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170209124444.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170209124449.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170209124517.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170216185114.log scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170216185115.log scheduled to be moved on reboot. C:\WINDOWS\temp\FXSAPIDebugLogFile.txt moved successfully. C:\WINDOWS\temp\FXSTIFFDebugLogFile.txt moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot...
  4. OTL Extras logfile created on: 3/4/2017 8:49:24 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marie\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.14393.0) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.87 Gb Total Physical Memory | 1.36 Gb Available Physical Memory | 35.21% Memory free 6.50 Gb Paging File | 3.18 Gb Available in Paging File | 48.98% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 284.34 Gb Total Space | 225.78 Gb Free Space | 79.41% Space Free | Partition Type: NTFS Computer Name: MARIELT | User Name: Marie | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) [HKEY_USERS\S-1-5-21-891212858-715741461-1384353718-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [opennew] -- Reg Error: Key error. htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [opennew] -- Reg Error: Key error. http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 6E 7D A9 3D 8F 1A D2 01 [binary data] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = [binary data] "DontEnumerateCommonFilesUpgradeExe" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = Reg Error: Unknown registry data type -- File not found ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{17BA400F-5402-4E64-B589-822F4A3E7007}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{9C750E52-A98C-4DB0-9CD9-2C6DB3A20A08}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\avast software\szbrowser\3.55.2393.561\szbrowser.exe | "{B5F31744-A474-469A-A98F-EAC54D01F473}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | "{FCF68EF6-888D-46DF-940B-4CFA57FA9D86}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00F1EAA8-7F5B-4DE8-964D-AC2A2A8F89F4}" = dir=in | name=f5 vpn | "{0167E372-9971-4024-8237-EB5A7E06392C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe | "{036E76E6-824D-4FE7-880D-D9294C449BCD}" = dir=in | name=sonicwall mobile connect | "{070A67DF-7BF8-477C-A25F-84E4A2F69BD0}" = dir=out | name=twitter | "{089A3254-3E37-4B39-B592-7B3C649B2DED}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{093515AB-5A45-4D9A-AE01-6880345B69C0}" = dir=out | name=@{microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} | "{09A6B093-E0A7-4D79-8C21-A92FBB6A7EB7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{0C0B995B-6D4C-4532-9A5A-8525E66F4C38}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | "{1023B3F6-610A-49D5-B88E-90AC1921ABEB}" = dir=out | name=microsoft jigsaw | "{1281FBD8-3BA7-49F8-98B1-0587878FC61E}" = dir=out | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} | "{145859BC-3FBA-4AFE-8B47-D9BC12364CFD}" = dir=out | name=@{microsoft.windows.photos_17.214.10010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} | "{150689E7-B3A2-4428-AF64-8EBA08F25C03}" = dir=in | name=@{microsoft.windows.photos_17.214.10010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} | "{167036E6-FBE4-4EFC-8A1F-5AF3EA641618}" = dir=in | name=microsoft mahjong | "{17475767-7B5E-4C1B-AF55-7A60D6A1DDCE}" = dir=out | name=@{microsoft.skypeapp_11.11.110.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} | "{1C48298B-850D-44B3-B6D4-24FF09ECFB48}" = dir=out | name=@{microsoft.connectivitystore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} | "{1CE8B6F9-E5A2-48E3-BE6D-642360F2D760}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | "{1F84F73C-8367-47A2-9170-10B9D6F67941}" = dir=out | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} | "{1FC81146-6221-4692-B287-6AB4B2B050A9}" = dir=in | name=@{microsoft.xboxcompanion_1.4.3.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} | "{1FCDEC38-6ED9-46C5-A630-6952507414D6}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe | "{1FE719D3-9339-4A73-BDEF-80F91125AED8}" = dir=in | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} | "{20453244-1C8C-4655-A3D2-6177DBBABBA6}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | "{2074ECB5-D47D-401B-AB06-8672DC600A76}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | "{216F6090-9BDE-405B-9527-CE346C828B7A}" = dir=out | name=@{microsoft.3dbuilder_12.0.3131.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} | "{21C7554E-1167-4131-9D4C-FB4DF7F68874}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} | "{22389B00-CE43-4A70-9281-D388266B1B4F}" = dir=in | name=microsoft sticky notes | "{24450F88-935E-4422-944C-351FB5E58E5D}" = dir=out | name=xbox | "{24A6602D-697C-48DA-8CBB-8F9A0CBD3B23}" = dir=in | name=dell shop | "{2529A0A9-456C-436F-88AF-B6E3228A20C1}" = dir=in | name=onenote | "{26802B3C-8FA8-4D82-BD78-5226D3A2AE9E}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} | "{29EAE613-122B-4AED-90DE-4CBE0B180688}" = dir=in | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} | "{2E1B2D0F-FCBA-4355-A89B-B459C4189DD5}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | "{2F1B123F-4B7A-4C6C-A807-8849B143A90B}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{2FBE80A7-AE73-4CE4-AC81-398877ABE720}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | "{30571DBB-4CCC-4241-A9AE-1647EE370A33}" = dir=out | name=windows_ie_ac_001 | "{305EAA8D-171D-4CA3-A60E-4759E80A5DF5}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe | "{31F9127F-6CEC-4882-BEB6-59B75752972A}" = dir=out | name=@{microsoft.bingnews_4.18.41.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} | "{33DC70AD-4AF9-4F99-B03F-0EBCEC0E442B}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{3492393B-9342-4717-B1FD-8D1E8689949D}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} | "{349D976B-80E6-4686-A4B9-F983D62456B2}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | "{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn | "{4457C98A-3398-4762-8712-C0C004942F14}" = dir=in | name=hp all-in-one printer remote | "{447394C1-5E20-4E86-8BB2-364D0D3391CF}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | "{46FA4EA3-B6C3-4FB7-A49F-7480166B48D1}" = dir=out | name=@{microsoft.microsoftofficehub_17.7909.7600.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} | "{4B4351F1-5DF2-4752-B80A-C852C57E9B9E}" = dir=in | name=@{microsoft.skypeapp_11.11.110.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} | "{4B7DFF79-ECE7-4D30-8183-75D3BBA5A3B2}" = dir=out | name=@{microsoft.bingsports_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} | "{4B956DCC-1110-497E-9B30-953649F4DAB4}" = dir=out | name=dell shop | "{4C66951C-4BD0-45BD-8829-2B0D05277026}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{4CA921E6-0758-41EA-8E5D-CF470918360A}" = dir=out | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} | "{4CE673F3-D552-4DA3-8958-9AD2D6091128}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | "{4D0A7D5A-AA13-451C-8915-11F3E7ED1C0B}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} | "{4FED1E47-0ED6-4802-991A-B5FB0BA475CC}" = dir=out | name=juniper networks junos pulse | "{50099954-DF89-41A8-A460-CF6B5750D0F0}" = dir=out | name=kindle | "{508A132F-D4E2-48B5-8DA0-10975B04D789}" = dir=out | name=@{microsoft.zunevideo_10.17012.10301.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | "{53A007B8-A342-4311-8D82-AE26BE207F4A}" = dir=in | name=@{microsoft.microsoftofficehub_17.7909.7600.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} | "{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{54AA4E8C-C945-4221-AFB6-C3511694CEBF}" = dir=out | name=@{microsoft.accountscontrol_10.0.14393.693_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} | "{54BAD16C-6E55-48D9-895C-33C1BE8B3C61}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.7922.42017.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} | "{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect | "{5877C558-DA55-43A6-86BD-9A0B9186C0F6}" = dir=out | name=onenote | "{58B006D3-B71D-4042-A512-A017C1C3987F}" = dir=in | name=@{microsoft.zunevideo_10.17012.10301.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | "{59911422-7E5A-458B-8167-B0E74B970E99}" = dir=out | name=@{thechurchofjesuschristofl.gospellibrary_2.16.11.190_x86__ae8bh92e13w8t?ms-resource://thechurchofjesuschristofl.gospellibrary/resources/appdisplayname} | "{5A6E2801-829D-4E7D-9108-848D9D607F34}" = dir=out | name=microsoft sticky notes | "{5CC9BE74-052A-4AB1-9F11-221E41E4B4C5}" = dir=out | name=@{microsoft.xboxcompanion_1.4.3.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} | "{5D1B0B95-502B-4A5D-B5F1-2309FA66BFF9}" = dir=in | name=@{microsoft.zunemusic_10.17012.10301.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | "{5E0C6D5B-87F0-4C2A-8EC3-E631962910FC}" = dir=in | name=check point vpn | "{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect | "{6215845C-E96A-4B29-95A1-087DFA11FD08}" = dir=out | name=sway | "{64E7430A-87D4-4775-8222-1E5CA2B1506E}" = dir=out | name=@{microsoft.windowsmaps_5.1611.3342.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} | "{65C429FE-C623-49F2-A410-7C3B5B894723}" = dir=out | name=f5 vpn | "{67D1D4F5-330F-4AC7-A90E-4315E2D51420}" = dir=in | name=microsoft jigsaw | "{6AF9567F-C4C2-492C-A377-079C4A550024}" = dir=in | name=@{microsoft.bingfinance_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} | "{6D53E30B-CE1F-402F-B03C-A7A8DB8C5703}" = dir=out | name=@{microsoft.zunemusic_10.17012.10301.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | "{70288396-E95F-4D57-8E6F-B0095649072E}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe | "{725FCF47-9DF9-4568-9ABE-B22926ED1E5C}" = dir=in | name=@{microsoft.bingsports_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} | "{74D44445-A970-474A-89CD-AC9F8316CBB2}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe | "{7B8118B3-C0E8-4A21-B98F-29EB44676DAE}" = dir=in | name=@{microsoft.bingweather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} | "{7BA1CC1F-4CB2-4DF4-AE2B-956E3EA35290}" = dir=out | name=@{microsoft.lockapp_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} | "{7FFC4B75-B0B9-4551-82E3-D7EF073D93E2}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} | "{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{88C31B2F-27A0-477F-810B-70243BF9BBD7}" = dir=out | name=sonicwall mobile connect | "{89B70DA5-089D-45C4-A233-72653E62450D}" = dir=in | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} | "{8A5DF6E3-2AA8-46D9-826D-A81E159350D9}" = dir=out | name=@{microsoft.windowsstore_11610.1001.25.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} | "{8B0A6D8E-AAFB-48D3-904D-6C619FC6E92A}" = dir=out | name=the plan of salvation | "{8B590085-C0DA-40DC-A21E-0771AD488475}" = dir=out | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} | "{8D9541C8-B8C3-47B1-A7D4-69A7A126CE1E}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} | "{8DC636D0-1565-40E1-89D3-00BA89F360F6}" = dir=out | name=@{microsoft.windowsphone_10.1609.2561.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} | "{8DFE3D08-6150-4567-9E19-1240EE39B799}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | "{8E3DCCFE-40DE-42DC-9DF8-9B45510EDD9C}" = dir=in | name=microsoft solitaire collection | "{940B9902-0DC7-4DB1-A257-6CFA0DFC4706}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} | "{988031D7-65BF-45C0-9698-9AEAAF040C42}" = dir=in | name=juniper networks junos pulse | "{9A9B61B8-3D01-4097-9CD0-00745EEDF7DC}" = dir=out | name=@{microsoft.bingweather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} | "{9D3DDA47-B11B-48A8-B4B4-897EE9B2D345}" = dir=out | name=check point vpn | "{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{A524B0F8-E2EA-491D-ADA0-52C50C063B9C}" = dir=out | name=ebay | "{A6C2AC04-0C83-4CB1-937D-071254FED9EA}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} | "{A7FAC7CA-C3CC-45C7-8DB5-F5585A3A5FCB}" = dir=in | name=xbox | "{AA76685F-4D7D-4C82-B3B3-6A038A989B22}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | "{ACA7312C-A37B-48B3-8A32-F0DDE0792BE1}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{B0326748-B4FB-423C-870C-1B4CE8BA6D1F}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe | "{B1BA08FA-993A-4884-8ECC-FB74E6C0FB17}" = dir=out | name=microsoft mahjong | "{B3885110-7380-4010-9352-EF386ED8C193}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} | "{B7A3154A-C3D0-4E5E-86F5-ABFBF8F756D4}" = dir=out | name=@{microsoft.bingfinance_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} | "{BDE483C9-70EE-433B-837E-1F101B833ACD}" = dir=out | name=candy crush saga | "{C3AB1E25-C9BD-41E3-BBE3-E36517D9724D}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | "{C7C5F606-31CA-48A7-8681-BDC8134B880F}" = dir=out | name=hp all-in-one printer remote | "{CD85BFE3-CFCE-4122-BF32-1C326E337108}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe | "{D0F0D8AC-E97F-49E1-AA7D-5080A680A700}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{D1B545AA-CD45-4FE8-94BE-B1017DB0FE1E}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | "{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn | "{D8E11E7E-544F-4944-ACDA-2D1F01552BC1}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} | "{D907358B-5423-404B-B1FB-44F3257F1AAE}" = dir=in | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} | "{D917B948-0E91-449A-A86A-954F5CDF6DB0}" = dir=in | name=@{microsoft.windowsstore_11610.1001.25.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} | "{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn | "{DBF1D552-6F31-43E3-B1ED-D679ADD1736C}" = dir=in | name=sway | "{DD34E1C5-797D-41A1-B633-02AF6C4CD23D}" = dir=out | name=@{microsoft.people_10.1.3410.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} | "{DD8335AB-FD2E-49FD-8A8C-D94A86F02562}" = dir=in | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} | "{DE0B0843-C617-4D9C-A3B2-C38E83ADB359}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{DE1A68A1-64AB-4382-AF1A-4ACA41B64C4E}" = dir=out | name=microsoft solitaire collection | "{E02AE793-A5BF-46C7-B613-7CD35704EF67}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.7922.42017.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} | "{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn | "{EEF8B5BA-24A7-459A-8BC6-01A827BE0522}" = dir=out | name=@{microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} | "{F27359C2-CE7F-403D-B73F-4B567EF2C916}" = dir=out | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} | "{F3E05EED-8441-4017-9AF8-A2B1B18AC7C2}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{F473E503-545E-457F-B2E8-FA87CC2CE4BC}" = dir=out | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} | "{F5CF6DA4-1373-4764-A3CD-55E22551A315}" = dir=in | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} | "{F5DC9F08-CBD5-4C39-B5B9-5AEEECFCA023}" = dir=out | name=windows_ie_ac_001 | "{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client | "{F6E5A1A8-E3F3-4C6A-9B64-907B14A4BFD1}" = dir=out | name=@{microsoft.bingtravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} | "{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client | "{F7AF19B8-2A23-461E-8D5D-50F39A85BB98}" = dir=in | name=@{microsoft.bingnews_4.18.41.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} | "{FADDA366-CE1D-44C7-8372-4BEF6374F462}" = dir=out | name=store purchase app | "{FB1E8A82-C9AA-4A2A-81C4-C9A819D6D630}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | "{FE3ADEA3-5957-4F57-B4D2-1211E009A1C3}" = dir=out | name=amazon | "TCP Query User{51FD9A74-0B42-45DE-9B1B-66FAFC12AACC}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "TCP Query User{56DD985F-2A69-4424-8EEE-0F66D9113FCA}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "UDP Query User{FF72A37B-4781-4058-A774-E34FF3188320}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{2937FD88-C9D6-4B82-B539-37CD0A572F42}" = Apple Application Support (64-bit) "{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}" = Apple Mobile Device Support "{2E55EEFD-2162-4A7D-9158-EDB0305603A6}" = Dell Data Vault "{307032B2-6AF2-46D7-B933-62438DEB2B9A}" = Maxx Audio Installer (x64) "{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 "{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}" = Bonjour "{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64) "{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 "{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64 "{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64 "{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client "PC-Doctor for Windows" = Dell SupportAssist "SynTPDeinstKey" = Dell Touchpad [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform "{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell Backup and Recovery "{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack "{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10 "{27130E51-9555-408B-8134-7BFF54EDE27B}" = Dell SupportAssistAgent "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Dell WLAN and Bluetooth Client Installation "{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8 "{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery "{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform "{4FA72FF9-DD64-43A8-8704-6380A11F11D5}" = Dell Customer Connect "{56EC47AA-5813-4FF6-8E75-544026FBEA83}" = Apple Software Update "{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker "{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110 "{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell Backup and Recovery - Support Software "{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10 "{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 "{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 "{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials "{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint 2.5 "{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common "{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 "{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common "{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}" = Dell Update "{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10 "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery "{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}" = Apple Application Support (32-bit) "{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE "0591-8077-9297-0833" = FamilySearch Indexing 3.26.0 "Adobe Flash Player NPAPI" = Adobe Flash Player 24 NPAPI "Avast Antivirus" = Avast Free Antivirus "Google Chrome" = Google Chrome "InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}" = CyberLink Media Suite Essentials "Mozilla Firefox 51.0.1 (x86 en-US)" = Mozilla Firefox 51.0.1 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "SafeZone 1.51.2220.62" = SafeZone Stable 1.51.2220.62 "SafeZone 3.55.2393.561" = SafeZone Stable 3.55.2393.561 "TeamViewer" = TeamViewer 11 "WinLiveSuite" = Windows Live Essentials ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-891212858-715741461-1384353718-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1" = ChromecastApp "OneDriveSetup.exe" = Microsoft OneDrive ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 3/1/2017 9:39:11 PM | Computer Name = MarieLT | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 1141 Error - 3/1/2017 9:39:13 PM | Computer Name = MarieLT | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 3/1/2017 9:39:13 PM | Computer Name = MarieLT | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 3032 Error - 3/1/2017 9:39:13 PM | Computer Name = MarieLT | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 3032 Error - 3/3/2017 11:09:15 AM | Computer Name = MarieLT | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 3/3/2017 11:09:15 AM | Computer Name = MarieLT | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 1235 Error - 3/3/2017 11:09:15 AM | Computer Name = MarieLT | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 1235 Error - 3/4/2017 1:58:10 AM | Computer Name = MarieLT | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 3/4/2017 1:58:10 AM | Computer Name = MarieLT | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 1204 Error - 3/4/2017 1:58:10 AM | Computer Name = MarieLT | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 1204 Error - 3/4/2017 11:45:35 AM | Computer Name = MarieLT | Source = Application Hang | ID = 1002 Description = The program OTL.com version 3.2.69.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 3074 Start Time: 01d294fc12b268a7 Termination Time: 4294967295 Application Path: C:\Users\Marie\Downloads\OTL.com Report Id: 999ff07f-00f1-11e7-bec8-74867a3fbfa3 Faulting package full name: Faulting package-relative application ID: [ System Events ] Error - 2/16/2017 9:59:48 PM | Computer Name = MarieLT | Source = DCOM | ID = 10010 Description = Error - 2/17/2017 3:01:50 PM | Computer Name = MarieLT | Source = DCOM | ID = 10016 Description = Error - 2/17/2017 3:03:42 PM | Computer Name = MarieLT | Source = DCOM | ID = 10016 Description = Error - 2/17/2017 3:06:42 PM | Computer Name = MarieLT | Source = DCOM | ID = 10010 Description = Error - 2/17/2017 9:29:51 PM | Computer Name = MarieLT | Source = DCOM | ID = 10016 Description = Error - 2/22/2017 6:48:17 PM | Computer Name = MarieLT | Source = DCOM | ID = 10016 Description = Error - 2/24/2017 9:46:00 PM | Computer Name = MarieLT | Source = DCOM | ID = 10010 Description = Error - 2/25/2017 8:49:23 PM | Computer Name = MarieLT | Source = DCOM | ID = 10010 Description = Error - 2/27/2017 3:41:50 PM | Computer Name = MarieLT | Source = DCOM | ID = 10010 Description = Error - 3/4/2017 12:35:50 AM | Computer Name = MarieLT | Source = DCOM | ID = 10016 Description = < End of report
