help may have virus


Recommended Posts

 

Howdy and welcome to BestTechie !!!  

My name is flashh4 (Chuck) and i will be assisting you with the cleaning of your computer.

Run these 1 at a time & post each log as you get it ! Work them as your time permits you to !!

If you don't understand something, please don't hesitate to ask for clarification before proceeding !!! You can PM me if you need to !!

Perform all actions in the order given.

Please stay with us until we give you the "All Clean Speech"! Just because the problem has stopped it may still need some clean-up !  

Do Not Remove anything or run any tools/programs until advised to do so !


Please note that all instructions given are customized for this computer only, the tools used may cause damage if used on a computer with different infections.  

If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.  


===================================


AdwCleaner
       
Please download http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner]  by Xplode onto your desktop.
Double click on AdwCleaner.exe to run the tool again.
       Windows XP : Double click on the icon to run it.

       Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

    *Click on the Scan button.
    *AdwCleaner will begin to scan your computer like it did before.
    *After the scan has finished .......
    
    This time, click on the "Clean" button.
    
    *Press OK when asked to close all programs and follow the onscreen prompts.
    *Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    *After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
    *Copy and paste the contents of that logfile in your next reply.
    *A copy of that logfile will also be saved in the C:\AdwCleaner folder.


NEXT


    Please download http://thisisudax.org/downloads/JRT.exe]JUNKWARE Removal Tool and save to your desk top.

    Shut down your protection software now to avoid potential conflicts.

    * Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    * The tool will open and start scanning your system.
    * Please be patient as this can take a while to complete depending on your system's specifications.
    * On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    * Post the contents of JRT.txt into your next reply !

Re-Boot your computer now !!


NEXT


    Download the free version Malwarebytes' Anti-Malware (save it to your desktop).  >>> https://www.malwarebytes.org/antimalware/
     
      * Windows XP : Double click on the icon to run it.
      *  Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
      *  Select Scan tab.


* Select type of scan to perform:


   
  * Threat Scan < --- Select this type of scan
  * Custom Scan
  * Hyper Scan

Next click the Scan button.

When the scan is complete, if no malicious items are found you can close the program.

If malicious items are found be sure that everything is checked, and click Quarantine .

When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
 
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.

 

So i will need the logs from:

1. AdwCleaner log

2. Jrt txt. or Junkware Removal Log

3. Malwarebytes log

 

Thanks

Chuck

Link to post
Share on other sites
# AdwCleaner v5.201 - Logfile created 11/07/2016 at 15:36:36
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-10.3 [Server]
# Operating system : Windows 10 Home  (X64)
# Username : melsmile - MELS
# Running from : C:\Users\melsmile\Downloads\adwcleaner_5.201.exe
# Option : Clean
# Support : https://toolslib.net/forum
 
***** [ Services ] *****
 
[-] Service Deleted : YahooAUService
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\ProgramData\iwin games
[-] Folder Deleted : C:\ProgramData\Tarma Installer
[-] Folder Deleted : C:\ProgramData\w3i
[-] Folder Deleted : C:\ProgramData\Yahoo! Companion
[-] Folder Deleted : C:\ProgramData\7979e9cf-4195-1
[-] Folder Deleted : C:\ProgramData\7979e9cf-6b03-0
[-] Folder Deleted : C:\ProgramData\f9899d18
[-] Folder Deleted : C:\ProgramData\{035ca534-012c-1}
[-] Folder Deleted : C:\ProgramData\{176b9ba8-412c-0}
[#] Folder Deleted : C:\ProgramData\Application Data\iwin games
[#] Folder Deleted : C:\ProgramData\Application Data\Tarma Installer
[#] Folder Deleted : C:\ProgramData\Application Data\w3i
[#] Folder Deleted : C:\ProgramData\Application Data\Yahoo! Companion
[#] Folder Deleted : C:\ProgramData\Application Data\7979e9cf-4195-1
[#] Folder Deleted : C:\ProgramData\Application Data\7979e9cf-6b03-0
[#] Folder Deleted : C:\ProgramData\Application Data\f9899d18
[#] Folder Deleted : C:\ProgramData\Application Data\{035ca534-012c-1}
[#] Folder Deleted : C:\ProgramData\Application Data\{176b9ba8-412c-0}
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iwin games
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iWin.com Games
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Helper
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoBuzz
[-] Folder Deleted : C:\Program Files (x86)\iwin games
[-] Folder Deleted : C:\Program Files (x86)\iWin.com Games
[-] Folder Deleted : C:\Program Files (x86)\w3i
[-] Folder Deleted : C:\Program Files (x86)\Yahoo!\Companion
[-] Folder Deleted : C:\Program Files (x86)\VideoBuzz
[-] Folder Deleted : C:\Users\melsmile\AppData\LocalLow\Yahoo! Companion
[-] Folder Deleted : C:\Users\melsmile\AppData\LocalLow\Yahoo!\Companion
[-] Folder Deleted : C:\Users\melsmile\AppData\Roaming\pccustubinstaller
[-] Folder Deleted : C:\Users\melsmile\AppData\Roaming\Yahoo!\Companion
[-] Folder Deleted : C:\Users\melsmile\AppData\Roaming\VideoBuzz
[-] Folder Deleted : C:\Users\Guest\AppData\LocalLow\visi_coupon
[-] Folder Deleted : C:\Users\Guest\AppData\LocalLow\Yahoo! Companion
[-] Folder Deleted : C:\Users\Guest\AppData\LocalLow\Yahoo!\Companion
[-] Folder Deleted : C:\Users\Guest\AppData\LocalLow\YahooCouponAddOn
[-] Folder Deleted : C:\Users\melsmile\AppData\Roaming\Mozilla\Firefox\Profiles\a0hst0i8.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
 
***** [ Files ] *****
 
[-] File Deleted : C:\Program Files (x86)\Yahoo!\Common\unyt.exe
[-] File Deleted : C:\WINDOWS\SysWOW64\lavasofttcpservice.dll
[-] File Deleted : C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
[-] File Deleted : C:\Users\melsmile\AppData\Roaming\Mozilla\Firefox\Profiles\a0hst0i8.default\searchplugins\bing-lavasoft.xml
[-] File Deleted : C:\WINDOWS\SysNative\LavasoftTcpService64.dll
[-] File Deleted : C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini
 
***** [ DLLs ] *****
 

***** [ WMI ] *****
 

***** [ Shortcuts ] *****
 

***** [ Scheduled tasks ] *****
 

***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\yt.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ytbbroker.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\s
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
[-] Value Deleted : HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION [winwb.exe]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{f9899d18}
[-] Key Deleted : HKLM\SOFTWARE\Classes\GameTreatWidget.GameTreatWidget.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
[-] Key Deleted : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
[-] Key Deleted : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
[-] Key Deleted : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
[-] Key Deleted : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
[-] Key Deleted : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
[-] Key Deleted : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
[-] Key Deleted : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
[-] Key Deleted : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Sample.BrowserHandler
[-] Key Deleted : HKLM\SOFTWARE\Classes\Sample.BrowserHandler.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Sample.YTBPartnerSample
[-] Key Deleted : HKLM\SOFTWARE\Classes\Sample.YTBPartnerSample.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[-] Key Deleted : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\yt.CacheLoader
[-] Key Deleted : HKLM\SOFTWARE\Classes\yt.CacheLoader.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\yt.Clickstream
[-] Key Deleted : HKLM\SOFTWARE\Classes\yt.Clickstream.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\yt.YTHelper
[-] Key Deleted : HKLM\SOFTWARE\Classes\yt.YTHelper.2
[-] Key Deleted : HKLM\SOFTWARE\Classes\yt.YToolbarBand
[-] Key Deleted : HKLM\SOFTWARE\Classes\yt.YToolbarBand.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ytbbroker.YTBAutoSearchAssistant
[-] Key Deleted : HKLM\SOFTWARE\Classes\ytbbroker.YTBAutoSearchAssistant.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ytbbroker.YTBAutoUpdaterAssistant
[-] Key Deleted : HKLM\SOFTWARE\Classes\ytbbroker.YTBAutoUpdaterAssistant.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ytbbroker.YTBCustomizerAssistant
[-] Key Deleted : HKLM\SOFTWARE\Classes\ytbbroker.YTBCustomizerAssistant.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ytbbroker.YTBGeneralAssistant
[-] Key Deleted : HKLM\SOFTWARE\Classes\ytbbroker.YTBGeneralAssistant.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ytbbroker.YTBMessengerAssistant
[-] Key Deleted : HKLM\SOFTWARE\Classes\ytbbroker.YTBMessengerAssistant.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ytbbroker.YTBSingleInstanceAssistant
[-] Key Deleted : HKLM\SOFTWARE\Classes\ytbbroker.YTBSingleInstanceAssistant.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YTNavAssist.NameSpaceCF
[-] Key Deleted : HKLM\SOFTWARE\Classes\YTNavAssist.NameSpaceCF.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YTNavAssist.NameSpacePP
[-] Key Deleted : HKLM\SOFTWARE\Classes\YTNavAssist.NameSpacePP.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1CAE874F-F5C7-4BCC-BA46-9AD26DF35B93}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EFC0651C-B6D7-49CD-A6E0-B1CE9AB5FE46}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7375D127-3955-4654-8E7D-1949A7A9C902}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1E57256D-9F39-4267-AB39-D7813D644C5A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31371420-098D-4C0E-A11E-EBEC2305DD01}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A06AA27-D94B-48C2-BB55-9FD0FF2120E3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{46140CE4-76FE-440E-AE88-4C2272BC05C7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F9C4C5C-2BA8-4E00-A697-9F710BB1026B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FBE30D66-39A2-4b72-8B43-6D4C335A6F34}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DB507187-9746-458C-97DA-C458131EEDE7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F56ACA29-1C99-40F1-AC64-2E44C4F6BC71}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{29E3319C-4B3C-479F-8692-BDD2CA30BEDD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{367BD1CD-74A3-451F-B1A4-6A2DE4129A2D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63B73044-FC1A-4FE1-991B-FDBD4CDAA868}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{371AD4A5-1520-4AA2-A8A4-F9AD3BAC6957}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7F124846-5453-4BB8-A41D-E11481FFC9DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FD65019-BF09-45DA-AD81-E95AE911F1FD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{61A2027D-B837-4080-A925-6E30E10DEF32}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F6C2BABA-9E4C-425F-9AEC-24AB8F2B640D}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}]
[-] Key Deleted : HKCU\Software\MyWebSearch
[-] Key Deleted : HKCU\Software\System Healer
[-] Key Deleted : HKCU\Software\wecarereminder
[-] Key Deleted : HKCU\Software\Yahoo\Companion
[-] Key Deleted : HKCU\Software\Yahoo\YFriendsBar
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
[-] Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
[-] Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\Fun Web Products
[-] Key Deleted : HKLM\SOFTWARE\InstallIQ
[-] Key Deleted : HKLM\SOFTWARE\MyWebSearch
[-] Key Deleted : HKLM\SOFTWARE\Yahoo\Companion
[-] Key Deleted : HKLM\SOFTWARE\Lavasoft\Web Companion
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{730E03E4-350E-48E5-9D3E-4329903D454D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
[-] Key Deleted : [x64] HKLM\SOFTWARE\WebBar
[-] Key Deleted : HKU\.DEFAULT\Software\Yahoo\Companion
[-] Key Deleted : HKU\.DEFAULT\Software\Yahoo\YFriendsBar
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\Yahoo\Companion
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2138707345-1064427414-1915588179-1001\Software\Yahoo\Companion
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2138707345-1064427414-1915588179-1001\Software\Yahoo\YFriendsBar
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\E5C2FB287A9731A45B805D6EA4B541E1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\C3F6D7A0BA2FDE84EB329997B1FF786D
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\4E30E037E0535E84D9E3349209D354D4
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\E5C2FB287A9731A45B805D6EA4B541E1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\C3F6D7A0BA2FDE84EB329997B1FF786D
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\4E30E037E0535E84D9E3349209D354D4
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E5C2FB287A9731A45B805D6EA4B541E1
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C3F6D7A0BA2FDE84EB329997B1FF786D
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4E30E037E0535E84D9E3349209D354D4
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{1fccf46e-b704-44cf-879d-91bae4799118} [NameServer]
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{94b0d170-7c42-40b4-864c-27f7ca156ac2} [NameServer]
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{94cd0508-a03f-411c-9e08-b3f3345e14dd} [NameServer]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\coupontime.co
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pricepeep.net
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.coupontime00.coupontime.co
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.pricepeep00.pricepeep.net
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\translation.babylon.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\utop.it
[-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\coupontime.co
[-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.coupontime00.coupontime.co
[-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\utop.it
[-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\coupontime.co
[-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.coupontime00.coupontime.co
[-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\utop.it
 
***** [ Web browsers ] *****
 
[-] [C:\Users\melsmile\AppData\Roaming\Mozilla\Firefox\Profiles\a0hst0i8.default\prefs.js] Deleted : user_pref("browser.startup.homepage", "hxxp://www.bing.com/?pc=COSP&ptag=D051316-A7CC6EA01761F42C6B1F&form=CONMHP&conlogo=CT3331971");
[-] [C:\Users\melsmile\AppData\Roaming\Mozilla\Firefox\Profiles\a0hst0i8.default\prefs.js] Deleted : user_pref("browser.newtab.url", "hxxp://www.bing.com/?pc=COSP&ptag=D051316-A7CC6EA01761F42C6B1F&form=CONMHP&conlogo=CT3331971");
[-] [C:\Users\melsmile\AppData\Roaming\Mozilla\Firefox\Profiles\a0hst0i8.default\prefs.js] Deleted : user_pref("browser.newtabpage.url", "hxxp://www.bing.com/?pc=COSP&ptag=D051316-A7CC6EA01761F42C6B1F&form=CONMHP&conlogo=CT3331971");
[-] [C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [20523 bytes] - [11/07/2016 15:36:36]
C:\AdwCleaner\AdwCleaner[S1].txt - [20836 bytes] - [11/07/2016 15:30:12]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [20671 bytes] ##########
Link to post
Share on other sites

Mel, good job getting me the first log ! You sure do need a good cleaning so that computer will run better when we are done !! Post the next log when you get it !

