Sponsored By

Sign in to follow this  
Followers 0
Tammy

computer shuts down & is slow/lagging

19 posts in this topic

computer constantly shuts down and is slow lagging plus can't play any of the online games I used to be able to.  this computer was great when I first got, then I let my kids play on it!!!  I do use AVG and malware bytes to try to keep it free of "stuff"

Share this post


Link to post
Share on other sites

 

Howdy Tammy and welcome to BestTechie !!!  

My name is flashh4 (Chuck) and i will be assisting you with the cleaning of your computer.

Run these 1 at a time & post each log as you get it ! Work them as your time permits you to !!

If you don't understand something, please don't hesitate to ask for clarification before proceeding !!! You can PM me if you need to !!

Perform all actions in the order given.

Please stay with us until we give you the "All Clean Speech"! Just because the problem has stopped it may still need some clean-up !  

Do Not Remove anything or run any tools/programs until advised to do so !


Please note that all instructions given are customized for this computer only, the tools used may cause damage if used on a computer with different infections.  

If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.  

===================================


AdwCleaner
       
Please download  https://toolslib.net/downloads/viewdownload/1-adwcleaner/  by Xplode onto your desktop.
Double click on AdwCleaner.exe to run the tool again.
       Windows XP : Double click on the icon to run it.

       Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

    *Click on the Scan button.
    *AdwCleaner will begin to scan your computer like it did before.
    *After the scan has finished .......
    
    This time, click on the "Clean" button.
    
    *Press OK when asked to close all programs and follow the onscreen prompts.
    *Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    *After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
    *Copy and paste the contents of that logfile in your next reply.
    *A copy of that logfile will also be saved in the C:\AdwCleaner folder.


NEXT


    Please download http://thisisudax.org/downloads/JRT.exe]JUNKWARE Removal Tool and save to your desk top.

    Shut down your protection software now to avoid potential conflicts.

    * Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    * The tool will open and start scanning your system.
    * Please be patient as this can take a while to complete depending on your system's specifications.
    * On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    * Post the contents of JRT.txt into your next reply !

Re-Boot your computer now !!


NEXT


    Download the free version Malwarebytes' Anti-Malware (save it to your desktop).  >>> https://www.malwarebytes.org/antimalware/
     
      * Windows XP : Double click on the icon to run it.
      *  Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
      
* On the Dashboard click on Update Now
* Go to the Setting Tab
* Under Setting go to Detection and Protection
* Under PUP and PUM make sure both are set to show Treat Detections as Malware
* Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked
* Then on the Dashboard click on Scan
* Make sure to select THREAT SCAN
* Then click on Scan

When the scan is finished on the bottom right click on SAVE RESULTS then select Copy to Clipboard
Please paste the log back into this thread for review
Exit Malwarebytes

 

Post these logs as you get them & then continue on to the next one !!

Thanks

Chuck

Share this post


Link to post
Share on other sites

# AdwCleaner v6.030 - Logfile created 30/10/2016 at 10:45:57
# Updated on 19/10/2016 by Malwarebytes
# Database : 2016-10-30.1 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Tammy - TAMMY-PC
# Running from : C:\Users\Tammy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\22FJBPWZ\adwcleaner_6.030.exe
# Mode: Clean
# Support : hxxps://www.malwarebytes.com/support

 

***** [ Services ] *****

[-] Service deleted: vToolbarUpdater18.8.0
[-] Service deleted: CouponPrinterService


***** [ Folders ] *****

[-] Folder deleted: C:\ProgramData\{287ccb7d-9520-e9cb-287c-ccb7d9522df6}
[-] Folder deleted: C:\Users\Tammy\AppData\Local\genienext
[-] Folder deleted: C:\Users\Tammy\AppData\Local\Mobogenie
[-] Folder deleted: C:\Users\Tammy\AppData\Local\NativeMessaging
[-] Folder deleted: C:\Users\Tammy\AppData\Local\YSearchUtil
[-] Folder deleted: C:\Users\Tammy\AppData\Local\avg web tuneup
[-] Folder deleted: C:\Users\Tammy\AppData\LocalLow\AVG Secure Search
[-] Folder deleted: C:\Users\Tammy\AppData\LocalLow\AVG Security Toolbar
[-] Folder deleted: C:\Users\Tammy\AppData\LocalLow\HPAppData
[-] Folder deleted: C:\Users\Tammy\AppData\Roaming\Yahoo!\Companion
[-] Folder deleted: C:\Users\Tammy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArcadeCandy
[-] Folder deleted: C:\Users\Tammy\Documents\Mobogenie
[-] Folder deleted: C:\Users\Tammy\AppData\Roaming\Mozilla\Firefox\Profiles\pmzpjc38.default\Smartbar
[-] Folder deleted: C:\ProgramData\apn
[-] Folder deleted: C:\ProgramData\AVG Secure Search
[-] Folder deleted: C:\ProgramData\Partner
[-] Folder deleted: C:\ProgramData\avg web tuneup
[#] Folder deleted on reboot: C:\ProgramData\Application Data\apn
[#] Folder deleted on reboot: C:\ProgramData\Application Data\AVG Secure Search
[#] Folder deleted on reboot: C:\ProgramData\Application Data\Partner
[#] Folder deleted on reboot: C:\ProgramData\Application Data\avg web tuneup
[-] Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
[-] Folder deleted: C:\Program Files (x86)\AVG Secure Search
[-] Folder deleted: C:\Program Files (x86)\Conduit
[-] Folder deleted: C:\Program Files (x86)\Coupons
[-] Folder deleted: C:\Program Files (x86)\avg web tuneup
[-] Folder deleted: C:\Program Files (x86)\Yahoo!\yset
[-] Folder deleted: C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Folder deleted: C:\Users\Tammy\AppData\Local\Temp\apn
[-] Folder deleted: C:\Users\Tammy\AppData\Local\Temp\BabylonToolbar
[-] Folder deleted: C:\windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
[-] Folder deleted: C:\windows\SysWOW64\config\systemprofile\AppData\LocalLow\AVG Secure Search
[-] Folder deleted: C:\Users\Tammy\AppData\Roaming\Mozilla\Firefox\Profiles\pmzpjc38.default\extensions\[email protected]
[#] Folder deleted on reboot: C:\Users\Tammy\AppData\Roaming\Mozilla\Firefox\Profiles\pmzpjc38.default\extensions\[email protected]
[#] Folder deleted on reboot: C:\Users\Tammy\AppData\Roaming\Mozilla\Firefox\Profiles\pmzpjc38.default\extensions\[email protected]
[#] Folder deleted on reboot: C:\Users\Tammy\AppData\Roaming\Mozilla\Firefox\Profiles\pmzpjc38.default\extensions\[email protected]


***** [ Files ] *****

[-] File deleted: C:\Users\Tammy\daemonprocess.txt
[-] File deleted: C:\END
[-] File deleted: C:\user.js
[-] File deleted: C:\Users\Tammy\AppData\Roaming\Mozilla\Firefox\Profiles\pmzpjc38.default\invalidprefs.js
[-] File deleted: C:\Program Files (x86)\Mozilla Firefox\nsprotector.js
[-] File deleted: C:\Users\Tammy\AppData\Roaming\Mozilla\Firefox\Profiles\pmzpjc38.default\searchplugins\avg-secure-search.xml
[-] File deleted: C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
[-] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
[-] File deleted: C:\Program Files (x86)\Mozilla Firefox\searchplugins\wtu-secure-search.xml
[-] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[#] File deleted: C:\Program Files (x86)\Mozilla Firefox\nsprotector.js
[#] File deleted: C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
[#] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
[#] File deleted: C:\Program Files (x86)\Mozilla Firefox\searchplugins\wtu-secure-search.xml
[#] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[#] File deleted: C:\Program Files (x86)\Mozilla Firefox\nsprotector.js
[#] File deleted: C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
[#] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
[#] File deleted: C:\Program Files (x86)\Mozilla Firefox\searchplugins\wtu-secure-search.xml
[#] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml


***** [ DLL ] *****

 

***** [ WMI ] *****

 

***** [ Shortcuts ] *****

 

***** [ Scheduled Tasks ] *****

 

***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
[-] Key deleted: HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
[-] Key deleted: HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
[-] Key deleted: HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
[-] Key deleted: HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[-] Key deleted: HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[-] Key deleted: HKLM\SOFTWARE\Classes\Prod.cap
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[-] Key deleted: HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[-] Key deleted: HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[-] Key deleted: HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[-] Key deleted: HKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin
[-] Key deleted: HKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Prod.cap
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin.1
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{7D831388-D405-4272-9511-A07440AD2927}
[-] Key deleted: HKCU\Software\Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{F51C15D4-3D0A-4DBA-A095-EBCC09F24DA2}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
[-] Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
[-] Key deleted: HKU\.DEFAULT\Software\AppDataLow\Software\AVG Security Toolbar
[-] Key deleted: HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\Software\AVG Secure Search
[-] Key deleted: HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\Software\Cr_Installer
[-] Key deleted: HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\Software\Microsoft\Babylon
[-] Key deleted: HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\Software\Yahoo\Companion
[-] Key deleted: HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\Software\Yahoo\YFriendsBar
[-] Key deleted: HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
[-] Key deleted: HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\Software\AppDataLow\Toolbar
[-] Key deleted: HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\Software\AppDataLow\Software\BackgroundContainer
[-] Key deleted: HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\Software\AppDataLow\Software\Freecause
[-] Key deleted: HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\Software\AppDataLow\Software\Yahoo\Companion
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4099816973-1217867158-1303274427-1001\Software\AVG Security Toolbar
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4099816973-1217867158-1303274427-1001\Software\BabylonToolbar
[#] Key deleted on reboot: HKU\S-1-5-18\Software\AppDataLow\Software\AVG Security Toolbar
[#] Key deleted on reboot: HKCU\Software\AVG Secure Search
[#] Key deleted on reboot: HKCU\Software\Cr_Installer
[#] Key deleted on reboot: HKCU\Software\Microsoft\Babylon
[#] Key deleted on reboot: HKCU\Software\Yahoo\Companion
[#] Key deleted on reboot: HKCU\Software\Yahoo\YFriendsBar
[#] Key deleted on reboot: HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Toolbar
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\BackgroundContainer
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\Freecause
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Key deleted: HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
[-] Key deleted: HKLM\SOFTWARE\AVG Secure Search
[-] Key deleted: HKLM\SOFTWARE\AVG Security Toolbar
[-] Key deleted: HKLM\SOFTWARE\Babylon
[-] Key deleted: HKLM\SOFTWARE\SearchProtect
[-] Key deleted: HKLM\SOFTWARE\Yahoo\Companion
[#] Key deleted on reboot: HKLM\SOFTWARE\SEARCHPROTECT
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.1.3
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4099816973-1217867158-1303274427-1001\Software\AVG Security Toolbar
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4099816973-1217867158-1303274427-1001\Software\BabylonToolbar
[#] Key deleted on reboot: [x64] HKCU\Software\AVG Secure Search
[#] Key deleted on reboot: [x64] HKCU\Software\Cr_Installer
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Babylon
[#] Key deleted on reboot: [x64] HKCU\Software\Yahoo\Companion
[#] Key deleted on reboot: [x64] HKCU\Software\Yahoo\YFriendsBar
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Toolbar
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\BackgroundContainer
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\Freecause
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Key deleted: HKLM\SOFTWARE\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
[-] Key deleted: HKLM\SOFTWARE\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
[-] Key deleted: HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Key deleted: HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\20E71B53321C641458DBDAF83979D193
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\20E71B53321C641458DBDAF83979D193
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\20E71B53321C641458DBDAF83979D193
[-] Key deleted: HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\Software\Microsoft\Internet Explorer\SearchScopes\{325EB35D-435A-47C8-BD93-B33BB8227A5E}
[-] Key deleted: HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\Software\Microsoft\Internet Explorer\SearchScopes\{C7300141-8DA1-461F-87D3-2A28DF5C925B}
[-] Key deleted: HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\Software\Microsoft\Internet Explorer\SearchScopes\{D071027F-52AA-4498-B32D-7D4348504350}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{325EB35D-435A-47C8-BD93-B33BB8227A5E}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C7300141-8DA1-461F-87D3-2A28DF5C925B}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D071027F-52AA-4498-B32D-7D4348504350}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{325EB35D-435A-47C8-BD93-B33BB8227A5E}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C7300141-8DA1-461F-87D3-2A28DF5C925B}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D071027F-52AA-4498-B32D-7D4348504350}
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\escort.DLL
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\YMERemote.DLL
[-] Key deleted: HKLM\SOFTWARE\Classes\PROTOCOLS\handler\viprotocol
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.apn.native_messaging_host_aaaaahaeginbdcckocjkhbciadcafnep
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.apn.native_messaging_host_aaaaahlfahldnilidgnlikdckbfehhca
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
[-] Key deleted: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key deleted: HKLM\SOFTWARE\Classes\s
[-] Value deleted: HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION [WeatherBug.exe]
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
[-] Value deleted: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
[#] Value deleted on reboot: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
[#] Value deleted on reboot: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
[#] Value deleted on reboot: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]