  5. OTL logfile created on: 3/4/2017 8:49:24 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marie\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.14393.0) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.87 Gb Total Physical Memory | 1.36 Gb Available Physical Memory | 35.21% Memory free 6.50 Gb Paging File | 3.18 Gb Available in Paging File | 48.98% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 284.34 Gb Total Space | 225.78 Gb Free Space | 79.41% Space Free | Partition Type: NTFS Computer Name: MARIELT | User Name: Marie | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found -- PRC - [2017/03/04 08:46:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marie\Downloads\OTL.scr PRC - [2017/02/25 20:31:11 | 009,426,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe PRC - [2017/02/17 15:50:27 | 001,518,304 | ---- | M] (Microsoft Corporation) -- C:\Users\Marie\AppData\Local\Microsoft\OneDrive\OneDrive.exe PRC - [2017/02/01 06:50:54 | 000,517,576 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2016/12/21 10:23:18 | 000,130,936 | ---- | M] (Dell Inc.) -- C:\Program Files (x86)\Dell Customer Connect\DCCService.exe PRC - [2016/09/20 07:21:29 | 007,500,048 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe PRC - [2015/11/11 19:46:42 | 000,144,008 | ---- | M] (© 2015 Microsoft Corporation) -- C:\Users\Marie\AppData\Local\Microsoft\BingSvc\BingSvc.exe PRC - [2015/08/27 12:13:44 | 000,237,272 | ---- | M] (Dell Inc.) -- C:\Program Files (x86)\Dell Update\DellUpService.exe PRC - [2015/08/27 12:12:22 | 000,707,800 | ---- | M] (Dell Inc.) -- C:\Program Files (x86)\Dell Update\DellUpTray.exe PRC - [2015/08/03 23:21:48 | 001,411,320 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe PRC - [2015/08/03 23:21:48 | 000,312,056 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe PRC - [2012/12/26 01:41:44 | 000,081,536 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe PRC - [2012/12/02 23:18:30 | 000,111,136 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe PRC - [2012/11/19 12:15:20 | 000,285,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2012/11/19 12:15:20 | 000,014,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2012/07/17 18:10:32 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012/07/17 18:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012/07/17 18:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe PRC - [2012/04/20 14:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe ========== Modules (No Company Name) ========== MOD - [2017/02/09 08:28:39 | 000,655,056 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll MOD - [2017/02/09 08:28:26 | 000,170,216 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll MOD - [2017/02/09 08:25:49 | 000,289,328 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll MOD - [2017/01/06 08:42:48 | 048,936,448 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll MOD - [2016/11/23 09:18:44 | 001,153,536 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\a280fac0c231c9d6d5f1274c2180d594\System.Management.ni.dll MOD - [2016/07/16 04:44:20 | 019,611,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\40571abae9422cd2ca6fafbbde1c3cdc\mscorlib.ni.dll MOD - [2016/07/16 04:44:20 | 010,281,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\08da6b6698b412866e6910ae9b84f363\System.ni.dll MOD - [2016/07/16 04:44:19 | 007,480,000 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\f6ebd52be27fe627fed0d185c6a9c0d5\System.Core.ni.dll MOD - [2016/07/13 14:34:29 | 007,472,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\7532301b00fac8def2f526ca8b480e11\System.Xml.ni.dll MOD - [2016/07/13 14:34:29 | 004,079,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\5751e969e4789e60d3ad463cb6024006\WindowsBase.ni.dll MOD - [2016/07/13 14:34:29 | 001,894,592 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\04c4f83e0b62ff553abff98943e45f42\System.Xaml.ni.dll MOD - [2016/07/13 14:34:26 | 002,820,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\213003369298faf75651a6b8981dce12\System.Runtime.Serialization.ni.dll MOD - [2016/07/13 14:34:26 | 000,994,528 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\aa9c29b70b4cceab890eb841f89d73e9\System.Configuration.ni.dll MOD - [2016/07/13 14:34:24 | 019,769,056 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\5272cb4aeec65bec2fffb45e9cb22910\PresentationFramework.ni.dll MOD - [2016/07/13 14:34:24 | 012,019,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\051a282e157a228405b2e0d867c3ce1d\PresentationCore.ni.dll MOD - [2016/07/13 14:34:24 | 000,546,048 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\def8702c6e883330fb8cb8e3f5c5e665\PresentationFramework.Aero2.ni.dll MOD - [2012/06/08 11:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll MOD - [2012/06/07 20:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll ========== Services (SafeList) ========== SRV:64bit: - [2017/02/16 18:41:16 | 007,142,136 | ---- | M] (AVAST Software s.r.o.) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe -- (aswbIDSAgent) SRV:64bit: - [2017/02/09 08:28:21 | 000,262,736 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2016/12/20 23:51:53 | 002,275,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc) SRV:64bit: - [2016/12/13 21:43:24 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum) SRV:64bit: - [2016/12/13 21:36:59 | 000,539,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc) SRV:64bit: - [2016/12/13 21:23:43 | 001,231,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc) SRV:64bit: - [2016/12/09 03:28:24 | 000,764,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar) SRV:64bit: - [2016/11/11 02:22:23 | 000,082,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker) SRV:64bit: - [2016/11/11 02:20:50 | 000,339,456 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc) SRV:64bit: - [2016/11/11 02:20:10 | 000,407,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc) SRV:64bit: - [2016/11/11 02:19:59 | 000,411,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc) SRV:64bit: - [2016/11/11 02:19:35 | 000,285,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc) SRV:64bit: - [2016/11/11 02:16:35 | 000,560,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness) SRV:64bit: - [2016/11/11 02:14:35 | 002,104,320 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:64bit: - [2016/11/11 02:06:19 | 000,650,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo) SRV:64bit: - [2016/11/11 02:05:32 | 004,136,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository) SRV:64bit: - [2016/11/11 02:04:16 | 000,691,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:64bit: - [2016/11/02 03:30:35 | 000,635,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc) SRV:64bit: - [2016/11/02 03:22:02 | 000,337,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:64bit: - [2016/11/02 03:19:44 | 000,805,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer) SRV:64bit: - [2016/11/02 03:16:47 | 000,265,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc) SRV:64bit: - [2016/11/02 03:16:27 | 000,770,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:64bit: - [2016/10/14 20:37:03 | 001,980,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack) SRV:64bit: - [2016/10/05 02:18:56 | 000,983,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc) SRV:64bit: - [2016/09/29 14:19:02 | 000,447,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:64bit: - [2016/09/29 14:18:45 | 001,312,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService) SRV:64bit: - [2016/09/29 14:18:45 | 000,781,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc) SRV:64bit: - [2016/09/29 14:18:42 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager) SRV:64bit: - [2016/09/29 14:18:31 | 000,095,232 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate) SRV:64bit: - [2016/09/15 09:40:41 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc) SRV:64bit: - [2016/09/15 09:38:15 | 000,203,776 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc) SRV:64bit: - [2016/09/15 09:38:00 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss) SRV:64bit: - [2016/09/15 09:38:00 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv) SRV:64bit: - [2016/09/15 09:35:45 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService) SRV:64bit: - [2016/09/15 09:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession) SRV:64bit: - [2016/09/15 09:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:64bit: - [2016/09/15 09:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:64bit: - [2016/09/15 09:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:64bit: - [2016/09/15 09:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV:64bit: - [2016/09/15 09:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface) SRV:64bit: - [2016/09/15 09:35:03 | 001,013,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager) SRV:64bit: - [2016/09/15 09:23:51 | 001,020,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager) SRV:64bit: - [2016/08/05 20:34:01 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost) SRV:64bit: - [2016/07/16 04:43:50 | 000,082,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:64bit: - [2016/07/16 04:43:47 | 000,436,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService) SRV:64bit: - [2016/07/16 04:43:18 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:64bit: - [2016/07/16 04:43:10 | 001,836,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc) SRV:64bit: - [2016/07/16 04:43:06 | 000,347,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc) SRV:64bit: - [2016/07/16 04:43:04 | 000,103,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend) SRV:64bit: - [2016/07/16 04:42:42 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:64bit: - [2016/07/16 04:42:39 | 000,161,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc) SRV:64bit: - [2016/07/16 04:42:38 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc) SRV:64bit: - [2016/07/16 04:42:38 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice) SRV:64bit: - [2016/07/16 04:42:38 | 000,055,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:64bit: - [2016/07/16 04:42:37 | 000,718,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:64bit: - [2016/07/16 04:42:36 | 000,183,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc) SRV:64bit: - [2016/07/16 04:42:27 | 000,827,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:64bit: - [2016/07/16 04:42:27 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:64bit: - [2016/07/16 04:42:27 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service) SRV:64bit: - [2016/07/16 04:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_58eb7) SRV:64bit: - [2016/07/16 04:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_58eb7) SRV:64bit: - [2016/07/16 04:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_58eb7) SRV:64bit: - [2016/07/16 04:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_58eb7) SRV:64bit: - [2016/07/16 04:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_58eb7) SRV:64bit: - [2016/07/16 04:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_58eb7) SRV:64bit: - [2016/07/16 04:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_58eb7) SRV:64bit: - [2016/07/16 04:42:23 | 000,366,592 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc) SRV:64bit: - [2016/07/16 04:42:20 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC) SRV:64bit: - [2016/07/16 04:42:16 | 000,287,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService) SRV:64bit: - [2016/07/16 04:42:16 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:64bit: - [2016/07/16 04:42:16 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:64bit: - [2016/07/16 04:42:13 | 000,590,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter) SRV:64bit: - [2016/07/16 04:42:12 | 000,519,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:64bit: - [2016/07/16 04:42:12 | 000,052,224 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService) SRV:64bit: - [2016/07/16 04:42:09 | 001,512,448 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc) SRV:64bit: - [2016/07/16 04:42:09 | 001,184,256 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc) SRV:64bit: - [2016/07/16 04:42:09 | 000,574,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc) SRV:64bit: - [2016/07/16 04:42:09 | 000,387,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:64bit: - [2016/07/16 04:42:09 | 000,358,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:64bit: - [2016/07/16 04:42:09 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService) SRV:64bit: - [2016/07/16 04:42:09 | 000,326,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc) SRV:64bit: - [2016/07/16 04:42:09 | 000,234,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService) SRV:64bit: - [2016/07/16 04:42:09 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc) SRV:64bit: - [2016/07/16 04:42:09 | 000,177,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc) SRV:64bit: - [2016/07/16 04:42:09 | 000,074,240 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService) SRV:64bit: - [2016/07/16 04:42:09 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc) SRV:64bit: - [2016/07/16 04:42:09 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker) SRV:64bit: - [2016/07/16 04:42:07 | 001,159,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave) SRV:64bit: - [2016/07/16 04:42:06 | 000,729,328 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC) SRV:64bit: - [2016/07/16 04:42:06 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter) SRV:64bit: - [2016/07/16 04:42:05 | 000,197,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:64bit: - [2016/07/16 04:42:05 | 000,152,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc) SRV:64bit: - [2016/07/16 04:42:05 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode) SRV:64bit: - [2016/07/16 04:42:04 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost) SRV:64bit: - [2016/07/16 04:41:50 | 003,318,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:64bit: - [2016/07/16 04:41:50 | 000,321,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv) SRV:64bit: - [2016/06/23 08:23:11 | 000,202,488 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe -- (DellDataVaultWiz) SRV:64bit: - [2016/06/23 08:22:36 | 002,572,024 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DellDataVault\DellDataVault.exe -- (DellDataVault) SRV:64bit: - [2016/05/03 22:30:46 | 000,337,888 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0) SRV:64bit: - [2015/08/03 23:21:48 | 000,312,056 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService) SRV:64bit: - [2012/04/20 14:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- c:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV - [2017/02/17 17:27:38 | 000,270,936 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2017/02/01 06:50:53 | 000,172,488 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2016/12/21 10:23:18 | 000,130,936 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Customer Connect\DCCService.exe -- (Dell Customer Connect) SRV - [2016/12/09 01:54:48 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar) SRV - [2016/11/11 00:19:35 | 000,298,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc) SRV - [2016/11/11 00:05:12 | 003,370,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository) SRV - [2016/09/20 07:21:29 | 007,500,048 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe -- (TeamViewer) SRV - [2016/09/09 12:11:50 | 000,031,704 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe -- (SupportAssistAgent) SRV - [2016/08/05 20:33:24 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost) SRV - [2016/07/16 04:42:55 | 000,968,704 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc) SRV - [2016/07/16 04:41:50 | 003,318,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2016/05/03 22:30:46 | 000,299,488 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2015/08/27 12:13:44 | 000,237,272 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Update\DellUpService.exe -- (DellUpdate) SRV - [2012/12/26 01:41:44 | 000,081,536 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent) SRV - [2012/11/19 12:15:20 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2012/07/17 18:10:32 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012/07/17 18:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012/07/17 18:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service) ========== Driver Services (SafeList) ========== DRV:64bit: - [2017/02/10 21:02:47 | 000,337,080 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswvmm.sys -- (aswVmm) DRV:64bit: - [2017/02/09 08:29:43 | 000,162,528 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm) DRV:64bit: - [2017/02/09 08:29:41 | 000,547,904 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2017/02/09 08:29:41 | 000,126,088 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2017/02/09 08:29:41 | 000,074,680 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:64bit: - [2017/02/09 08:29:40 | 000,038,296 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid) DRV:64bit: - [2017/02/09 08:29:38 | 000,100,640 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2017/02/09 08:27:38 | 000,991,496 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2017/02/09 08:27:36 | 000,032,088 