Thanks

Chuck

Link to post
Share on other sites
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Home x64
Ran by melsmile (Administrator) on Mon 07/11/2016 at 16:02:57.41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 

File System: 3
 
Successfully deleted: C:\WINDOWS\system32\Tasks\PCDEventLauncherTask (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\PCDoctorBackgroundMonitorTask (Task)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERUPDATEUI.EXE-DB70E5FC.pf (File)
 
 
 
Registry: 1
 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{75DA68B2-3E6D-482D-A02C-B788CE9A0878} (Registry Key)
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 07/11/2016 at 16:06:11.42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to post
Share on other sites

Mel that's ok about the Malwarebytes log, lots of people have problems with getting it ! As long as it deleted/removed everything.

Ok 1 more i want you to run !!

Download OldTimer to your desk top !
Links: http://oldtimer.geekstogo.com/OTL.com http://oldtimer.geekstogo.com/OTL.scr  
 
If you already have a copy of OTL delete it and use this version.  (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).

* Double click OTL.exe to launch the program.
* Check the following.

o Scan all users.
o Standard Output. o Lop check.
o Purity check. oExtra Registry > Use SafeList  

* Under Extra Registry section, select Use SafeList
* Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
* When finished it will produce two logs.

o OTL.txt (open on your desktop).
o Extras.txt (minimised in your taskbar) The Extras.txt file will only appear the very first time you run OTL.

* Please post me both logs. This may have to be broken into more than one post !   

 

Post that log next !

Thanks

Chuck

Link to post
Share on other sites

OTL logfile created on: 7/11/2016 5:20:02 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\melsmile\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10586.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
5.87 Gb Total Physical Memory | 2.88 Gb Available Physical Memory | 49.07% Memory free
6.81 Gb Paging File | 3.75 Gb Available in Paging File | 55.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.94 Gb Total Space | 380.07 Gb Free Space | 84.10% Space Free | Partition Type: NTFS
 
Computer Name: MELS | User Name: melsmile | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - File not found --
PRC - [2016/07/11 17:00:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\melsmile\Downloads\OTL.com
PRC - [2016/07/11 14:07:33 | 008,900,328 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2016/07/05 06:53:24 | 000,197,128 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2016/06/25 01:45:12 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2016/05/14 09:58:47 | 000,554,184 | ---- | M] (Microsoft Corporation) -- C:\Users\melsmile\AppData\Local\Microsoft\OneDrive\OneDrive.exe
PRC - [2016/04/19 09:28:48 | 000,144,384 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
PRC - [2016/04/08 15:38:16 | 003,790,936 | ---- | M] (Google, Inc) -- C:\Users\melsmile\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe
PRC - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2016/03/10 14:07:20 | 009,926,112 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2015/08/27 19:20:12 | 000,291,744 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe
PRC - [2015/06/18 15:21:10 | 000,135,408 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
PRC - [2015/03/02 02:03:36 | 002,477,056 | ---- | M] (MyHeritage) -- C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
PRC - [2013/09/12 09:55:56 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2013/09/12 09:55:20 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2013/08/07 15:24:00 | 000,287,592 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2013/08/07 15:24:00 | 000,015,720 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2013/03/04 20:43:20 | 000,110,144 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2011/10/11 15:43:16 | 000,109,184 | ---- | M] (Conexant Systems, Inc.) -- C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe
PRC - [2011/04/29 19:30:10 | 000,566,688 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
PRC - [2011/04/29 19:30:08 | 001,770,400 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
PRC - [2011/04/03 14:39:42 | 001,658,272 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/04/21 14:00:54 | 000,073,728 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\Kodak\MediaImpression SE\ArcMonitor.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2016/07/05 20:24:55 | 001,624,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\387d8c4acd15ff2d479ebd491edb8e51\System.Drawing.ni.dll
MOD - [2016/07/05 06:53:40 | 048,936,448 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2016/07/05 06:53:25 | 000,479,288 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll
MOD - [2016/07/05 06:53:25 | 000,146,232 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2016/05/14 09:58:30 | 000,679,624 | ---- | M] () -- C:\Users\melsmile\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
MOD - [2016/05/13 20:39:52 | 007,378,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\e1be3ec32aa5187ec7d760c55c55f6c0\System.Xml.ni.dll
MOD - [2016/05/13 20:39:43 | 002,772,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\2f18aee9e26301da57394e94416a20ba\System.Runtime.Serialization.ni.dll
MOD - [2016/05/13 20:39:40 | 000,970,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\d1e6c00e339d9f64674d3a9e74403a7e\System.Configuration.ni.dll
MOD - [2016/05/13 20:39:11 | 007,498,240 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\ea350a39df1334a4911cc92f58c85dd0\System.Core.ni.dll
MOD - [2016/05/13 20:39:05 | 009,983,488 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\3a4f0a84904c4b568b6621b30306261c\System.ni.dll
MOD - [2016/04/22 17:33:58 | 018,127,536 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\b1ea5171f48fa1865ea45dd904735573\mscorlib.ni.dll
MOD - [2016/04/19 09:28:48 | 022,284,800 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
MOD - [2016/04/19 09:28:48 | 000,144,384 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
MOD - [2016/04/19 09:28:48 | 000,141,312 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
MOD - [2016/04/08 15:35:20 | 003,481,600 | ---- | M] () -- C:\Users\melsmile\AppData\Local\Programs\Google\Google Photos Backup\gpuploader_i18n.dll
MOD - [2013/03/05 12:41:36 | 000,015,424 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2013/03/04 20:40:16 | 000,626,240 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2011/02/15 15:16:44 | 007,187,456 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll
MOD - [2011/02/15 15:15:58 | 000,325,632 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll
MOD - [2011/02/15 15:15:52 | 001,954,304 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll
MOD - [2011/02/15 15:15:52 | 000,847,360 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll
MOD - [2011/02/15 14:25:30 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2016/06/25 01:45:12 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2016/05/27 22:49:54 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2016/05/27 21:14:46 | 000,200,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2016/04/22 20:45:56 | 000,461,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2016/04/22 11:29:50 | 000,031,928 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe -- (SupportAssistAgent)
SRV - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2016/02/23 23:07:45 | 000,949,248 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2015/10/30 00:18:31 | 002,179,584 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2015/10/30 00:18:31 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\lfsvc.dll -- (lfsvc)
SRV - [2015/10/30 00:18:23 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2015/08/27 19:20:12 | 000,291,744 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2015/06/18 15:21:10 | 000,135,408 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe -- (ibtsiva.exe)
SRV - [2013/09/18 23:38:44 | 000,157,128 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe -- (Intel(R)
SRV - [2013/09/12 09:55:56 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/09/12 09:55:20 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/06/19 12:33:06 | 000,173,056 | ---- | M] (Dell Products, LP.) [Auto | Stopped] -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2012/04/24 15:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2011/04/29 19:30:10 | 000,566,688 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2015/10/30 00:17:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys -- (CompositeBus)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {75DA68B2-3E6D-482D-A02C-B788CE9A0878}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{75DA68B2-3E6D-482D-A02C-B788CE9A0878}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
 
IE - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\melsmile\Pictures
IE - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
IE - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/
IE - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = E5 8F 3F 81 2D 48 D1 01  [binary data]
IE - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = 01 00 00 00 1A 00 00 00 34 53 E0 19 4F 01 4F 32 3D A1 28 4B AE F3 4D 85 41 D5 23 77 74 4C A9 80 1F 8B 02 00 00 00 10 00 00 00 70 6B 2F 4C 6F 25 32 62 41 4A 48 47 49 25 33 64  [binary data]
IE - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001\..\SearchScopes,DefaultScope = {85CCEFFF-502A-4063-87F5-22B6F55D6ADC}
IE - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.countryCode: "US"

Link to post
Share on other sites

M - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\melsmile\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10586.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
5.87 Gb Total Physical Memory | 2.88 Gb Available Physical Memory | 49.07% Memory free
6.81 Gb Paging File | 3.75 Gb Available in Paging File | 55.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.94 Gb Total Space | 380.07 Gb Free Space | 84.10% Space Free | Partition Type: NTFS
 