***** [ Web browsers ] *****

[-] Chrome preferences cleaned: "CT3298566.1000082.isPlayDisplay" -  "true"
[-] Chrome preferences cleaned: "CT3298566.1000082.state" -  "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock - Rock\",\"url\":\"hxxp://www.feedlive.net/california.asx\"}"
[-] Chrome preferences cleaned: "CT3298566.BBActive.enc" -  "eWVz"
[-] Chrome preferences cleaned: "CT3298566.BBID.enc" -  "NjAxZjZiYTc5MzBhYjEzZg=="
[-] Chrome preferences cleaned: "CT3298566.ENABALE_HISTORY" -  "{\"dataType\":\"string\",\"data\":\"true\"}"
[-] Chrome preferences cleaned: "CT3298566.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE" -  "{\"dataType\":\"string\",\"data\":\"true\"}"
[-] Chrome preferences cleaned: "CT3298566.FF19Solved" -  "true"
[-] Chrome preferences cleaned: "CT3298566.FirstTime" -  "true"
[-] Chrome preferences cleaned: "CT3298566.FirstTimeFF3" -  "true"
[-] Chrome preferences cleaned: "CT3298566.LAST_CLIENT_STATS_SUBMIT_2.enc" -  "MTM4MDY3MjUxOQ=="
[-] Chrome preferences cleaned: "CT3298566.LOCAL_COOKIE_STATS_LAST_SUBMIT_6.enc" -  "MTM4MDY3MjUyNw=="
[-] Chrome preferences cleaned: "CT3298566.LOCAL_COOKIE_STATS_STATS_SITE_IRRELEVANT.enc" -  "MQ=="
[-] Chrome preferences cleaned: "CT3298566.LOCAL_COOKIE_THROTTLE_BASEadd_stats 0 LOCAL_COOKIE_STATS_STATS_SITE_IRRELEVANT.enc" -  "MTM4MDY3MjUyNw=="
[-] Chrome preferences cleaned: "CT3298566.PG_ENABLE" -  "dHJ1ZQ=="
[-] Chrome preferences cleaned: "CT3298566.SF_JUST_INSTALLED.enc" -  "RkFMU0U="
[-] Chrome preferences cleaned: "CT3298566.SF_STATUS.enc" -  "RU5BQkxFRA=="
[-] Chrome preferences cleaned: "CT3298566.SF_USER_ID.enc" -  "Y2lkXzExMDIwMTMxODgzOTg5MDM3MjQ="
[-] Chrome preferences cleaned: "CT3298566.TopHitsConfig.enc" -  "ew0KICAgICJzcHJpdGVVcmwiOiAiaHR0cDovL3N0b3JhZ2UuY29uZHVpdC5jb20vcHMvVG9wSGl0c0dlbmVyaWNBcHAvY29uZmlncy9VUy1VSy1EYW5jZS1Sb2NrLVJhcC9zcHJpdGUucG5nIiwNCiAgICAiaXRlbXMiOiBbDQogICAgICAgIHsNCiAgICAgICAgICAgICJuYW1lIjogIlVTIiwNCiAgICAgICAgICAgICJYTUxGZWVkVXJsIjogImh0dHA6Ly93d3cuYmlsbGJvYXJkLmNvbS9yc3MvY2hhcnRzL2hvdC0xMDAiLA0KICAgICAgICAgICAgInN0eWxlcyI6IHsNCiAgICAgICAgICAgICAgICAiZW1iZWRkZWRJbWdQb3NpdGlvbiI6ICIwIC05MzVweCIsDQogICAgICAgICAgICAgICAgImVtYmVkZGVkSW1nSG92ZXJQb3NpdGlvbiI6ICIwIC05NjRweCIsDQogICAgICAgICAgICAgICAgImJhc2VCdG5JbWdQb3NpdGlvbiI6ICIwIC05OTRweCIsDQogICAgICAgICAgICAgICAgIm1lbnVCdG5JbWdQb3NpdGlvbiI6ICIwIC0xMDY2cHgiLA0KICAgICAgICAgICAgICAgICJtZW51QnRuSW1nSG92ZXJQb3NpdGlvbiI6ICIwIC0xMTE4cHgiDQogICAgICAgICAgICB9DQogICAgICAgIH0sDQogICAgICAgIHsNCiAgICAgICAgICAgICJuYW1lIjogIlVLIiwNCiAgICAgICAgICAgICJYTUxGZWVkVXJsIjogImh0dHA6Ly93d3cuYmlsbGJvYXJkLmNvbS9yc3MvY2hhcnRzL3VuaXRlZC1raW5nZG9tLXNvbmdzIiwNCiAgICAgICAgICAgICJzdHlsZXMiOiB7DQogICAgICAgICAgICAgICAgImVtYmVkZGVkSW1nUG9zaXRpb24iOiAiMCAtNzAxcHgiLA0KICAgICAgICAgICAgICAgICJlbWJlZGRlZEltZ0hvdmVyUG9zaXRpb24iOiAiMCAtNzMwcHgiLA0KICAgICAgICAgICAgICAgICJiYXNlQnRuSW1nUG9zaXRpb24iOiAiMCAtNzYwcHgiLA0KICAgICAgICAgICAgICAgICJtZW51QnRuSW1nUG9zaXRpb24iOiAiMCAtODMycHgiLA0KICAgICAgICAgICAgICAgICJtZW51QnRuSW1nSG92ZXJQb3NpdGlvbiI6ICIwIC04ODRweCINCiAgICAgICAgICAgIH0NCiAgICAgICAgfSwNCiAgICAgICAgew0KICAgICAgICAgICAgIm5hbWUiOiAiRGFuY2UiLA0KICAgICAgICAgICAgIlhNTEZlZWRVcmwiOiAiaHR0cDovL3d3dy5iaWxsYm9hcmQuY29tL3Jzcy9jaGFydHMvZGFuY2UtY2x1Yi1wbGF5LXNvbmdzIiwNCiAgICAgICAgICAgICJzdHlsZXMiOiB7DQogICAgICAgICAgICAgICAgImVtYmVkZGVkSW1nUG9zaXRpb24iOiAiMCAxcHgiLA0KICAgICAgICAgICAgICAgICJlbWJlZGRlZEltZ0hvdmVyUG9zaXRpb24iOiAiMCAtMjhweCIsDQogICAgICAgICAgICAgICAgImJhc2VCdG5JbWdQb3NpdGlvbiI6ICIwIC01OHB4IiwNCiAgICAgICAgICAgICAgICAibWVudUJ0bkltZ1Bvc2l0aW9uIjogIjAgLTEzMHB4IiwNCiAgICAgICAgICAgICAgICAibWVudUJ0bkltZ0hvdmVyUG9zaXRpb24iOiAiMCAtMTgycHgiDQogICAgICAgICAgICB9DQogICAgICAgIH0sDQogICAgICAgIHsNCiAgICAgICAgICAgICJuYW1lIjogIlJvY2siLA0KICAgICAgICAgICAgIlhNTEZlZWRVcmwiOiAiaHR0cDovL3d3dy5iaWxsYm9hcmQuY29tL3Jzcy9jaGFydHMvcm9jay1zb25ncyIsDQogICAgICAgICAgICAic3R5bGVzIjogew0KICAgICAgICAgICAgICAgICJlbWJlZGRlZEltZ1Bvc2l0aW9uIjogIjAgLTQ2N3B4IiwNCiAgICAgICAgICAgICAgICAiZW1iZWRkZWRJbWdIb3ZlclBvc2l0aW9uIjogIjAgLTQ5NnB4IiwNCiAgICAgICAgICAgICAgICAiYmFzZUJ0bkltZ1Bvc2l0aW9uIjogIjAgLTUyNnB4IiwNCiAgICAgICAgICAgICAgICAibWVudUJ0bkltZ1Bvc2l0aW9uIjogIjAgLTU5OHB4IiwNCiAgICAgICAgICAgICAgICAibWVudUJ0bkltZ0hvdmVyUG9zaXRpb24iOiAiMCAtNjUwcHgiDQogICAgICAgICAgICB9DQogICAgICAgIH0sDQogICAgICAgIHsNCiAgICAgICAgICAgICJuYW1lIjogIlJhcCIsDQogICAgICAgICAgICAiWE1MRmVlZFVybCI6ICJodHRwOi8vd3d3LmJpbGxib2FyZC5jb20vcnNzL2NoYXJ0cy9yYXAtc29uZ3MiLA0KICAgICAgICAgICAgInN0eWxlcyI6IHsNCiAgICAgICAgICAgICAgICAiZW1iZWRkZWRJbWdQb3NpdGlvbiI6ICIwIC0yMzNweCIsDQogICAgICAgICAgICAgICAgImVtYmVkZGVkSW1nSG92ZXJQb3NpdGlvbiI6ICIwIC0yNjJweCIsDQogICAgICAgICAgICAgICAgImJhc2VCdG5JbWdQb3NpdGlvbiI6ICIwIC0yOTJweCIsDQogICAgICAgICAgICAgICAgIm1lbnVCdG5JbWdQb3NpdGlvbiI6ICIwIC0zNjRweCIsDQogICAgICAgICAgICAgICAgIm1lbnVCdG5JbWdIb3ZlclBvc2l0aW9uIjogIjAgLTQxNnB4Ig0KICAgICAgICAgICAgfQ0KICAgICAgICB9DQogICAgXQ0KfQ=="
[-] Chrome preferences cleaned: "CT3298566.UserID" -  "UN24925542722012119"
[-] Chrome preferences cleaned: "CT3298566.YTbyClickFavorites.enc" -  "W10="
[-] Chrome preferences cleaned: "CT3298566.YTbyClickRecent.enc" -  "W10="
[-] Chrome preferences cleaned: "CT3298566.acp_personal.appstate.enc" -  "ZW5hYmxl"
[-] Chrome preferences cleaned: "CT3298566.addressBarTakeOverEnabledInHidden" -  "true"
[-] Chrome preferences cleaned: "CT3298566.browser.search.defaultthis.engineName" -  "true"
[-] Chrome preferences cleaned: "CT3298566.cbfirsttime.enc" -  "VHVlIE9jdCAwMSAyMDEzIDE4OjA4OjQwIEdNVC0wNjAwIChNb3VudGFpbiBEYXlsaWdodCBUaW1lKQ=="
[-] Chrome preferences cleaned: "CT3298566.countryCode" -  "US"
[-] Chrome preferences cleaned: "CT3298566.defaultSearch" -  "true"
[-] Chrome preferences cleaned:
[-] Chrome preferences cleaned: "CT3298566.enableAlerts" -  "true"
[-] Chrome preferences cleaned: "CT3298566.enableSearchFromAddressBar" -  "true"
[-] Chrome preferences cleaned: "CT3298566.enlargeSearchBox" -  "{\"enabled\":true,\"maxWidth\":1000,\"minWidth\":250,\"width\":500}"
[-] Chrome preferences cleaned: "CT3298566.firstTimeDialogOpened" -  "true"
[-] Chrome preferences cleaned: "CT3298566.fixPageNotFoundError" -  "true"
[-] Chrome preferences cleaned: "CT3298566.fixPageNotFoundErrorByUser" -  "true"
[-] Chrome preferences cleaned: "CT3298566.fixPageNotFoundErrorInHidden" -  "true"
[-] Chrome preferences cleaned: "CT3298566.fixUrls" -  true
[-] Chrome preferences cleaned: "CT3298566.fullUserID" -  "UN24925542722012119.IN.20130731204524"
[-] Chrome preferences cleaned: "CT3298566.installDate" -  "31/07/2013 20:45:23"
[-] Chrome preferences cleaned: "CT3298566.installId" -  "cid111"
[-] Chrome preferences cleaned: "CT3298566.installSessionId" -  "{5B99D413-4DC8-4984-A32E-E7AC76B450FA}"
[-] Chrome preferences cleaned: "CT3298566.installSp" -  "TRUE"
[-] Chrome preferences cleaned: "CT3298566.installType" -  "conduitnsisintegration"
[-] Chrome preferences cleaned: "CT3298566.installUsage" -  "2013-08-15T06:06:52.8950731+03:00"
[-] Chrome preferences cleaned: "CT3298566.installUsageEarly" -  "2013-08-15T06:06:51.8810731+03:00"
[-] Chrome preferences cleaned: "CT3298566.installerVersion" -  "1.5.4.4"
[-] Chrome preferences cleaned: "CT3298566.isCheckedStartAsHidden" -  true
[-] Chrome preferences cleaned: "CT3298566.isEnableAllDialogs" -  "{\"dataType\":\"string\",\"data\":\"true\"}"
[-] Chrome preferences cleaned: "CT3298566.isFirstTimeToolbarLoading" -  "false"
[-] Chrome preferences cleaned: "CT3298566.isToolbarShrinked" -  "{\"dataType\":\"string\",\"data\":\"false\"}"
[-] Chrome preferences cleaned: "CT3298566.keyword" -  "true"
[-] Chrome preferences cleaned: "CT3298566.lastVersion" -  "10.20.1.508"
[-] Chrome preferences cleaned: "CT3298566.mam_gk_appStateReportTime" -  "%B7%B9%BF%BF%B8%BC%B8%BB%BB%BA%BC%BC%BD"
[-] Chrome preferences cleaned: "CT3298566.mam_gk_appStateReportTime.enc" -  "MTM5OTI2MjU1NDY2Nw=="
[-] Chrome preferences cleaned: "CT3298566.mam_gk_appState_ACplus.enc" -  "b24="
[-] Chrome preferences cleaned: "CT3298566.mam_gk_appState_CouponBuddy.enc" -  "b24="
[-] Chrome preferences cleaned: "CT3298566.mam_gk_appState_Discover.enc" -  "b24="
[-] Chrome preferences cleaned: "CT3298566.mam_gk_appState_Discover_Apps.enc" -  "b24="
[-] Chrome preferences cleaned: "CT3298566.mam_gk_appState_Easytobook.enc" -  "b24="
[-] Chrome preferences cleaned: "CT3298566.mam_gk_appState_Easytobook_targeted.enc" -  "b24="
[-] Chrome preferences cleaned: "CT3298566.mam_gk_appState_Find-a-Pro.enc" -  "b24="
[-] Chrome preferences cleaned: "CT3298566.mam_gk_appState_PiclickV2-WebSearch.enc" -  "b24="
[-] Chrome preferences cleaned: "CT3298566.mam_gk_appState_PriceGrabber.enc" -  "b24="
[-] Chrome preferences cleaned: "CT3298566.mam_gk_appState_WindowShopper.enc" -  "b24="
[-] Chrome preferences cleaned:
[-] Chrome preferences cleaned: "CT3298566.mam_gk_appsDefaultEnabled" -  "%F4%FB%F2%F2"
[-] Chrome preferences cleaned: "CT3298566.mam_gk_appsDefaultEnabled.enc" -  "bnVsbA=="
[-] Chrome preferences cleaned: "CT3298566.mam_gk_calledSetupService.enc" -  "MQ=="
[-] Chrome preferences cleaned: "CT3298566.mam_gk_currentVersion" -  "%B7%B4%B7%B9%B4%B6%B4%B7%BD"
[-] Chrome preferences cleaned: "CT3298566.mam_gk_currentVersion.enc" -  "MS4xMy4wLjE3"
[-] Chrome preferences cleaned: "CT3298566.mam_gk_existingUsersRecoveryDone.enc" -  "MQ=="
[-] Chrome preferences cleaned: "CT3298566.mam_gk_first_time" -  "%B7"
[-] Chrome preferences cleaned: "CT3298566.mam_gk_first_time.enc" -  "MQ=="
[-] Chrome preferences cleaned: "CT3298566.mam_gk_installer_preapproved.enc" -  "ZmFsc2U="
[-] Chrome preferences cleaned: "CT3298566.mam_gk_lastLoginTime" -  "%B7%B9%BF%BF%B8%BC%B8%BB%BB%BC%BC%BD%BE"
[-] Chrome preferences cleaned: "CT3298566.mam_gk_lastLoginTime.enc" -  "MTM5OTI2MjU1NjY3OA=="