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd) DRV:64bit: - [2017/02/09 08:25:48 | 000,334,600 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbloga.sys -- (aswblog) DRV:64bit: - [2017/02/09 08:25:48 | 000,309,784 | ---- | M] (AVAST Software s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys -- (aswbidsdriver) DRV:64bit: - [2017/02/09 08:25:48 | 000,189,768 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbidsha.sys -- (aswbidsh) DRV:64bit: - [2017/02/09 08:25:48 | 000,048,528 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbuniva.sys -- (aswbuniv) DRV:64bit: - [2016/12/09 03:30:39 | 000,377,184 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS) DRV:64bit: - [2016/11/11 03:00:25 | 000,219,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:64bit: - [2016/11/11 02:26:51 | 000,258,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip) DRV:64bit: - [2016/11/02 03:55:52 | 000,048,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate) DRV:64bit: - [2016/10/14 21:37:01 | 000,063,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam) DRV:64bit: - [2016/10/14 21:30:16 | 000,557,408 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport) DRV:64bit: - [2016/10/14 20:31:37 | 000,227,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache) DRV:64bit: - [2016/10/05 03:35:31 | 000,279,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2016/10/05 03:09:07 | 000,064,352 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i) DRV:64bit: - [2016/09/29 14:19:02 | 000,108,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc) DRV:64bit: - [2016/09/29 14:18:31 | 000,118,112 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:64bit: - [2016/09/29 14:18:31 | 000,073,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice) DRV:64bit: - [2016/09/29 14:18:31 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid) DRV:64bit: - [2016/09/29 13:59:31 | 000,199,008 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof) DRV:64bit: - [2016/09/29 10:22:52 | 000,192,216 | ---- | M] (Malwarebytes) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy) DRV:64bit: - [2016/09/15 10:29:54 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci) DRV:64bit: - [2016/09/15 10:29:03 | 000,081,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme) DRV:64bit: - [2016/09/15 10:15:56 | 000,130,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci) DRV:64bit: - [2016/09/15 10:14:50 | 000,119,648 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs) DRV:64bit: - [2016/09/15 09:36:57 | 000,719,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi) DRV:64bit: - [2016/09/10 06:21:43 | 000,118,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg) DRV:64bit: - [2016/08/18 23:59:32 | 000,622,272 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2016/08/18 23:59:32 | 000,051,392 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI) DRV:64bit: - [2016/07/16 07:27:23 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:64bit: - [2016/07/16 07:27:05 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2016/07/16 04:44:01 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:64bit: - [2016/07/16 04:43:06 | 000,123,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv) DRV:64bit: - [2016/07/16 04:43:04 | 000,290,144 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter) DRV:64bit: - [2016/07/16 04:43:04 | 000,044,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot) DRV:64bit: - [2016/07/16 04:42:38 | 000,125,440 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu) DRV:64bit: - [2016/07/16 04:42:36 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:64bit: - [2016/07/16 04:42:36 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp) DRV:64bit: - [2016/07/16 04:42:36 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr) DRV:64bit: - [2016/07/16 04:42:35 | 000,928,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1) DRV:64bit: - [2016/07/16 04:42:28 | 000,107,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT) DRV:64bit: - [2016/07/16 04:42:28 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv) DRV:64bit: - [2016/07/16 04:42:27 | 000,263,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000) DRV:64bit: - [2016/07/16 04:42:27 | 000,201,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt) DRV:64bit: - [2016/07/16 04:42:27 | 000,151,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2) DRV:64bit: - [2016/07/16 04:42:27 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101) DRV:64bit: - [2016/07/16 04:42:27 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101) DRV:64bit: - [2016/07/16 04:42:27 | 000,079,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx) DRV:64bit: - [2016/07/16 04:42:27 | 000,078,336 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt) DRV:64bit: - [2016/07/16 04:42:27 | 000,074,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx) DRV:64bit: - [2016/07/16 04:42:27 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000) DRV:64bit: - [2016/07/16 04:42:27 | 000,053,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv) DRV:64bit: - [2016/07/16 04:42:27 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd) DRV:64bit: - [2016/07/16 04:42:27 | 000,031,584 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2016/07/16 04:42:27 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf) DRV:64bit: - [2016/07/16 04:42:23 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist) DRV:64bit: - [2016/07/16 04:42:22 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS) DRV:64bit: - [2016/07/16 04:42:18 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass) DRV:64bit: - [2016/07/16 04:42:12 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda) DRV:64bit: - [2016/07/16 04:42:11 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus) DRV:64bit: - [2016/07/16 04:42:09 | 000,168,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101) DRV:64bit: - [2016/07/16 04:42:09 | 000,156,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS) DRV:64bit: - [2016/07/16 04:42:09 | 000,070,144 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\registry.sys -- (clreg) DRV:64bit: - [2016/07/16 04:42:09 | 000,066,560 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs) DRV:64bit: - [2016/07/16 04:42:03 | 000,210,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000) DRV:64bit: - [2016/07/16 04:42:03 | 000,126,816 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex) DRV:64bit: - [2016/07/16 04:42:03 | 000,090,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx) DRV:64bit: - [2016/07/16 04:42:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt) DRV:64bit: - [2016/07/16 04:42:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt) DRV:64bit: - [2016/07/16 04:42:03 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx) DRV:64bit: - [2016/07/16 04:42:03 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf) DRV:64bit: - [2016/07/16 04:41:55 | 000,535,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3) DRV:64bit: - [2016/07/16 04:41:55 | 000,381,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI) DRV:64bit: - [2016/07/16 04:41:55 | 000,137,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys) DRV:64bit: - [2016/07/16 04:41:55 | 000,096,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea) DRV:64bit: - [2016/07/16 04:41:55 | 000,095,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor) DRV:64bit: - [2016/07/16 04:41:55 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi) DRV:64bit: - [2016/07/16 04:41:55 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea) DRV:64bit: - [2016/07/16 04:41:55 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys) DRV:64bit: - [2016/07/16 04:41:55 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn) DRV:64bit: - [2016/07/16 04:41:55 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy) DRV:64bit: - [2016/07/16 04:41:54 | 000,176,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C) DRV:64bit: - [2016/07/16 04:41:54 | 000,081,408 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c) DRV:64bit: - [2016/07/16 04:41:54 | 000,064,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2) DRV:64bit: - [2016/07/16 04:41:54 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c) DRV:64bit: - [2016/07/16 04:41:54 | 000,050,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32) DRV:64bit: - [2016/07/16 04:41:54 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt) DRV:64bit: - [2016/07/16 04:41:54 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter) DRV:64bit: - [2016/07/16 04:41:54 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2016/07/16 04:41:54 | 000,033,280 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio) DRV:64bit: - [2016/07/16 04:41:54 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig) DRV:64bit: - [2016/07/16 04:41:54 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic) DRV:64bit: - [2016/07/16 04:41:53 | 002,104,160 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd) DRV:64bit: - [2016/07/16 04:41:53 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX) DRV:64bit: - [2016/07/16 04:41:53 | 000,842,584 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus) DRV:64bit: - [2016/07/16 04:41:53 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV) DRV:64bit: - [2016/07/16 04:41:53 | 000,526,176 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus) DRV:64bit: - [2016/07/16 04:41:53 | 000,346,976 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi) DRV:64bit: - [2016/07/16 04:41:53 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:64bit: - [2016/07/16 04:41:53 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2016/07/16 04:41:53 | 000,123,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scmdisk0101.sys -- (scmdisk0101) DRV:64bit: - [2016/07/16 04:41:53 | 000,108,896 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr) DRV:64bit: - [2016/07/16 04:41:53 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware) DRV:64bit: - [2016/07/16 04:41:53 | 000,105,824 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i) DRV:64bit: - [2016/07/16 04:41:53 | 000,101,216 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i) DRV:64bit: - [2016/07/16 04:41:53 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus) DRV:64bit: - [2016/07/16 04:41:53 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2016/07/16 04:41:53 | 000,082,776 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS) DRV:64bit: - [2016/07/16 04:41:53 | 000,077,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor) DRV:64bit: - [2016/07/16 04:41:53 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2016/07/16 04:41:53 | 000,064,864 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs) DRV:64bit: - [2016/07/16 04:41:53 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2016/07/16 04:41:53 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis) DRV:64bit: - [2016/07/16 04:41:53 | 000,061,792 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i) DRV:64bit: - [2016/07/16 04:41:53 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i) DRV:64bit: - [2016/07/16 04:41:53 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay) DRV:64bit: - [2016/07/16 04:41:53 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender) DRV:64bit: - [2016/07/16 04:41:53 | 000,032,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs) DRV:64bit: - [2016/07/16 04:41:53 | 000,032,096 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad) DRV:64bit: - [2016/07/16 04:41:53 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2016/07/16 04:41:53 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI) DRV:64bit: - [2016/07/16 04:41:53 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2016/07/16 04:41:53 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev) DRV:64bit: - [2016/07/16 04:41:53 | 000,016,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume) DRV:64bit: - [2016/07/16 04:41:53 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime) DRV:64bit: - [2016/07/16 04:41:53 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr) DRV:64bit: - [2016/07/16 04:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2) DRV:64bit: - [2016/07/16 04:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn.sys -- (bcmfn) DRV:64bit: - [2016/07/16 04:41:52 | 003,418,976 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2016/07/16 04:41:52 | 000,533,856 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2016/07/16 04:41:52 | 000,048,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep) DRV:64bit: - [2016/07/16 04:41:52 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO) DRV:64bit: - [2016/07/16 04:41:50 | 004,233,728 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr) DRV:64bit: - [2016/07/16 04:41:50 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C) DRV:64bit: - [2016/07/16 04:41:50 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum) DRV:64bit: - [2016/07/16 04:41:50 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc) DRV:64bit: - [2016/07/16 04:41:50 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:64bit: - [2016/07/16 04:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus) DRV:64bit: - [2016/07/16 04:41:50 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2016/07/16 04:41:50 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid) DRV:64bit: - [2016/07/16 04:41:50 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd) DRV:64bit: - [2016/07/16 04:41:50 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter) DRV:64bit: - [2016/07/16 04:41:50 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid) DRV:64bit: - [2016/07/13 16:47:38 | 000,610,336 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:64bit: - [2016/05/03 22:30:46 | 003,811,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2015/12/01 12:46:03 | 000,038,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus) DRV:64bit: - [2015/09/02 09:21:50 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:64bit: - [2015/09/02 09:20:32 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:64bit: - [2015/08/21 10:50:48 | 000,463,112 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2015/08/14 18:11:42 | 000,896,744 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64) DRV:64bit: - [2015/06/17 15:04:24 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2015/05/22 09:41:57 | 000,024,240 | ---- | M] (Dell Computer Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DellProf.sys -- (DellProf) DRV:64bit: - [2015/05/14 11:10:30 | 000,402,960 | ---- | M] (Realsil Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUer.sys -- (RTSUER) DRV:64bit: - [2015/02/26 09:00:46 | 000,023,760 | ---- | M] (Dell Computer Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DDDriver64Dcsa.sys -- (DDDriver) DRV:64bit: - [2012/12/21 00:24:00 | 000,028,040 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys -- (SmbDrv) DRV:64bit: - [2012/12/04 16:50:56 | 000,652,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA) DRV:64bit: - [2012/07/02 16:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2012/06/25 10:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive) DRV - [2016/07/16 04:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {CF086FA7-30BE-4D83-8B55-599F22D663D4} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{CF086FA7-30BE-4D83-8B55-599F22D663D4}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {CF086FA7-30BE-4D83-8B55-599F22D663D4} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{CF086FA7-30BE-4D83-8B55-599F22D663D4}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm IE - HKU\S-1-5-21-891212858-715741461-1384353718-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB IE - HKU\S-1-5-21-891212858-715741461-1384353718-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com/?pc=DCJB IE - HKU\S-1-5-21-891212858-715741461-1384353718-1001\..\SearchScopes,DefaultScope = {CF086FA7-30BE-4D83-8B55-599F22D663D4} IE - HKU\S-1-5-21-891212858-715741461-1384353718-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 IE - HKU\S-1-5-21-891212858-715741461-1384353718-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-891212858-715741461-1384353718-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.countryCode: "US" FF - prefs.js..browser.search.region: "US" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.bing.com/" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:51.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Marie\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Marie\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF48 [2017/02/09 08:30:01 | 000,000,000 | ---D | M] 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\SAFEPRICE\FF48 [2017/02/09 08:29:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017/02/09 08:30:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017/02/09 08:29:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 51.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 51.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\BingSearchExtension: install FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\DSE: true FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\Market: en-us FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\Package: DefaultPack FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\OSVersion: 6.2.9200.1 FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\LVersion: 1.7.46.0 FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\MFVersion: MF37.0.2 (x86 en-US) [2013/12/07 09:14:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marie\AppData\Roaming\mozilla\Extensions [2017/02/16 18:31:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marie\AppData\Roaming\mozilla\Firefox\Profiles\ag0xvj42.default-1440197636424\extensions [2017/02/09 08:25:04 | 000,005,527 | ---- | M] () (No name found) -- C:\Users\Marie\AppData\Roaming\mozilla\firefox\profiles\ag0xvj42.default-1440197636424\features\{16303b38-77c6-4ed7-9438-6a214bfe518d}\[email protected] [2017/02/09 08:25:04 | 000,005,336 | ---- | M] () (No name found) -- C:\Users\Marie\AppData\Roaming\mozilla\firefox\profiles\ag0xvj42.default-1440197636424\features\{16303b38-77c6-4ed7-9438-6a214bfe518d}\[email protected] [2017/03/03 11:47:42 | 000,007,704 | ---- | M] () (No name found) -- C:\Users\Marie\AppData\Roaming\mozilla\firefox\profiles\ag0xvj42.default-1440197636424\features\{6dea376f-c9f7-4a24-9525-3d170c954ddc}\[email protected] [2017/03/03 11:47:41 | 000,005,527 | ---- | M] () (No name found) -- C:\Users\Marie\AppData\Roaming\mozilla\firefox\profiles\ag0xvj42.default-1440197636424\features\{6dea376f-c9f7-4a24-9525-3d170c954ddc}\[email protected] [2017/03/03 11:47:42 | 000,008,857 | ---- | M] () (No name found) -- C:\Users\Marie\AppData\Roaming\mozilla\firefox\profiles\ag0xvj42.default-1440197636424\features\{6dea376f-c9f7-4a24-9525-3d170c954ddc}\[email protected] [2017/03/03 11:47:41 | 000,005,336 | ---- | M] () (No name found) -- C:\Users\Marie\AppData\Roaming\mozilla\firefox\profiles\ag0xvj42.default-1440197636424\features\{6dea376f-c9f7-4a24-9525-3d170c954ddc}\[email protected] [2017/02/01 06:50:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions ========== Chrome ========== CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.1120.0.4_0\ CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\ CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\ CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\ O1 HOSTS File: ([2013/08/22 06:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found. O4:64bit: - HKLM..