Computer Name: MELS | User Name: melsmile | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = ] -- Reg Error: Key error. File not found
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{239396E0-7F5E-4AD1-9A12-75982D38C00C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{5A4350F4-A335-4E3A-A2A0-070A2EB1AD1D}" = lport=19540 | protocol=17 | dir=in | name=sxuptp |
"{C3349D47-689A-47F4-885D-262115F4B64B}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{C86AF6B5-F897-453F-A843-A411806926E5}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003A5DF9-72FF-4949-B94C-45B84919B5E9}" = dir=in | name=xbox |
"{02591E5A-95C6-4943-997E-432DE5B26184}" = dir=in | name=juniper networks junos pulse |
"{02A8FB16-4160-43A7-88D0-A3E557972F0F}" = dir=in | app=c:\program files\intel corporation\intel widi\widiapp.exe |
"{043C9756-4C28-491F-85ED-4CC13B13A68D}" = dir=in | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{0A891DC1-329C-461E-81D4-3D3F4E961E1E}" = dir=out | name=drums |
"{0DA34931-FFC7-4ABB-B98E-8E96E82B5A22}" = dir=out | name=microsoft mahjong |
"{10DEF11D-E361-4433-8AFF-12DFC2868B2F}" = dir=out | name=@{microsoft.accountscontrol_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{11CC0C75-C020-4DC6-81A4-49F7D055DA3C}" = dir=out | name=amazon |
"{12B04377-3E6A-43D0-87AE-B99C02ABF7D9}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{14EF1AA1-39D3-46DD-BAF7-3A6906641430}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{157E4201-1E10-4400-974E-8D2936B978C6}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{15FF6159-5260-452D-B24F-2A25D85F175D}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{16D5F16B-45FB-45F4-A0B8-9849C0D54AC4}" = dir=in | name=@{microsoft.bingnews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{17D854F8-DF0E-475E-9372-45F1E2B1DB5A}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{19D3B29F-668E-42AD-9BA7-C5916E1BB23D}" = dir=in | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{1A6A5199-8D28-44BC-99E0-8B487E472471}" = dir=out | name=onenote |
"{1B59344E-F05C-4E4E-9B6A-00D09ACEEF65}" = dir=out | name=@{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} |
"{1FA9146F-0DEC-4F9B-8011-D51B7DA787D0}" = dir=in | name=canon inkjet print utility |
"{2274D1FB-171E-469C-8D36-D72195F087C2}" = dir=out | name=@{microsoft.microsoftofficehub_17.7031.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{23F36992-8501-4785-A87E-690ACBB6D716}" = dir=in | name=@{microsoft.bingfinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{243FA30F-9560-4261-BC3F-42A67F1AC009}" = dir=in | name=@{microsoft.windowsstore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{25333B16-3F20-4B51-8663-7B0D6285B92E}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{25F2268D-975A-4B8D-A4A4-8710E3C7C382}" = dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{26FED854-75FA-4BBB-A675-4B4EDB311299}" = dir=in | name=taptiles |
"{2732F321-4597-4C05-BC22-E9441CDC7145}" = dir=out | name=@{microsoft.zunevideo_3.6.21441.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{2D53B294-8CCC-4D5B-B31C-07E22D6C2EEE}" = dir=out | name=@{microsoft.xboxidentityprovider_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} |
"{2FCDAF34-78CC-47E1-B443-4F843EA69E66}" = protocol=6 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{31D0315E-6869-471E-8F33-666C0A11E648}" = dir=out | name=check point vpn |
"{31D1CEF4-911E-43F2-881B-92DCFCEF9612}" = dir=in | name=juniper networks junos pulse |
"{325D15FC-5CD4-4D14-89F1-9EFE4B399E06}" = dir=out | name=@{microsoft.connectivitystore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} |
"{3337A6E6-0E81-4CC8-B29A-A9CD96B5F824}" = dir=in | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{3392CD52-87BF-4D77-B8D3-A41CA261328F}" = dir=in | name=onenote |
"{35514EA6-8AF8-4C49-9D7E-CAC554BEE0AE}" = dir=out | name=windows_ie_ac_001 |
"{38C834A7-3E7F-4D72-874D-B8D3FCFF3A82}" = dir=out | name=@{microsoft.accountscontrol_10.0.10240.16384_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{3DE183CD-1962-4E81-A4BD-29CF517E8E80}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{3E7F98C1-ED19-41A2-B8B0-1607ED0CF076}" = protocol=17 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{3ECBA714-9A9C-4D5D-81A5-B25F889DBC8C}" = dir=out | name=middle-earth almanac |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{456ACE2E-F511-4E78-A284-799C6ADFFC84}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{460E77BA-8349-4141-B155-C0889D50B921}" = dir=out | name=allrecipes |
"{471DFA87-8706-48B1-9CDF-06D98CB5DA6E}" = dir=out | name=writeplus |
"{4AECF9A8-3DA5-4E20-BE57-FAA3C4F82540}" = dir=out | name=windows_ie_ac_001 |
"{4B926EBF-8976-47DF-AB6B-330D3E234886}" = dir=out | name=@{microsoft.windows.photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{4E851A4E-7F55-4781-812D-05EE9CF0D127}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{4EB88197-3DD0-4ADB-A25D-040E53DCEAFD}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{4ED8A347-8E8B-4F40-86EC-02E7FC158616}" = dir=out | name=@{microsoft.windows.cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{504F85C0-F159-4D4D-9C74-7AF384B82C06}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{50DF7430-CC98-40C2-AB80-097DF89504BA}" = dir=out | name=fresh paint |
"{51E4C37E-DC71-429E-AEFC-DDC4A8BD8EE4}" = dir=out | name=@{microsoft.3dbuilder_11.1.8.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} |
"{53B5E4C7-A224-4BD2-A31D-108DA741A5CE}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{551B1372-18A5-4097-93A3-8638F1FC8C12}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{58565518-0BAD-4EC8-A135-29A64C0BBACE}" = dir=out | name=f5 vpn |
"{5CC5677D-153C-4846-B6A7-3BD8A0AE4CC0}" = dir=out | name=@{microsoft.bingsports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{5E084205-289A-4747-982C-236886342F20}" = protocol=6 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{6157870A-2E1C-4B7F-B6D4-291BCB9C3A7A}" = dir=out | name=sonicwall mobile connect |
"{642C4CCE-78CD-4233-AE61-E2B0B4C9A69D}" = dir=out | name=sonicwall mobile connect |
"{67257B87-21E0-42C8-AC7F-54B8E03E51D8}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{67D3BF89-1357-4E70-9FAE-E12B76650B19}" = dir=out | name=@{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} |
"{68953D4A-1A4E-4CE1-A33B-A50009E68680}" = dir=out | name=kindle |
"{695FC94C-4660-4B3D-ABD0-37821B4A568C}" = dir=out | name=@{microsoft.bingnews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{69A8CD28-7F1C-4B5F-A311-A6041415CE38}" = dir=out | name=@{microsoft.windowsphone_10.1605.1661.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} |
"{6A385C1C-30B3-41EF-8EA5-F297ABD66EFA}" = dir=out | name=@{microsoft.disneyfairies_2.5.0.44915_x86__8wekyb3d8bbwe?ms-resource://microsoft.disneyfairies/resources/title_display_name} |
"{6B533C04-AFB7-4BFC-94A9-C255896F4FC1}" = dir=out | name=twitter |
"{6CD7B0EE-14D1-4EB8-B5D2-5AEE045C9F82}" = dir=out | name=dell shop |
"{6E42FCE0-9308-47DB-B1AB-44A064F95A66}" = dir=out | name=windows_ie_ac_001 |
"{6E4B1A06-0F35-4959-AD7F-82799A27948F}" = dir=out | name=island tribe 2 |
"{6E89E6C9-609C-4A63-A098-EC3E198BDCBD}" = dir=out | name=discovery channel |
"{6FB871D0-79E8-43F5-9943-BB85E10ABEDC}" = dir=out | name=blocks win8 |
"{73DA0790-5649-4A48-A347-723A2DAEC1AF}" = dir=in | name=@{microsoft.windows.cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{77E95EBC-9059-4EAD-90CF-7A61BE656E09}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{78F1FBA4-D389-4981-A07D-5EB2FDE2B932}" = dir=in | name=microsoft mahjong |
"{79314EA1-B89E-4C2B-BBBC-48104F0547BC}" = dir=out | name=@{microsoft.windowsfeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} |
"{79E8D396-09CF-49AC-8D82-C60419533AC6}" = dir=out | name=canon inkjet print utility |
"{7A1F88C0-0029-408C-A994-FE13D54BCC9D}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{7A43D61B-6CB8-4F4C-AA12-2CE60D175665}" = dir=out | name=@{microsoft.bingtravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{7C541200-77EF-4784-AC0A-82CE21586959}" = dir=out | name=word search game |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{82454A5E-40FA-47CF-BAF9-826528F72511}" = dir=in | name=allrecipes |
"{83D13413-D04D-4E2C-96D8-C1ED9335EF49}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{84F24E9D-E616-4CBD-BC7F-E6393F46793A}" = dir=out | name=@{780f5c7b.islandtribe3_3.0.0.12_x86__0gmyx1dmsk3dw?ms-resource://780f5c7b.islandtribe3/resources/displayname} |
"{86213355-6962-4DF0-8B6C-6622864EEC03}" = dir=out | name=juniper networks junos pulse |
"{89F6D8CF-F49E-4917-9DE5-5D1615DB0DBB}" = dir=in | name=@{microsoft.windows.photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{8C16F3FF-099D-4D5D-83B6-F71B11B2E65C}" = dir=out | name=f5 vpn |
"{8C52511D-90E6-411D-BF88-1ECE1BD9BA3E}" = dir=out | name=@{microsoft.bingweather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{8D736176-D953-4E1C-854B-76682BF6AB8B}" = dir=out | name=fotor |
"{8EB5F3B1-269D-4AA6-BA97-B365466B1027}" = protocol=17 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{8F4363BC-8C24-4268-BF50-5987221D775F}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{8F4F3571-CA3F-4E60-B5C8-AFB8CE8EDA65}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} |
"{9282192C-80A0-4B19-A548-8EFFFEAD8057}" = dir=in | name=@{microsoft.microsoftedge_20.10240.16384.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{970EC82D-B60F-4EF4-9CAB-724122622867}" = dir=in | name=sway |
"{971A97D5-EE7C-4CEB-AE70-BCFB862599C3}" = dir=out | name=doodle hangman free |
"{97A1F44D-A39E-489A-9C60-C3E6700C5FA8}" = dir=out | name=solitaire hd |
"{97BD9905-7AAC-4BDC-B684-BA728ACDEA63}" = dir=out | name=@{microsoft.zunemusic_3.6.22051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{9B4C0564-397E-44A6-A78C-E470C462B6BC}" = dir=out | name=backgrounds wallpapers hd |
"{9B898606-D505-4B90-97A1-A9DCDE2087A1}" = dir=out | name=@{microsoft.bingfinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{9BEA36D5-0D99-4D9D-8458-8E08E16C7CCA}" = dir=out | name=jewel fever |
"{9CED8AD1-BFE1-481D-82B1-F101268F9CCB}" = dir=out | name=@{windows.contactsupport_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9F7D909B-1796-4172-AFA1-92ED0DE41D2D}" = dir=out | name=@{microsoft.lockapp_10.0.10240.16384_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{A1AC5503-7C1C-4C86-87E3-F9E8F7C87E2B}" = dir=in | name=@{microsoft.bingsports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{A2072289-F2C1-4F90-B468-F6DB51C9731E}" = dir=out | name=youtube player |
"{A2A6DD16-4BC1-4A17-B321-DBB9895F28D5}" = dir=out | name=check point vpn |
"{A3C18D16-6C36-4118-9A06-BFC97F76E836}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{A5C6E968-5BC9-4C13-B641-02B3BB79F529}" = dir=out | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{A68C2D4D-93C4-4C9B-A46D-F8C132F7D01E}" = protocol=17 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{A6AB448D-5A40-4E23-AEB7-214A7EB89213}" = dir=out | name=island tribe |
"{AC998AF9-A402-4E93-94C3-60F140664502}" = dir=out | name=taptiles |
"{ACCC5D26-066E-4796-A66A-FDCB14E77F48}" = dir=out | name=windows_ie_ac_001 |
"{AEFA0613-6CD6-40E1-B65B-FD6AA4C1FD85}" = dir=out | name=windows_ie_ac_001 |
"{B0896A45-AF1F-404B-B788-36D293E153B6}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe |
"{B20D4FB1-18FC-4B34-A5B3-FEEBDCEFC41E}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{B34D7EF2-C466-4AF6-8A89-088EEF6ADBE5}" = dir=out | name=watch abc |
"{B475503F-CEC3-4EF1-B413-9B2529030766}" = dir=in | name=dell shop |
"{BA4CE24A-F0B9-42FE-8E68-951FAD916981}" = dir=out | name=4 pics one word |
"{BB8D4B7F-863A-418D-A3D2-9D154271FFA5}" = dir=out | name=@{44352gadgetwe.unitconversion_1.0.1.4_neutral__wrnqd43hr7tc6?ms-resource://44352gadgetwe.unitconversion/resources/appstorename} |
"{BBC97C54-8291-4382-A3D6-96C776DE60EB}" = dir=in | app=c:\program files\belkin\belkin usb print and storage center\connect.exe |
"{BD459083-61A2-4155-9ADC-2D63D5C41173}" = dir=out | name=@{yahooinc.yahoomail_1.7.0.23_neutral__xvnatx83ncrvj?ms-resource://yahooinc.yahoomail/resources/str_branding_mail} |
"{C1C5694C-089A-4A30-98A8-68B8080210EA}" = dir=out | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{C28BEE71-2F4A-4289-ACE8-50920A901083}" = dir=in | name=@{windows.contactsupport_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{C3D7BE13-780B-4DF6-A23A-E358F1BB8D0B}" = dir=out | name=farm up |
"{C566698C-B5BE-4523-BCDC-8D856F09F6A0}" = dir=in | name=@{microsoft.zunemusic_3.6.22051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{C5E123CD-0F41-42B5-9C74-A9F3E6AF3EF7}" = dir=out | name=real cat sounds |
"{C5E5629D-0CDF-433D-8C24-0847324A3CC6}" = dir=out | name=toolbox for windows 8 |
"{C630CC23-9092-4F56-BBE8-2671E72550D5}" = dir=out | name=ebay |
"{C6AAFD64-9B92-40C9-9A57-B38BCDDFBA28}" = dir=out | name=@{microsoft.getstarted_3.11.1.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{C7D7C859-84E4-444E-8B2D-CC90739F64BD}" = dir=in | name=@{microsoft.bingweather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{C9F4CA08-A1B1-4871-A316-677F7A301CE0}" = dir=in | name=microsoft solitaire collection |
"{CA419722-89AF-4A91-B0A1-C8C31D902237}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{CAB0AA50-B761-4C18-AA7F-1D4869934786}" = dir=out | name=@{microsoft.xboxidentityprovider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} |
"{CAF3768E-9BEC-4A1D-92D8-1E6DA3147725}" = dir=in | name=check point vpn |
"{CBAC3A66-3AC1-4B05-9E04-FC207B7155CD}" = dir=out | name=@{microsoft.windowsmaps_5.1606.1670.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{CC218C63-F9FD-4221-A6D3-659D2DFD84AA}" = dir=out | name=@{780f5c7b.allmygodsfree_1.0.0.18_x86__0gmyx1dmsk3dw?ms-resource://780f5c7b.allmygodsfree/resources/displayname} |
"{CE95D835-A888-4181-9FB9-2D57B3C12CB2}" = dir=out | name=netflix |
"{D063BB27-783A-4540-96B5-EDAFA661C6B0}" = dir=in | name=@{microsoft.messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} |
"{D1BBAFD8-F496-4EC5-867F-594E98D4DA5A}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{D1D007EB-AB3F-44C8-A59F-893A27C43DC3}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{D29603ED-91C7-49B0-97DF-E35AF5A575C6}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{D2B61FA5-55F3-4591-8EAE-5A510996C23A}" = dir=out | name=@{microsoft.people_10.0.10811.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{D435263D-90E3-47C2-8413-1E52737D122D}" = dir=in | name=f5 vpn |
"{D47514A5-A607-4A6D-8FD8-F6D4A1312007}" = dir=out | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D6DE3F42-DD82-42A8-B5D8-DE3CA8259F6E}" = dir=out | name=@{microsoft.messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DBEA096F-01D5-4610-A299-EAD2292EA22F}" = dir=out | name=the lord of the rings - free |
"{DCF35E7D-D608-4627-BEC6-C56F2EF3A94F}" = dir=in | name=check point vpn |
"{DE584219-4A50-43B0-A858-8F86FA9F222F}" = dir=out | name=@{microsoft.windowsstore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{E09E39E8-FC4D-408E-B675-B5F36AC538C1}" = dir=out | name=microsoft solitaire collection |
"{E15345E4-2758-4143-812B-A3001680D74F}" = dir=in | name=@{microsoft.zunevideo_3.6.21441.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{E2F716A5-907F-4836-95DF-2034BCF0374B}" = protocol=6 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{E357D02D-D125-499C-AB19-A0AF035ECE61}" = dir=out | name=picasa viewer hd |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E82A6785-3FD9-49C3-A1A5-6FB4FEC742F6}" = dir=out | name=sway |
"{E8E27010-685B-4F4C-8603-21554ED7623E}" = dir=in | name=@{microsoft.microsoftofficehub_17.7031.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{EA3D0F2B-8BB1-4C35-8F8D-92E56C9FB5AB}" = dir=out | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{EC253D96-B2E5-41F0-8708-78E53F343A17}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{ECED98B5-FDA9-4679-971D-E8A35A8B6D4C}" = dir=in | name=f5 vpn |
"{ED2195B6-82B2-4038-B92B-956333F9BD8F}" = dir=in | name=sonicwall mobile connect |
"{EFA76B35-0397-4E7C-9A2C-27F73E9A39E3}" = dir=out | name=@{microsoft.lockapp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{F0258F3F-C941-470E-BF25-426C51721679}" = dir=out | name=xbox |
"{F2A4C467-DF06-4AA4-B116-8536BD5854E1}" = dir=in | name=netflix |
"{F5DC9F08-CBD5-4C39-B5B9-5AEEECFCA023}" = dir=out | name=windows_ie_ac_001 |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F7496E6C-3AC4-4E59-B19C-BDEAA12EEF3C}" = dir=in | name=sonicwall mobile connect |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F7AA8087-C2BB-49CD-9490-A4735420F058}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{F9684B91-BF2F-4560-B8BF-4F5637AE27F4}" = dir=in | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{F99D4DE0-0DA8-4878-BCBA-58CCE904B451}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\movie\powerdvd cinema\powerdvdcinema12.exe |
"{F9FC73BE-5E62-4DF6-A7D8-043E444A5904}" = dir=out | name=@{microsoft.windowsfeedback_10.0.10240.16393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} |
"{FA3CF5CF-63A2-4DA3-8875-013A7CA4FED3}" = dir=out | name=juniper networks junos pulse |
"{FAC2E2C3-D8AB-4388-9310-D3A495C2A2E5}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{FBE02CB2-F4EA-471C-9FAC-A6F355A99440}" = dir=out | name=xylophone 10 |
"{FD65C3C8-386D-4F3D-96EB-4A8B5367FC69}" = dir=out | name=@{microsoft.microsoftedge_20.10240.16384.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"TCP Query User{28F39109-3CDB-4FAA-B41F-88A5E48E2138}C:\users\melsmile\appdata\local\temp\nsv6fad.tmp\setup.exe" = protocol=6 | dir=in | app=c:\users\melsmile\appdata\local\temp\nsv6fad.tmp\setup.exe |
"TCP Query User{36407E24-0C53-411B-8D75-3467DBCDDFFD}C:\users\melsmile\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\melsmile\appdata\local\akamai\netsession_win.exe |
"TCP Query User{D608FD59-E9B2-48F9-ABDD-33D096830F33}C:\users\melsmile\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\melsmile\appdata\local\akamai\netsession_win.exe |
"UDP Query User{1996448C-4AF5-41C4-8A36-D8C72C78A4DB}C:\users\melsmile\appdata\local\temp\nsv6fad.tmp\setup.exe" = protocol=17 | dir=in | app=c:\users\melsmile\appdata\local\temp\nsv6fad.tmp\setup.exe |
"UDP Query User{78DFE2DC-5AC2-420E-83BA-489D3B26FE1E}C:\users\melsmile\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\melsmile\appdata\local\akamai\netsession_win.exe |
"UDP Query User{8B48CF0E-A5B4-4352-A354-479A04851086}C:\users\melsmile\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\melsmile\appdata\local\akamai\netsession_win.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}" = Citrix Online Launcher
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell Backup and Recovery
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 11
"{26A24AE4-039D-4CA4-87B4-2F83218077F0}" = Java 8 Update 77
"{26A24AE4-039D-4CA4-87B4-2F83218091F0}" = Java 8 Update 91
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3ED468C2-2235-4747-90AD-A7A34F0FE70A}" = Dell SupportAssistAgent
"{3FB000F3-7444-41C1-A0A6-53E8FD0B7D9C}" = Dell Update
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AC7B4E7-59B7-4E48-A60D-263C486FC33A}_is1" = System Checkup 3.3
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7D389358-56D0-4988-BAAC-5ACE907CCEBD}" = PCStitch 10
"{82BF2C5E-79A7-4A13-B508-D5E64A5B141E}" = Uninstall Helper
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-0804-1033-1959-001824191728}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1033-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B303BE9E-0520-4398-A7B6-CF8195F5B348}_is1" = crosti version 1.13.0
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C2A72E57-2CC7-4C02-BE19-0A12D74C5D63}" = Intel(R) Wireless Bluetooth(R)
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint 2.5
"{c9967fbd-e3c3-4ed0-992a-5b33260f2944}" = Intel® PROSet/Wireless Software
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{D9ED3EFC-AB00-4CE0-ADED-80EE6B1158A7}" = Dell Digital Delivery
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB4D42D6-627A-424E-981F-1474AFF3CC29}" = ArcSoft MediaImpression SE for Kodak
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F2BBDD5D-7959-4F64-8737-F568092433F6}" = VideoBuzz
"{F2E04A40-3EA7-42F8-B7CC-B6E7A39DC150}" = Adobe AIR
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FEFDCDCF-C49C-45D0-AAF8-5345858ADEC7}" = Dell Customer Connect
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Avast" = Avast Free Antivirus
"Belkin Setup and Router Monitor_is1" = Belkin Setup and Router Monitor
"BFG-Awakening - Moonfell Wood" = Awakening: Moonfell Wood
"BFG-Awakening - The Dreamless Castle" = Awakening: The Dreamless Castle
"BFG-Awakening - The Goblin Kingdom" = Awakening: The Goblin Kingdom
"BFG-Awakening - The Redleaf Forest Collectors Edition" = Awakening: The Redleaf Forest Collector's Edition
"BFG-Awakening - The Skyward Castle" = Awakening: The Skyward Castle
"BFG-Awakening - The Sunhook Spire" = Awakening: The Sunhook Spire
"BFG-Awakening Kingdoms" = Awakening Kingdoms
"BFGC" = Big Fish: Game Manager
"BFG-Gummy Drop!" = Gummy Drop!
"Family Tree Builder" = MyHeritage Family Tree Builder
"Google Chrome" = Google Chrome
"InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}" = CyberLink Media Suite Essentials
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.2.1.1043
"Plant Tycoon" = Plant Tycoon 1.0
"SafeZone 1.48.2066.114" = SafeZone Stable 1.48.2066.114
"SOTW_screensaverUS" = SOTW_screensaverUS
"Uninstall Helper 2.0.1.0" = Uninstall Helper
"Video Mover_is1" = Video Mover
"Virtual Villagers - A New Home" = Virtual Villagers - A New Home (remove only)
"Virtual Villagers III" = Virtual Villagers III (remove only)
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Software Update" = Yahoo! Software Update
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2138707345-1064427414-1915588179-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"58d94f3ce2c27db0" = Dell System Detect
"Google Photos Backup" = Google Photos Backup
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 7/6/2016 5:59:11 PM | Computer Name = mels | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed
 with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional
 information.
 