[-] Chrome preferences cleaned: "CT3298566.mam_gk_localization.enc" -  "eyJkaWFsb2dPSyI6eyJUZXh0IjoiT0sifSwiZG1ib3gxIjp7IlRleHQiOiJEZWFsXHJcbm9mIHRoZSBkYXkifSwiZG1ib3gyIjp7IlRleHQiOiJGcmVlXHJcblNoaXBtZW50In0sImRtYnVsbGV0MSI6eyJUZXh0IjoiU2F2ZSBtb25leSJ9LCJkbWJ1bGxldDIiOnsiVGV4dCI6IkZpbmQgd2hhdCdzIHJpZ2h0IGZvciB5b3UifSwiZG1idWxsZXQzIjp7IlRleHQiOiJHZXQgdGhlIG1vc3Qgb3V0IG9mIHRoZSB3ZWIifSwiRE1wcml2YWN5Ijp7IlRleHQiOiJWYWx1ZSBBcHBzIG1heSBpbmNsdWRlIENvbmR1aXQgYXBwcyBhbmQgdGhpcmQtcGFydHkgYXBwcy4gQ2xpY2sgaGVyZSBmb3IgbW9yZSBpbmZvcm1hdGlvbiBhbmQgcHJpdmFjeSBwb2xpY2llcyJ9LCJkbXRpdGxlIjp7IlRleHQiOiJMZXQgdGhlIEJlc3QgT2ZmZXJzXHJcbkNvbWUgUmlnaHQgdG8gWW91ISJ9LCJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHMgZW5yaWNoZXMgeW91ciB3ZWIgZXhwZXJpZW5jZSBieSBvZmZlcmluZyB5b3UgZ3JlYXQgZGVhbHMsIGNvdXBvbnMsIHJlbGF0ZWQgY29udGVudCBhbmQgbXVjaCBtb3JlLiJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnlNb3JlIjp7IlRleHQiOiJWYWx1ZSBBcHBzIHNlbGVjdHMgdGhlIGFwcHMgdGhhdCBicmluZyB5b3UgdGhlIGJlc3QgZGFpbHkgb2ZmZXJzIGJhc2VkIG9uIHlvdXIgYnJvd3NpbmcgaW5mb3JtYXRpb24uIn0sImdhZGdldERlc2NyaXB0aW9uU2Vjb25kYXJ5Ijp7IlRleHQiOiJWYWx1ZSBBcHBzIG1heSByZXF1aXJlIHVzZSBvZiB5b3VyIHBlcnNvbmFsIGluZm9ybWF0aW9uLCBpbmNsdWRpbmcgeW91ciBJbnRlcm5ldCBQcm90b2NvbCBhZGRyZXNzLCB0aGUgd2VicGFnZXMgeW91IHZpc2l0IGFuZCB0aGVpciBjb250ZW50LiJ9LCJnYWRnZXRFbmFibGUiOnsiVGV4dCI6IlRyeSBpdCBub3cifSwiZ2FkZ2V0Tm9UaGFua3MiOnsiVGV4dCI6IkN1c3RvbWl6ZSJ9LCJnYWRnZXRUZXJtc0FuZFByaXZhY3lQb2xpY3kiOnsiVGV4dCI6IlRlcm1zICYgUHJpdmFjeSBQb2xpY2llcyJ9LCJnYWRnZXRUZXJtc1RleHQiOnsiVGV4dCI6IkJ5IGNsaWNraW5nIFwiVHJ5IGl0IG5vd1wiLCB5b3UgYWdyZWUgdG8gdGhlIGFjY2VzcywgY29sbGVjdGlvbiBhbmQgdXNhZ2Ugb2YgeW91ciBpbmZvcm1hdGlvbiBieSBWYWx1ZSBBcHBzIGluIGFjY29yZGFuY2Ugd2l0aCB0aGUge3t7dGVybXNBbmRQcml2YWN5UG9saWN5SGFuZGxlcn19fS4gU2VlIG91ciB7e3tjb250ZW50UG9saWN5SGFuZGxlcn19fSBmb3IgbW9yZSBpbmZvcm1hdGlvbi4ifSwibmV3QXBwQ2xpY2tIZXJlIjp7IlRleHQiOiJjbGljayBoZXJlIn0sIm5ld2FwcGxlYXJubW9yZSI6eyJUZXh0IjoiTGVhcm4gbW9yZSJ9LCJuZXdBcHBNb3JlSW5mbyI6eyJUZXh0IjoiRm9yIG1vcmUgaW5mb3JtYXRpb24gb24gcHJpdmFjeSBwb2xpY3kge3t7cHJpdmFjeVBvbGljeUhhbmRsZXJ9fX0ifSwibmV3YXBwdGV4dCI6eyJUZXh0IjoiQ29uZHVpdCBWYWx1ZSBBcHBzIGJyaW5ncyB5b3UgW0FwcCBuYW1lXSJ9LCJuZXdHYWRnZXRUZXJtc1RleHQiOnsiVGV4dCI6IkJ5IGNsaWNraW5nIFwiT0tcIiwgeW91IGFncmVlIHRvIHRoZSBhY2Nlc3MsIGNvbGxlY3Rpb24gYW5kIHVzYWdlIG9mIHlvdXIgaW5mb3JtYXRpb24gYnkgVmFsdWUgQXBwcyBwcm92aWRlcnMgaW4gYWNjb3JkYW5jZSB3aXRoIHRoZSB7e3t0ZXJtc0FuZFByaXZhY3lQb2xpY3lIYW5kbGVyfX19LiJ9LCJzZXR0aW5nc0NhbmNlbCI6eyJUZXh0IjoiQ2FuY2VsIn0sInNldHRpbmdzQ291cG9uQnVkZHlEZXNjcmlwdGlvbiI6eyJUZXh0IjoiQ291cG9uIEJ1ZGR5IHNhdmVzIHlvdSBtb25leSBieSBzZXJ2aW5nIHlvdSB0aGUgYmVzdCBjb3Vwb25zIGFuZCBkZWFscyBhdCB0aG91c2FuZHMgb2YgdGhlIGxhcmdlc3Qgb25saW5lIG1lcmNoYW50cy4gQ291cG9uIEJ1ZGR5IHJlY29nbml6ZXMgd2hlcmUgeW91IGFyZSBicm93c2luZyBhbmQgYWxlcnRzIHlvdSBvZiB0aGUgYmVzdCBkZWFscyByaWdodCBvbiB0aGUgc2l0ZSB5b3UgYXJlIHZpc2l0aW5nLiJ9LCJzZXR0aW5nc0NvdXBvbkJ1ZGR5TmFtZSI6eyJUZXh0IjoiQ291cG9uIEJ1ZGR5In0sInNldHRpbmdzRGlhbG9nVGl0bGUiOnsiVGV4dCI6IkFyZSB5b3Ugc3VyZSB5b3Ugd2FudCB0byBjYW5jZWwgVmFsdWUgQXBwcz8ifSwic2V0dGluZ3NFbmFibGUiOnsiVGV4dCI6IkVuYWJsZSJ9LCJzZXR0aW5nc0VuYWJsZWQiOnsiVGV4dCI6IkVuYWJsZWQifSwic2V0dGluZ3NQcmljZUdvbmdEZXNjcmlwdGlvbiI6eyJUZXh0IjoieW91ciBvbmxpbmUgc2hvcHBpbmcgYXNzaXN0YW50LiBVc2UgUHJpY2VHb25nIHRvIGZpbmQgdGhlIGJlc3Qgb25saW5lIGRlYWxzIGFuZCBnZXQgb25saW5lIGNvdXBvbnMganVzdCB3aGVuIHlvdSBuZWVkIGl0LiJ9LCJzZXR0aW5nc1ByaWNlR29uZ05hbWUiOnsiVGV4dCI6IlByaWNlIEdvbmcifSwic2V0dGluZ3NQcml2YWN5UG9saWN5Ijp7IlRleHQiOiJQcml2YWN5IFBvbGljeSJ9LCJzZXR0aW5nc1NhdmUiOnsiVGV4dCI6IlNhdmUifSwic2V0dGluZ3NUZXJtc09mVXNlIjp7IlRleHQiOiJUZXJtcyBvZiBVc2UifSwibGFzdFVwZGF0ZVRpbWUiOjEzOTkyNjI1NTQyNzV9"
[-] Chrome preferences cleaned: "CT3298566.mam_gk_mamEnabled.enc" -  "dHJ1ZQ=="
[-] Chrome preferences cleaned: "CT3298566.mam_gk_new_welcome_experience.enc" -  "MQ=="
[-] Chrome preferences cleaned: "CT3298566.mam_gk_pgUnloadedOnce.enc" -  "dHJ1ZQ=="
[-] Chrome preferences cleaned: "CT3298566.mam_gk_settings1.10.4.0.enc" -  "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiODZfMSIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjoiVVMiLCJpc1dlbGNvbWVFeHBlcmllbmNlRW5hYmxlZEJ5RGVmYXVsdCI6ZmFsc2UsIkhhZFBHIjpmYWxzZSwibmV3QXBwc0V4cGVyaWVuY2UiOnRydWUsInRyYWNraW5nIjp7ImdhIjp0cnVlLCJkYiI6dHJ1ZX0sInNlcnZpY2VzIjpbeyJuYW1lIjoiY29uZmlndXJhdGlvbiIsInVybCI6Imh0dHA6Ly9jbGllbnRzZXJ2aWNlLm1hbS5jb25kdWl0LXNlcnZpY2VzLmNvbS9jb25maWd1cmF0aW9uP2N0aWQ9Q1QzMjk4NTY2JnN0YW1wPTg2XzEmY291bnRyeT1VUyZicm93c2VyPUVCQlJPV1NFUiZicm93c2VydmVyc2lvbj1FQkJST1dTRVJWRVJTSU9OIiwiaW50ZXJ2YWwiOjI0MH0seyJuYW1lIjoiYXBwc0RhdGEiLCJ1cmwiOiJodHRwOi8vY2xpZW50c2VydmljZS5tYW0uY29uZHVpdC1zZXJ2aWNlcy5jb20vYXBwc2RhdGE/Y3RpZD1DVDMyOTg1NjYmc3RhbXA9ODZfMSZjb3VudHJ5PVVTJmJyb3dzZXI9RUJCUk9XU0VSJmJyb3dzZXJ2ZXJzaW9uPUVCQlJPV1NFUlZFUlNJT04mJmxvY2FsPUVCTE9DQUxFIiwiaW50ZXJ2YWwiOjI0MH0seyJuYW1lIjoibG9jYWxpemF0aW9uIiwidXJsIjoiaHR0cDovL2xvY2FsaXphdGlvbnNlcnZpY2UubWFtLmNvbmR1aXQuY29tL2dldHByb2R1Y3R0cmFuc2xhdGlvbj9wPW1hbSZsPUVCTE9DQUxFIiwiaW50ZXJ2YWwiOjE0NDB9LHsibmFtZSI6ImxvZ2luIiwidXJsIjoiaHR0cDovL21hbS1hbGl2ZS1tc2cuY29uZHVpdC1kYXRhLmNvbSIsImludGVydmFsIjoyNDB9LHsibmFtZSI6InVzYWdlIiwidXJsIjoiaHR0cDovL21hbS11c2FnZS5jb25kdWl0LWRhdGEuY29tLyIsImludGVydmFsIjoyNDB9LHsibmFtZSI6InNldHVwQXBpIiwidXJsIjoiaHR0cDovL2Muc2V0dXBhcGkudG9vbGJhci5jb25kdWl0LXNlcnZpY2VzLmNvbS9Qcm9wZXJ0aWVzL2pzb24vQ1QzMjk4NTY2L0NDL1VTIiwiaW50ZXJ2YWwiOjI0MH1dfSwibGFzdFVwZGF0ZVRpbWUiOjEzODA2NzI1MTc3NjJ9"
[-] Chrome preferences cleaned:
[-] Chrome preferences cleaned: "CT3298566.mam_gk_settings1.13.0.17.enc" -  "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxNDA1MDUiLCJpbnRlcnZhbCI6MjQwLCJzdGFtcCI6IjEwNDNfMCIsIlJUSyI6Ikg0c0lBQUFBQUFBRUFPeTlCMkFjU1pZbEppOXR5bnQlMmZTdlZLMSUyYkIwb1FpQVlCTWsySkJBRU96QmlNM21rdXdkYVVjakthc3FnY3BsVm1WZFpoWkF6TzJkdlBmZWUlMmIlMmI5OTk1Nzc3MzN1anVkVGlmMzMlMmY4JTJmWEdaa0FXejJ6a3JheVo0aGdLcklIejklMmJmQjglMmZJblozZCUyZlolMmIlMmY5M2R1enYzN3U3dDdPNXY3ejU0dEhQdzZQNjklMmZ5Y0FBUCUyZiUyZmpQMnpBeGdBQUFBJTNkIiwiaXNUZXN0Ijp0cnVlLCJVc2VyQ291bnRyeUNvZGUiOiJVUyIsImlzV2VsY29tZUV4cGVyaWVuY2VFbmFibGVkQnlEZWZhdWx0Ijp0cnVlLCJIYWRQRyI6ZmFsc2UsIm5ld0FwcHNFeHBlcmllbmNlIjp0cnVlLCJOZXdBcHBzQmdDb2xvciI6IkY3RkVGNCIsInRyYWNraW5nIjp7ImdhIjp0cnVlLCJkYiI6dHJ1ZX0sInNlcnZpY2VzIjpbeyJuYW1lIjoiY29uZmlndXJhdGlvbiIsInVybCI6Imh0dHA6Ly9jbGllbnRzZXJ2aWNlLm1hbS5jb25kdWl0LXNlcnZpY2VzLmNvbS9jb25maWd1cmF0aW9uP2N0aWQ9Q1QzMjk4NTY2JnN0YW1wPTEwNDNfMCZjb3VudHJ5PVVTJmJyb3dzZXI9RUJCUk9XU0VSJmJyb3dzZXJ2ZXJzaW9uPUVCQlJPV1NFUlZFUlNJT04iLCJpbnRlcnZhbCI6MjQwfSx7Im5hbWUiOiJhcHBzRGF0YSIsInVybCI6Imh0dHA6Ly9jbGllbnRzZXJ2aWNlLm1hbS5jb25kdWl0LXNlcnZpY2VzLmNvbS9hcHBzZGF0YT9jdGlkPUNUMzI5ODU2NiZzdGFtcD0xMDQzXzAmY291bnRyeT1VUyZicm93c2VyPUVCQlJPV1NFUiZicm93c2VydmVyc2lvbj1FQkJST1dTRVJWRVJTSU9OJiZsb2NhbD1FQkxPQ0FMRSIsImludGVydmFsIjoyNDB9LHsibmFtZSI6ImxvY2FsaXphdGlvbiIsInVybCI6Imh0dHA6Ly9sb2NhbGl6YXRpb25zZXJ2aWNlLm1hbS5jb25kdWl0LmNvbS9nZXRwcm9kdWN0dHJhbnNsYXRpb24/cD1tYW0mbD1FQkxPQ0FMRSIsImludGVydmFsIjoxNDQwfSx7Im5hbWUiOiJsb2dpbiIsInVybCI6Imh0dHA6Ly9tYW0tYWxpdmUtbXNnLmNvbmR1aXQtZGF0YS5jb20iLCJpbnRlcnZhbCI6MjQwfSx7Im5hbWUiOiJ1c2FnZSIsInVybCI6Imh0dHA6Ly9tYW0tdXNhZ2UuY29uZHVpdC1kYXRhLmNvbS8iLCJpbnRlcnZhbCI6MjQwfSx7Im5hbWUiOiJzZXR1cEFwaSIsInVybCI6Imh0dHA6Ly9jLnNldHVwYXBpLnRvb2xiYXIuY29uZHVpdC1zZXJ2aWNlcy5jb20vUHJvcGVydGllcy9qc29uL0NUMzI5ODU2Ni9DQy9VUyIsImludGVydmFsIjoyNDB9LHsibmFtZSI6ImFwcHNDb25maWciLCJ1cmwiOiJodHRwOi8vY2xpZW50c2VydmljZS5tYW0uY29uZHVpdC1zZXJ2aWNlcy5jb20vYXBwc0NvbmZpZz9jdGlkPUNUMzI5ODU2NiZzdGFtcD0xMDQzXzAmY291bnRyeT1VUyZicm93c2VyPUVCQlJPV1NFUiZicm93c2VydmVyc2lvbj1FQkJST1dTRVJWRVJTSU9OJmxvY2FsPUVCTE9DQUxFIiwiaW50ZXJ2YWwiOjI0MH1dfSwibGFzdFVwZGF0ZVRpbWUiOjEzOTkyNjI1NTM4MTF9"
[-] Chrome preferences cleaned: "CT3298566.mam_gk_showWelcomeGadget" -  "%EC%E7%F2%F9%EB"
[-] Chrome preferences cleaned: "CT3298566.mam_gk_showWelcomeGadget.enc" -  "ZmFsc2U="
[-] Chrome preferences cleaned: "CT3298566.mam_gk_stamp" -  "%B7%B6%BA%B9%E5%B6"
[-] Chrome preferences cleaned: "CT3298566.mam_gk_stamp.enc" -  "MTA0M18w"
[-] Chrome preferences cleaned: "CT3298566.mam_gk_userBornDate" -  "%D4%B5%C7"
[-] Chrome preferences cleaned: "CT3298566.mam_gk_userBornDate.enc" -  "Ti9B"
[-] Chrome preferences cleaned: "CT3298566.mam_gk_userId" -  "%BF%E8%B7%B7%E7%EB%BB%B7%B3%B9%B9%B7%B6%B3%BA%B7%BC%EB%B3%E8%BF%B8%E7%B3%EC%BF%EB%BF%BF%B7%B6%B8%BE%EA%BA%B6"
[-] Chrome preferences cleaned: "CT3298566.mam_gk_userId.enc" -  "OWIxMWFlNTEtMzMxMC00MTZlLWI5MmEtZjllOTkxMDI4ZDQw"
[-] Chrome preferences cleaned: "CT3298566.mam_gk_user_approval_interacted" -  "%B7"
[-] Chrome preferences cleaned: "CT3298566.mam_gk_user_approval_interacted.enc" -  "MQ=="
[-] Chrome preferences cleaned: "CT3298566.mam_gk_welcomeDialogMode" -  "%B7"
[-] Chrome preferences cleaned: "CT3298566.mam_gk_welcomeDialogMode.enc" -  "MQ=="
[-] Chrome preferences cleaned: "CT3298566.migrateAppsAndComponents" -  true
[-] Chrome preferences cleaned: "CT3298566.navigationAliasesJson" -  "{\"EB_MAIN_FRAME_URL\":\"hxxps%3A%2F%2Fwww.facebook.com%2F\",\"EB_MAIN_FRAME_TITLE\":\"Welcome%20to%20Facebook%20-%20Log%20In%2C%20Sign%20Up%20or%20Learn%20More\",\"EB_SEARCH_TERM\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://MixiDJV30.OurToolbar.com/\",\"EB_TOOLBAR_ID\":\"CT3298566\",\"EB_TOOLBAR_VERSION\":\"10.20.1.508\",\"EB_ORIGINAL_CTID\":\"CT3298566\",\"EB_DOWNLOAD_PAGE\":\"hxxp://MixiDJV30.OurToolbar.com/\",\"EB_TOOLBAR_NAME\":\"MixiDJ V30 \"}"
[-] Chrome preferences cleaned: "CT3298566.openThankYouPage" -  "false"
[-] Chrome preferences cleaned: "CT3298566.openUninstallPage" -  "true"
[-] Chrome preferences cleaned: "CT3298566.originalHomepage" -  "hxxp://isearch.avg.com/?cid={9FC1891C-9453-4AD3-8029-E4644ED48E4C}&mid=5d40747e1bf647d6826d59e75b0c6a98-23128e5cdec976e8716f333c670f44610ae7a5d4&lang=en&ds=AVG&pr=fr&d=2012-12-11 07:10:50&v=14.0.2.14&pid=avg&sg=&sap=hp"
[-] Chrome preferences cleaned: "CT3298566.originalSearchAddressUrl" -  "hxxp://isearch.avg.com/search?cid={9FC1891C-9453-4AD3-8029-E4644ED48E4C}&mid=5d40747e1bf647d6826d59e75b0c6a98-23128e5cdec976e8716f333c670f44610ae7a5d4&lang=en&ds=AVG&pr=fr&d=2012-12-11 07:10:50&pid=avg&sg=&v=14.0.2.14&sap=ku&q="
[-] Chrome preferences cleaned: "CT3298566.originalSearchEngine" -  "AVG Secure Search"
[-] Chrome preferences cleaned: "CT3298566.originalSearchEngineName" -  "AVG Secure Search"
[-] Chrome preferences cleaned: "CT3298566.price-gong.isManagedApp" -  "true"
[-] Chrome preferences cleaned: "CT3298566.rematchagent-matkot-user-id" -  "%A8%B7%B9%BF%BF%B8%BC%B8%BB%BB%B6%B7%B8%BA%BF%B6%B8%B9%BA%BB%BC%A8"
[-] Chrome preferences cleaned: "CT3298566.rematchagent-matkot-user-id.enc" -  "IjEzOTkyNjI1NTAxMjQ5MDIzNDU2Ig=="
[-] Chrome preferences cleaned: "CT3298566.rematchagent-periodic-reports" -  "%u0101%A8%F6%EF%F4%ED%E5%B6%A8%C0%E1%B7%B9%BF%BF%B8%BC%B8%BB%BB%BE%BF%B6%BF%B2%B7%BA%BA%B6%B6%B6%B6%B6%E3%u0103"
[-] Chrome preferences cleaned: "CT3298566.rematchagent-periodic-reports.enc" -  "eyJwaW5nXzAiOlsxMzk5MjYyNTU4OTA5LDE0NDAwMDAwXX0="
[-] Chrome preferences cleaned: "CT3298566.revertSettingsEnabled" -  "false"
[-] Chrome preferences cleaned: "CT3298566.search.searchAppId" -  "130110228003246321"
[-] Chrome preferences cleaned: "CT3298566.search.searchCount" -  "0"