\Run: [QuickSet] c:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVBg_PushButton] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation) O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.) O4 - HKU\.DEFAULT..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" File not found O4 - HKU\S-1-5-18..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" File not found O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-891212858-715741461-1384353718-1001..\Run: [BingSvc] C:\Users\Marie\AppData\Local\Microsoft\BingSvc\BingSvc.exe (© 2015 Microsoft Corporation) O4 - HKU\S-1-5-21-891212858-715741461-1384353718-1001..\Run: [Google Update] C:\Users\Marie\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe (Google Inc.) O4 - HKU\S-1-5-21-891212858-715741461-1384353718-1001..\Run: [OneDrive] C:\Users\Marie\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-891212858-715741461-1384353718-1001..\RunOnce: [Uninstall 17.3.6764.0111] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Marie\AppData\Local\Microsoft\OneDrive\17.3.6764.0111" File not found O4 - HKU\S-1-5-21-891212858-715741461-1384353718-1001..\RunOnce: [Uninstall 17.3.6764.0111\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Marie\AppData\Local\Microsoft\OneDrive\17.3.6764.0111\amd64" File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1 O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2cb3e0ee-14bb-4219-a7f1-ff211f1ee10c}: DhcpNameServer = 192.168.0.1 205.171.2.226 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7f2d79c7-cf52-41de-8f52-e5a2347399a1}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30:64bit: - LSA: Security Packages - (livessp) - File not found O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2017/02/22 15:47:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Dell [2017/02/22 15:47:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Customer Connect [2017/02/17 15:51:43 | 000,000,000 | -H-D | C] -- C:\OneDriveTemp [2017/02/16 18:22:21 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2017/02/09 13:52:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations [2017/02/09 08:32:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AV [2017/02/09 08:32:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AV [2017/02/09 08:31:01 | 000,334,600 | ---- | C] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbloga.sys [2017/02/09 08:31:01 | 000,309,784 | ---- | C] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbidsdrivera.sys [2017/02/09 08:31:01 | 000,189,768 | ---- | C] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbidsha.sys [2017/02/09 08:31:01 | 000,048,528 | ---- | C] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbuniva.sys [2017/02/09 08:30:10 | 000,398,408 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe ========== Files - Modified Within 30 Days ========== [2017/03/04 07:56:53 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2017/03/03 21:34:27 | 1663,156,224 | -HS- | M] () -- C:\hiberfil.sys [2017/02/17 17:27:39 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2017/02/17 15:49:52 | 000,000,454 | ---- | M] () -- C:\Users\Marie\Documents\Heidi Chore list.rtf [2017/02/17 12:02:49 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2017/02/10 21:02:47 | 000,337,080 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswvmm.sys [2017/02/09 13:52:32 | 000,001,024 | RH-- | M] () -- C:\Users\Public\Documents\NTSHDW3.dll [2017/02/09 08:29:43 | 000,162,528 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys [2017/02/09 08:29:41 | 000,547,904 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys [2017/02/09 08:29:41 | 000,126,088 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys [2017/02/09 08:29:41 | 000,074,680 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys [2017/02/09 08:29:40 | 000,398,408 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe [2017/02/09 08:29:40 | 000,038,296 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswHwid.sys [2017/02/09 08:29:38 | 000,100,640 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys [2017/02/09 08:27:38 | 000,991,496 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys [2017/02/09 08:27:36 | 000,032,088 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswKbd.sys [2017/02/09 08:25:48 | 000,334,600 | ---- | M] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbloga.sys [2017/02/09 08:25:48 | 000,309,784 | ---- | M] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbidsdrivera.sys [2017/02/09 08:25:48 | 000,189,768 | ---- | M] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbidsha.sys [2017/02/09 08:25:48 | 000,048,528 | ---- | M] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbuniva.sys [2017/02/06 12:48:07 | 000,835,576 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe [2017/02/06 12:48:07 | 000,177,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl [2017/02/02 15:24:27 | 000,002,262 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk ========== Files Created - No Company Name ========== [2017/02/16 16:04:15 | 000,000,454 | ---- | C] () -- C:\Users\Marie\Documents\Heidi Chore list.rtf [2017/02/09 13:52:32 | 000,001,024 | RH-- | C] () -- C:\Users\Public\Documents\NTSHDW3.dll [2017/02/09 12:45:36 | 000,001,090 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone 3 Browser.lnk [2016/12/14 15:25:03 | 002,048,496 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll [2016/10/18 09:17:31 | 000,265,728 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll [2016/09/29 12:36:19 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl [2016/09/29 12:32:30 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2016/07/16 04:47:57 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2016/07/16 04:47:57 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2016/07/16 04:43:04 | 000,055,296 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2016/07/16 04:43:00 | 000,019,968 | ---- | C] () -- C:\WINDOWS\SysWow64\GamePanelExternalHook.dll [2016/07/16 04:42:55 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat [2016/07/16 04:42:53 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat [2016/07/16 04:42:49 | 000,304,640 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll [2016/07/16 04:42:48 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2016/07/16 04:42:43 | 000,002,307 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini [2016/07/16 04:42:12 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [2016/05/03 22:30:46 | 000,200,200 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll [2016/05/03 22:30:44 | 000,161,288 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll [2015/05/03 13:23:59 | 000,000,114 | ---- | C] () -- C:\Users\Marie\jobq.dat ========== ZeroAccess Check ========== [2016/09/29 12:58:57 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\windows.storage.dll -- [2016/11/11 03:01:16 | 007,219,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\windows.storage.dll -- [2016/11/11 00:47:14 | 005,722,832 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2016/07/16 04:42:31 | 000,977,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2016/07/16 04:42:56 | 000,779,776 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2016/07/16 04:42:31 | 000,518,656 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2014/01/13 07:32:52 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\AVAST Software [2015/05/14 20:17:40 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Garmin [2013/12/11 23:14:24 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Leadertech [2014/07/18 16:01:57 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\PCDr [2016/09/29 08:36:51 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\TeamViewer ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 220 bytes -> C:\Users\Marie\OneDrive:ms-properties < End of report OTL Extras logfile created on: 3/4/2017 8:49:24 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marie\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.14393.0) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.87 Gb Total Physical Memory | 1.36 Gb Available Physical Memory | 35.21% Memory free 6.50 Gb Paging File | 3.18 Gb Available in Paging File | 48.98% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 284.34 Gb Total Space | 225.78 Gb Free Space | 79.41% Space Free | Partition Type: NTFS Computer Name: MARIELT | User Name: Marie | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) [HKEY_USERS\S-1-5-21-891212858-715741461-1384353718-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [opennew] -- Reg Error: Key error. htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [opennew] -- Reg Error: Key error. http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 6E 7D A9 3D 8F 1A D2 01 [binary data] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = [binary data] "DontEnumerateCommonFilesUpgradeExe" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = Reg Error: Unknown registry data type -- File not found ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{17BA400F-5402-4E64-B589-822F4A3E7007}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{9C750E52-A98C-4DB0-9CD9-2C6DB3A20A08}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\avast software\szbrowser\3.55.2393.561\szbrowser.exe | "{B5F31744-A474-469A-A98F-EAC54D01F473}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | "{FCF68EF6-888D-46DF-940B-4CFA57FA9D86}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00F1EAA8-7F5B-4DE8-964D-AC2A2A8F89F4}" = dir=in | name=f5 vpn | "{0167E372-9971-4024-8237-EB5A7E06392C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe | "{036E76E6-824D-4FE7-880D-D9294C449BCD}" = dir=in | name=sonicwall mobile connect | "{070A67DF-7BF8-477C-A25F-84E4A2F69BD0}" = dir=out | name=twitter | "{089A3254-3E37-4B39-B592-7B3C649B2DED}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{093515AB-5A45-4D9A-AE01-6880345B69C0}" = dir=out | name=@{microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} | "{09A6B093-E0A7-4D79-8C21-A92FBB6A7EB7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{0C0B995B-6D4C-4532-9A5A-8525E66F4C38}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | "{1023B3F6-610A-49D5-B88E-90AC1921ABEB}" = dir=out | name=microsoft jigsaw | "{1281FBD8-3BA7-49F8-98B1-0587878FC61E}" = dir=out | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} | "{145859BC-3FBA-4AFE-8B47-D9BC12364CFD}" = dir=out | name=@{microsoft.windows.photos_17.214.10010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} | "{150689E7-B3A2-4428-AF64-8EBA08F25C03}" = dir=in | name=@{microsoft.windows.photos_17.214.10010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} | "{167036E6-FBE4-4EFC-8A1F-5AF3EA641618}" = dir=in | name=microsoft mahjong | "{17475767-7B5E-4C1B-AF55-7A60D6A1DDCE}" = dir=out | name=@{microsoft.skypeapp_11.11.110.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} | "{1C48298B-850D-44B3-B6D4-24FF09ECFB48}" = dir=out | name=@{microsoft.connectivitystore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} | "{1CE8B6F9-E5A2-48E3-BE6D-642360F2D760}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | "{1F84F73C-8367-47A2-9170-10B9D6F67941}" = dir=out | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} | "{1FC81146-6221-4692-B287-6AB4B2B050A9}" = dir=in | name=@{microsoft.xboxcompanion_1.4.3.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} | "{1FCDEC38-6ED9-46C5-A630-6952507414D6}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe | "{1FE719D3-9339-4A73-BDEF-80F91125AED8}" = dir=in | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} | "{20453244-1C8C-4655-A3D2-6177DBBABBA6}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | "{2074ECB5-D47D-401B-AB06-8672DC600A76}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | "{216F6090-9BDE-405B-9527-CE346C828B7A}" = dir=out | name=@{microsoft.3dbuilder_12.0.3131.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} | "{21C7554E-1167-4131-9D4C-FB4DF7F68874}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} | "{22389B00-CE43-4A70-9281-D388266B1B4F}" = dir=in | name=microsoft sticky notes | "{24450F88-935E-4422-944C-351FB5E58E5D}" = dir=out | name=xbox | "{24A6602D-697C-48DA-8CBB-8F9A0CBD3B23}" = dir=in | name=dell shop | "{2529A0A9-456C-436F-88AF-B6E3228A20C1}" = dir=in | name=onenote | "{26802B3C-8FA8-4D82-BD78-5226D3A2AE9E}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} | "{29EAE613-122B-4AED-90DE-4CBE0B180688}" = dir=in | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} | "{2E1B2D0F-FCBA-4355-A89B-B459C4189DD5}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | "{2F1B123F-4B7A-4C6C-A807-8849B143A90B}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{2FBE80A7-AE73-4CE4-AC81-398877ABE720}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | "{30571DBB-4CCC-4241-A9AE-1647EE370A33}" = dir=out | name=windows_ie_ac_001 | "{305EAA8D-171D-4CA3-A60E-4759E80A5DF5}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe | "{31F9127F-6CEC-4882-BEB6-59B75752972A}" = dir=out | name=@{microsoft.bingnews_4.18.41.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} | "{33DC70AD-4AF9-4F99-B03F-0EBCEC0E442B}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{3492393B-9342-4717-B1FD-8D1E8689949D}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} | "{349D976B-80E6-4686-A4B9-F983D62456B2}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | "{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn | "{4457C98A-3398-4762-8712-C0C004942F14}" = dir=in | name=hp all-in-one printer remote | "{447394C1-5E20-4E86-8BB2-364D0D3391CF}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | "{46FA4EA3-B6C3-4FB7-A49F-7480166B48D1}" = dir=out | name=@{microsoft.microsoftofficehub_17.7909.7600.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} | "{4B4351F1-5DF2-4752-B80A-C852C57E9B9E}" = dir=in | name=@{microsoft.skypeapp_11.11.110.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} | "{4B7DFF79-ECE7-4D30-8183-75D3BBA5A3B2}" = dir=out | name=@{microsoft.bingsports_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} | "{4B956DCC-1110-497E-9B30-953649F4DAB4}" = dir=out | name=dell shop | "{4C66951C-4BD0-45BD-8829-2B0D05277026}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{4CA921E6-0758-41EA-8E5D-CF470918360A}" = dir=out | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} | "{4CE673F3-D552-4DA3-8958-9AD2D6091128}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | "{4D0A7D5A-AA13-451C-8915-11F3E7ED1C0B}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} | "{4FED1E47-0ED6-4802-991A-B5FB0BA475CC}" = dir=out | name=juniper networks junos pulse | "{50099954-DF89-41A8-A460-CF6B5750D0F0}" = dir=out | name=kindle | "{508A132F-D4E2-48B5-8DA0-10975B04D789}" = dir=out | name=@{microsoft.zunevideo_10.17012.10301.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | "{53A007B8-A342-4311-8D82-AE26BE207F4A}" = dir=in | name=@{microsoft.microsoftofficehub_17.7909.7600.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} | "{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{54AA4E8C-C945-4221-AFB6-C3511694CEBF}" = dir=out | name=@{microsoft.accountscontrol_10.0.14393.693_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} | "{54BAD16C-6E55-48D9-895C-33C1BE8B3C61}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.7922.42017.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} | "{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect | "{5877C558-DA55-43A6-86BD-9A0B9186C0F6}" = dir=out | name=onenote | "{58B006D3-B71D-4042-A512-A017C1C3987F}" = dir=in | name=@{microsoft.zunevideo_10.17012.10301.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | "{59911422-7E5A-458B-8167-B0E74B970E99}" = dir=out | name=@{thechurchofjesuschristofl.gospellibrary_2.16.11.190_x86__ae8bh92e13w8t?ms-resource://thechurchofjesuschristofl.gospellibrary/resources/appdisplayname} | "{5A6E2801-829D-4E7D-9108-848D9D607F34}" = dir=out | name=microsoft sticky notes | "{5CC9BE74-052A-4AB1-9F11-221E41E4B4C5}" = dir=out | name=@{microsoft.xboxcompanion_1.4.3.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} | "{5D1B0B95-502B-4A5D-B5F1-2309FA66BFF9}" = dir=in | name=@{microsoft.zunemusic_10.17012.10301.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | "{5E0C6D5B-87F0-4C2A-8EC3-E631962910FC}" = dir=in | name=check point vpn | "{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect | "{6215845C-E96A-4B29-95A1-087DFA11FD08}" = dir=out | name=sway | "{64E7430A-87D4-4775-8222-1E5CA2B1506E}" = dir=out | name=@{microsoft.windowsmaps_5.1611.3342.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} | "{65C429FE-C623-49F2-A410-7C3B5B894723}" = dir=out | name=f5 vpn | "{67D1D4F5-330F-4AC7-A90E-4315E2D51420}" = dir=in | name=microsoft jigsaw | "{6AF9567F-C4C2-492C-A377-079C4A550024}" = dir=in | name=@{microsoft.bingfinance_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} | "{6D53E30B-CE1F-402F-B03C-A7A8DB8C5703}" = dir=out | name=@{microsoft.zunemusic_10.17012.10301.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | "{70288396-E95F-4D57-8E6F-B0095649072E}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe | "{725FCF47-9DF9-4568-9ABE-B22926ED1E5C}" = dir=in | name=@{microsoft.bingsports_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} | "{74D44445-A970-474A-89CD-AC9F8316CBB2}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe | "{7B8118B3-C0E8-4A21-B98F-29EB44676DAE}" = dir=in | name=@{microsoft.bingweather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} | "{7BA1CC1F-4CB2-4DF4-AE2B-956E3EA35290}" = dir=out | name=@{microsoft.lockapp_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} | "{7FFC4B75-B0B9-4551-82E3-D7EF073D93E2}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} | "{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{88C31B2F-27A0-477F-810B-70243BF9BBD7}" = dir=out | name=sonicwall mobile connect | "{89B70DA5-089D-45C4-A233-72653E62450D}" = dir=in | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} | "{8A5DF6E3-2AA8-46D9-826D-A81E159350D9}" = dir=out | name=@{microsoft.windowsstore_11610.1001.25.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} | "{8B0A6D8E-AAFB-48D3-904D-6C619FC6E92A}" = dir=out | name=the plan of salvation | "{8B590085-C0DA-40DC-A21E-0771AD488475}" = dir=out | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} | "{8D9541C8-B8C3-47B1-A7D4-69A7A126CE1E}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} | "{8DC636D0-1565-40E1-89D3-00BA89F360F6}" = dir=out | name=@{microsoft.windowsphone_10.1609.2561.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} | "{8DFE3D08-6150-4567-9E19-1240EE39B799}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | "{8E3DCCFE-40DE-42DC-9DF8-9B45510EDD9C}" = dir=in | name=microsoft solitaire collection | "{940B9902-0DC7-4DB1-A257-6CFA0DFC4706}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} | "{988031D7-65BF-45C0-9698-9AEAAF040C42}" = dir=in | name=juniper networks junos pulse | "{9A9B61B8-3D01-4097-9CD0-00745EEDF7DC}" = dir=out | name=@{microsoft.bingweather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} | "{9D3DDA47-B11B-48A8-B4B4-897EE9B2D345}" = dir=out | name=check point vpn | "{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{A524B0F8-E2EA-491D-ADA0-52C50C063B9C}" = dir=out | name=ebay | "{A6C2AC04-0C83-4CB1-937D-071254FED9EA}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} | "{A7FAC7CA-C3CC-45C7-8DB5-F5585A3A5FCB}" = dir=in | name=xbox | "{AA76685F-4D7D-4C82-B3B3-6A038A989B22}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | "{ACA7312C-A37B-48B3-8A32-F0DDE0792BE1}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{B0326748-B4FB-423C-870C-1B4CE8BA6D1F}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe | "{B1BA08FA-993A-4884-8ECC-FB74E6C0FB17}" = dir=out | name=microsoft mahjong | "{B3885110-7380-4010-9352-EF386ED8C193}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} | "{B7A3154A-C3D0-4E5E-86F5-ABFBF8F756D4}" = dir=out | name=@{microsoft.bingfinance_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} | "{BDE483C9-70EE-433B-837E-1F101B833ACD}" = dir=out | name=candy crush saga | "{C3AB1E25-C9BD-41E3-BBE3-E36517D9724D}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | "{C7C5F606-31CA-48A7-8681-BDC8134B880F}" = dir=out | name=hp all-in-one printer remote | "{CD85BFE3-CFCE-4122-BF32-1C326E337108}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe | "{D0F0D8AC-E97F-49E1-AA7D-5080A680A700}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{D1B545AA-CD45-4FE8-94BE-B1017DB0FE1E}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | "{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn | "{D8E11E7E-544F-4944-ACDA-2D1F01552BC1}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} | "{D907358B-5423-404B-B1FB-44F3257F1AAE}" = dir=in | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} | "{D917B948-0E91-449A-A86A-954F5CDF6DB0}" = dir=in | name=@{microsoft.windowsstore_11610.1001.25.