Error - 7/8/2016 12:21:33 AM | Computer Name = mels | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed
 with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional
 information.
 
Error - 7/9/2016 12:04:59 AM | Computer Name = mels | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed
 with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional
 information.
 
Error - 7/11/2016 2:34:45 PM | Computer Name = mels | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed
 with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional
 information.
 
Error - 7/11/2016 4:50:29 PM | Computer Name = mels | Source = Microsoft-Windows-Immersive-Shell | ID = 2484
Description = Package Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge
 was terminated because it took too long to suspend.
 
Error - 7/11/2016 4:50:29 PM | Computer Name = mels | Source = Microsoft-Windows-Immersive-Shell | ID = 2484
Description = Package Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{9d4f6762-0474-4484-b2bd-bba20f5890df}
 was terminated because it took too long to suspend.
 
Error - 7/11/2016 5:02:14 PM | Computer Name = mels | Source = Microsoft-Windows-Immersive-Shell | ID = 2484
Description = Package Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy+App
 was terminated because it took too long to suspend.
 
Error - 7/11/2016 7:03:20 PM | Computer Name = mels | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Cryptographic Services failed while processing the OnIdentity() call
 in the System Writer Object.  Details: AddLegacyDriverFiles: Unable to back up image
 of binary Microsoft Link-Layer Discovery Protocol.  System Error: Access is denied.
.
 
Error - 7/11/2016 7:53:26 PM | Computer Name = mels | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge
 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log
 for additional information.
 
Error - 7/11/2016 7:53:31 PM | Computer Name = mels | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge
 failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log
 for additional information.
 
[ System Events ]
Error - 7/11/2016 7:46:22 PM | Computer Name = mels | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the User
 Data Storage_54110 service to connect.
 
Error - 7/11/2016 7:46:22 PM | Computer Name = mels | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Sync
 Host_54110 service to connect.
 
Error - 7/11/2016 7:48:00 PM | Computer Name = mels | Source = Application Popup | ID = 875
Description =
 
Error - 7/11/2016 7:48:24 PM | Computer Name = mels | Source = NetBT | ID = 4307
Description = Initialization failed because the transport refused to open initial
 addresses.
 
Error - 7/11/2016 7:48:28 PM | Computer Name = mels | Source = Service Control Manager | ID = 7000
Description = The sxuptp service failed to start due to the following error:   %%1275
 
Error - 7/11/2016 7:49:31 PM | Computer Name = mels | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the FontCache3.0.0.0
 service to connect.
 
Error - 7/11/2016 7:49:31 PM | Computer Name = mels | Source = Service Control Manager | ID = 7000
Description = The Windows Presentation Foundation Font Cache 3.0.0.0 service failed
 to start due to the following error:   %%1053
 
Error - 7/11/2016 7:52:19 PM | Computer Name = mels | Source = Service Control Manager | ID = 7034
Description = The Dell Digital Delivery Service service terminated unexpectedly.
  It has done this 1 time(s).
 
Error - 7/11/2016 7:53:26 PM | Computer Name = mels | Source = DCOM | ID = 10010
Description =
 
Error - 7/11/2016 7:55:34 PM | Computer Name = mels | Source = DCOM | ID = 10016
Description =
 
 
< End of report >

Link to post
Share on other sites

M - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\melsmile\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10586.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
5.87 Gb Total Physical Memory | 2.88 Gb Available Physical Memory | 49.07% Memory free
6.81 Gb Paging File | 3.75 Gb Available in Paging File | 55.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.94 Gb Total Space | 380.07 Gb Free Space | 84.10% Space Free | Partition Type: NTFS
 