[-] Chrome preferences cleaned: "CT3298566.searchFromAddressBarEnabledByUser" -  "true"
[-] Chrome preferences cleaned: "CT3298566.searchInNewTabEnabledByUser" -  "true"
[-] Chrome preferences cleaned: "CT3298566.searchInNewTabEnabledInHidden" -  "true"
[-] Chrome preferences cleaned: "CT3298566.searchRevert" -  "false"
[-] Chrome preferences cleaned: "CT3298566.searchSuggestEnabledByUser" -  "true"
[-] Chrome preferences cleaned: "CT3298566.searchUserMode" -  "2"
[-] Chrome preferences cleaned: "CT3298566.selectToSearchBoxEnabled" -  "{\"dataType\":\"string\",\"data\":\"true\"}"
[-] Chrome preferences cleaned: "CT3298566.serviceLayer_service_login_isFirstLoginInvoked" -  "{\"dataType\":\"boolean\",\"data\":\"true\"}"
[-] Chrome preferences cleaned: "CT3298566.serviceLayer_service_login_loginCount" -  "{\"dataType\":\"number\",\"data\":\"4\"}"
[-] Chrome preferences cleaned: "CT3298566.serviceLayer_service_toolbarGrouping_activeCTID" -  "{\"dataType\":\"string\",\"data\":\"CT3298566\"}"
[-] Chrome preferences cleaned: "CT3298566.serviceLayer_service_toolbarGrouping_activeDownloadUrl" -  "{\"dataType\":\"string\",\"data\":\"hxxp://MixiDJV30.OurToolbar.com//xpi\"}"
[-] Chrome preferences cleaned: "CT3298566.serviceLayer_service_toolbarGrouping_activeToolbarName" -  "{\"dataType\":\"string\",\"data\":\"MixiDJ V30 \"}"
[-] Chrome preferences cleaned: "CT3298566.serviceLayer_service_toolbarGrouping_invoked" -  "{\"dataType\":\"string\",\"data\":\"true\"}"
[-] Chrome preferences cleaned: "CT3298566.serviceLayer_service_usage_toolbarUsageCount" -  "{\"dataType\":\"number\",\"data\":\"2\"}"
[-] Chrome preferences cleaned: "CT3298566.serviceLayer_services_Configuration_lastUpdate" -  "1376536014395"
[-] Chrome preferences cleaned: "CT3298566.serviceLayer_services_appsMetadata_lastUpdate" -  "1376536015379"
[-] Chrome preferences cleaned: "CT3298566.serviceLayer_services_gottenAppsContextMenu_lastUpdate" -  "1376536015350"
[-] Chrome preferences cleaned: "CT3298566.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate" -  "1376536014688"
[-] Chrome preferences cleaned: "CT3298566.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate" -  "1376536016156"
[-] Chrome preferences cleaned: "CT3298566.serviceLayer_services_login_10.16.70.5_lastUpdate" -  "1376536015904"
[-] Chrome preferences cleaned: "CT3298566.serviceLayer_services_otherAppsContextMenu_lastUpdate" -  "1376536015309"
[-] Chrome preferences cleaned: "CT3298566.serviceLayer_services_searchAPI_lastUpdate" -  "1376536014681"
[-] Chrome preferences cleaned: "CT3298566.serviceLayer_services_serviceMap_lastUpdate" -  "1376536014106"
[-] Chrome preferences cleaned: "CT3298566.serviceLayer_services_toolbarContextMenu_lastUpdate" -  "1376536015269"
[-] Chrome preferences cleaned: "CT3298566.serviceLayer_services_toolbarSettings_lastUpdate" -  "1376536014409"
[-] Chrome preferences cleaned: "CT3298566.serviceLayer_services_translation_lastUpdate" -  "1376536015338"
[-] Chrome preferences cleaned: "CT3298566.settingsINI" -  true
[-] Chrome preferences cleaned: "CT3298566.shouldFirstTimeDialog" -  "false"
[-] Chrome preferences cleaned: "CT3298566.showToolbarPermission" -  "false"
[-] Chrome preferences cleaned: "CT3298566.smartbar.CTID" -  "CT3298566"
[-] Chrome preferences cleaned: "CT3298566.smartbar.Uninstall" -  "0"
[-] Chrome preferences cleaned: "CT3298566.smartbar.homepage" -  "true"
[-] Chrome preferences cleaned: "CT3298566.smartbar.toolbarName" -  "MixiDJ V30 "
[-] Chrome preferences cleaned: "CT3298566.startPage" -  "true"
[-] Chrome preferences cleaned: "CT3298566.toolbarBornServerTime" -  "15-8-2013"
[-] Chrome preferences cleaned: "CT3298566.toolbarCurrentServerTime" -  "15-8-2013"
[-] Chrome preferences cleaned: "CT3298566.toolbarLoginClientTime" -  "Wed Aug 14 2013 21:06:55 GMT-0600 (Mountain Daylight Time)"
[-] Chrome preferences cleaned: "CT3298566.versionFromInstaller" -  "10.16.70.5"
[-] Chrome preferences cleaned: "CT3298566.xpeMode" -  "0"
[-] Chrome preferences cleaned: "CT3298566_Firefox.csv" -  "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1399262517646,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]"
[-] Chrome preferences cleaned: "CT3306061.ConnectTB_activeApp.enc" -  "aW5zdGFncmFt"
[-] Chrome preferences cleaned: "CT3306061.ENABALE_HISTORY" -  "{\"dataType\":\"string\",\"data\":\"true\"}"
[-] Chrome preferences cleaned: "CT3306061.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE" -  "{\"dataType\":\"string\",\"data\":\"true\"}"
[-] Chrome preferences cleaned: "CT3306061.FF19Solved" -  "true"
[-] Chrome preferences cleaned: "CT3306061.FirstTime" -  "true"
[-] Chrome preferences cleaned: "CT3306061.FirstTimeFF3" -  "true"
[-] Chrome preferences cleaned: "CT3306061.UserID" -  "UN43475131621741997"
[-] Chrome preferences cleaned: "CT3306061.addressBarTakeOverEnabledInHidden" -  "true"
[-] Chrome preferences cleaned: "CT3306061.appOptions" -  "{}"
[-] Chrome preferences cleaned: "CT3306061.browser.search.defaultthis.engineName" -  true
[-] Chrome preferences cleaned: "CT3306061.countryCode" -  "US"
[-] Chrome preferences cleaned: "CT3306061.defaultSearch" -  "true"
[-] Chrome preferences cleaned: "CT3306061.embeddedsData" -  "[{\"appId\":\"130158552044204297\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"instantAlert\":true,\"jsInjection\":true,\"sslGranted\":true},\"onBeforeLoadData\":\"{\\\"view\\\":{\\\"html\\\":\\\"<table id=\\\\\\\"main\\\\\\\" class=\\\\\\\"mainwrapper\\\\\\\" cellpadding=\\\\\\\"0\\\\\\\" cellspacing=\\\\\\\"0\\\\\\\">\\\\n    <tbody><tr>\\\\n        <!-- don't remove the width=\\\\\\\"100%\\\\\\\" bug in chrome the width become in px-->\\\\n        <td id=\\\\\\\"textboxWrapper\\\\\\\" style=\\\\\\\"width: 100%; background: none repeat scroll 0% 0% rgb(255, 255, 255);\\\\\\\" width=\\\\\\\"100%\\\\\\\">\\\\n            <!-- take focuse in IE -->\\\\n            <!--[if ie]>\\\\n            <form onsubmit =\\\\\\\"return false;\\\\\\\" action=\\\\\\\"#\\\\\\\">\\\\n            <![endif]-->\\\\n            <input style=\\\\\\\"color: rgb(0, 0, 0); background: none repeat scroll 0% 0% rgb(255, 255, 255); min-width: 137px; max-width: 445px; width: 100%;\\\\\\\" id=\\\\\\\"textbox\\\\\\\" type=\\\\\\\"text\\\\\\\">\\\\n            <!--[if ie]>\\\\n            </form>\\\\n            <![endif]-->\\\\n        </td>\\\\n        <td style=\\\\\\\"display: table-cell; background: none repeat scroll 0% 0% rgb(255, 255, 255);\\\\\\\" id=\\\\\\\"infoPopupButtonWrapper\\\\\\\">\\\\n            <div style=\\\\\\\"display: block;\\\\\\\" id=\\\\\\\"infoPopupButton\\\\\\\" class=\\\\\\\"dropdownButtonTextbox no-select\\\\\\\"></div>\\\\n        </td>\\\\n        <td id=\\\\\\\"engineWrapperContainer\\\\\\\">\\\\n            <table cellpadding=\\\\\\\"0\\\\\\\" cellspacing=\\\\\\\"0\\\\\\\">\\\\n                <tbody><tr>\\\\n                    <td id=\\\\\\\"imageTextWrapperContainer\\\\\\\">\\\\n                        <table cellpadding=\\\\\\\"0\\\\\\\" cellspacing=\\\\\\\"0\\\\\\\">\\\\n                            <tbody><tr>\\\\n                                <td style=\\\\\\\"display: table-cell;\\\\\\\" id=\\\\\\\"engineWrapper\\\\\\\"><img style=\\\\\\\"display: block;\\\\\\\" id=\\\\\\\"engineImage\\\\\\\" alt=\\\\\\\"\\\\\\\" src=\\\\\\\"hxxp://storage.conduit.com/43/330/CT3301943/images/635057641690978441_24PX.png\\\\\\\" onerror=\\\\\\\"javascript: this.src='hxxp://storage.conduit.com/images/searchengines/go_btn_new.gif'\\\\\\\"></td>\\\\n                                <td style=\\\\\\\"display: table-cell;\\\\\\\" id=\\\\\\\"engineTextWrapper\\\\\\\">\\\\n                                    <div title=\\\\\\\"Go\\\\\\\" style=\\\\\\\"color: rgb(0, 0, 0); font-family: Arial; font-weight: normal; font-size: 8pt;\\\\\\\" id=\\\\\\\"engineText\\\\\\\">Go</div>\\\\n                                </td>\\\\n                            </tr>\\\\n                        </tbody></table>\\\\n                    </td>\\\\n                    <td id=\\\\\\\"enginesPopupButtonWrapper\\\\\\\">\\\\n                        <div id=\\\\\\\"enginesPopupButton\\\\\\\" class=\\\\\\\"dropdownButton no-select\\\\\\\"></div>\\\\n                    </td>\\\\n                </tr>\\\\n            </tbody></table>\\\\n        </td>\\\\n    </tr>\\\\n</tbody></table>\\\"},\\\"locale\\\":{\\\"alignMode\\\":\\\"LTR\\\",\\\"locale\\\":\\\"en\\\",\\\"languageAlignMode\\\":\\\"LTR\\\"}}\"},{\"appId\":\"130158552044672304\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"instantAlert\":true,\"jsInjection\":true,\"sslGranted\":false},\"originalHeight\":26}]"
[-] Chrome preferences cleaned: "CT3306061.enableAlerts" -  "true"
[-] Chrome preferences cleaned: "CT3306061.enableSearchFromAddressBar" -  "true"
[-] Chrome preferences cleaned: "CT3306061.firstTimeDialogOpened" -  "true"
[-] Chrome preferences cleaned: "CT3306061.fixPageNotFoundError" -  "true"
[-] Chrome preferences cleaned: "CT3306061.fixPageNotFoundErrorByUser" -  "true"
[-] Chrome preferences cleaned: "CT3306061.fixPageNotFoundErrorInHidden" -  "true"
[-] Chrome preferences cleaned: "CT3306061.fullUserID" -  "UN43475131621741997.IN.20140105185159"
[-] Chrome preferences cleaned: "CT3306061.installDate" -  "05/01/2014 18:52:04"
[-] Chrome preferences cleaned: "CT3306061.installSessionId" -  "{73452895-621C-410D-8676-7BC5FEA403A3}"
[-] Chrome preferences cleaned: "CT3306061.installSp" -  "TRUE"
[-] Chrome preferences cleaned: "CT3306061.installType" -  "conduitnsisintegration"
[-] Chrome preferences cleaned: "CT3306061.installUsage" -  "2014-05-05T07:01:57.6695499+03:00"
[-] Chrome preferences cleaned: "CT3306061.installUsageEarly" -  "2014-05-05T07:01:52.6399979+03:00"
[-] Chrome preferences cleaned: "CT3306061.installerVersion" -  "1.8.1.4"
[-] Chrome preferences cleaned: "CT3306061.isCheckedStartAsHidden" -  true
[-] Chrome preferences cleaned: "CT3306061.isEnableAllDialogs" -  "{\"dataType\":\"string\",\"data\":\"true\"}"
[-] Chrome preferences cleaned: "CT3306061.isFirstTimeToolbarLoading" -  "false"
[-] Chrome preferences cleaned: "CT3306061.isToolbarShrinked" -  "{\"dataType\":\"string\",\"data\":\"false\"}"
[-] Chrome preferences cleaned: "CT3306061.keyword" -  true
[-] Chrome preferences cleaned: "CT3306061.lastVersion" -  "10.23.0.722"
[-] Chrome preferences cleaned: "CT3306061.mam_gk_installer_preapproved.enc" -  "ZmFsc2U="