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} | "{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn | "{DBF1D552-6F31-43E3-B1ED-D679ADD1736C}" = dir=in | name=sway | "{DD34E1C5-797D-41A1-B633-02AF6C4CD23D}" = dir=out | name=@{microsoft.people_10.1.3410.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} | "{DD8335AB-FD2E-49FD-8A8C-D94A86F02562}" = dir=in | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} | "{DE0B0843-C617-4D9C-A3B2-C38E83ADB359}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{DE1A68A1-64AB-4382-AF1A-4ACA41B64C4E}" = dir=out | name=microsoft solitaire collection | "{E02AE793-A5BF-46C7-B613-7CD35704EF67}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.7922.42017.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} | "{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn | "{EEF8B5BA-24A7-459A-8BC6-01A827BE0522}" = dir=out | name=@{microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} | "{F27359C2-CE7F-403D-B73F-4B567EF2C916}" = dir=out | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} | "{F3E05EED-8441-4017-9AF8-A2B1B18AC7C2}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{F473E503-545E-457F-B2E8-FA87CC2CE4BC}" = dir=out | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} | "{F5CF6DA4-1373-4764-A3CD-55E22551A315}" = dir=in | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} | "{F5DC9F08-CBD5-4C39-B5B9-5AEEECFCA023}" = dir=out | name=windows_ie_ac_001 | "{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client | "{F6E5A1A8-E3F3-4C6A-9B64-907B14A4BFD1}" = dir=out | name=@{microsoft.bingtravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} | "{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client | "{F7AF19B8-2A23-461E-8D5D-50F39A85BB98}" = dir=in | name=@{microsoft.bingnews_4.18.41.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} | "{FADDA366-CE1D-44C7-8372-4BEF6374F462}" = dir=out | name=store purchase app | "{FB1E8A82-C9AA-4A2A-81C4-C9A819D6D630}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | "{FE3ADEA3-5957-4F57-B4D2-1211E009A1C3}" = dir=out | name=amazon | "TCP Query User{51FD9A74-0B42-45DE-9B1B-66FAFC12AACC}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "TCP Query User{56DD985F-2A69-4424-8EEE-0F66D9113FCA}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "UDP Query User{FF72A37B-4781-4058-A774-E34FF3188320}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{2937FD88-C9D6-4B82-B539-37CD0A572F42}" = Apple Application Support (64-bit) "{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}" = Apple Mobile Device Support "{2E55EEFD-2162-4A7D-9158-EDB0305603A6}" = Dell Data Vault "{307032B2-6AF2-46D7-B933-62438DEB2B9A}" = Maxx Audio Installer (x64) "{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 "{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}" = Bonjour "{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64) "{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 "{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64 "{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64 "{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client "PC-Doctor for Windows" = Dell SupportAssist "SynTPDeinstKey" = Dell Touchpad [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform "{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell Backup and Recovery "{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack "{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10 "{27130E51-9555-408B-8134-7BFF54EDE27B}" = Dell SupportAssistAgent "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Dell WLAN and Bluetooth Client Installation "{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8 "{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery "{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform "{4FA72FF9-DD64-43A8-8704-6380A11F11D5}" = Dell Customer Connect "{56EC47AA-5813-4FF6-8E75-544026FBEA83}" = Apple Software Update "{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker "{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110 "{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell Backup and Recovery - Support Software "{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10 "{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 "{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 "{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials "{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint 2.5 "{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common "{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 "{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common "{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}" = Dell Update "{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10 "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery "{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}" = Apple Application Support (32-bit) "{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE "0591-8077-9297-0833" = FamilySearch Indexing 3.26.0 "Adobe Flash Player NPAPI" = Adobe Flash Player 24 NPAPI "Avast Antivirus" = Avast Free Antivirus "Google Chrome" = Google Chrome "InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}" = CyberLink Media Suite Essentials "Mozilla Firefox 51.0.1 (x86 en-US)" = Mozilla Firefox 51.0.1 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "SafeZone 1.51.2220.62" = SafeZone Stable 1.51.2220.62 "SafeZone 3.55.2393.561" = SafeZone Stable 3.55.2393.561 "TeamViewer" = TeamViewer 11 "WinLiveSuite" = Windows Live Essentials ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-891212858-715741461-1384353718-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1" = ChromecastApp "OneDriveSetup.exe" = Microsoft OneDrive ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 3/1/2017 9:39:11 PM | Computer Name = MarieLT | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 1141 Error - 3/1/2017 9:39:13 PM | Computer Name = MarieLT | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 3/1/2017 9:39:13 PM | Computer Name = MarieLT | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 3032 Error - 3/1/2017 9:39:13 PM | Computer Name = MarieLT | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 3032 Error - 3/3/2017 11:09:15 AM | Computer Name = MarieLT | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 3/3/2017 11:09:15 AM | Computer Name = MarieLT | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 1235 Error - 3/3/2017 11:09:15 AM | Computer Name = MarieLT | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 1235 Error - 3/4/2017 1:58:10 AM | Computer Name = MarieLT | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 3/4/2017 1:58:10 AM | Computer Name = MarieLT | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 1204 Error - 3/4/2017 1:58:10 AM | Computer Name = MarieLT | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 1204 Error - 3/4/2017 11:45:35 AM | Computer Name = MarieLT | Source = Application Hang | ID = 1002 Description = The program OTL.com version 3.2.69.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 3074 Start Time: 01d294fc12b268a7 Termination Time: 4294967295 Application Path: C:\Users\Marie\Downloads\OTL.com Report Id: 999ff07f-00f1-11e7-bec8-74867a3fbfa3 Faulting package full name: Faulting package-relative application ID: [ System Events ] Error - 2/16/2017 9:59:48 PM | Computer Name = MarieLT | Source = DCOM | ID = 10010 Description = Error - 2/17/2017 3:01:50 PM | Computer Name = MarieLT | Source = DCOM | ID = 10016 Description = Error - 2/17/2017 3:03:42 PM | Computer Name = MarieLT | Source = DCOM | ID = 10016 Description = Error - 2/17/2017 3:06:42 PM | Computer Name = MarieLT | Source = DCOM | ID = 10010 Description = Error - 2/17/2017 9:29:51 PM | Computer Name = MarieLT | Source = DCOM | ID = 10016 Description = Error - 2/22/2017 6:48:17 PM | Computer Name = MarieLT | Source = DCOM | ID = 10016 Description = Error - 2/24/2017 9:46:00 PM | Computer Name = MarieLT | Source = DCOM | ID = 10010 Description = Error - 2/25/2017 8:49:23 PM | Computer Name = MarieLT | Source = DCOM | ID = 10010 Description = Error - 2/27/2017 3:41:50 PM | Computer Name = MarieLT | Source = DCOM | ID = 10010 Description = Error - 3/4/2017 12:35:50 AM | Computer Name = MarieLT | Source = DCOM | ID = 10016 Description = < End of report
  6. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.0 (12.05.2016) Operating System: Windows 10 Home x64 Ran by Marie (Administrator) on Fri 02/17/2017 at 11:51:33.84 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 0 Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Fri 02/17/2017 at 11:56:23.56 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  7. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.0 (12.05.2016) Operating System: Windows 10 Home x64 Ran by Marie (Administrator) on Thu 02/16/2017 at 18:46:53.74 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 3 Successfully deleted: C:\WINDOWS\system32\Tasks\PCDEventLauncherTask (Task) Successfully deleted: C:\WINDOWS\system32\Tasks\PCDoctorBackgroundMonitorTask-Retry (Task) Successfully deleted: C:\WINDOWS\system32\Tasks\PCDoctorBackgroundMonitorTask (Task) Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Thu 02/16/2017 at 18:51:07.74 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  8. # AdwCleaner v6.043 - Logfile created 16/02/2017 at 18:31:14 # Updated on 27/01/2017 by Malwarebytes # Database : 2017-02-13.1 [Server] # Operating System : Windows 10 Home (X64) # Username : Marie - MARIELT # Running from : C:\Users\Marie\Downloads\adwcleaner_6.043.exe # Mode: Clean # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder deleted: C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\ag0xvj42.default-1440197636424\extensions\[email protected] [-] Folder deleted: C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\ag0xvj42.default-1440197636424\TelevisionFanatic ***** [ Files ] ***** [-] File deleted: C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\ag0xvj42.default-1440197636424\extensions\@TV.xpi ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** ***** [ Web browsers ] ***** [-] Chrome preferences cleaned: "browser.newtab.url" - "hxxp://search.searchwytsn.com?uid=36b13a9f-8c75-4c96-b689-6cdbdf1f04e0&uc=20170209&ap=appfocus7&source=1-bb8&page=newtab&implementation_id=tv_0.2.0" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.BUTTON_STRUCTURE" - "[{\"b\":223757306,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":223757307,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0\"},{\"b\":223757309,\"c\":\"mindspark.full\",\"p\":\"L.0.1\"},{\"b\":223757313,\"c\":\"mindspark.imagesearch\",\"p\":\"L.0.2\"},{\"b\":223757316,\"c\":\"mindspark.advanced\",\"p\":\"L.0.3\"},{\"b\":223757319,\"c\":\"mindspark.directorysearch\",\"p\":\"L.0.4\"},{\"b\":223757258,\"c\":\"mindspark.search\",\"p\":\"L.1\"},{\"b\":231276225,\"c\":\"mindspark.watchtv\",\"v\":\"1.0.4\",\"p\":\"L.2\"},{\"b\":230233313,\"c\":\"mindspark.favoriteshows\",\"v\":\"1.3.0\",\"p\":\"L.3\"},{\"b\":223757267,\"c\":\"mindspark.livesports\",\"p\":\"L.4\"},{\"b\":223757268,\"c\":\"mindspark.cbssportsulive\",\"p\":\"L.4.0\"},{\"b\":223757269,\"c\":\"mindspark.watchlive\",\"p\":\"L.4.1\"},{\"b\":223757270,\"c\":\"mindspark.nbc\",\"p\":\"L.4.2\"},{\"b\":223757272,\"c\":\"mindspark.mlb\",\"p\":\"L.4.3\"},{\"b\":223757273,\"c\":\"mindspark.hulu\",\"p\":\"L.5\"},{\"b\":225241038,\"c\":\"mindspark.showrecaps\",\"p\":\"L.6\"},{\"b\":225241040,\"c\":\"mindspark.tvnews\",\"v\":\"1.2.3\",\"p\":\"L.7\"},{\"b\":223757278,\"c\":\"mindspark.tvlistings\",\"p\":\"L.8\"},{\"b\":224951369,\"c\":\"mindspark.videos\",\"v\":\"1.1.6\",\"p\":\"L.9\"},{\"b\":224931024,\"c\":\"mindspark.facebook\",\"p\":\"L.10\"},{\"b\":223757282,\"c\":\"mindspark.watchmovies\",\"p\":\"L.11\"},{\"b\":223757283,\"c\":\"mindspark.amazoninstantvideo\",\"p\":\"L.11.0\"},{\"b\":223757284,\"c\":\"mindspark.netflix\",\"p\":\"L.11.1\"},{\"b\":223757286,\"c\":\"mindspark.snagfilms\",\"p\":\"L.11.2\"},{\"b\":223757287,\"c\":\"mindspark.networks\",\"p\":\"L.12\"},{\"b\":223757288,\"c\":\"mindspark.abc\",\"p\":\"L.12.0\"},{\"b\":223757289,\"c\":\"mindspark.cbs\",\"p\":\"L.12.1\"},{\"b\":223757290,\"c\":\"mindspark.nbc\",\"p\":\"L.12.2\"},{\"b\":223757291,\"c\":\"mindspark.fox\",\"p\":\"L.12.3\"},{\"b\":223757292,\"c\":\"mindspark.crackle\",\"p\":\"L.12.4\"},{\"b\":223757294,\"c\":\"mindspark.ustream\",\"p\":\"L.12.5\"},{\"b\":230584985,\"c\":\"mindspark.watchmovies\",\"p\":\"L.12.6\"},{\"b\":230584986,\"c\":\"mindspark.amazoninstantvideo\",\"p\":\"L.12.6.0\"},{\"b\":230584987,\"c\":\"mindspark.netflix\",\"p\":\"L.12.6.1\"},{\"b\":230584988,\"c\":\"mindspark.snagfilms\",\"p\":\"L.12.6.2\"},{\"b\":223757295,\"c\":\"mindspark.weather\",\"v\":\"1.2.3\",\"p\":\"L.13\"}]" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.browser.startup.homepage.prev" - "hxxp://search.searchwytsn.com?uid=36b13a9f-8c75-4c96-b689-6cdbdf1f04e0&uc=20170209&ap=appfocus7&source=1-bb8&page=homepage&implementation_id=tv_0.2.0" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.browser.startup.homepage.savedPrev" - "true" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.browser.startup.homepage.tb" - "hxxp://hp.myway.com/televisionfanatic/ttab02/index.html?coId=e39d23d4ca3e4856a33ba1719648861a&subId=CI_k7pOFhNICFQ90fgodQ6cK5g&ln=en&n=78394be7&ptb=A0970DCD-47AC-4549-89CD-0CA7B123722C&st&p2=%5EXP%5Exdm307%5ES20213%5Eus&si=CI_k7pOFhNICFQ90fgodQ6cK5g" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.browser.startup.page.savedPrev" - 1 [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.browser.startup.page.tb" - 1 [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.browser.version.last" - "51.0" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.coId" - "e39d23d4ca3e4856a33ba1719648861a" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.firstKnownVersion" - "7.700.10.55239" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.homepage" - "hxxp://hp.myway.com/televisionfanatic/ttab02/index.html?coId=e39d23d4ca3e4856a33ba1719648861a&subId=CI_k7pOFhNICFQ90fgodQ6cK5g&ln=en&n=78394be7&ptb=A0970DCD-47AC-4549-89CD-0CA7B123722C&st&p2=%5EXP%5Exdm307%5ES20213%5Eus&si=CI_k7pOFhNICFQ90fgodQ6cK5g" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.hp.enabled" - false [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.hp.guardType" - "HPR" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.initialized" - true [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.installType" - "XPI" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.installation.dlpCountryCode" - "US" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.installation.installDate" - "2017020903" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.installation.partnerId" - "^XP^xdm307^S20213^us" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.installation.partnerSubId" - "CI_k7pOFhNICFQ90fgodQ6cK5g" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.installation.pixelUrl" - "hxxp://download.televisionfanatic.com/install_pixels.jhtml?partner=^XP^xdm307^S20213^us&sub_id=CI_k7pOFhNICFQ90fgodQ6cK5g&coId=e39d23d4ca3e4856a33ba1719648861a&tbGuid=A0970DCD-47AC-4549-89CD-0CA7B123722C" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.installation.success" - true [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.installation.toolbarDataSource" - "[\"COOKIE\",\"LOCAL_STORAGE\"]" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.installation.toolbarId" - "A0970DCD-47AC-4549-89CD-0CA7B123722C" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.lastActivePing" - "1486953429007" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.lastKnownVersion" - "7.700.10.55239" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.lssState" - "{\"previousLocales\":[\"en-US\",\"en\"],\"supportedLocales\":[\"de\",\"es\",\"pt\",\"ja\",\"en\"],\"defaultLocale\":\"en\",\"supportedLocale\":\"en\",\"previousLocale\":\"en\"}" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.options.defaultSearch" - false [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.options.homePageEnabled" - true [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.options.keywordEnabled" - false [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.options.tabEnabled" - true [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.partnerPixelFired" - true [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.productDeliveryOption.language" - "en" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.productDeliveryOption.newTabURL" - "hxxp://hp.myway.com/televisionfanatic/ttab02/index.html?p2=${partnerID}&n=${installDateHex}&ptb=${toolbarID}&si=${partnerSubID}" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.productDeliveryOption.type" - "ToolTab" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.successUrl" - "hxxp://download.televisionfanatic.com/installComplete.jhtml" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.toolbarCollapsed" - true [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.uninstallSurveyUrl" - "hxxp://televisionfanatic.dl.myway.com/uninstall.jhtml?surveyUrl=hxxp%3A%2F%2Fwww.research.net%2Fr%2FGJD3CKB%3Fc%3D<!--toolbarID-->%26ptb%3D<!--partnerID-->" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark._64Members_.uninstallTasks" - "{\"prefBranchesToDelete\":[\"extensions.toolbar.mindspark._64Members_.\"],\"filesToDelete\":[\"C:\\\\Users\\\\Marie\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ag0xvj42.default-1440197636424\\\\TelevisionFanatic\\\\A0970DCD-47AC-4549-89CD-0CA7B123722C.sqlite\",\"C:\\\\Users\\\\Marie\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ag0xvj42.default-1440197636424\\\\TelevisionFanatic\"]}" [-] Chrome preferences cleaned: "extensions.toolbar.mindspark.hp.enabled" - false [-] Chrome preferences cleaned: "extensions.toolbar.mindspark.lastInstalled" - "[email protected]" [-] [C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com [-] [C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com ************************* :: "Tracing" keys deleted :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [9963 Bytes] - [16/02/2017 18:31:14] C:\AdwCleaner\AdwCleaner[S0].txt - [9842 Bytes] - [16/02/2017 18:26:50] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [10109 Bytes] ##########
  9. I made the mistake of trying to watch a PBS show and got sucked into downloading TelevisionFanatic. Now I can't get rid of it. Please help. Flash4 helped me before, perhaps you can help me again.