Computer Name: MELS | User Name: melsmile | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = ] -- Reg Error: Key error. File not found
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{239396E0-7F5E-4AD1-9A12-75982D38C00C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{5A4350F4-A335-4E3A-A2A0-070A2EB1AD1D}" = lport=19540 | protocol=17 | dir=in | name=sxuptp |
"{C3349D47-689A-47F4-885D-262115F4B64B}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{C86AF6B5-F897-453F-A843-A411806926E5}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003A5DF9-72FF-4949-B94C-45B84919B5E9}" = dir=in | name=xbox |
"{02591E5A-95C6-4943-997E-432DE5B26184}" = dir=in | name=juniper networks junos pulse |
"{02A8FB16-4160-43A7-88D0-A3E557972F0F}" = dir=in | app=c:\program files\intel corporation\intel widi\widiapp.exe |
"{043C9756-4C28-491F-85ED-4CC13B13A68D}" = dir=in | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{0A891DC1-329C-461E-81D4-3D3F4E961E1E}" = dir=out | name=drums |
"{0DA34931-FFC7-4ABB-B98E-8E96E82B5A22}" = dir=out | name=microsoft mahjong |
"{10DEF11D-E361-4433-8AFF-12DFC2868B2F}" = dir=out | name=@{microsoft.accountscontrol_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{11CC0C75-C020-4DC6-81A4-49F7D055DA3C}" = dir=out | name=amazon |
"{12B04377-3E6A-43D0-87AE-B99C02ABF7D9}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{14EF1AA1-39D3-46DD-BAF7-3A6906641430}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{157E4201-1E10-4400-974E-8D2936B978C6}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{15FF6159-5260-452D-B24F-2A25D85F175D}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{16D5F16B-45FB-45F4-A0B8-9849C0D54AC4}" = dir=in | name=@{microsoft.bingnews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{17D854F8-DF0E-475E-9372-45F1E2B1DB5A}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{19D3B29F-668E-42AD-9BA7-C5916E1BB23D}" = dir=in | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{1A6A5199-8D28-44BC-99E0-8B487E472471}" = dir=out | name=onenote |
"{1B59344E-F05C-4E4E-9B6A-00D09ACEEF65}" = dir=out | name=@{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} |
"{1FA9146F-0DEC-4F9B-8011-D51B7DA787D0}" = dir=in | name=canon inkjet print utility |
"{2274D1FB-171E-469C-8D36-D72195F087C2}" = dir=out | name=@{microsoft.microsoftofficehub_17.7031.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{23F36992-8501-4785-A87E-690ACBB6D716}" = dir=in | name=@{microsoft.bingfinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{243FA30F-9560-4261-BC3F-42A67F1AC009}" = dir=in | name=@{microsoft.windowsstore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{25333B16-3F20-4B51-8663-7B0D6285B92E}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{25F2268D-975A-4B8D-A4A4-8710E3C7C382}" = dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{26FED854-75FA-4BBB-A675-4B4EDB311299}" = dir=in | name=taptiles |
"{2732F321-4597-4C05-BC22-E9441CDC7145}" = dir=out | name=@{microsoft.zunevideo_3.6.21441.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{2D53B294-8CCC-4D5B-B31C-07E22D6C2EEE}" = dir=out | name=@{microsoft.xboxidentityprovider_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} |
"{2FCDAF34-78CC-47E1-B443-4F843EA69E66}" = protocol=6 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{31D0315E-6869-471E-8F33-666C0A11E648}" = dir=out | name=check point vpn |
"{31D1CEF4-911E-43F2-881B-92DCFCEF9612}" = dir=in | name=juniper networks junos pulse |
"{325D15FC-5CD4-4D14-89F1-9EFE4B399E06}" = dir=out | name=@{microsoft.connectivitystore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} |
"{3337A6E6-0E81-4CC8-B29A-A9CD96B5F824}" = dir=in | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{3392CD52-87BF-4D77-B8D3-A41CA261328F}" = dir=in | name=onenote |
"{35514EA6-8AF8-4C49-9D7E-CAC554BEE0AE}" = dir=out | name=windows_ie_ac_001 |
"{38C834A7-3E7F-4D72-874D-B8D3FCFF3A82}" = dir=out | name=@{microsoft.accountscontrol_10.0.10240.16384_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{3DE183CD-1962-4E81-A4BD-29CF517E8E80}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{3E7F98C1-ED19-41A2-B8B0-1607ED0CF076}" = protocol=17 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{3ECBA714-9A9C-4D5D-81A5-B25F889DBC8C}" = dir=out | name=middle-earth almanac |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{456ACE2E-F511-4E78-A284-799C6ADFFC84}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{460E77BA-8349-4141-B155-C0889D50B921}" = dir=out | name=allrecipes |
"{471DFA87-8706-48B1-9CDF-06D98CB5DA6E}" = dir=out | name=writeplus |
"{4AECF9A8-3DA5-4E20-BE57-FAA3C4F82540}" = dir=out | name=windows_ie_ac_001 |
"{4B926EBF-8976-47DF-AB6B-330D3E234886}" = dir=out | name=@{microsoft.windows.photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{4E851A4E-7F55-4781-812D-05EE9CF0D127}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{4EB88197-3DD0-4ADB-A25D-040E53DCEAFD}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{4ED8A347-8E8B-4F40-86EC-02E7FC158616}" = dir=out | name=@{microsoft.windows.cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{504F85C0-F159-4D4D-9C74-7AF384B82C06}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{50DF7430-CC98-40C2-AB80-097DF89504BA}" = dir=out | name=fresh paint |
"{51E4C37E-DC71-429E-AEFC-DDC4A8BD8EE4}" = dir=out | name=@{microsoft.3dbuilder_11.1.8.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} |
"{53B5E4C7-A224-4BD2-A31D-108DA741A5CE}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{551B1372-18A5-4097-93A3-8638F1FC8C12}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{58565518-0BAD-4EC8-A135-29A64C0BBACE}" = dir=out | name=f5 vpn |
"{5CC5677D-153C-4846-B6A7-3BD8A0AE4CC0}" = dir=out | name=@{microsoft.bingsports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{5E084205-289A-4747-982C-236886342F20}" = protocol=6 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{6157870A-2E1C-4B7F-B6D4-291BCB9C3A7A}" = dir=out | name=sonicwall mobile connect |
"{642C4CCE-78CD-4233-AE61-E2B0B4C9A69D}" = dir=out | name=sonicwall mobile connect |
"{67257B87-21E0-42C8-AC7F-54B8E03E51D8}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{67D3BF89-1357-4E70-9FAE-E12B76650B19}" = dir=out | name=@{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} |
"{68953D4A-1A4E-4CE1-A33B-A50009E68680}" = dir=out | name=kindle |
"{695FC94C-4660-4B3D-ABD0-37821B4A568C}" = dir=out | name=@{microsoft.bingnews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{69A8CD28-7F1C-4B5F-A311-A6041415CE38}" = dir=out | name=@{microsoft.windowsphone_10.1605.1661.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} |
"{6A385C1C-30B3-41EF-8EA5-F297ABD66EFA}" = dir=out | name=@{microsoft.disneyfairies_2.5.0.44915_x86__8wekyb3d8bbwe?ms-resource://microsoft.disneyfairies/resources/title_display_name} |
"{6B533C04-AFB7-4BFC-94A9-C255896F4FC1}" = dir=out | name=twitter |
"{6CD7B0EE-14D1-4EB8-B5D2-5AEE045C9F82}" = dir=out | name=dell shop |
"{6E42FCE0-9308-47DB-B1AB-44A064F95A66}" = dir=out | name=windows_ie_ac_001 |
"{6E4B1A06-0F35-4959-AD7F-82799A27948F}" = dir=out | name=island tribe 2 |
"{6E89E6C9-609C-4A63-A098-EC3E198BDCBD}" = dir=out | name=discovery channel |
"{6FB871D0-79E8-43F5-9943-BB85E10ABEDC}" = dir=out | name=blocks win8 |
"{73DA0790-5649-4A48-A347-723A2DAEC1AF}" = dir=in | name=@{microsoft.windows.cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{77E95EBC-9059-4EAD-90CF-7A61BE656E09}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{78F1FBA4-D389-4981-A07D-5EB2FDE2B932}" = dir=in | name=microsoft mahjong |
"{79314EA1-B89E-4C2B-BBBC-48104F0547BC}" = dir=out | name=@{microsoft.windowsfeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} |
"{79E8D396-09CF-49AC-8D82-C60419533AC6}" = dir=out | name=canon inkjet print utility |
"{7A1F88C0-0029-408C-A994-FE13D54BCC9D}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{7A43D61B-6CB8-4F4C-AA12-2CE60D175665}" = dir=out | name=@{microsoft.bingtravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{7C541200-77EF-4784-AC0A-82CE21586959}" = dir=out | name=word search game |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{82454A5E-40FA-47CF-BAF9-826528F72511}" = dir=in | name=allrecipes |
"{83D13413-D04D-4E2C-96D8-C1ED9335EF49}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{84F24E9D-E616-4CBD-BC7F-E6393F46793A}" = dir=out | name=@{780f5c7b.islandtribe3_3.0.0.12_x86__0gmyx1dmsk3dw?ms-resource://780f5c7b.islandtribe3/resources/displayname} |
"{86213355-6962-4DF0-8B6C-6622864EEC03}" = dir=out | name=juniper networks junos pulse |
"{89F6D8CF-F49E-4917-9DE5-5D1615DB0DBB}" = dir=in | name=@{microsoft.windows.photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{8C16F3FF-099D-4D5D-83B6-F71B11B2E65C}" = dir=out | name=f5 vpn |
"{8C52511D-90E6-411D-BF88-1ECE1BD9BA3E}" = dir=out | name=@{microsoft.bingweather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{8D736176-D953-4E1C-854B-76682BF6AB8B}" = dir=out | name=fotor |
"{8EB5F3B1-269D-4AA6-BA97-B365466B1027}" = protocol=17 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{8F4363BC-8C24-4268-BF50-5987221D775F}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{8F4F3571-CA3F-4E60-B5C8-AFB8CE8EDA65}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} |
"{9282192C-80A0-4B19-A548-8EFFFEAD8057}" = dir=in | name=@{microsoft.microsoftedge_20.10240.16384.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{970EC82D-B60F-4EF4-9CAB-724122622867}" = dir=in | name=sway |
"{971A97D5-EE7C-4CEB-AE70-BCFB862599C3}" = dir=out | name=doodle hangman free |
"{97A1F44D-A39E-489A-9C60-C3E6700C5FA8}" = dir=out | name=solitaire hd |
"{97BD9905-7AAC-4BDC-B684-BA728ACDEA63}" = dir=out | name=@{microsoft.zunemusic_3.6.22051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{9B4C0564-397E-44A6-A78C-E470C462B6BC}" = dir=out | name=backgrounds wallpapers hd |
"{9B898606-D505-4B90-97A1-A9DCDE2087A1}" = dir=out | name=@{microsoft.bingfinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{9BEA36D5-0D99-4D9D-8458-8E08E16C7CCA}" = dir=out | name=jewel fever |
"{9CED8AD1-BFE1-481D-82B1-F101268F9CCB}" = dir=out | name=@{windows.contactsupport_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9F7D909B-1796-4172-AFA1-92ED0DE41D2D}" = dir=out | name=@{microsoft.lockapp_10.0.10240.16384_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{A1AC5503-7C1C-4C86-87E3-F9E8F7C87E2B}" = dir=in | name=@{microsoft.bingsports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{A2072289-F2C1-4F90-B468-F6DB51C9731E}" = dir=out | name=youtube player |
"{A2A6DD16-4BC1-4A17-B321-DBB9895F28D5}" = dir=out | name=check point vpn |
"{A3C18D16-6C36-4118-9A06-BFC97F76E836}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{A5C6E968-5BC9-4C13-B641-02B3BB79F529}" = dir=out | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{A68C2D4D-93C4-4C9B-A46D-F8C132F7D01E}" = protocol=17 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{A6AB448D-5A40-4E23-AEB7-214A7EB89213}" = dir=out | name=island tribe |
"{AC998AF9-A402-4E93-94C3-60F140664502}" = dir=out | name=taptiles |
"{ACCC5D26-066E-4796-A66A-FDCB14E77F48}" = dir=out | name=windows_ie_ac_001 |
"{AEFA0613-6CD6-40E1-B65B-FD6AA4C1FD85}" = dir=out | name=windows_ie_ac_001 |
"{B0896A45-AF1F-404B-B788-36D293E153B6}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe |
"{B20D4FB1-18FC-4B34-A5B3-FEEBDCEFC41E}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{B34D7EF2-C466-4AF6-8A89-088EEF6ADBE5}" = dir=out | name=watch abc |
"{B475503F-CEC3-4EF1-B413-9B2529030766}" = dir=in | name=dell shop |
"{BA4CE24A-F0B9-42FE-8E68-951FAD916981}" = dir=out | name=4 pics one word |
"{BB8D4B7F-863A-418D-A3D2-9D154271FFA5}" = dir=out | name=@{44352gadgetwe.unitconversion_1.0.1.4_neutral__wrnqd43hr7tc6?ms-resource://44352gadgetwe.unitconversion/resources/appstorename} |
"{BBC97C54-8291-4382-A3D6-96C776DE60EB}" = dir=in | app=c:\program files\belkin\belkin usb print and storage center\connect.exe |
"{BD459083-61A2-4155-9ADC-2D63D5C41173}" = dir=out | name=@{yahooinc.yahoomail_1.7.0.23_neutral__xvnatx83ncrvj?ms-resource://yahooinc.yahoomail/resources/str_branding_mail} |
"{C1C5694C-089A-4A30-98A8-68B8080210EA}" = dir=out | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{C28BEE71-2F4A-4289-ACE8-50920A901083}" = dir=in | name=@{windows.contactsupport_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{C3D7BE13-780B-4DF6-A23A-E358F1BB8D0B}" = dir=out | name=farm up |
"{C566698C-B5BE-4523-BCDC-8D856F09F6A0}" = dir=in | name=@{microsoft.zunemusic_3.6.22051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{C5E123CD-0F41-42B5-9C74-A9F3E6AF3EF7}" = dir=out | name=real cat sounds |
"{C5E5629D-0CDF-433D-8C24-0847324A3CC6}" = dir=out | name=toolbox for windows 8 |
"{C630CC23-9092-4F56-BBE8-2671E72550D5}" = dir=out | name=ebay |
"{C6AAFD64-9B92-40C9-9A57-B38BCDDFBA28}" = dir=out | name=@{microsoft.getstarted_3.11.1.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{C7D7C859-84E4-444E-8B2D-CC90739F64BD}" = dir=in | name=@{microsoft.bingweather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{C9F4CA08-A1B1-4871-A316-677F7A301CE0}" = dir=in | name=microsoft solitaire collection |
"{CA419722-89AF-4A91-B0A1-C8C31D902237}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{CAB0AA50-B761-4C18-AA7F-1D4869934786}" = dir=out | name=@{microsoft.xboxidentityprovider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} |
"{CAF3768E-9BEC-4A1D-92D8-1E6DA3147725}" = dir=in | name=check point vpn |
"{CBAC3A66-3AC1-4B05-9E04-FC207B7155CD}" = dir=out | name=@{microsoft.windowsmaps_5.1606.1670.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{CC218C63-F9FD-4221-A6D3-659D2DFD84AA}" = dir=out | name=@{780f5c7b.allmygodsfree_1.0.0.18_x86__0gmyx1dmsk3dw?ms-resource://780f5c7b.allmygodsfree/resources/displayname} |
"{CE95D835-A888-4181-9FB9-2D57B3C12CB2}" = dir=out | name=netflix |
"{D063BB27-783A-4540-96B5-EDAFA661C6B0}" = dir=in | name=@{microsoft.messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} |
"{D1BBAFD8-F496-4EC5-867F-594E98D4DA5A}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{D1D007EB-AB3F-44C8-A59F-893A27C43DC3}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{D29603ED-91C7-49B0-97DF-E35AF5A575C6}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{D2B61FA5-55F3-4591-8EAE-5A510996C23A}" = dir=out | name=@{microsoft.people_10.0.10811.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{D435263D-90E3-47C2-8413-1E52737D122D}" = dir=in | name=f5 vpn |
"{D47514A5-A607-4A6D-8FD8-F6D4A1312007}" = dir=out | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D6DE3F42-DD82-42A8-B5D8-DE3CA8259F6E}" = dir=out | name=@{microsoft.messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DBEA096F-01D5-4610-A299-EAD2292EA22F}" = dir=out | name=the lord of the rings - free |
"{DCF35E7D-D608-4627-BEC6-C56F2EF3A94F}" = dir=in | name=check point vpn |
"{DE584219-4A50-43B0-A858-8F86FA9F222F}" = dir=out | name=@{microsoft.windowsstore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{E09E39E8-FC4D-408E-B675-B5F36AC538C1}" = dir=out | name=microsoft solitaire collection |
"{E15345E4-2758-4143-812B-A3001680D74F}" = dir=in | name=@{microsoft.zunevideo_3.6.21441.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{E2F716A5-907F-4836-95DF-2034BCF0374B}" = protocol=6 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{E357D02D-D125-499C-AB19-A0AF035ECE61}" = dir=out | name=picasa viewer hd |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E82A6785-3FD9-49C3-A1A5-6FB4FEC742F6}" = dir=out | name=sway |
"{E8E27010-685B-4F4C-8603-21554ED7623E}" = dir=in | name=@{microsoft.microsoftofficehub_17.7031.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{EA3D0F2B-8BB1-4C35-8F8D-92E56C9FB5AB}" = dir=out | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{EC253D96-B2E5-41F0-8708-78E53F343A17}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{ECED98B5-FDA9-4679-971D-E8A35A8B6D4C}" = dir=in | name=f5 vpn |
"{ED2195B6-82B2-4038-B92B-956333F9BD8F}" = dir=in | name=sonicwall mobile connect |
"{EFA76B35-0397-4E7C-9A2C-27F73E9A39E3}" = dir=out | name=@{microsoft.lockapp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{F0258F3F-C941-470E-BF25-426C51721679}" = dir=out | name=xbox |
"{F2A4C467-DF06-4AA4-B116-8536BD5854E1}" = dir=in | name=netflix |
"{F5DC9F08-CBD5-4C39-B5B9-5AEEECFCA023}" = dir=out | name=windows_ie_ac_001 |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F7496E6C-3AC4-4E59-B19C-BDEAA12EEF3C}" = dir=in | name=sonicwall mobile connect |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F7AA8087-C2BB-49CD-9490-A4735420F058}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{F9684B91-BF2F-4560-B8BF-4F5637AE27F4}" = dir=in | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{F99D4DE0-0DA8-4878-BCBA-58CCE904B451}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\movie\powerdvd cinema\powerdvdcinema12.exe |
"{F9FC73BE-5E62-4DF6-A7D8-043E444A5904}" = dir=out | name=@{microsoft.windowsfeedback_10.0.10240.16393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} |
"{FA3CF5CF-63A2-4DA3-8875-013A7CA4FED3}" = dir=out | name=juniper networks junos pulse |
"{FAC2E2C3-D8AB-4388-9310-D3A495C2A2E5}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{FBE02CB2-F4EA-471C-9FAC-A6F355A99440}" = dir=out | name=xylophone 10 |
"{FD65C3C8-386D-4F3D-96EB-4A8B5367FC69}" = dir=out | name=@{microsoft.microsoftedge_20.10240.16384.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"TCP Query User{28F39109-3CDB-4FAA-B41F-88A5E48E2138}C:\users\melsmile\appdata\local\temp\nsv6fad.tmp\setup.exe" = protocol=6 | dir=in | app=c:\users\melsmile\appdata\local\temp\nsv6fad.tmp\setup.exe |
"TCP Query User{36407E24-0C53-411B-8D75-3467DBCDDFFD}C:\users\melsmile\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\melsmile\appdata\local\akamai\netsession_win.exe |
"TCP Query User{D608FD59-E9B2-48F9-ABDD-33D096830F33}C:\users\melsmile\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\melsmile\appdata\local\akamai\netsession_win.exe |
"UDP Query User{1996448C-4AF5-41C4-8A36-D8C72C78A4DB}C:\users\melsmile\appdata\local\temp\nsv6fad.tmp\setup.exe" = protocol=17 | dir=in | app=c:\users\melsmile\appdata\local\temp\nsv6fad.tmp\setup.exe |
"UDP Query User{78DFE2DC-5AC2-420E-83BA-489D3B26FE1E}C:\users\melsmile\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\melsmile\appdata\local\akamai\netsession_win.exe |
"UDP Query User{8B48CF0E-A5B4-4352-A354-479A04851086}C:\users\melsmile\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\melsmile\appdata\local\akamai\netsession_win.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}" = Citrix Online Launcher
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell Backup and Recovery
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 11
"{26A24AE4-039D-4CA4-87B4-2F83218077F0}" = Java 8 Update 77
"{26A24AE4-039D-4CA4-87B4-2F83218091F0}" = Java 8 Update 91
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3ED468C2-2235-4747-90AD-A7A34F0FE70A}" = Dell SupportAssistAgent
"{3FB000F3-7444-41C1-A0A6-53E8FD0B7D9C}" = Dell Update
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AC7B4E7-59B7-4E48-A60D-263C486FC33A}_is1" = System Checkup 3.3
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7D389358-56D0-4988-BAAC-5ACE907CCEBD}" = PCStitch 10
"{82BF2C5E-79A7-4A13-B508-D5E64A5B141E}" = Uninstall Helper
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-0804-1033-1959-001824191728}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1033-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B303BE9E-0520-4398-A7B6-CF8195F5B348}_is1" = crosti version 1.13.0
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C2A72E57-2CC7-4C02-BE19-0A12D74C5D63}" = Intel(R) Wireless Bluetooth(R)
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint 2.5
"{c9967fbd-e3c3-4ed0-992a-5b33260f2944}" = Intel® PROSet/Wireless Software
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{D9ED3EFC-AB00-4CE0-ADED-80EE6B1158A7}" = Dell Digital Delivery
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB4D42D6-627A-424E-981F-1474AFF3CC29}" = ArcSoft MediaImpression SE for Kodak
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F2BBDD5D-7959-4F64-8737-F568092433F6}" = VideoBuzz
"{F2E04A40-3EA7-42F8-B7CC-B6E7A39DC150}" = Adobe AIR
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FEFDCDCF-C49C-45D0-AAF8-5345858ADEC7}" = Dell Customer Connect
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Avast" = Avast Free Antivirus
"Belkin Setup and Router Monitor_is1" = Belkin Setup and Router Monitor
"BFG-Awakening - Moonfell Wood" = Awakening: Moonfell Wood
"BFG-Awakening - The Dreamless Castle" = Awakening: The Dreamless Castle
"BFG-Awakening - The Goblin Kingdom" = Awakening: The Goblin Kingdom
"BFG-Awakening - The Redleaf Forest Collectors Edition" = Awakening: The Redleaf Forest Collector's Edition
"BFG-Awakening - The Skyward Castle" = Awakening: The Skyward Castle
"BFG-Awakening - The Sunhook Spire" = Awakening: The Sunhook Spire
"BFG-Awakening Kingdoms" = Awakening Kingdoms
"BFGC" = Big Fish: Game Manager
"BFG-Gummy Drop!" = Gummy Drop!
"Family Tree Builder" = MyHeritage Family Tree Builder
"Google Chrome" = Google Chrome
"InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}" = CyberLink Media Suite Essentials
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.2.1.1043
"Plant Tycoon" = Plant Tycoon 1.0
"SafeZone 1.48.2066.114" = SafeZone Stable 1.48.2066.114
"SOTW_screensaverUS" = SOTW_screensaverUS
"Uninstall Helper 2.0.1.0" = Uninstall Helper
"Video Mover_is1" = Video Mover
"Virtual Villagers - A New Home" = Virtual Villagers - A New Home (remove only)
"Virtual Villagers III" = Virtual Villagers III (remove only)
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Software Update" = Yahoo! Software Update
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2138707345-1064427414-1915588179-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"58d94f3ce2c27db0" = Dell System Detect
"Google Photos Backup" = Google Photos Backup
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 7/6/2016 5:59:11 PM | Computer Name = mels | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed
 with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional
 information.
 