[-] Chrome preferences cleaned: "CT3306061.navigationAliasesJson" -  "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxps%3A%2F%2Fwww.facebook.com%2F\",\"EB_MAIN_FRAME_TITLE\":\"Welcome%20to%20Facebook%20-%20Log%20In%2C%20Sign%20Up%20or%20Learn%20More\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://ConnectDLC5.OurToolbar.com/\",\"EB_TOOLBAR_ID\":\"CT3306061\",\"EB_TOOLBAR_VERSION\":\"10.23.0.722\",\"EB_ORIGINAL_CTID\":\"CT3306061\",\"EB_DOWNLOAD_PAGE\":\"hxxp://ConnectDLC5.OurToolbar.com/\",\"EB_TOOLBAR_NAME\":\"Connect DLC 5 \"}"
[-] Chrome preferences cleaned: "CT3306061.openThankYouPage" -  "false"
[-] Chrome preferences cleaned: "CT3306061.openUninstallPage" -  "true"
[-] Chrome preferences cleaned: "CT3306061.originalHomepage" -  "chrome://branding/locale/browserconfig.properties"
[-] Chrome preferences cleaned: "CT3306061.originalSearchAddressUrl" -  "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298566&SearchSource=2&CUI=UN24925542722012119&UM=2&q="
[-] Chrome preferences cleaned: "CT3306061.originalSearchEngine" -  "MixiDJ V30 Customized Web Search"
[-] Chrome preferences cleaned: "CT3306061.originalSearchEngineName" -  "MixiDJ V30 Customized Web Search"
[-] Chrome preferences cleaned: "CT3306061.revertSettingsEnabled" -  "true"
[-] Chrome preferences cleaned: "CT3306061.search.searchAppId" -  "130158552044204297"
[-] Chrome preferences cleaned: "CT3306061.search.searchCount" -  "0"
[-] Chrome preferences cleaned: "CT3306061.searchFromAddressBarEnabledByUser" -  "true"
[-] Chrome preferences cleaned: "CT3306061.searchInNewTabEnabledByUser" -  "true"
[-] Chrome preferences cleaned: "CT3306061.searchInNewTabEnabledInHidden" -  "true"
[-] Chrome preferences cleaned: "CT3306061.searchRevert" -  "true"
[-] Chrome preferences cleaned: "CT3306061.searchSuggestEnabledByUser" -  "true"
[-] Chrome preferences cleaned: "CT3306061.searchUninstallUserMode" -  "2"
[-] Chrome preferences cleaned: "CT3306061.searchUserMode" -  "2"
[-] Chrome preferences cleaned: "CT3306061.selectToSearchBoxEnabled" -  "{\"dataType\":\"string\",\"data\":\"true\"}"
[-] Chrome preferences cleaned: "CT3306061.serviceLayer_service_login_isFirstLoginInvoked" -  "{\"dataType\":\"boolean\",\"data\":\"true\"}"
[-] Chrome preferences cleaned: "CT3306061.serviceLayer_service_login_loginCount" -  "{\"dataType\":\"number\",\"data\":\"2\"}"
[-] Chrome preferences cleaned: "CT3306061.serviceLayer_service_toolbarGrouping_activeCTID" -  "{\"dataType\":\"string\",\"data\":\"CT3306061\"}"
[-] Chrome preferences cleaned: "CT3306061.serviceLayer_service_toolbarGrouping_activeDownloadUrl" -  "{\"dataType\":\"string\",\"data\":\"hxxp://ConnectDLC5.OurToolbar.com//xpi\"}"
[-] Chrome preferences cleaned: "CT3306061.serviceLayer_service_toolbarGrouping_activeToolbarName" -  "{\"dataType\":\"string\",\"data\":\"Connect DLC 5 \"}"
[-] Chrome preferences cleaned: "CT3306061.serviceLayer_service_toolbarGrouping_invoked" -  "{\"dataType\":\"string\",\"data\":\"true\"}"
[-] Chrome preferences cleaned: "CT3306061.serviceLayer_service_usage_toolbarUsageCount" -  "{\"dataType\":\"number\",\"data\":\"2\"}"
[-] Chrome preferences cleaned: "CT3306061.serviceLayer_services_Configuration_lastUpdate" -  "1399262524290"
[-] Chrome preferences cleaned: "CT3306061.serviceLayer_services_appTrackingFirstTime_lastUpdate" -  "1399262527429"
[-] Chrome preferences cleaned: "CT3306061.serviceLayer_services_appsMetadata_lastUpdate" -  "1399262527252"
[-] Chrome preferences cleaned: "CT3306061.serviceLayer_services_gottenAppsContextMenu_lastUpdate" -  "1399262527263"
[-] Chrome preferences cleaned: "CT3306061.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate" -  "1399262524080"
[-] Chrome preferences cleaned: "CT3306061.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate" -  "1399262528780"
[-] Chrome preferences cleaned: "CT3306061.serviceLayer_services_login_10.23.0.722_lastUpdate" -  "1399262528383"
[-] Chrome preferences cleaned: "CT3306061.serviceLayer_services_otherAppsContextMenu_lastUpdate" -  "1399262527305"
[-] Chrome preferences cleaned: "CT3306061.serviceLayer_services_searchAPI_lastUpdate" -  "1399262527436"
[-] Chrome preferences cleaned: "CT3306061.serviceLayer_services_serviceMap_lastUpdate" -  "1399262522682"
[-] Chrome preferences cleaned: "CT3306061.serviceLayer_services_toolbarContextMenu_lastUpdate" -  "1399262527460"
[-] Chrome preferences cleaned: "CT3306061.serviceLayer_services_toolbarSettings_lastUpdate" -  "1399262524136"
[-] Chrome preferences cleaned: "CT3306061.serviceLayer_services_translation_lastUpdate" -  "1399262527330"
[-] Chrome preferences cleaned: "CT3306061.settingsINI" -  true
[-] Chrome preferences cleaned: "CT3306061.shouldFirstTimeDialog" -  "false"
[-] Chrome preferences cleaned: "CT3306061.showToolbarPermission" -  "false"
[-] Chrome preferences cleaned: "CT3306061.smartbar.CTID" -  "CT3306061"
[-] Chrome preferences cleaned: "CT3306061.smartbar.Uninstall" -  "0"
[-] Chrome preferences cleaned: "CT3306061.smartbar.homepage" -  true
[-] Chrome preferences cleaned: "CT3306061.smartbar.toolbarName" -  "Connect DLC 5 "
[-] Chrome preferences cleaned: "CT3306061.startPage" -  "true"
[-] Chrome preferences cleaned: "CT3306061.toolbarBornServerTime" -  "5-5-2014"
[-] Chrome preferences cleaned: "CT3306061.toolbarCurrentServerTime" -  "5-5-2014"
[-] Chrome preferences cleaned: "CT3306061.toolbarInstallDate" -  "05-01-2014 18:52:01"
[-] Chrome preferences cleaned: "CT3306061.toolbarLoginClientTime" -  "Sun May 04 2014 22:02:08 GMT-0600 (Mountain Daylight Time)"
[-] Chrome preferences cleaned: "CT3306061.versionFromInstaller" -  "10.23.0.722"
[-] Chrome preferences cleaned: "CT3306061.xpeMode" -  "1"
[-] Chrome preferences cleaned: "CT3306061_Firefox.csv" -  "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1399262518140,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]"
[-] Chrome preferences cleaned: "Smartbar.ConduitHomepagesList" -  ""
[-] Chrome preferences cleaned: "Smartbar.ConduitSearchEngineList" -  "Connect DLC 5 Customized Web Search"
[-] Chrome preferences cleaned: "Smartbar.ConduitSearchUrlList" -  "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3306061&SearchSource=2&CUI=UN43475131621741997&UM=2&q="
[-] Chrome preferences cleaned: "Smartbar.SearchFromAddressBarSavedUrl" -  "hxxp://isearch.avg.com/search?cid={9FC1891C-9453-4AD3-8029-E4644ED48E4C}&mid=5d40747e1bf647d6826d59e75b0c6a98-23128e5cdec976e8716f333c670f44610ae7a5d4&lang=en&ds=AVG&pr=fr&d=2012-12-11 07:10:50&pid=avg&sg=&v=14.0.2.14&sap=ku&q="
[-] Chrome preferences cleaned: "Smartbar.keywordURLSelectedCTID" -  "CT3306061"
[-] Chrome preferences cleaned: "avg.install.Revert_DSP" -  "MixiDJ V30 Customized Web Search"
[-] Chrome preferences cleaned: "avg.install.installDirPath" -  "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\18.3.0.885"
[-] Chrome preferences cleaned: "avg.install.userSPSettings" -  "MixiDJ V30 Customized Web Search"
[-] Chrome preferences cleaned: "avg.userPreferences.URLBarFocus.whiteList" -  "bing\\.com google\\.\\w+ yahoo\\.\\w+ gmail\\.\\w+ hotmail\\.\\w+ live\\.\\w+ isearch\\.avg\\.com mysearch\\.avg\\.com"
[-] Chrome preferences cleaned: "browser.babylon.HPOnNewTab" -  "search.babylon.com"
[-] Chrome preferences cleaned: "browser.search.defaultthis.engineName" -  "MixiDJ V30 Customized Web Search"
[-] Chrome preferences cleaned: "extensions.installCache" -  "[{\"name\":\"winreg-app-global\",\"addons\":{\"[email protected]\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\HP\\\\Digital Imaging\\\\Smart Web Printing\\\\MozillaAddOn3\",\"mtime\":1305923926047},\"[email protected]\":{\"descriptor\":\"C:\\\\ProgramData\\\\AVG Secure Search\\\\FireFoxExt\\\\18.8.0.180\",\"mtime\":1443314200655}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1431925845566}}},{\"name\":\"winreg-app-user\",\"addons\":{\"[email protected]\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\HP\\\\Digital Imaging\\\\Smart Web Printing\\\\MozillaAddOn3\",\"mtime\":1305923926047}}},{\"name\":\"app-profile\",\"addons\":{\"[email protected]\":{\"descriptor\":\"C:\\\\Users\\\\Tammy\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\pmzpjc38.default\\\\extensions\\\\[email protected]\",\"mtime\":1443314179502},\"[email protected]\":{\"descriptor\":\"C:\\\\Users\\\\Tammy\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\pmzpjc38.default\\\\extensions\\\\[email protected]\",\"mtime\":1448819143018},\"[email protected]\":{\"descriptor\":\"C:\\\\Users\\\\Tammy\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\pmzpjc38.default\\\\extensions\\\\[email protected]\",\"mtime\":1429362049127}}}]"
[-] Chrome preferences cleaned:
[-] Chrome preferences cleaned: "plugin.state.npconduitfirefoxplugin" -  2
[-] Chrome preferences cleaned: "smartbar.addressBarOwnerCTID" -  "CT3306061"
[-] Chrome preferences cleaned: "smartbar.conduitHomepageList" -  "hxxp://search.conduit.com/?ctid=CT3306061&CUI=UN43475131621741997&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3298566&CUI=UN24925542722012119&UM=2&SearchSource=13"
[-] Chrome preferences cleaned: "smartbar.conduitSearchAddressUrlList" -  "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298566&SearchSource=2&CUI=UN24925542722012119&UM=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3306061&SearchSource=2&CUI=UN43475131621741997&UM=2&q="
[-] Chrome preferences cleaned: "smartbar.defaultSearchOwnerCTID" -  "CT3306061"
[-] Chrome preferences cleaned: "smartbar.homePageOwnerCTID" -  "CT3298566"
[-] Chrome preferences cleaned: "smartbar.machineId" -  "AGN82FAJICEQW8TVPEPXFRNH3NWQCPMPMQKPZVT4NYEDRXR9HDNPUEDC08W+9F4CX2G3LQQ6BUQQ9P6C5ROPGA"
[-] Chrome preferences cleaned: "valueApps.CT3306061.mam_gk_currentVersion" -  "312E31332E302E3137"
[-] Chrome preferences cleaned: "valueApps.CT3306061.mam_gk_currentVersion.storedInFile" -  false
[-] Chrome preferences cleaned: "valueApps.CT3306061.mam_gk_migrated_from_ls" -  "31"
[-] Chrome preferences cleaned: "valueApps.CT3306061.mam_gk_migrated_from_ls.storedInFile" -  false
[-] Chrome preferences cleaned: "valueApps.CT3306061.mam_gk_userBornDate" -  "4E2F41"
[-] Chrome preferences cleaned: "valueApps.CT3306061.mam_gk_userBornDate.storedInFile" -  false
[-] Chrome preferences cleaned: "valueApps.storage.mam_gk_userId" -  "63396232646634632D383338632D346162352D396132352D623635396530326330383164"