  10. Just want to give a big shout out and thank you to Flashh4 for helping this poor computer illiterate to get her computer back up and running! Very professional and on top of the latest programs out there to beat those bad guys! Thanks again!
  11. OTL Extras logfile created on: 10/17/2013 8:29:02 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tim\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16721) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.87 Gb Total Physical Memory | 0.98 Gb Available Physical Memory | 34.21% Memory free 5.74 Gb Paging File | 3.37 Gb Available in Paging File | 58.65% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 221.24 Gb Total Space | 145.29 Gb Free Space | 65.67% Space Free | Partition Type: NTFS Computer Name: TIM-PC | User Name: Tim | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found [HKEY_USERS\S-1-5-21-419008064-1442257413-3684721255-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0389B9D6-3FC7-4AB0-A04E-9887B7AA244F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{050C71A9-A9A1-464D-9839-D87B619E097A}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 | "{1084C800-2C4D-4032-9383-DF726CEF5B2A}" = rport=2869 | protocol=6 | dir=out | app=system | "{253F78C6-0D9F-4DAD-B907-CF679C32D773}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{25E17C1E-94A6-4B06-9CF9-30D9E56918E4}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{2F6B7597-BD12-4D7B-AB29-949F996E198C}" = lport=2869 | protocol=6 | dir=in | app=system | "{35875353-DBDA-4D7A-9D07-375222001368}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{3B6A37AC-F7FC-4E9B-BC23-9FB2B104E120}" = lport=137 | protocol=17 | dir=in | app=system | "{496A870C-3400-4240-9995-2C5F1349C384}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{50EF936E-740C-42E1-9598-EE4E68791BA8}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{52F081B0-8AF0-43CD-BEB1-38A32698146A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{55529164-7C5E-4D35-9BDF-0500A08A6BB6}" = lport=10243 | protocol=6 | dir=in | app=system | "{591F3C76-5BBD-4570-AC95-1AB28195BDA0}" = rport=137 | protocol=17 | dir=out | app=system | "{5B764239-46E6-477F-BDC5-DC446B1B93DE}" = lport=139 | protocol=6 | dir=in | app=system | "{623D2F11-EF85-4BE2-A50A-1B74D9865F86}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{678BE4DE-2936-409E-A3F2-95679EB6B135}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | "{7BDF7691-1F2C-41D6-8B5A-1521F914EB74}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{7EE612A2-2411-4978-9701-86C22B976E7A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{85A399F8-91DF-4860-9032-CEF345271F74}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{8F0957AB-ADAC-4309-AFBA-1E642C5C1804}" = rport=138 | protocol=17 | dir=out | app=system | "{A17F1F14-DA92-474F-8B09-17ADE5CE7063}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{A2E7E87B-5491-4D25-89A3-9506E4ABADFA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{A9C4E2AB-D212-43E1-AF70-1884D8C6E9BB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{AE39B3DB-D3D4-4FEA-B68E-C56B06A15D06}" = lport=138 | protocol=17 | dir=in | app=system | "{AF7541AC-E81E-4AC4-99D0-C971039E7369}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{B0FC7BE5-4722-491E-88A0-0378E6EB8515}" = lport=2869 | protocol=6 | dir=in | app=system | "{B2DD1864-5A99-4D3E-9FD1-49B03C90AFC5}" = rport=10243 | protocol=6 | dir=out | app=system | "{B701C737-C356-4CD4-9B41-0D1322AA1DD1}" = rport=139 | protocol=6 | dir=out | app=system | "{C9EDA6B8-AAC9-4840-A940-1159E331721A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{CE98DED1-3861-4C43-8E66-572F837F4364}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{CEDC6C73-501A-4C9E-A1C7-1F73A3D50291}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{D362F2A1-BE43-4541-B448-A168EB39B7CB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{D8B3C3D8-B212-49CC-90FA-DDC5D80D04B2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E449B0F8-9A6A-48EA-9F82-B3CC4FED8A92}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{E9423240-D5D8-4CDE-B930-E3A415FD5F8C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{EB20C4E5-739F-4FEF-9849-D5923D807933}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{EFBD6449-275B-47B5-AB75-38EB391CD156}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{F3012E0E-FF88-4DB1-8340-D7377F0873D8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F84E81FD-4787-4D43-AF30-791C1C6D66BE}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{F923A68A-85FB-425A-9868-A4803806CF1B}" = lport=445 | protocol=6 | dir=in | app=system | "{FD56486A-F03E-430B-8352-5708F9BB09B5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{FF35CA11-3682-4E4D-9C43-22FB6A3CEA36}" = rport=445 | protocol=6 | dir=out | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01CED131-B5D8-4309-8828-0875F527B8C1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{040686A4-8801-41DB-89CF-1D868E110147}" = protocol=6 | dir=in | app=c:\program files (x86)\mcafee\common framework\frameworkservice.exe | "{18F347DC-1925-490C-8BCE-516F1B0B6C58}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{24FBD22E-FDFB-41E8-81F9-A221F15C95D6}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{25185626-D1D8-434B-AA26-0B0E5329BE34}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{258AE339-2052-42F6-B9D3-B902370700B4}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{29836840-37DC-4D51-A529-6DF8A538557B}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{2ACDE38B-D3DE-42A4-A37E-3B35761EF3F0}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{2EAEF271-2A9D-4C59-AC16-CB92112B39B6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{302D49C5-9CB0-4657-A1C4-D5149CC98D0B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{4513DACF-75FA-400C-8A5B-DFC7E002435C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{481A548E-9C69-4F4D-9ADE-C5B58F1CA840}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{4D159D4F-B27C-4A84-9015-DDAF2CD24C51}" = protocol=58 | dir=out | [email protected],-28546 | "{5139FC39-9AFB-4CF4-A48E-B16024D4A2A9}" = protocol=58 | dir=in | [email protected],-148 | "{5A51103A-27BC-4DB1-B390-322B5A35FB4C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{5AB9B1F4-F63C-4A2D-BCFB-A7151D4715E6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{67E9151E-F6F6-42A5-9CE2-3343EF13571B}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{73EE5AF1-1BEF-4FAA-9141-CED35D526A89}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{7C8B1254-AE08-42A5-958A-970277165BD9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{7D124BE7-EC3C-4D68-B407-AD297C3C6069}" = protocol=1 | dir=out | [email protected],-28544 | "{7D278F13-4BCE-465A-9B26-FEE2C9CBFC0F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{7FCA74BA-F136-4E24-8B65-1DAE2C5A40EE}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{7FFE562B-7240-4F41-9573-3CD53DD428B4}" = protocol=1 | dir=in | [email protected],-28543 | "{8B1BFF6C-E383-4ACE-B58D-A098E876ED62}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{9D95411C-3737-4E95-A76D-B372B424F1D7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{9DA72E55-18D8-4669-A475-58587AC5AC22}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{A1BD4989-6E10-429A-8D84-1D9848BD7979}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{A8FA006F-231B-4D37-92C5-807584E02947}" = protocol=6 | dir=out | app=system | "{D301F7B7-E006-4E2A-B622-547F44E0AF3E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{D54C92ED-7399-48D6-8AA7-4CB10A861CB7}" = protocol=17 | dir=in | app=c:\program files (x86)\mcafee\common framework\frameworkservice.exe | "{DB10CFDE-0FAC-484F-8286-6D44123E5D24}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{E61D00EE-BAA9-4258-B2C0-79DB920290A4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{EA5123F3-1ADA-41DD-AD65-BCC7D4ADC622}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{F0255389-2EA2-4F55-AC4C-28BFD9FB817D}" = protocol=58 | dir=in | [email protected],-28545 | "{FF53E083-0D0E-435E-9F64-84CB7F106BE6}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "TCP Query User{E933EB2B-45BA-4F9B-9CAC-02C8BD4073C0}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe | "UDP Query User{9FBCB1D4-A038-42B3-B130-4016ACB2D46F}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1C336D20-A089-4818-9C56-96AD81BF5A11}" = PANTECH USB Modem V2 "{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime "{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator "{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64 "{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board "{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app "CNXT_AUDIO_HDA" = Conexant HD Audio "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier "{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn "{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package "{073B89C3-BA88-41B5-965F-B35A88EAE838}" = TOSHIBA Supervisor Password "{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0D795777-9D60-4692-8386-F2B3F2B5E5BF}" = [email protected] 1.0 "{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday "{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist "{1D601240-1E3C-11DE-8C30-0800200C9A66}" = Walmart Photo Manager "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25 "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{39187A4B-7538-4BE7-8BAD-9E83303793AA}" = Toshiba Book Place "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skypeâ„¢ 6.7 "{56AB063D-1450-4BDE-9F0D-E9C693429C51}" = netbrdg "{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration "{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support "{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA "{65135558-F1AE-4B9B-8C0B-180730ACA261}" = Garmin Express "{65D85050-5610-4A91-A3B1-D5C744291AD4}" = PCDADDIN "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids "{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{876AB032-B2A4-41FF-AF87-DBC78454C1B0}" = Garmin Update Service "{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr "{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS "{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini "{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}" = TOSHIBA Hardware Setup "{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English "{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{93765DFA-8A67-41FB-9FC0-B12341CA65F3}" = Elevated Installer "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer "{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller "{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore "{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8) "{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK "{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI "{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU "{C233BCC3-29C4-49C0-B955-0A94509FC4FC}" = Garmin Express Tray "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C99DCDA4-7407-4F72-A77E-C81C551D0C4E}" = PCDHELP "{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D322A9E3-758B-4D60-A7C4-65C88FD378D0}" = Bing Bar "{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software "{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq "{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby "{e47a5c85-88a2-47d2-b380-fc2e763c2e6d}" = Garmin Express "{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application "{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}" = Toshiba App Place "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver "{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase "{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in "{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK "{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS "{FDF9943A-3D5C-46B3-9679-586BD237DDEE}" = SKIN0001 "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "avast" = avast! Free Antivirus "InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package "InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime "InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board "InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300 "Mozilla Firefox 24.0 (x86 en-US)" = Mozilla Firefox 24.0 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "Mplayer" = Mplayer 0.6.9 "Office14.Click2Run" = Microsoft Office Click-to-Run 2010 "SMPlayer" = SMPlayer 0.6.9 "WinLiveSuite" = Windows Live Essentials "Yahoo! Companion" = Yahoo! Toolbar "Yahoo! Software Update" = Yahoo! Software Update ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-419008064-1442257413-3684721255-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "DSite" = Update for Zip Opener ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 10/16/2013 8:17:02 AM | Computer Name = Tim-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 11201 Error - 10/16/2013 9:18:03 AM | Computer Name = Tim-PC | Source = Application Error | ID = 1000 Description = Faulting application name: svchost.exe_MMCSS, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x0000000076ed000a Faulting process id: 0x3d8 Faulting application start time: 0x01ceca6578ea8dfc Faulting application path: C:\windows\system32\svchost.exe Faulting module path: unknown Report Id: 62c6cc9d-3665-11e3-a875-00266cae4df0 Error - 10/16/2013 9:23:17 AM | Computer Name = Tim-PC | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 10/16/2013 9:45:17 AM | Computer Name = Tim-PC | Source = Toshiba App Place | ID = 0 Description = Error - 10/17/2013 8:32:17 AM | Computer Name = Tim-PC | Source = Toshiba App Place | ID = 0 Description = Error - 10/17/2013 8:37:07 AM | Computer Name = Tim-PC | Source = Toshiba App Place | ID = 0 Description = Error - 10/17/2013 9:09:21 AM | Computer Name = Tim-PC | Source = Toshiba App Place | ID = 0 Description = Error - 10/17/2013 9:22:42 AM | Computer Name = Tim-PC | Source = Toshiba App Place | ID = 0 Description = Error - 10/17/2013 9:53:37 AM | Computer Name = Tim-PC | Source = Toshiba App Place | ID = 0 Description = Error - 10/17/2013 10:06:16 AM | Computer Name = Tim-PC | Source = Toshiba App Place | ID = 0 Description = [ System Events ] Error - 10/17/2013 9:10:09 AM | Computer Name = Tim-PC | Source = ipnathlp | ID = 34001 Description = Error - 10/17/2013 9:10:09 AM | Computer Name = Tim-PC | Source = ipnathlp | ID = 30013 Description = Error - 10/17/2013 9:23:14 AM | Computer Name = Tim-PC | Source = ipnathlp | ID = 34001 Description = Error - 10/17/2013 9:23:14 AM | Computer Name = Tim-PC | Source = ipnathlp | ID = 30013 Description = Error - 10/17/2013 9:37:55 AM | Computer Name = Tim-PC | Source = ipnathlp | ID = 31004 Description = Error - 10/17/2013 9:52:42 AM | Computer Name = Tim-PC | Source = ipnathlp | ID = 34001 Description = Error - 10/17/2013 9:52:42 AM | Computer Name = Tim-PC | Source = ipnathlp | ID = 30013 Description = Error - 10/17/2013 10:04:42 AM | Computer Name = Tim-PC | Source = EventLog | ID = 6008 Description = The previous system shutdown at 7:53:51 AM on ?10/?17/?2013 was unexpected. Error - 10/17/2013 10:05:41 AM | Computer Name = Tim-PC | Source = ipnathlp | ID = 34001 Description = Error - 10/17/2013 10:05:41 AM | Computer Name = Tim-PC | Source = ipnathlp | ID = 30013 Description = < End of report >
  12. OTL logfile created on: 10/17/2013 8:29:02 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tim\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16721) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.87 Gb Total Physical Memory | 0.98 Gb Available Physical Memory | 34.21% Memory free 5.74 Gb Paging File | 3.37 Gb Available in Paging File | 58.65% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 221.24 Gb Total Space | 145.29 Gb Free Space | 65.67% Space Free | Partition Type: NTFS Computer Name: TIM-PC | User Name: Tim | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/10/17 08:26:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tim\Downloads\OTL.com PRC - [2013/10/17 08:12:25 | 000,468,480 | ---- | M] () -- C:\Users\Tim\Downloads\CKScanner.exe PRC - [2013/10/11 07:38:01 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe PRC - [2013/10/01 07:21:41 | 000,274,840 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2013/07/23 02:46:22 | 000,240,288 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE PRC - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2013/05/10 01:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013/05/09 02:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2013/05/09 02:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2013/03/27 16:18:02 | 001,098,072 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe PRC - [2013/03/27 16:17:42 | 000,185,688 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe PRC - [2007/02/20 06:10:26 | 000,282,624 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe ========== Modules (No Company Name) ========== MOD - [2013/10/17 08:12:25 | 000,468,480 | ---- | M] () -- C:\Users\Tim\Downloads\CKScanner.exe MOD - [2013/10/13 17:52:54 | 001,227,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\decc12017394d466b473669f85b31b5d\System.WorkflowServices.ni.dll MOD - [2013/10/13 17:51:28 | 000,369,664 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\c8823408f21cc24f6add84812f1caaaf\System.ServiceModel.Routing.ni.dll MOD - [2013/10/13 17:51:25 | 001,142,272 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\0aa6ae92cf58fb9d614d00132c439b39\System.ServiceModel.Discovery.ni.dll MOD - [2013/10/13 17:51:20 | 000,082,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\53b16e9e500081433b043c3148d10239\System.ServiceModel.Channels.ni.dll MOD - [2013/10/13 17:50:54 | 001,394,176 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\5b0f72f144945b19324f94884e1e8699\System.ServiceModel.Activities.ni.dll MOD - [2013/10/13 17:50:45 | 001,079,296 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\51ffeacb880d9c15fecc1c74f83e8973\System.IdentityModel.ni.dll MOD - [2013/10/13 17:50:42 | 018,109,952 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\60608b811724b2711cb96817043c4dd8\System.ServiceModel.ni.dll MOD - [2013/10/13 17:49:45 | 001,089,024 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\593b48b531c3445e6dae067cc6879cdd\System.ServiceModel.Web.ni.dll MOD - [2013/10/13 17:39:35 | 001,021,952 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\10ef07233e429503b5bc942aa6194fe8\System.Runtime.DurableInstancing.ni.dll MOD - [2013/10/13 17:39:29 | 002,659,328 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\10519c5a16fab95707f40b55941647b5\System.Runtime.Serialization.ni.dll MOD - [2013/10/13 17:39:13 | 000,393,216 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\f58dc6b661c4fb91c68945da9b701135\System.Xml.Linq.ni.dll MOD - [2013/10/11 07:37:59 | 016,233,864 