Error - 7/8/2016 12:21:33 AM | Computer Name = mels | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed
 with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional
 information.
 
Error - 7/9/2016 12:04:59 AM | Computer Name = mels | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed
 with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional
 information.
 
Error - 7/11/2016 2:34:45 PM | Computer Name = mels | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed
 with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional
 information.
 
Error - 7/11/2016 4:50:29 PM | Computer Name = mels | Source = Microsoft-Windows-Immersive-Shell | ID = 2484
Description = Package Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge
 was terminated because it took too long to suspend.
 
Error - 7/11/2016 4:50:29 PM | Computer Name = mels | Source = Microsoft-Windows-Immersive-Shell | ID = 2484
Description = Package Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{9d4f6762-0474-4484-b2bd-bba20f5890df}
 was terminated because it took too long to suspend.
 
Error - 7/11/2016 5:02:14 PM | Computer Name = mels | Source = Microsoft-Windows-Immersive-Shell | ID = 2484
Description = Package Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy+App
 was terminated because it took too long to suspend.
 
Error - 7/11/2016 7:03:20 PM | Computer Name = mels | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Cryptographic Services failed while processing the OnIdentity() call
 in the System Writer Object.  Details: AddLegacyDriverFiles: Unable to back up image
 of binary Microsoft Link-Layer Discovery Protocol.  System Error: Access is denied.
.
 
Error - 7/11/2016 7:53:26 PM | Computer Name = mels | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge
 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log
 for additional information.
 
Error - 7/11/2016 7:53:31 PM | Computer Name = mels | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge
 failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log
 for additional information.
 
[ System Events ]
Error - 7/11/2016 7:46:22 PM | Computer Name = mels | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the User
 Data Storage_54110 service to connect.
 
Error - 7/11/2016 7:46:22 PM | Computer Name = mels | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Sync
 Host_54110 service to connect.
 
Error - 7/11/2016 7:48:00 PM | Computer Name = mels | Source = Application Popup | ID = 875
Description =
 
Error - 7/11/2016 7:48:24 PM | Computer Name = mels | Source = NetBT | ID = 4307
Description = Initialization failed because the transport refused to open initial
 addresses.
 
Error - 7/11/2016 7:48:28 PM | Computer Name = mels | Source = Service Control Manager | ID = 7000
Description = The sxuptp service failed to start due to the following error:   %%1275
 
Error - 7/11/2016 7:49:31 PM | Computer Name = mels | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the FontCache3.0.0.0
 service to connect.
 
Error - 7/11/2016 7:49:31 PM | Computer Name = mels | Source = Service Control Manager | ID = 7000
Description = The Windows Presentation Foundation Font Cache 3.0.0.0 service failed
 to start due to the following error:   %%1053
 
Error - 7/11/2016 7:52:19 PM | Computer Name = mels | Source = Service Control Manager | ID = 7034
Description = The Dell Digital Delivery Service service terminated unexpectedly.
  It has done this 1 time(s).
 
Error - 7/11/2016 7:53:26 PM | Computer Name = mels | Source = DCOM | ID = 10010
Description =
 
Error - 7/11/2016 7:55:34 PM | Computer Name = mels | Source = DCOM | ID = 10016
Description =
 
 
< End of report >

Link to post
Share on other sites
OTL logfile created on: 7/11/2016 5:20:02 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\melsmile\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10586.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
5.87 Gb Total Physical Memory | 2.88 Gb Available Physical Memory | 49.07% Memory free
6.81 Gb Paging File | 3.75 Gb Available in Paging File | 55.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.94 Gb Total Space | 380.07 Gb Free Space | 84.10% Space Free | Partition Type: NTFS
 
Computer Name: MELS | User Name: melsmile | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - File not found --
PRC - [2016/07/11 17:00:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\melsmile\Downloads\OTL.com
PRC - [2016/07/11 14:07:33 | 008,900,328 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2016/07/05 06:53:24 | 000,197,128 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2016/06/25 01:45:12 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2016/05/14 09:58:47 | 000,554,184 | ---- | M] (Microsoft Corporation) -- C:\Users\melsmile\AppData\Local\Microsoft\OneDrive\OneDrive.exe
PRC - [2016/04/19 09:28:48 | 000,144,384 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
PRC - [2016/04/08 15:38:16 | 003,790,936 | ---- | M] (Google, Inc) -- C:\Users\melsmile\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe
PRC - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2016/03/10 14:07:20 | 009,926,112 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2015/08/27 19:20:12 | 000,291,744 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe
PRC - [2015/06/18 15:21:10 | 000,135,408 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
PRC - [2015/03/02 02:03:36 | 002,477,056 | ---- | M] (MyHeritage) -- C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
PRC - [2013/09/12 09:55:56 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2013/09/12 09:55:20 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2013/08/07 15:24:00 | 000,287,592 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2013/08/07 15:24:00 | 000,015,720 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2013/03/04 20:43:20 | 000,110,144 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2011/10/11 15:43:16 | 000,109,184 | ---- | M] (Conexant Systems, Inc.) -- C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe
PRC - [2011/04/29 19:30:10 | 000,566,688 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
PRC - [2011/04/29 19:30:08 | 001,770,400 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
PRC - [2011/04/03 14:39:42 | 001,658,272 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/04/21 14:00:54 | 000,073,728 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\Kodak\MediaImpression SE\ArcMonitor.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2016/07/05 20:24:55 | 001,624,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\387d8c4acd15ff2d479ebd491edb8e51\System.Drawing.ni.dll
MOD - [2016/07/05 06:53:40 | 048,936,448 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2016/07/05 06:53:25 | 000,479,288 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll
MOD - [2016/07/05 06:53:25 | 000,146,232 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2016/05/14 09:58:30 | 000,679,624 | ---- | M] () -- C:\Users\melsmile\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
MOD - [2016/05/13 20:39:52 | 007,378,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\e1be3ec32aa5187ec7d760c55c55f6c0\System.Xml.ni.dll
MOD - [2016/05/13 20:39:43 | 002,772,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\2f18aee9e26301da57394e94416a20ba\System.Runtime.Serialization.ni.dll
MOD - [2016/05/13 20:39:40 | 000,970,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\d1e6c00e339d9f64674d3a9e74403a7e\System.Configuration.ni.dll
MOD - [2016/05/13 20:39:11 | 007,498,240 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\ea350a39df1334a4911cc92f58c85dd0\System.Core.ni.dll
MOD - [2016/05/13 20:39:05 | 009,983,488 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\3a4f0a84904c4b568b6621b30306261c\System.ni.dll
MOD - [2016/04/22 17:33:58 | 018,127,536 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\b1ea5171f48fa1865ea45dd904735573\mscorlib.ni.dll
MOD - [2016/04/19 09:28:48 | 022,284,800 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
MOD - [2016/04/19 09:28:48 | 000,144,384 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
MOD - [2016/04/19 09:28:48 | 000,141,312 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
MOD - [2016/04/08 15:35:20 | 003,481,600 | ---- | M] () -- C:\Users\melsmile\AppData\Local\Programs\Google\Google Photos Backup\gpuploader_i18n.dll
MOD - [2013/03/05 12:41:36 | 000,015,424 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2013/03/04 20:40:16 | 000,626,240 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2011/02/15 15:16:44 | 007,187,456 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll
MOD - [2011/02/15 15:15:58 | 000,325,632 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll
MOD - [2011/02/15 15:15:52 | 001,954,304 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll
MOD - [2011/02/15 15:15:52 | 000,847,360 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll
MOD - [2011/02/15 14:25:30 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2016/06/25 01:45:12 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2016/05/27 22:49:54 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2016/05/27 21:14:46 | 000,200,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2016/04/22 20:45:56 | 000,461,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2016/04/22 11:29:50 | 000,031,928 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe -- (SupportAssistAgent)
SRV - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2016/02/23 23:07:45 | 000,949,248 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2015/10/30 00:18:31 | 002,179,584 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2015/10/30 00:18:31 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\lfsvc.dll -- (lfsvc)
SRV - [2015/10/30 00:18:23 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2015/08/27 19:20:12 | 000,291,744 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2015/06/18 15:21:10 | 000,135,408 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe -- (ibtsiva.exe)
SRV - [2013/09/18 23:38:44 | 000,157,128 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe -- (Intel(R)
SRV - [2013/09/12 09:55:56 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/09/12 09:55:20 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/06/19 12:33:06 | 000,173,056 | ---- | M] (Dell Products, LP.) [Auto | Stopped] -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2012/04/24 15:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2011/04/29 19:30:10 | 000,566,688 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2015/10/30 00:17:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys -- (CompositeBus)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {75DA68B2-3E6D-482D-A02C-B788CE9A0878}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{75DA68B2-3E6D-482D-A02C-B788CE9A0878}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
 
IE - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\melsmile\Pictures
IE - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
IE - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/
IE - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = E5 8F 3F 81 2D 48 D1 01  [binary data]
IE - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = 01 00 00 00 1A 00 00 00 34 53 E0 19 4F 01 4F 32 3D A1 28 4B AE F3 4D 85 41 D5 23 77 74 4C A9 80 1F 8B 02 00 00 00 10 00 00 00 70 6B 2F 4C 6F 25 32 62 41 4A 48 47 49 25 33 64  [binary data]
IE - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001\..\SearchScopes,DefaultScope = {85CCEFFF-502A-4063-87F5-22B6F55D6ADC}
IE - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.isUS: true
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..extensions.enabledAddons: online_banking_69A4E213815F42BD863D889007201D82%40kaspersky.com:4.5.3.8
FF - prefs.js..extensions.enabledAddons: content_blocker_6418E0D362104DADA084DC312DFA8ABC%40kaspersky.com:4.5.3.8
FF - prefs.js..extensions.enabledAddons: virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB%40kaspersky.com:4.5.3.8
FF - prefs.js..extensions.enabledAddons: %7B635abd67-4fe9-1b23-4f01-e679fa7484c1%7D:3.2.6.20140805113039
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:38.0.5
FF - prefs.js..browser.search.defaultenginename: "Bing®"
FF - prefs.js..browser.search.selectedEngine: "Bing®"
FF - prefs.js..browser.search.suggest.enabled: true
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.91.2: C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2: C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mozilla.zeniko.ch/PDFlite_Browser_Plugin: C:\Program Files (x86)\PDFlite\npPdfViewer.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\melsmile\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF - HKCU\Software\MozillaPlugins\@mozilla.zeniko.ch/PDFlite_Browser_Plugin: C:\Program Files (x86)\PDFlite\npPdfViewer.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\melsmile\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\melsmile\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\melsmile\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016/07/06 15:16:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016/07/06 15:16:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK
 
[2013/08/27 23:26:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\melsmile\AppData\Roaming\mozilla\Extensions
[2016/07/11 15:36:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\melsmile\AppData\Roaming\mozilla\Firefox\Profiles\a0hst0i8.default\extensions
File not found (No name found) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 15.0.1\FFEXT\[email protected]
File not found (No name found) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 15.0.1\FFEXT\[email protected]
File not found (No name found) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 15.0.1\FFEXT\[email protected]
File not found (No name found) -- C:\USERS\MELSMILE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A0HST0I8.DEFAULT\EXTENSIONS\{635ABD67-4FE9-1B23-4F01-E679FA7484C1}
 