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [68490 Bytes] - [30/10/2016 10:45:57]
C:\AdwCleaner\AdwCleaner[S0].txt - [70670 Bytes] - [30/10/2016 10:20:17]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [68638 Bytes] ##########

Share this post


Link to post
Share on other sites

Tammy, this was a lot ! But we have more to do so keep going/running the other programs & paste their logs for me !

Thanks

Chuck

Share this post


Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 7 Home Premium x64
Ran by Tammy (Administrator) on Sun 10/30/2016 at 13:00:01.01
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 


File System: 8

Successfully deleted: C:\Users\Tammy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\22FJBPWZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Tammy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7S2ZNTNN (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Tammy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CKUJZD3R (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Tammy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZYYUDPO5 (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\22FJBPWZ (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7S2ZNTNN (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CKUJZD3R (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZYYUDPO5 (Temporary Internet Files Folder)

 

Registry: 0

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 10/30/2016 at 13:05:58.36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Share this post


Link to post
Share on other sites

After you post the Malwarebytes log run this program next !

 

Download OldTimer to your desk top !
Links: http://oldtimer.geekstogo.com/OTL.com http://oldtimer.geekstogo.com/OTL.scr  
 
If you already have a copy of OTL delete it and use this version.  (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).

* Double click OTL.exe to launch the program.
* Check the following.

o Scan all users.
o Standard Output. o Lop check.
o Purity check. oExtra Registry > Use SafeList  

* Under Extra Registry section, select Use SafeList
* Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
* When finished it will produce two logs.

o OTL.txt (open on your desktop).
o Extras.txt (minimised in your taskbar) The Extras.txt file will only appear the very first time you run OTL.

* Please post me both logs. This may have to be broken into more than one post !   