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll MOD - [2013/10/11 06:50:17 | 018,003,456 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\464a76a3fdc9ee7456cb4baaea3e503a\PresentationFramework.ni.dll MOD - [2013/10/11 06:49:55 | 001,014,272 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\71d887ce964fb69b7f03c4fe7a3f28ff\System.Configuration.ni.dll MOD - [2013/10/11 06:49:51 | 011,451,904 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b5b66869081b909d238fdea083cf3179\PresentationCore.ni.dll MOD - [2013/10/11 06:49:28 | 007,070,720 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\dac1208781fdd0b960afc12efff42944\System.Core.ni.dll MOD - [2013/10/11 06:49:18 | 003,858,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\0b37b2bafc33ef52282b9d7b217cabaf\WindowsBase.ni.dll MOD - [2013/10/11 06:49:10 | 013,199,360 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e40d894a772b2cff5ffd5a84ef20d2d4\System.Windows.Forms.ni.dll MOD - [2013/10/01 07:21:39 | 003,279,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2013/08/20 13:30:27 | 000,143,360 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\af7d7a2e47e0ac57b4f0fe5e0c1cda9a\SMDiagnostics.ni.dll MOD - [2013/08/20 13:28:55 | 001,801,728 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\4d277a8481c203a35c58bd277a2e71df\System.Xaml.ni.dll MOD - [2013/08/15 09:34:52 | 000,595,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\228b114c79c5d9024bdb4cc580e32c09\PresentationFramework.Aero.ni.dll MOD - [2013/08/15 09:34:44 | 001,667,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3a3fc0216674bdea0be809b305517c98\System.Drawing.ni.dll MOD - [2013/08/15 09:34:24 | 005,628,928 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll MOD - [2013/08/15 09:34:18 | 009,099,776 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll MOD - [2013/07/11 13:29:07 | 014,416,896 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll MOD - [2012/08/07 19:40:36 | 002,052,096 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxCmp.dll MOD - [2012/08/07 19:40:36 | 001,339,392 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxCommon.dll MOD - [2012/08/07 19:40:36 | 000,835,584 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxBase.dll MOD - [2012/08/07 19:40:36 | 000,786,432 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxXML2.dll MOD - [2012/08/07 19:40:36 | 000,770,048 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxIm.dll MOD - [2012/08/07 19:40:36 | 000,679,936 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll MOD - [2012/08/07 19:40:36 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxProc.dll MOD - [2012/08/07 19:40:36 | 000,430,080 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxFF.dll MOD - [2012/08/07 19:40:36 | 000,232,448 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll MOD - [2012/08/07 19:40:36 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll MOD - [2012/08/07 19:40:36 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\MEshim.dll MOD - [2012/08/07 19:40:36 | 000,009,728 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll MOD - [2012/08/07 19:40:35 | 001,564,672 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\areaifdll.dll MOD - [2012/08/07 19:40:35 | 000,405,504 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\ESCom.dll MOD - [2012/08/07 19:40:35 | 000,338,944 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\KFx.dll MOD - [2012/08/07 19:40:35 | 000,338,944 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\Atlas.dll MOD - [2012/08/07 19:40:35 | 000,303,104 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx MOD - [2012/08/07 19:40:35 | 000,246,272 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\AppCore.dll MOD - [2012/08/07 19:40:35 | 000,223,744 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VistaControls.esx MOD - [2012/08/07 19:40:35 | 000,120,832 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\kpries40.dll MOD - [2012/08/07 19:40:35 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll MOD - [2012/08/07 19:40:35 | 000,083,968 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\keml40.dll MOD - [2012/08/07 19:40:35 | 000,061,952 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\DibLibIP.dll MOD - [2012/08/07 19:40:35 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\LocCamBack.dll MOD - [2012/08/07 19:40:35 | 000,051,712 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll MOD - [2012/08/07 19:40:34 | 001,035,264 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\ESSkin.esx MOD - [2012/08/07 19:40:34 | 000,667,648 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\ESEmail.esx MOD - [2012/08/07 19:40:34 | 000,335,872 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx MOD - [2012/08/07 19:40:34 | 000,171,008 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\Pcd.esx MOD - [2012/08/07 19:40:34 | 000,115,200 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx MOD - [2012/08/07 19:40:34 | 000,095,744 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx MOD - [2012/08/07 19:40:34 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx MOD - [2012/08/07 19:40:34 | 000,077,312 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx MOD - [2012/02/20 22:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2012/02/20 22:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2007/02/20 06:10:20 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\AddIn\VistaPCD.cyx MOD - [2007/02/20 06:09:22 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\AddIn\VPCD.dll MOD - [2007/02/20 04:34:48 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\AddIn\LocVistaPCD.dll ========== Services (SafeList) ========== SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2013/05/09 02:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2010/09/28 14:30:28 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2010/02/05 18:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service) SRV:64bit: - [2009/07/28 17:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv) SRV - [2013/10/11 07:38:04 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/10/01 07:21:40 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/07/25 08:52:52 | 000,162,672 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013/07/23 02:46:22 | 000,240,288 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE -- (BBUpdate) SRV - [2013/07/23 02:46:22 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.EXE -- (BBSvc) SRV - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2013/05/10 01:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2013/03/27 16:17:42 | 000,185,688 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Running] -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service) SRV - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013/06/28 14:07:31 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm) DRV:64bit: - [2013/06/28 14:07:30 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2013/06/28 14:07:30 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2013/06/26 19:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2013/06/26 19:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2013/06/26 19:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2013/06/26 19:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2013/05/09 02:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2013/05/09 02:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:64bit: - [2013/05/09 02:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2013/05/09 02:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2013/05/09 02:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/11/20 07:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 05:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/07/20 08:00:12 | 000,173,328 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTUMWVsp.sys -- (PTUMWVsp) DRV:64bit: - [2010/07/20 08:00:12 | 000,173,328 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTUMWNSP.sys -- (PTUMWNSP) DRV:64bit: - [2010/07/20 08:00:12 | 000,173,328 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTUMWMdm.sys -- (PTUMWMdm) DRV:64bit: - [2010/07/20 08:00:12 | 000,143,888 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTUMWNET.sys -- (PTUMWNET) DRV:64bit: - [2010/07/20 08:00:12 | 000,012,688 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTUMWFLT.sys -- (PTUMWFLT) DRV:64bit: - [2010/07/20 08:00:10 | 000,173,328 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTUMWCSP.sys -- (PTUMWCSP) DRV:64bit: - [2010/07/20 08:00:10 | 000,070,928 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTUMWBus.sys -- (PTUMWBus) DRV:64bit: - [2010/07/20 08:00:10 | 000,024,976 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTUMWCDF.sys -- (PTUMWCDF) DRV:64bit: - [2010/06/30 02:27:08 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64) DRV:64bit: - [2010/03/31 16:50:16 | 000,724,536 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService) DRV:64bit: - [2010/03/10 20:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2010/03/04 19:53:00 | 000,075,816 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2010/02/20 11:24:34 | 010,300,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2010/02/01 12:29:48 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2009/11/06 14:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009/08/07 07:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009/07/30 22:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst) DRV:64bit: - [2009/07/14 17:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ) DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/07 10:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk) DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE:64bit: - HKLM\..\SearchScopes\{9D9724D8-EF99-41E8-80DF-EB93D2581D40}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{62CA7BDD-07E3-4243-A757-FDD6679214A1}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-419008064-1442257413-3684721255-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/?cid=C001B2Y IE - HKU\S-1-5-21-419008064-1442257413-3684721255-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-419008064-1442257413-3684721255-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com [binary data] IE - HKU\S-1-5-21-419008064-1442257413-3684721255-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.toshiba.com/?cid=C001B2Y IE - HKU\S-1-5-21-419008064-1442257413-3684721255-1000\..\URLSearchHook: {462be121-2b54-4218-bf00-b9bf8135b23f} - No CLSID value found IE - HKU\S-1-5-21-419008064-1442257413-3684721255-1000\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - No CLSID value found IE - HKU\S-1-5-21-419008064-1442257413-3684721255-1000\..\URLSearchHook: {f9bbf004-6e40-4019-8214-c43a37e1d058} - No CLSID value found IE - HKU\S-1-5-21-419008064-1442257413-3684721255-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-419008064-1442257413-3684721255-1000\..\SearchScopes\{2F9022F7-C000-4DB0-8F79-1EEC1C0D75CD}: "URL" = http://search.yahoo.com/search?p={searchterms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20111253,17118,0,18,0 IE - HKU\S-1-5-21-419008064-1442257413-3684721255-1000\..\SearchScopes\{62CA7BDD-07E3-4243-A757-FDD6679214A1}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF_en IE - HKU\S-1-5-21-419008064-1442257413-3684721255-1000\..\SearchScopes\{CF1ACED0-2254-454E-8998-C7AE97C6B942}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF IE - HKU\S-1-5-21-419008064-1442257413-3684721255-1000\..\SearchScopes\Comcast: "URL" = http://search.xfinity.com/?cat=subweb&con=mmchrome&q={searchTerms}&cid=xfstart_tech_search IE - HKU\S-1-5-21-419008064-1442257413-3684721255-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-419008064-1442257413-3684721255-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.0.4 FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1489 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/06/28 14:06:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/10/01 07:21:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/10/01 07:21:19 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/08/01 21:33:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tim\AppData\Roaming\Mozilla\Extensions [2013/09/27 07:35:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\d3gnp8c3.default\extensions [2012/12/03 09:17:56 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\d3gnp8c3.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013/10/01 07:21:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2013/10/01 07:21:19 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013/10/01 07:21:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2013/10/01 07:21:41 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013/06/28 14:06:36 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2012/06/06 11:35:46 | 000,001,692 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\comcast.xml ========== Chrome ========== CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: http://www.google.com CHR - Extension: No name found = C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: No name found = C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: No name found = C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\ CHR - Extension: No name found = C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation) O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Updater For XFIN_PORTAL) - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll File not found O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc) O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-419008064-1442257413-3684721255-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-419008064-1442257413-3684721255-1000\..\Toolbar\WebBrowser: (no name) - {4F524A2D-5637-006A-76A7-7A786E7484D7} - No CLSID value found. O3 - HKU\S-1-5-21-419008064-1442257413-3684721255-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O4:64bit: - HKLM..\Run: [] File not found O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.) O4:64bit: - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\SysNative\spool\drivers\x64\3\EKIJ5000MUI.exe (Eastman Kodak Company) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe () O4:64bit: - HKLM..\Run: [smoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found O4 - HKLM..\Run: [ToshibaAppPlace] C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe (Toshiba) O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation) O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-419008064-1442257413-3684721255-1000..\Run: [ComcastAntispyClient] "C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" /hide File not found O4 - HKU\S-1-5-21-419008064-1442257413-3684721255-1000..\Run: [Desktop Software] "C:\Program Files (x86)\Common Files\SupportSoft\bin\bcont.exe" /ini "C:\Program Files (x86)\ComcastUI\Desktop Software\uinstaller.ini" /fromrun /starthidden File not found O4 - HKU\S-1-5-21-419008064-1442257413-3684721255-1000..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries) O4 - HKU\.DEFAULT..\RunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" File not found O4 - HKU\S-1-5-18..\RunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKLM..\RunOnceEx: [] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {7876E4A5-78B7-4020-B08F-C960A1ED54C9} http://70.183.236.44/WinWebPush.cab (WebWatch Class) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4640BF22-70B3-4C77-8B62-25A3F443414D}: DhcpNameServer = 192.168.10.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F20E8139-9551-409D-A809-68860E8983F0}: DhcpNameServer = 72.21.65.13 72.21.65.14 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{58aec13d-e3fb-11e2-8b8b-00266cae4df0}\Shell - "" = AutoRun O33 - MountPoints2\{58aec13d-e3fb-11e2-8b8b-00266cae4df0}\Shell\AutoRun\command - "" = E:\menu.exe O33 - MountPoints2\{bb7fb588-64a1-11e0-ac52-00266cae4df0}\Shell - "" = AutoRun O33 - MountPoints2\{bb7fb588-64a1-11e0-ac52-00266cae4df0}\Shell\AutoRun\command - "" = E:\VZAccess_Manager.exe /z detect O33 - MountPoints2\{bb7fb60d-64a1-11e0-ac52-00266cae4df0}\Shell - "" = AutoRun O33 - MountPoints2\{bb7fb60d-64a1-11e0-ac52-00266cae4df0}\Shell\AutoRun\command - "" = E:\VZAccess_Manager.exe /z detect O33 - MountPoints2\{bb7fb62f-64a1-11e0-ac52-7a8020000200}\Shell - "" = AutoRun O33 - MountPoints2\{bb7fb62f-64a1-11e0-ac52-7a8020000200}\Shell\AutoRun\command - "" = E:\VZAccess_Manager.exe /z detect O33 - MountPoints2\{e24019e3-a818-11e0-8d79-00266cae4df0}\Shell - "" = AutoRun O33 - MountPoints2\{e24019e3-a818-11e0-8d79-00266cae4df0}\Shell\AutoRun\command - "" = E:\VZAccess_Manager.exe /z detect O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\VZAccess_Manager.exe /z detect O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/10/16 07:25:13 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Roaming\Malwarebytes [2013/10/16 07:25:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013/10/16 07:25:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013/10/16 07:24:57 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys [2013/10/16 07:24:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013/10/16 05:52:57 | 001,033,335 | ---- | C] (Thisisu) -- C:\Users\Tim\Desktop\JRT_NEW.exe [2013/10/12 20:09:17 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll [2013/10/12 20:09:15 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll [2013/10/12 20:09:13 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll [2013/10/12 20:09:12 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll [2013/10/12 20:09:12 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll [2013/10/12 20:09:12 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll [2013/10/12 20:09:11 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll [2013/10/12 20:09:11 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe [2013/10/12 20:09:11 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe [2013/10/12 20:09:10 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll [2013/10/12 20:09:10 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe [2013/10/12 20:08:59 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll [2013/10/12 20:08:58 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll [2013/10/12 20:08:57 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll [2013/10/12 20:08:55 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll [2013/10/11 06:39:04 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comctl32.dll [2013/10/11 06:38:55 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll [2013/10/11 06:38:55 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll [2013/10/11 06:38:55 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dciman32.dll [2013/10/11 06:38:54 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpk.dll [2013/10/11 06:38:53 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontsub.dll [2013/10/11 06:38:52 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontsub.dll [2013/10/11 06:38:52 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll [2013/10/11 06:38:51 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll [2013/10/11 06:38:10 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidclass.sys [2013/10/11 06:38:10 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidparse.sys [2013/10/11 06:38:06 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\davclnt.dll [2013/10/11 06:37:40 | 005,549,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe [2013/10/11 06:37:38 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\advapi32.dll [2013/10/11 06:37:35 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe [2013/10/11 06:37:34 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe [2013/10/11 06:37:34 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdh.dll [2013/10/11 06:37:33 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdh.dll [2013/10/11 06:37:32 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll [2013/10/11 06:37:24 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll [2013/10/11 06:37:16 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll [2013/10/11 06:37:16 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll [2013/10/11 06:37:15 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe [2013/10/11 06:37:15 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe [2013/10/11 06:37:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe [2013/10/11 06:33:20 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll [2013/10/11 06:33:19 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationCFFRasterizerNative_v0300.dll [2013/10/11 06:32:51 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scavengeui.dll [2013/10/04 09:51:41 | 000,000,000 | ---D | C] -- C:\windows\ERUNT [2013/10/04 09:29:58 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2013/10/01 07:21:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013/09/21 09:15:28 | 000,000,000 | ---D | C] -- C:\65cfbfdefc72971885b98fd6a91a [2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/10/17 08:36:27 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2013/10/17 08:16:57 | 000,015,792 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/10/17 08:16:57 | 000,015,792 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/10/17 08:05:41 | 000,000,435 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts.ics [2013/10/17 08:04:40 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2013/10/17 08:04:36 | 2312,089,600 | -HS- | M] () -- C:\hiberfil.sys [2013/10/17 08:03:48 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat [2013/10/16 07:50:03 | 000,780,196 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2013/10/16 07:50:03 | 000,660,998 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2013/10/16 07:50:03 | 000,121,636 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2013/10/16 07:25:01 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013/10/15 17:47:28 | 001,033,335 | ---- | M] (Thisisu) -- C:\Users\Tim\Desktop\JRT_NEW.exe [2013/10/13 17:17:16 | 000,275,712 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT [2013/10/11 07:38:01 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe [2013/10/11 07:38:01 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl [2013/10/11 06:53:37 | 000,774,412 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI [2013/10/04 06:04:46 | 000,000,108 | ---- | M] () -- C:\Users\Tim\AppData\Roaming\WB.CFG [2013/10/04 06:04:45 | 000,000,006 | ---- | M] () -- C:\Users\Tim\AppData\Roaming\WBPU-TTL.DAT [2013/09/22 17:27:49 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll [2013/09/22 17:27:48 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll [2013/09/22 17:27:48 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll [2013/09/22 17:27:48 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll [2013/09/22 17:27:48 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll [2013/09/22 16:55:16 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe [2013/09/22 16:54:55 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll [2013/09/22 16:54:51 | 003,959,296 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll [2013/09/22 16:54:51 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll [2013/09/22 16:54:50 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll [2013/09/22 16:54:50 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll [2013/09/22 16:54:50 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll [2013/09/22 16:54:50 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll [2013/09/20 20:48:36 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe [2013/09/20 20:39:47 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe [2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/10/17 08:03:48 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat [2013/10/16 07:25:01 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013/08/11 16:59:14 | 000,000,108 | ---- | C] () -- C:\Users\Tim\AppData\Roaming\WB.CFG [2013/08/11 16:59:14 | 000,000,006 | ---- | C] () -- C:\Users\Tim\AppData\Roaming\WBPU-TTL.DAT [2011/12/27 11:22:16 | 000,000,064 | ---- | C] () -- C:\windows\GPlrLanc.dat [2011/12/24 12:16:01 | 000,008,772 | -HS- | C] () -- C:\Users\Tim\AppData\Local\1me7mvbum2i115t26l14nwr [2011/12/24 12:16:01 | 000,008,772 | -HS- | C] () -- C:\ProgramData\1me7mvbum2i115t26l14nwr ========== ZeroAccess Check ========== [2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 20:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 19:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2011/04/25 20:07:30 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Temp [2011/04/25 20:07:30 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Temp [2013/07/02 09:15:54 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\337 Wallpaper [2011/06/12 21:05:20 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012/07/13 21:58:42 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\CompuClever [2013/06/15 11:44:48 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\Garmin [2013/06/28 10:36:09 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\player [2011/06/21 22:44:41 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\Smith Micro [2013/10/11 10:16:19 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\SoftGrid Client [2011/04/24 19:06:53 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\Temp [2013/10/17 07:29:51 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\Toshiba [2011/04/30 20:13:12 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\TP [2011/04/18 16:02:49 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\Wal-Mart [2011/04/12 06:03:03 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\WinBatch ========== Purity Check ========== < End of report >
  13. CKScanner 2.4 - Additional Security Risks - These are not necessarily bad c:\users\tim\music\itunes\itunes media\music\compilations\above the rim\14 crack 'em.m4a c:\users\tim\music\itunes\itunes media\music\hootie & the blowfish\cracked rear view\01 hannah jane.m4a c:\users\tim\music\itunes\itunes media\music\hootie & the blowfish\cracked rear view\02 hold my hand.m4a c:\users\tim\music\itunes\itunes media\music\hootie & the blowfish\cracked rear view\03 let her cry.m4a c:\users\tim\music\itunes\itunes media\music\hootie & the blowfish\cracked rear view\04 only wanna be with you.m4a c:\users\tim\music\itunes\itunes media\music\hootie & the blowfish\cracked rear view\05 running from an angel.m4a c:\users\tim\music\itunes\itunes media\music\hootie & the blowfish\cracked rear view\06 i'm goin' home.m4a c:\users\tim\music\itunes\itunes media\music\hootie & the blowfish\cracked rear view\07 drowning.m4a c:\users\tim\music\itunes\itunes media\music\hootie & the blowfish\cracked rear view\08 time.m4a c:\users\tim\music\itunes\itunes media\music\hootie & the blowfish\cracked rear view\09 look away.m4a c:\users\tim\music\itunes\itunes media\music\hootie & the blowfish\cracked rear view\10 not even the trees.m4a c:\users\tim\music\itunes\itunes media\music\hootie & the blowfish\cracked rear view\11 goodbye.m4a c:\users\tim\music\itunes\itunes media\music\hootie & the blowfish\cracked rear view\12 cracked rear view.m4a scanner sequence 3.DI.11.CKAPOZ ----- EOF -----
  14. So do I need to defrag too?
  15. Malwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Database version: v2013.10.16.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16721 Tim :: TIM-PC [administrator] Protection: Enabled 10/16/2013 7:27:26 AM mbam-log-2013-10-16 (07-27-26).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 211706 Time elapsed: 11 minute(s), 32 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 3 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0A4D512D-697E-4AD5-872D-5A9941AF6EBB} (PUP.Optional.MyScrapNook.A) -> No action taken. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F90A5A0D-CD98-49CC-9AA7-9CD11C7478BF} (Trojan.BHO) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F90A5A0D-CD98-49CC-9AA7-9CD11C7478BF} (Trojan.BHO) -> Quarantined and deleted successfully. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 10 C:\Users\Tim\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.Delta.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\mt_ffx\Delta\delta (PUP.Optional.Delta.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.22.0 (PUP.Optional.Delta.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3131886 (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3131886\xpi (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3244149 (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3294791 (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3294791\xpi (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3294791\xpi\defaults (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3294791\xpi\defaults\preferences (PUP.Optional.Conduit.A) -> No action taken. Files Detected: 90 C:\$Recycle.Bin\S-1-5-21-419008064-1442257413-3684721255-1000\$R9LEYAX.exe (PUP.Optional.Bandoo) -> No action taken. C:\$Recycle.Bin\S-1-5-21-419008064-1442257413-3684721255-1000\$R9P3QFR.exe (PUP.Optional.Bandoo) -> No action taken. C:\$Recycle.Bin\S-1-5-21-419008064-1442257413-3684721255-1000\$RCPBO2O.exe (PUP.AdBundle) -> No action taken. C:\$Recycle.Bin\S-1-5-21-419008064-1442257413-3684721255-1000\$RCSWXWH.exe (PUP.Optional.InstallIQ.A) -> No action taken. C:\$Recycle.Bin\S-1-5-21-419008064-1442257413-3684721255-1000\$RI59B4V.exe (PUP.Bundle.Installer.OI) -> No action taken. C:\$Recycle.Bin\S-1-5-21-419008064-1442257413-3684721255-1000\$RMA2M0J.exe (PUP.Optional.Bandoo) -> No action taken. C:\$Recycle.Bin\S-1-5-21-419008064-1442257413-3684721255-1000\$RNTRLEY.exe (PUP.Optional.Bandoo) -> No action taken. C:\$Recycle.Bin\S-1-5-21-419008064-1442257413-3684721255-1000\$ROZAAXM.exe (PUP.AdBundle) -> No action taken. C:\$Recycle.Bin\S-1-5-21-419008064-1442257413-3684721255-1000\$RQBWPF1.exe (PUP.MSIL.Launcher) -> No action taken. C:\$Recycle.Bin\S-1-5-21-419008064-1442257413-3684721255-1000\$RSFOTJK.exe (PUP.Optional.Bandoo) -> No action taken. C:\$Recycle.Bin\S-1-5-21-419008064-1442257413-3684721255-1000\$RTW74O6.exe (PUP.Optional.Bandoo) -> No action taken. C:\$Recycle.Bin\S-1-5-21-419008064-1442257413-3684721255-1000\$RVQW98H.exe (PUP.Optional.Bandoo) -> No action taken. C:\$Recycle.Bin\S-1-5-21-419008064-1442257413-3684721255-1000\$RX30MYH.exe (PUP.Optional.Bandoo) -> No action taken. C:\$Recycle.Bin\S-1-5-21-419008064-1442257413-3684721255-1000\$RY7Z9D6.exe (PUP.AdBundle) -> No action taken. C:\$Recycle.Bin\S-1-5-21-419008064-1442257413-3684721255-1000\$RZIXYPV.exe (PUP.Optional.Bandoo) -> No action taken. C:\Users\Tim\AppData\Local\Temp\nsc2214.exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\nsdC330.exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\nsdEACF.exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\nsf9044.exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\nsm483.exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\nspA840.exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\nsqDB74.exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ToolbarHelper.exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\B39E1D19-BAB0-7891-888A-D2287C314026\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\B39E1D19-BAB0-7891-888A-D2287C314026\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\B39E1D19-BAB0-7891-888A-D2287C314026\Latest\BUSolution.dll (PUP.Optional.BabSolution.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\B39E1D19-BAB0-7891-888A-D2287C314026\Latest\ccp.exe (PUP.Babylon.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\B39E1D19-BAB0-7891-888A-D2287C314026\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\B39E1D19-BAB0-7891-888A-D2287C314026\Latest\MntrDLLInstall.dll (PUP.Optional.Babylon.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\B39E1D19-BAB0-7891-888A-D2287C314026\Latest\MyDeltaTB.exe (PUP.Delta.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\B39E1D19-BAB0-7891-888A-D2287C314026\Latest\NTRedirect.dll (PUP.Optional.Babylon.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\B39E1D19-BAB0-7891-888A-D2287C314026\Latest\Setup.exe (PUP.Babylon.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3294791\chLogic.exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3294791\ctbe.exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3294791\ffLogic.exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3294791\ieLogic.exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3294791\spch.exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3294791\spff.exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3294791\statisticsStub.exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3294791\stub.exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\DM\Player_Setup(1).exe\installer.exe (PUP.MSIL.Launcher) -> No action taken. C:\Users\Tim\AppData\Local\Temp\DM\Player_Setup(1).exe\setup__120.exe (PUP.Optional.Amonetize.AS) -> No action taken. C:\Users\Tim\AppData\Local\Temp\DM\Player_Setup(1).exe\software\Desk365.exe (PUP.Optional.Desk365.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\DM\Player_Setup(1).exe\software\OptimizerPro.exe (PUP.Optional.OptimizePro.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\is135653842\MyBabylonTB.exe (PUP.Optional.Babylon.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\is135653842\SaveTheChildren_20120320.msi (PUP.Optional.WeCare.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\is357113909\146803733_Setup.EXE (PUP.Optional.LyricXeeker.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\is357113909\DeltaTB.exe (PUP.Optional.Babylon.A) -> No action taken. C:\Windows\Temp\Optimizer_Pro.exe (PUP.Optional.OptimizerPro.A) -> No action taken. C:\Users\Tim\Downloads\angry-birds-rio.exe (PUP.AdBundle) -> No action taken. C:\Users\Tim\Downloads\iLividSetup.exe (PUP.Optional.Bandoo) -> No action taken. C:\Users\Tim\Downloads\iLividSetupV1.exe (PUP.Optional.Bandoo) -> No action taken. C:\Users\Tim\Downloads\movie_player_1280.exe (PUP.Optional.InstallIQ.A) -> No action taken. C:\Users\Tim\Downloads\mplayer_Setup.exe (PUP.Bundle.Installer.OI) -> No action taken. C:\Users\Tim\Downloads\MyTopFreeGames_UnlockGames.exe (PUP.BundleInstaller.OI) -> No action taken. C:\Users\Tim\Downloads\Player_Setup.exe (PUP.MSIL.Launcher) -> No action taken. C:\Users\Tim\Downloads\setup.exe (PUP.Optional.InstallCore.A) -> No action taken. C:\Users\Tim\Downloads\video_downloader.exe (PUP.BundleInstaller.VG) -> No action taken. C:\Users\Tim\Downloads\ZipOpenerSetup.exe (PUP.Optional.Installcore) -> No action taken. C:\Users\Tim\Local Settings\Temporary Internet Files\Content.IE5\7Y2KQ66W\component_libcef_1.1364.1123[1].exe (PUP.Optional.Desk365.A) -> No action taken. C:\Users\Tim\Local Settings\Temporary Internet Files\Content.IE5\7Y2KQ66W\stublogic[1].exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\Local Settings\Temporary Internet Files\Content.IE5\7Y2KQ66W\Vafmusic2[1].exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\Local Settings\Temporary Internet Files\Content.IE5\7Y2KQ66W\Wallpaper[1].exe (PUP.Optional.Desk365.A) -> No action taken. C:\Users\Tim\Local Settings\Temporary Internet Files\Content.IE5\SGJT8CZL\checktbexist[1].exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\Local Settings\Temporary Internet Files\Content.IE5\SGJT8CZL\SPSetup[1].exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\Local Settings\Temporary Internet Files\Content.IE5\SGJT8CZL\Vafmusic2_wpf[1].exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\Local Settings\Temporary Internet Files\Content.IE5\SKJC8I7N\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\Local Settings\Temporary Internet Files\Content.IE5\SNDQSNM7\pack[1].7z (PUP.Optional.PerformerSoft.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3131886\CT3131886.xpi (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3131886\ffLogic.exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3131886\ieLogic.exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3131886\statisticsStub.exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3131886\version.txt (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3131886\xpi\install.rdf (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3244149\ieLogic.exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3244149\statisticsStub.exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3294791\chromeid.txt (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3294791\conduit.xml (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3294791\CT3294791.txt (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3294791\CT3294791.xpi (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3294791\initData.json (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3294791\manifest.json (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3294791\setup.ini.txt (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3294791\version.txt (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3294791\xpi\install.rdf (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\ct3294791\xpi\defaults\preferences\defaults.js (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Tim\AppData\Local\Temp\DM\Player_Setup(1).exe\Player_Setup(1).exe (Adware.DomaIQ) -> Quarantined and deleted successfully. C:\Users\Tim\AppData\Local\Temp\DM\Player_Setup(1).exe\software\Player_Setup.exe (Trojan.DomaIQ) -> Quarantined and deleted successfully. C:\Users\Tim\AppData\Local\Temp\is135653842\IWantThis_US.exe (Adware.GamePlayLabs) -> Quarantined and deleted successfully. (end)