========== Chrome  ==========
 
CHR - Extension: No name found = C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: No name found = C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\
CHR - Extension: No name found = C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\
CHR - Extension: No name found = C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013/08/22 06:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ArcSoft MediaImpression Monitor] C:\Program Files (x86)\Kodak\MediaImpression SE\ArcMonitor.exe (ArcSoft, Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe (MyHeritage)
O4 - HKLM..\Run: [InstaLAN] C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001..\Run: [Google Photos Backup] C:\Users\melsmile\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe (Google, Inc)
O4 - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001..\Run: [OneDrive] C:\Users\melsmile\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001..\RunOnce: [Uninstall C:\Users\melsmile\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\melsmile\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" File not found
O4 - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001..\RunOnce: [Uninstall C:\Users\melsmile\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\melsmile\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" File not found
O4 - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001..\RunOnce: [Uninstall C:\Users\melsmile\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\melsmile\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001\..Trusted Domains: localhost ([]* in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}  (ExentInf Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1fccf46e-b704-44cf-879d-91bae4799118}: DhcpNameServer = 82.163.143.171
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94b0d170-7c42-40b4-864c-27f7ca156ac2}: DhcpNameServer = 82.163.143.171
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94b0d170-7c42-40b4-864c-27f7ca156ac2}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94cd0508-a03f-411c-9e08-b3f3345e14dd}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94cd0508-a03f-411c-9e08-b3f3345e14dd}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 0
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2016/07/11 16:09:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2016/07/11 16:09:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2016/07/11 16:09:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2016/07/11 15:28:32 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2016/07/11 14:24:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Citrix
[2016/07/11 14:24:45 | 000,000,000 | ---D | C] -- C:\Users\melsmile\AppData\Local\Citrix
[2016/07/11 14:03:19 | 000,000,000 | -H-D | C] -- C:\OneDriveTemp
[2016/07/05 06:53:26 | 000,053,208 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2016/06/14 22:01:31 | 006,295,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mos.dll
[2016/06/14 22:01:21 | 018,674,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2016/06/14 22:01:14 | 005,660,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2016/06/14 22:01:11 | 009,918,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2016/06/14 22:01:05 | 005,323,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2016/06/14 22:00:58 | 005,205,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingMaps.dll
[2016/06/14 22:00:55 | 001,185,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LocationFramework.dll
[2016/06/14 22:00:49 | 001,707,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActiveSyncProvider.dll
[2016/06/14 22:00:46 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdlrecover.exe
[2016/06/14 22:00:44 | 000,316,256 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2016/06/14 22:00:42 | 002,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2016/06/14 22:00:38 | 001,582,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2016/06/14 22:00:36 | 004,515,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2016/06/14 22:00:36 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppContracts.dll
[2016/06/14 22:00:31 | 000,711,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapControlCore.dll
[2016/06/14 22:00:23 | 000,501,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupEngine.dll
[2016/06/14 22:00:21 | 000,546,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2016/06/14 22:00:17 | 000,703,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2016/06/14 22:00:12 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapConfiguration.dll
[2016/06/14 22:00:09 | 004,074,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2016/06/14 22:00:05 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MessagingDataModel2.dll
[2016/06/14 22:00:04 | 001,445,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRHInproc.dll
[2016/06/14 22:00:00 | 000,254,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockAppHost.exe
[2016/06/14 21:59:46 | 000,890,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxPackaging.dll
[2016/06/14 21:59:37 | 000,097,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll
[2016/06/14 21:59:32 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JpMapControl.dll
[2016/06/14 21:59:24 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MosHostClient.dll
[2016/06/14 21:59:20 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VEEventDispatcher.dll
[2016/06/14 21:59:14 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SyncController.dll
[2016/06/14 21:59:13 | 000,535,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2016/06/14 21:59:13 | 000,360,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2016/06/14 21:59:12 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRH.dll
[2016/06/14 21:59:11 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dhcpcore6.dll
[2016/06/14 21:59:10 | 000,415,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StoreAgent.dll
[2016/06/14 21:59:10 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\polstore.dll
[2016/06/14 21:59:10 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MosStorage.dll
[2016/06/14 21:59:09 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.dll
[2016/06/14 21:59:09 | 000,084,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupApi.dll
[2016/06/14 21:59:06 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\updatepolicy.dll
[2016/06/14 21:58:52 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
[2016/06/14 21:58:49 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FwRemoteSvr.dll
[2016/06/14 21:58:45 | 000,784,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NMAA.dll
[2016/06/14 21:58:44 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2016/06/14 21:58:44 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll
[2016/06/14 21:58:44 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapsBtSvc.dll
[2016/06/14 21:58:39 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgent.exe
[2016/06/14 21:58:34 | 000,037,376 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
 
========== Files - Modified Within 30 Days ==========
 
[2016/07/11 17:18:31 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2138707345-1064427414-1915588179-1001UA.job
[2016/07/11 17:09:35 | 000,000,916 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2016/07/11 16:50:10 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2016/07/11 16:49:33 | 000,000,912 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2016/07/11 16:48:08 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2016/07/11 16:47:58 | 2522,148,864 | -HS- | M] () -- C:\hiberfil.sys
[2016/07/11 16:09:19 | 000,001,177 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2016/07/11 15:18:00 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2138707345-1064427414-1915588179-1001Core.job
[2016/07/06 15:18:17 | 000,001,969 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2016/07/05 06:53:26 | 000,053,208 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2016/06/14 11:33:01 | 000,828,408 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2016/06/14 11:33:01 | 000,176,632 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
 
========== Files Created - No Company Name ==========
 
[2016/07/11 16:09:19 | 000,001,177 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2016/04/12 23:31:42 | 001,862,008 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2016/04/12 23:30:34 | 000,162,816 | ---- | C] () -- C:\WINDOWS\SysWow64\MTF.dll
[2015/12/14 01:46:47 | 000,000,258 | RHS- | C] () -- C:\Users\melsmile\ntuser.pol
[2015/12/14 01:02:54 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2015/10/30 00:24:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2015/10/30 00:24:43 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2015/10/30 00:18:39 | 000,164,224 | ---- | C] () -- C:\WINDOWS\SysWow64\weretw.dll
[2015/10/30 00:18:36 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2015/10/30 00:18:36 | 000,047,104 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2015/10/30 00:18:34 | 000,019,968 | ---- | C] () -- C:\WINDOWS\SysWow64\GamePanelExternalHook.dll
[2015/10/30 00:18:31 | 000,252,928 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll
[2015/10/30 00:18:31 | 000,029,184 | ---- | C] () -- C:\WINDOWS\SysWow64\dtdump.exe
[2015/10/30 00:18:29 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2015/10/30 00:18:29 | 000,293,376 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll
[2015/10/30 00:18:26 | 000,022,528 | ---- | C] () -- C:\WINDOWS\SysWow64\efsext.dll
[2015/10/30 00:18:25 | 000,002,269 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2015/10/30 00:18:23 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2015/10/30 00:17:40 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2015/08/27 19:20:08 | 000,194,560 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2015/08/27 19:20:08 | 000,154,096 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2015/07/08 09:47:26 | 000,005,120 | ---- | C] () -- C:\Users\melsmile\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/12/29 14:29:29 | 000,017,408 | ---- | C] () -- C:\Users\melsmile\AppData\Local\WebpageIcons.db
 
========== ZeroAccess Check ==========
 
[2015/12/14 01:54:00 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2016/04/22 22:08:45 | 006,605,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2016/04/22 22:09:27 | 005,240,960 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2015/10/30 00:17:43 | 000,987,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2015/10/30 00:18:21 | 000,765,440 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2015/10/30 00:17:45 | 000,518,656 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/04/01 22:16:41 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Boomzap
[2014/03/23 11:02:13 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Elephant Games
[2014/01/19 13:09:11 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\MyHeritage
[2015/11/07 20:41:54 | 000,000,000 | ---D | M] -- C:\Users\melsmile\AppData\Roaming\AVAST Software
[2014/06/06 10:35:08 | 000,000,000 | ---D | M] -- C:\Users\melsmile\AppData\Roaming\Boomzap
[2014/04/04 18:32:17 | 000,000,000 | ---D | M] -- C:\Users\melsmile\AppData\Roaming\DarkManor
[2016/05/29 15:15:37 | 000,000,000 | ---D | M] -- C:\Users\melsmile\AppData\Roaming\Dropbox
[2014/06/09 16:04:32 | 000,000,000 | ---D | M] -- C:\Users\melsmile\AppData\Roaming\Eipix
[2014/03/28 20:35:38 | 000,000,000 | ---D | M] -- C:\Users\melsmile\AppData\Roaming\Elephant Games
[2015/07/27 23:50:59 | 000,000,000 | ---D | M] -- C:\Users\melsmile\AppData\Roaming\Game Forest
[2015/07/27 23:51:01 | 000,000,000 | ---D | M] -- C:\Users\melsmile\AppData\Roaming\Hot Lava Games
[2012/12/07 13:02:29 | 000,000,000 | ---D | M] -- C:\Users\melsmile\AppData\Roaming\Leadertech
[2013/08/18 11:42:23 | 000,000,000 | ---D | M] -- C:\Users\melsmile\AppData\Roaming\MyHeritage
[2014/04/18 18:31:14 | 000,000,000 | ---D | M] -- C:\Users\melsmile\AppData\Roaming\Oracle
[2014/07/16 09:59:17 | 000,000,000 | ---D | M] -- C:\Users\melsmile\AppData\Roaming\PCDr
[2016/06/18 01:15:57 | 000,000,000 | ---D | M] -- C:\Users\melsmile\AppData\Roaming\PCStitch 10
[2013/08/18 11:13:32 | 000,000,000 | ---D | M] -- C:\Users\melsmile\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2012/12/07 14:24:15 | 000,000,000 | ---D | M] -- C:\Users\melsmile\AppData\Roaming\WebApp
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 246 bytes -> C:\ProgramData\Temp:2AE74FF9
@Alternate Data Stream - 239 bytes -> C:\ProgramData\Temp:4C5C1DD3
@Alternate Data Stream - 236 bytes -> C:\ProgramData\Temp:EA2D3047
@Alternate Data Stream - 219 bytes -> C:\ProgramData\Temp:206470A5
@Alternate Data Stream - 216 bytes -> C:\Users\melsmile\SkyDrive:ms-properties
@Alternate Data Stream - 189 bytes -> C:\ProgramData\Temp:CBAF0C30
@Alternate Data Stream - 189 bytes -> C:\ProgramData\Temp:7FA0D639
@Alternate Data Stream - 184 bytes -> C:\ProgramData\Temp:9D0A16E4
@Alternate Data Stream - 182 bytes -> C:\ProgramData\Temp:4B6A9FDA
@Alternate Data Stream - 171 bytes -> C:\ProgramData\Temp:036B81D9
@Alternate Data Stream - 168 bytes -> C:\ProgramData\Temp:7687A3E3
@Alternate Data Stream - 162 bytes -> C:\ProgramData\Temp:D8A1AC56
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:DC9915D2
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:9CD7CD43
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:2CB9631F
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:10CB85CA
 
< End of report >
Link to post
Share on other sites

Mel let clean this up !!

 

We need to Run an OTL fix !!
Warning This fix is only relevant for this system and no other, using on another computer may cause problems.

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

    * Double-click OTL.exe to start the program.
    * Copy and Paste the following code into the http://img.photobucket.com/albums/v317/flashh4/customFix.png[/IMG].  text box of the OTL tool/program ! Start with and include the colon plus  :OTL
Copy everthing in RED and Paste into the box in the OTL program !!
:OTL
IE - HKLM\..\SearchScopes,DefaultScope = {75DA68B2-3E6D-482D-A02C-B788CE9A0878}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{75DA68B2-3E6D-482D-A02C-B788CE9A0878}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
IE - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001\..\SearchScopes,DefaultScope = {85CCEFFF-502A-4063-87F5-22B6F55D6ADC}
FF - HKLM\Software\MozillaPlugins\@mozilla.zeniko.ch/PDFlite_Browser_Plugin: C:\Program Files (x86)\PDFlite\npPdfViewer.dll File not found
FF - HKCU\Software\MozillaPlugins\@mozilla.zeniko.ch/PDFlite_Browser_Plugin: C:\Program Files (x86)\PDFlite\npPdfViewer.dll File not found
[2013/08/27 23:26:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\melsmile\AppData\Roaming\mozilla\Extensions
[2016/07/11 15:36:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\melsmile\AppData\Roaming\mozilla\Firefox\Profiles\a0hst0i8.default\extensions
File not found (No name found) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 15.0.1\FFEXT\[email protected]
File not found (No name found) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 15.0.1\FFEXT\[email protected]
File not found (No name found) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 15.0.1\FFEXT\[email protected]
File not found (No name found) -- C:\USERS\MELSMILE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A0HST0I8.DEFAULT\EXTENSIONS\{635ABD67-4FE9-1B23-4F01-E679FA7484C1}
CHR - Extension: No name found = C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: No name found = C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\
CHR - Extension: No name found = C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\
CHR - Extension: No name found = C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O4 - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001..\RunOnce: [Uninstall C:\Users\melsmile\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\melsmile\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" File not found
O4 - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001..\RunOnce: [Uninstall C:\Users\melsmile\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\melsmile\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" File not found
O4 - HKU\S-1-5-21-2138707345-1064427414-1915588179-1001..\RunOnce: [Uninstall C:\Users\melsmile\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\melsmile\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" File not found
O13 - gopher Prefix: missing
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
@Alternate Data Stream - 246 bytes -> C:\ProgramData\Temp:2AE74FF9
@Alternate Data Stream - 239 bytes -> C:\ProgramData\Temp:4C5C1DD3
@Alternate Data Stream - 236 bytes -> C:\ProgramData\Temp:EA2D3047
@Alternate Data Stream - 219 bytes -> C:\ProgramData\Temp:206470A5
@Alternate Data Stream - 216 bytes -> C:\Users\melsmile\SkyDrive:ms-properties
@Alternate Data Stream - 189 bytes -> C:\ProgramData\Temp:CBAF0C30
@Alternate Data Stream - 189 bytes -> C:\ProgramData\Temp:7FA0D639
@Alternate Data Stream - 184 bytes -> C:\ProgramData\Temp:9D0A16E4
@Alternate Data Stream - 182 bytes -> C:\ProgramData\Temp:4B6A9FDA
@Alternate Data Stream - 171 bytes -> C:\ProgramData\Temp:036B81D9
@Alternate Data Stream - 168 bytes -> C:\ProgramData\Temp:7687A3E3
@Alternate Data Stream - 162 bytes -> C:\ProgramData\Temp:D8A1AC56
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:DC9915D2
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:9CD7CD43
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:2CB9631F
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:10CB85CA


:Commands

[emptyjava]
[emptyflash]
[EMPTYTEMP]
[RESETHOSTS]
[CREATERESTOREPOINT]
[Reboot]


# Then click the Run Fix button at the top.
# Click http://img.photobucket.com/albums/v317/flashh4/btnOK.png[/IMG]
# Please post the contents of the fix log file back here if you are prompted to open the file. It can also be found at C:\_OTL\Moved Files as MMDDYYY_HHMMSS.log where MMDDYYY is date format and HHMMSS is time format.