 

Thanks

Chuck

Share this post


Link to post
Share on other sites

OTL logfile created on: 10/30/2016 6:46:17 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tammy\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18314)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.80 Gb Total Physical Memory | 2.32 Gb Available Physical Memory | 61.13% Memory free
7.60 Gb Paging File | 6.04 Gb Available in Paging File | 79.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453.19 Gb Total Space | 370.01 Gb Free Space | 81.65% Space Free | Partition Type: NTFS
 
Computer Name: TAMMY-PC | User Name: Tammy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2016/10/30 17:59:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tammy\Downloads\OTL.com
PRC - [2016/09/16 11:24:06 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2016/09/13 06:55:02 | 001,510,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
PRC - [2016/07/31 22:03:37 | 000,288,920 | ---- | M] (Google Inc.) -- C:\Users\Tammy\AppData\Local\Google\Update\1.3.31.5\GoogleCrashHandler.exe
PRC - [2015/05/17 23:10:44 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/10/08 18:18:56 | 000,211,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2014/10/08 18:18:50 | 000,534,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/05/27 16:58:48 | 000,793,416 | ---- | M] (AVG) -- C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
PRC - [2010/03/03 15:42:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/03/03 15:41:58 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2016/04/11 06:33:36 | 040,500,224 | ---- | M] () -- C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
MOD - [2015/05/17 23:10:44 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/10/11 14:06:16 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/10/11 14:05:58 | 001,044,776 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/05/25 11:53:14 | 000,350,024 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\madExcept_.bpl
MOD - [2011/05/25 11:53:12 | 000,184,136 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\madBasic_.bpl
MOD - [2011/05/25 11:53:12 | 000,050,504 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\madDisAsm_.bpl
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2016/04/22 22:47:35 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015/07/22 18:02:54 | 001,390,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/04/06 15:53:14 | 000,258,928 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2010/02/05 18:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/11/05 23:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009/07/28 16:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2016/10/30 09:50:52 | 000,270,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/10/13 15:47:40 | 005,332,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\Av\avgidsagenta.exe -- (AVGIDSAgent)
SRV - [2016/10/13 15:34:48 | 000,727,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\Av\avgwdsvca.exe -- (avgwd)
SRV - [2016/10/13 15:28:00 | 000,647,864 | ---- | M] (AVG Technologies CZ, s.r.o.) [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\Av\avgamps.exe -- (AvgAMPS)
SRV - [2016/09/16 11:24:06 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2016/09/13 06:54:28 | 001,149,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe -- (avgsvc)
SRV - [2015/09/02 11:36:03 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2014/10/08 18:18:56 | 000,211,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2014/10/08 18:18:50 | 000,534,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2014/04/12 00:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/03/20 16:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2010/10/22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/04/03 17:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/03 15:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/03 15:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/10/06 10:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2016/10/30 16:19:14 | 000,192,216 | ---- | M] (Malwarebytes) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2016/09/26 18:19:22 | 000,254,208 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2016/09/22 14:44:20 | 000,311,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2016/09/20 16:55:14 | 000,265,472 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2016/07/27 15:24:54 | 000,299,264 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2016/07/27 15:24:26 | 000,272,640 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2016/06/20 15:22:20 | 000,077,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avguniva.sys -- (Avguniva)
DRV:64bit: - [2016/06/01 13:16:40 | 000,052,992 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2016/05/13 07:52:10 | 000,163,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2016/02/16 15:05:56 | 000,360,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2014/10/08 18:18:54 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2014/10/08 18:18:54 | 000,029,352 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2014/10/08 18:18:54 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2014/10/08 18:18:50 | 000,766,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2012/10/03 17:14:56 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/23 18:14:44 | 001,142,376 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2010/11/20 07:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 05:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/07/20 09:10:40 | 010,603,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/03/10 19:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/02/27 08:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/03 22:38:32 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/01/15 13:22:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/01/12 15:37:34 | 000,325,152 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/01/07 10:05:46 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/09/17 13:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/30 22:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009/07/30 21:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 15:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/06/22 18:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009/06/10 15:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {431573BD-94AE-4370-B706-D3B1EFCFEC05}
IE:64bit: - HKLM\..\SearchScopes\{431573BD-94AE-4370-B706-D3B1EFCFEC05}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {BB82DE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKLM\..\SearchScopes\{361BFBE1-0284-4C5C-85AA-3927EF84A325}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND
 
 
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig?brand=TSND&bmod=TSND
IE - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://start.toshiba.com/g/ [binary data]
IE - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 0F 36 E0 80 7C 9D D1 01  [binary data]
IE - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\..\SearchScopes\{361BFBE1-0284-4C5C-85AA-3927EF84A325}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ADFA_enUS437
IE - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\..\SearchScopes\{957DF095-FEB4-458A-93EE-20C7B5E5DFD2}: "URL" = https://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
IE - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\..\SearchScopes\{ED22977B-C28A-42D9-9F5C-2F18221DDAA9}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND
IE - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.101.2: C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.101.2: C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\Tammy\AppData\Local\Roblox\Versions\version-3ea30293a6494961\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher64: C:\Users\Tammy\AppData\Local\Roblox\Versions\version-3ea30293a6494961\\NPRobloxProxy64.dll ()
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Tammy\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Tammy\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Tammy\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Tammy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/05/20 14:38:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2015/05/17 23:10:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016/10/30 11:40:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/05/20 14:38:46 | 000,000,000 | ---D | M]
 
[2011/05/20 14:39:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tammy\AppData\Roaming\Mozilla\Extensions
[2016/10/30 10:43:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tammy\AppData\Roaming\Mozilla\Firefox\Profiles\pmzpjc38.default\extensions
[2015/04/18 07:00:49 | 000,000,000 | ---D | M] (UNIDeallSe) -- C:\Users\Tammy\AppData\Roaming\Mozilla\Firefox\Profiles\pmzpjc38.default\extensions\[email protected]
[2013/08/14 20:42:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tammy\AppData\Roaming\Mozilla\Firefox\Profiles\uxkx2gv2.default\extensions
[2015/11/29 11:45:43 | 000,007,211 | ---- | M] () (No name found) -- C:\Users\Tammy\AppData\Roaming\Mozilla\Firefox\Profiles\pmzpjc38.default\extensions\[email protected]
[2015/02/14 07:28:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2015/05/17 23:10:45 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2015/05/17 23:10:41 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2015/05/17 23:10:41 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
 
========== Chrome  ==========
 
CHR - Extension: No name found = C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\
CHR - Extension: No name found = C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihfmmedoddijgnhkgfgnkeohkpbipol\1.1.0_0\
CHR - Extension: No name found = C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\
CHR - Extension: No name found = C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhjnmacgahapmnnifmneapinilajfol\12.4.200_0\
 
O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll File not found
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AvgUi] C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe (AVG Technologies CZ, s.r.o.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001..\Run: [Facebook Update] C:\Users\Tammy\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9BF89E9B-DB01-4198-9A9F-F1A284F79955}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll File not found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\MotorolaDeviceManagerSetup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2016/10/30 10:17:33 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Users\Tammy\Documents\*.tmp files -> C:\Users\Tammy\Documents\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2016/10/30 18:51:31 | 000,019,248 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/10/30 18:51:31 | 000,019,248 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/10/30 18:50:03 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2016/10/30 18:43:31 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2016/10/30 18:42:56 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2016/10/30 18:42:55 | 3059,748,864 | -HS- | M] () -- C:\hiberfil.sys
[2016/10/30 18:16:00 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2016/10/30 18:06:01 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-4099816973-1217867158-1303274427-1001UA.job
[2016/10/30 16:19:14 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2016/10/30 13:44:01 | 000,000,928 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-4099816973-1217867158-1303274427-1001UA.job
[2016/10/30 11:06:00 | 000,000,856 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-4099816973-1217867158-1303274427-1001Core.job
[2016/10/30 09:50:52 | 000,796,352 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2016/10/30 09:50:52 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2016/10/30 09:21:44 | 000,002,380 | ---- | M] () -- C:\Users\Tammy\Desktop\Google Chrome.lnk
[2016/10/18 19:44:00 | 000,000,906 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-4099816973-1217867158-1303274427-1001Core.job
[2016/10/18 19:03:49 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\AVG Protection.lnk
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Users\Tammy\Documents\*.tmp files -> C:\Users\Tammy\Documents\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/05/19 21:00:51 | 000,009,230 | -HS- | C] () -- C:\Users\Tammy\AppData\Local\8037qims01b053x2e7521t65425
[2011/05/19 21:00:51 | 000,009,230 | -HS- | C] () -- C:\ProgramData\8037qims01b053x2e7521t65425
[2011/05/17 10:02:45 | 000,005,628 | -HS- | C] () -- C:\Users\Tammy\AppData\Local\3r55o4iu38cp6m5y1371t6bgnvmx46q6
[2011/05/17 10:02:45 | 000,005,628 | -HS- | C] () -- C:\ProgramData\3r55o4iu38cp6m5y1371t6bgnvmx46q6
 
========== ZeroAccess Check ==========
 
[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2016/01/22 00:19:58 | 014,179,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016/01/22 00:05:58 | 012,877,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013/01/11 07:08:29 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013/01/11 07:08:29 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2015/10/26 07:39:57 | 000,000,000 | ---D | M] -- C:\Users\Tammy\AppData\Roaming\AVG
[2015/04/04 18:51:56 | 000,000,000 | ---D | M] -- C:\Users\Tammy\AppData\Roaming\Awesomium
[2011/05/12 09:50:08 | 000,000,000 | ---D | M] -- C:\Users\Tammy\AppData\Roaming\com.warnerbros.DigitalCopyManager.449F66ACC381FDC604DC2AA255FEECEEBBBEE1E5.1
[2015/01/07 08:13:24 | 000,000,000 | ---D | M] -- C:\Users\Tammy\AppData\Roaming\JCP
[2016/01/26 22:56:56 | 000,000,000 | ---D | M] -- C:\Users\Tammy\AppData\Roaming\SoftGrid Client
[2011/01/21 23:49:57 | 000,000,000 | ---D | M] -- C:\Users\Tammy\AppData\Roaming\Tific
[2013/03/10 13:25:38 | 000,000,000 | ---D | M] -- C:\Users\Tammy\AppData\Roaming\Toshiba
[2011/04/21 08:06:05 | 000,000,000 | ---D | M] -- C:\Users\Tammy\AppData\Roaming\TP
[2012/12/11 08:10:54 | 000,000,000 | ---D | M] -- C:\Users\Tammy\AppData\Roaming\TuneUp Software
[2011/07/31 17:47:41 | 000,000,000 | ---D | M] -- C:\Users\Tammy\AppData\Roaming\Unity
[2011/01/31 17:21:44 | 000,000,000 | ---D | M] -- C:\Users\Tammy\AppData\Roaming\WildTangent
[2011/01/21 21:17:24 | 000,000,000 | ---D | M] -- C:\Users\Tammy\AppData\Roaming\WinBatch
[2011/06/01 07:48:43 | 000,000,000 | ---D | M] -- C:\Users\Tammy\AppData\Roaming\Windows Live Writer
[2013/01/11 07:08:29 | 000,000,000 | ---D | M] -- C:\Users\TEMP\AppData\Roaming\TuneUp Software
[2013/01/11 07:08:29 | 000,000,000 | ---D | M] -- C:\Users\TEMP.Tammy-PC\AppData\Roaming\TuneUp Software
[2013/01/11 07:08:29 | 000,000,000 | ---D | M] -- C:\Users\TEMP.Tammy-PC.000\AppData\Roaming\TuneUp Software
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 158 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:0B4227B4

< End of report >

 

Share this post


Link to post
Share on other sites

OTL Extras logfile created on: 10/30/2016 6:46:17 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tammy\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18314)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.80 Gb Total Physical Memory | 2.32 Gb Available Physical Memory | 61.13% Memory free
7.60 Gb Paging File | 6.04 Gb Available in Paging File | 79.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453.19 Gb Total Space | 370.01 Gb Free Space | 81.65% Space Free | Partition Type: NTFS
 