Post that log next !
Thanks
Chuck
 

Link to post
Share on other sites
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{75DA68B2-3E6D-482D-A02C-B788CE9A0878}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75DA68B2-3E6D-482D-A02C-B788CE9A0878}\ not found.
HKEY_USERS\S-1-5-21-2138707345-1064427414-1915588179-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@mozilla.zeniko.ch/PDFlite_Browser_Plugin\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@mozilla.zeniko.ch/PDFlite_Browser_Plugin\ deleted successfully.
C:\Users\melsmile\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
C:\Users\melsmile\AppData\Roaming\mozilla\Extensions folder moved successfully.
C:\Users\melsmile\AppData\Roaming\mozilla\Firefox\Profiles\a0hst0i8.default\extensions folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\__MACOSX folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0 folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_metadata folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\zh_TW folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\zh_CN folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\vi folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\uk folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\tr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\th folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sv folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sl folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sk folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ru folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ro folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pt_PT folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pt_BR folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pl folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\no folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\nl folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ms folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\lv folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\lt folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ko folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ja folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\it folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\id folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hu folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hi folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\he folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fil folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fi folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\eu folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\et folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\es_419 folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\es folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\en_US folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\en_GB folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\el folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\de folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\da folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\cs folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ca folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\bg folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ar folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0 folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\zh_TW folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\zh_CN folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\vi folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\uk folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\tr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\th folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sv folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sl folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sk folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ru folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ro folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pt_PT folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pt_BR folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pl folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\no folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\nl folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\lv folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\lt folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ko folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ja folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\it folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\id folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hu folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hi folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\he folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fil folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fi folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\es folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\en folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\el folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\de folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\da folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\cs folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ca folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\bg folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ar folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_TW folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_CN folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\vi folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\uk folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\tr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\th folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sv folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sl folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sk folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ru folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ro folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_PT folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_BR folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pl folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\no folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\nl folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lv folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lt folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ko folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ja folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\it folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\id folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hu folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hi folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\he folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fil folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fi folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\es folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\en folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\el folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\de folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\da folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\cs folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ca folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\bg folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ar folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0 folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\zh_TW folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\zh_CN folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\vi folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\uk folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\tr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\th folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sv folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sl folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sk folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ru folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ro folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pt_PT folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pt_BR folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pl folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\no folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\nl folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\lv folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\lt folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ko folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ja folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\it folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\id folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hu folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hi folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\he folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fil folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fi folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\et folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\es_419 folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\es folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en_US folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en_GB folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\el folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\de folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\da folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\cs folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ca folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\bg folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ar folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0 folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_metadata folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\zu folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\zh_TW folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\zh_HK folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\zh_CN folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\vi folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ur folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\uk folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\tr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\th folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\te folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ta folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\sw folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\sv folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\sr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\sl folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\sk folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\si folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ru folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ro folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\pt_PT folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\pt_BR folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\pl folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\no folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\nl folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ne folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ms folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\mr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\mn folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ml folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\lv folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\lt folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\lo folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ko folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\kn folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\km folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ka folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ja folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\iw folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\it folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\is folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\id folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\hy folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\hu folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\hr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\hi folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\gu folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\gl folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\fr_CA folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\fr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\fil folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\fi folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\fa folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\eu folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\et folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\es_419 folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\es folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\en_US folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\en_GB folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\el folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\de folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\da folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\cs folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ca folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\bn folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\bg folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\az folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\ar folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\am folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales\af folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\_locales folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0 folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_metadata folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\zh_TW folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\zh_CN folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\vi folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\ur folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\uk folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\tr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\th folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\sv folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\sr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\sl folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\sk folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\ru folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\ro folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\pt_PT folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\pt_BR folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\pl folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\nl folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\nb folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\ms folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\lv folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\lt folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\ko folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\ja folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\it folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\id folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\hu folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\hr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\hi folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\he folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\fr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\fi folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\fa folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\et folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\es folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\en_GB folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\en folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\el folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\de folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\da folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\cs folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\ca folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\bn folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\bg folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\be folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales\ar folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\_locales folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\scripts folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\common\ui\templates folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\common\ui\icons folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\common\ui\css folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\common\ui\bgs folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\common\ui folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\common\skin\img folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\common\skin\css folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\common\skin folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\common\scripts folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\common\mocks folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\common\libs folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\common folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0 folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_metadata folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\zh_TW folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\zh_CN folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\vi folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\uk folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\tr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\th folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sv folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sl folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sk folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ru folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ro folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pt_PT folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pt_BR folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pl folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\nl folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\nb folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\lv folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\lt folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ko folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ja folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\it folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\id folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hu folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hi folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fil folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fi folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\et folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\es_419 folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\es folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\en_GB folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\en folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\el folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\de folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\da folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\cs folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ca folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\bg folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\images folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\html folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\css folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0 folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\__MACOSX\_locales folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\__MACOSX folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_TW folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_CN folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\vi folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\uk folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\tr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\th folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sl folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sk folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\se folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ru folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ro folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_PT folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_BR folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pl folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\no folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\nl folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lv folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lt folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ko folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ja folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\it folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\id folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hu folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hi folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fr folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fil folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fi folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\es folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\en folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\el folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\de folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\da folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\cs folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ca folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\bg folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ar folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales folder moved successfully.
C:\Users\melsmile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 folder moved successfully.
Registry value HKEY_USERS\S-1-5-21-2138707345-1064427414-1915588179-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\melsmile\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2138707345-1064427414-1915588179-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\melsmile\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2138707345-1064427414-1915588179-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\melsmile\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64 deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages:livessp deleted successfully.
ADS C:\ProgramData\Temp:2AE74FF9 deleted successfully.
ADS C:\ProgramData\Temp:4C5C1DD3 deleted successfully.
ADS C:\ProgramData\Temp:EA2D3047 deleted successfully.
ADS C:\ProgramData\Temp:206470A5 deleted successfully.
Unable to delete ADS C:\Users\melsmile\SkyDrive:ms-properties .
ADS C:\ProgramData\Temp:CBAF0C30 deleted successfully.
ADS C:\ProgramData\Temp:7FA0D639 deleted successfully.
ADS C:\ProgramData\Temp:9D0A16E4 deleted successfully.
ADS C:\ProgramData\Temp:4B6A9FDA deleted successfully.
ADS C:\ProgramData\Temp:036B81D9 deleted successfully.
ADS C:\ProgramData\Temp:7687A3E3 deleted successfully.
ADS C:\ProgramData\Temp:D8A1AC56 deleted successfully.
ADS C:\ProgramData\Temp:DC9915D2 deleted successfully.
ADS C:\ProgramData\Temp:9CD7CD43 deleted successfully.
ADS C:\ProgramData\Temp:2CB9631F deleted successfully.
ADS C:\ProgramData\Temp:10CB85CA deleted successfully.
File ptyjava] not found.
File ptyflash] not found.
File PTYTEMP] not found.
File SETHOSTS] not found.
File EATERESTOREPOINT] not found.
File boot] not found.
 
OTL by OldTimer - Version 3.2.69.0 log created on 07112016_181959
 
Files\Folders moved on Reboot...
 
PendingFileRenameOperations files...
 
Registry entries deleted on Reboot...
Link to post
Share on other sites

Mel,  Congratulation you are clean !!!

Any of the logs that you created for use in the forums or remaining tools that have not yet been removed can be deleted so they aren't cluttering up your desktop.

This is my standard "All Clean Speech." You may have some already installed, these are just recommendations !

Here are some tips to reduce the potential for spyware infection in the future:

Here are some tips to reduce the potential for spyware/malware infection in the future:
 
1. Make your Internet Explorer more secure - This can be done by following these simple instructions:

    From within Internet Explorer click on the Tools menu and then click onOptions.
    Click once on theSecurity tab
    Click once on the Internet icon so it becomes highlighted.
    Click once on the Custom Level button.
    Change the Download signed ActiveX controls to Prompt
    Change the Download unsigned ActiveX controls to Disable
    Change the Initialize and script ActiveX controls not marked as safe to Disable
    Change the Installation of desktop items to Prompt
    Change the Launching programs and files in an IFRAME to Prompt
    Change the Navigate sub-frames across different domains to Prompt
    When all these settings have been made, click on the OK button.
    If it prompts you as to whether or not you want to save the settings, press the Yes button.
    Next press the Apply button and then the OK to exit the Internet Properties page.

2. FireFox  If you use Firefox, I recommend installing the following add-ons to help make your Firefox browser more secure.
[url=https://addons.mozilla.org/en-US/firefox/addon/noscript/]NoScript[/url][/color]

[url= https://adblockplus.org/en/firefox] adblock plus[/url]

 
3. Use and update an anti-virus software - I can not overemphasize the need for you to use and update your anti-virus application on a regular basis.  With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection.
 
4. Firewall Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can lower your risk greatly.   **There are firewalls that could be downloaded and used but I would personally only recommend using one of the following below:
[url=http://download.cnet.com/Online-Armor-Free/3000-10435_4-10426782.html]Online Armor Free[/url]
[url=http://download.cnet.com/Agnitum-Outpost-Firewall-Free/3000-10435_4-10913746.html]Agnitum Outpost Firewall Free [/url]
[url=http://personalfirewall.comodo.com/]Comodo Firewall Free [/url]
 
5. Make sure you keep your Windows OS current. And regularly to download and install any critical updates and service packs. Windows Vista/7 users can open the Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane) to update these systems.  Without these you are leaving the back door open.
 
6.[url=http://www.mywot.com/]WOT[/url](Web of Trust) As "Googling" is such an integral part of internet life, this free browser add on warns you about risky websites that try to scam visitors, deliver malware or send spam. It is especially helpful when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites.  WOT has an add-on available for Firefox, Internet Explorer as well as Google Chrome.
 
7. Finally, I strongly recommend that you read Miekiemoes' great advice [url= http://users.telenet.be/bluepatchy/miekiemoes/prevention.html] How to prevent malware[/url] .

 
Let me know how it's running ?
Any problems ?
It may run a tad slow until a few normal re-boots, but according to all logs you are clean !!

Thanks
Chuck

 

===========================

 

One last program then post log please !!

Now that we are through using these tools, let's clean them off your system so that should you ever need to have malware removed again (we hope not) fresh, updated copies will be downloaded.

    Download Delfix to your desktop and double click it to start the program [url=http://api.viglink.com/api/click?format=go&jsonp=vglnk_jsonp_14102815956339&key=bf4adfcbb328b51c165afd7f95bfc060&libId=64704d6e-537a-4ac2-beea-64e5d35e3f5f&loc=http%3A%2F%2Fwww.geekstogo.com%2Fforum%2Ftopic%2F342065-very-slow-computer-aswmbr-rootkit-not-working%2Fpage-2&v=1&out=https%3A%2F%2Ftoolslib.net%2Fdownloads%2Fviewdownload%2F2-delfix%2F&ref=http%3A%2F%2Fwww.geekstogo.com%2Fforum%2Fforum%2F37-virus-spyware-malware-removal%2F&title=Very%20slow%20computer%2C%20aswMBR%20rootkit%20not%20working%20%5BClosed%5D%20-%20Page%202%20-%20Virus%2C%20Spyware%2C%20Malware%20Removal&txt=here]here[/url]             
    Ensure Remove disinfection tools is ticked
    Also tick:
    o Create registry backup
    o Purge system restore
    o Reset system settings

    o Click Run
    The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.

You can delete any log files left on your desktop as these are no longer needed.

Link to post
Share on other sites
# DelFix v1.013 - Logfile created 11/07/2016 at 18:38:55
# Updated 17/04/2016 by Xplode
# Username : melsmile - MELS
# Operating System : Windows 10 Home  (64 bits)
 
~ Removing disinfection tools ...
 
Deleted : C:\_OTL
Deleted : C:\AdwCleaner
Deleted : C:\Users\melsmile\Desktop\JRT.txt
Deleted : C:\Users\melsmile\Downloads\adwcleaner_5.201.exe
Deleted : C:\Users\melsmile\Downloads\Extras.Txt
Deleted : C:\Users\melsmile\Downloads\JRT.exe
Deleted : C:\Users\melsmile\Downloads\OTL.Txt
Deleted : HKLM\SOFTWARE\OldTimer Tools
 
~ Creating registry backup ... OK
 
~ Cleaning system restore ...
 
Deleted : RP #44 [Windows Update | 06/26/2016 04:49:33]
Deleted : RP #45 [Scheduled Checkpoint | 07/05/2016 01:45:24]
Deleted : RP #46 [JRT Pre-Junkware Removal | 07/11/2016 23:03:00]
 
New restore point created !
 
~ Resetting system settings ... OK
 
########## - EOF - ##########
Link to post
Share on other sites
Guest
This topic is now closed to further replies.