Computer Name: TAMMY-PC | User Name: Tammy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{013BC41F-B4A3-4237-B327-9A25F6E841CF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{074A5B21-33E9-4AB2-8B22-240E2B423F20}" = rport=445 | protocol=6 | dir=out | app=system |
"{08277416-2805-4633-A21E-6EC08D7AC764}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0FEB19F5-7F75-4A7C-A70A-80F4AABF81A8}" = lport=138 | protocol=17 | dir=in | app=system |
"{1B090352-BD34-43F8-B404-B5EC9D126159}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1B1FF54C-EB9B-44CD-A2D3-D6F2FAE42A42}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{22C3B647-AF83-45FF-9851-AE87F7AF9BDE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{60E2F6EB-0ADC-4E9B-92F6-34165C1CF40E}" = lport=137 | protocol=17 | dir=in | app=system |
"{7BD484FC-EB90-40A9-A094-C4BCF745F8F3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{892CA097-37AE-42FB-8696-BDF94D5870C4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8FA46310-AB93-49D4-B876-BD5A423DB63C}" = lport=445 | protocol=6 | dir=in | app=system |
"{9C9253B7-14EB-4016-B807-5FCBA3A8EB8E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9F542F2F-BD55-48ED-A3F2-B9B5DD088C96}" = rport=139 | protocol=6 | dir=out | app=system |
"{A3243C6F-2DDD-468E-BC64-176F369812A2}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A39CE7BB-1180-4B5A-A399-AB8AC2E4C951}" = rport=138 | protocol=17 | dir=out | app=system |
"{AACDFBDC-3ADB-4537-832C-AFA748278CE9}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{AF3B60B9-4CC5-4B01-8D37-59AA2E732BCB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B5C4B9F8-1D75-41AA-A5A6-80A55621DCDB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B7721D7D-058F-469E-8213-EFC03C736024}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B9DF037B-4CD5-4BF5-B014-5D5B67E72777}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CDDC0580-8276-405F-B307-BEAFDC30CE26}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D0E3EAED-46B9-47CE-A9A8-1D5C2F0656D7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D3B55C52-BEF8-48CB-88D4-BE8F2F57E04D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D556A623-0174-462C-AD47-5CE1647419EF}" = rport=137 | protocol=17 | dir=out | app=system |
"{E33B484F-37ED-499D-B82A-2ED47E2FCE61}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EE93FB58-72DB-4C68-B3F3-C40F2CFB90A8}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{F0480B53-1B3E-4EED-BAE9-71E9B7D5C956}" = lport=10243 | protocol=6 | dir=in | app=system |
"{FAB23E6F-57FA-4B13-8666-56B89B70B9E8}" = lport=139 | protocol=6 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{007064C5-3AB4-483C-94DA-51594B087D9B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0421098E-82E9-484A-8908-FF3A5D066ABC}" = protocol=1 | dir=in | [email protected],-28543 |
"{07412DC3-B180-477A-AF0E-829DBAC20964}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{096471E7-45FA-42BE-B225-D9FC7135CB1A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{10BB0F24-E289-4F1D-91F6-9EB078005F61}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\av\avgdiagex.exe |
"{16D7EE84-C8C4-4976-94B3-AED8E1724DB3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{18C70843-C47A-4CBA-B3F1-22CB44110623}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\av\avgmfapx.exe |
"{1913868C-E5B0-4244-BAF5-73E335822719}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgmfapx.exe |
"{24057899-B512-4A12-8720-F218294289BC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{24170C0C-7BD7-44D6-9FAE-AB4927B30D34}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{25860A9E-9F75-487E-83BD-DCD213BF86AE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2F5B2E36-B836-416B-889F-1D375D7E3EFD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"{3430788E-5BFF-4A7C-B616-16DDDFE4FEB2}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3476EDAC-E3CB-4C39-B47C-2FE67BCB8759}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{34C26750-DCFA-4AAE-B6B7-586D870CB455}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{35970EE9-E9FC-4435-BC82-5F0F8D0D9F03}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{35D219E7-94A0-4C42-8E44-4D451F345AE3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{36B135BE-DDE0-4E98-8042-644879397E75}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3CA3B4F9-C902-4D0D-900D-CEC20CB98148}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\av\avgnsa.exe |
"{3CBDADA2-7E5B-48C4-9D8B-CE1270A3A47C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgemca.exe |
"{428A55EC-46A3-46EB-849F-3FEE2320C441}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgnsa.exe |
"{4429250A-CECC-4B63-9DAB-766B91EDEA5E}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{4EB692AF-053B-4674-B7A6-499428C795BB}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\av\avgemca.exe |
"{5256EBEC-905E-49BE-9E88-5D44F47BD3F1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{568B4142-04BA-4D37-8FA3-673E56D1AF86}" = protocol=58 | dir=out | [email protected],-28546 |
"{57639EAB-C435-4D71-8E2E-7DBD30BB4562}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{579B5233-9ECB-4569-9641-692D2D2273C0}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\av\avgnsa.exe |
"{5808DADA-3A9B-4E37-BA46-A4924FE1694B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgmfapx.exe |
"{5B93D0F2-007D-4185-B502-EF9923799A38}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{5B953765-A143-482D-8AF8-D56CDBD8EDC0}" = dir=in | app=c:\users\tammy\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{5F707420-9365-44B6-A3CB-7DFE181EC123}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{62D6EE2F-537C-4EB1-BA97-73C03C6422FC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgemca.exe |
"{6DA7CC16-3B3C-4997-A91D-2382040F4443}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgdiagex.exe |
"{6EDCE8C7-F432-4CDF-B674-C5F9C34143BB}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\av\avgnsa.exe |
"{715ACE93-5BD9-43CA-8526-120F4209257C}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{71D11EAC-F596-48BB-A24E-79E8A50C71E9}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\av\avgemca.exe |
"{7309E72C-450D-43A1-887B-486A56811472}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{76553632-D8FE-4FCE-8B24-E1EBECAC3A3F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{76B1BEFD-84A2-4C21-9EE2-D30288723D9F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7855D1A6-F751-4E3F-A806-874DA5F9AD7A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{83E8A451-4DCC-477F-9F1F-E4AF3751A972}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\av\avgmfapx.exe |
"{8573F557-DECE-4619-87FA-AE97655BD1A6}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{89E3986C-765F-426A-A0D0-7496E47A05C0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{90A1FBA1-DA89-436F-8C24-E2678A6E35FF}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\av\avgnsa.exe |
"{91D869C5-04D1-42F8-BFF6-0CD5B9F85111}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{95043DB5-3328-467B-AB41-AFD672B221B0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{98D427C0-D3E6-4F2A-9B28-707A867439F0}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{9A395206-3732-4042-B4FA-4EBD8DF429F9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9B1CEA4F-5F96-475B-96C9-55C25EDB9BC7}" = protocol=17 | dir=in | app=c:\program files (x86)\warthunder\launcher.exe |
"{9C38C4B2-4ED8-46DB-8D05-8E7EF4E03598}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A7B5157A-D2A9-4CE2-933C-E8BCCF944E70}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{AD50281A-67B6-45FA-9896-8981576798D2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{AFEF0925-1DC7-4CD7-83F2-91E966D603BD}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{B1B67693-642F-46F4-AD22-01C61E3A3770}" = protocol=6 | dir=in | app=c:\program files (x86)\warthunder\launcher.exe |
"{B29DA8D5-C203-4CBE-B118-8B65D9A4B84A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{B308E7AB-38F7-4509-BC75-18F1C04B6DEC}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{B34D9231-D098-422A-8D15-F75936BEEDA6}" = protocol=58 | dir=in | [email protected],-28545 |
"{B507E0CC-002F-4145-A2F9-04148347B787}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B5E5F8F6-9738-4A9B-8600-E992AD5427DD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{BD8E3C98-EB93-4939-90C1-8F2589549F9A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{BFE08F99-2477-4E88-B8BC-81A4F4608136}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{C79A07CC-8CD5-4F6A-8F43-8A7C4D152936}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\av\avgdiagex.exe |
"{CDF85FBB-7A7B-4CA5-908B-C4EEF4538C1C}" = protocol=1 | dir=out | [email protected],-28544 |
"{D2B3A981-B871-4645-BF43-BCD4EC986D46}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{D4A201B7-4E57-4CD4-BCA5-6A93713D759E}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgdiagex.exe |
"{D508FEEC-A697-4F89-BBBB-631E4C5FA7EA}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{D736C32E-0015-4F88-868C-A0BE309C088C}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{DA437162-F548-49BA-BA04-32B9C1BAC964}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{DE685A96-F5D5-4250-8C32-CC050350CF0A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{DF498322-58B2-4235-A1E8-5CBF101E7C50}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgnsa.exe |
"{E14DD260-A232-421F-958F-84641D372638}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\av\avgemca.exe |
"{E3815B7A-39B9-41D1-A6D7-8C33BE9C1FCD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{E6141DC2-076D-4F9F-84E0-BF1DCC4C8491}" = protocol=6 | dir=out | app=system |
"{E8C73874-4C26-4B39-B8CB-FAA23536BC6F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{EB28F606-715A-4A58-AC58-99D1ADB84E0D}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{ED15975B-D26F-42B4-A562-192FA9777997}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F27C666F-844F-46D3-820B-235CBE8D500E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\av\avgemca.exe |
"{FACDD9CF-FA63-4360-B6DC-2A14601B2D2E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{FC208057-5A33-4FA3-8D9D-AC50849BF9A6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FF82FB7F-9538-4615-8885-78CD135AD7C4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{2A652199-CEB7-4A16-B388-280015464FFE}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{50259C30-BE74-42A3-B5FF-2B604FABF6FA}C:\users\tammy\appdata\local\temp\lmi6ed6.tmp\lmi_rescue.exe" = protocol=6 | dir=in | app=c:\users\tammy\appdata\local\temp\lmi6ed6.tmp\lmi_rescue.exe |
"TCP Query User{7AD7F9DF-CBE7-43E9-9704-A324F675F7DF}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe |
"UDP Query User{0909CF96-2229-4A0D-8207-3D770A846BF9}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe |
"UDP Query User{5107E81C-E736-4788-8556-8EEB9417997C}C:\users\tammy\appdata\local\temp\lmi6ed6.tmp\lmi_rescue.exe" = protocol=17 | dir=in | app=c:\users\tammy\appdata\local\temp\lmi6ed6.tmp\lmi_rescue.exe |
"UDP Query User{F42558A9-73FA-4E03-8324-BEA7BA11E2F8}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1C3364DF-40B5-4DA4-9810-652A9A792FB1}" = FMW 1
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}" = iTunes
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{500609C4-E46C-4887-9466-A20EB783C57A}" = AVG 2016
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}" = Apple Mobile Device Support
"{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DB04C4B3-6841-4BAA-9885-553D4B423424}" = AVG
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"AVG" = AVG Protection
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D795777-9D60-4692-8386-F2B3F2B5E5BF}" = [email protected] 1.0
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F32180101F0}" = Java 8 Update 101
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2E87F4AB-99BF-421C-AF7B-365A9C08549A}" = F300
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
"{5E6D6161-5509-4f55-9372-1E01792F843A}" = F300_Help
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}" = Apple Application Support
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4123-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9D3D8C60-A55F-4fed-B2B9-173001290E16}" = Realtek WLAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-0804-1033-1959-001824202044}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.18)
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{BB51B753-9A0C-4D1D-B3EF-A1B936F55796}" = Toshiba Book Place
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DA84ECBF-4B79-47F2-B34C-95C38484C058}" = Skype Launcher
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1" = War Thunder Launcher 1.0.1.465
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{F6AC5364-2FB7-437a-811A-D645F22AA6AC}" = F300Trb
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 23 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 23 NPAPI
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.2.1.1043
"MediacoderSE1.1" = MediacoderSE
"Mozilla Firefox 10.0 (x86 en-US)" = Mozilla Firefox 10.0 (x86 en-US)
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"TOSHIBA Game Console" = WildTangent ORB Game Console
"WildTangent toshiba Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WT088682" = Bejeweled 2 Deluxe
"WT088696" = Chuzzle Deluxe
"WT088702" = Plants vs. Zombies
"WT088703" = Build-a-lot 2
"WT088710" = Zuma's Revenge
"WT088739" = FATE
"WT088750" = Jewel Quest - Heritage
"WT088759" = Polar Bowler
"WT088761" = Wheel of Fortune 2
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-4099816973-1217867158-1303274427-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}" = ROBLOX Studio 2013 for Tammy
"{373B1718-8CC5-4567-8EE2-9033AD08A680}" = ROBLOX Player for Tammy
"3639523628.www1.movie-promo.com" = PNY Movie Player
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 7/10/2016 12:58:11 AM | Computer Name = Tammy-PC | Source = Google Update | ID = 20
Description =
 
Error - 7/10/2016 1:04:53 AM | Computer Name = Tammy-PC | Source = Google Update | ID = 20
Description =
 
Error - 7/10/2016 1:07:07 AM | Computer Name = Tammy-PC | Source = CVHSVC | ID = 100
Description = Information only.  (Patch task for {90140011-0066-0409-0000-0000000FF1CE}):
 DownloadLatest Failed: There are currently no active network connections. Background
 Intelligent Transfer Service (BITS) will try again when an adapter is connected.

 
Error - 8/7/2016 12:58:34 PM | Computer Name = Tammy-PC | Source = CVHSVC | ID = 100
Description = Information only.  (Patch task for {90140011-0066-0409-0000-0000000FF1CE}):
 DownloadLatest Failed: There are currently no active network connections. Background
 Intelligent Transfer Service (BITS) will try again when an adapter is connected.

 
Error - 8/9/2016 9:00:29 PM | Computer Name = Tammy-PC | Source = CVHSVC | ID = 100
Description = Information only.  (Patch task for {90140011-0066-0409-0000-0000000FF1CE}):
 DownloadLatest Failed: There are currently no active network connections. Background
 Intelligent Transfer Service (BITS) will try again when an adapter is connected.

 
Error - 8/26/2016 7:48:22 PM | Computer Name = Tammy-PC | Source = CVHSVC | ID = 100
Description = Information only.  (Patch task for {90140011-0066-0409-0000-0000000FF1CE}):
 DownloadLatest Failed: There are currently no active network connections. Background
 Intelligent Transfer Service (BITS) will try again when an adapter is connected.

 
Error - 8/29/2016 12:50:15 AM | Computer Name = Tammy-PC | Source = CVHSVC | ID = 100
Description = Information only.  Failed to Start the CVH service 1063
 
Error - 9/25/2016 7:18:54 PM | Computer Name = Tammy-PC | Source = Google Update | ID = 20
Description =
 
Error - 9/25/2016 9:39:30 PM | Computer Name = Tammy-PC | Source = Google Update | ID = 20
Description =
 
Error - 10/30/2016 12:52:07 PM | Computer Name = Tammy-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_LanmanServer, version: 6.1.7600.16385,
 time stamp: 0x4a5bc3c1  Faulting module name: SSCORE.DLL, version: 6.1.7601.17514,
 time stamp: 0x4ce7c9ec  Exception code: 0xc0000005  Fault offset: 0x000000000000146d
Faulting
 process id: 0x580  Faulting application start time: 0x01d232cdda0ecd11  Faulting application
 path: C:\windows\system32\svchost.exe  Faulting module path: C:\windows\system32\SSCORE.DLL
Report
 Id: 30fffb8f-9ec1-11e6-b927-88ae1de8836b
 
[ Media Center Events ]
Error - 11/1/2011 8:29:09 AM | Computer Name = Tammy-PC | Source = MCUpdate | ID = 0
Description = 6:29:09 AM - Error connecting to the internet.  6:29:09 AM -     Unable
 to contact server..  
 
Error - 11/1/2011 8:29:20 AM | Computer Name = Tammy-PC | Source = MCUpdate | ID = 0
Description = 6:29:14 AM - Error connecting to the internet.  6:29:14 AM -     Unable
 to contact server..  
 
Error - 11/15/2011 3:20:01 PM | Computer Name = Tammy-PC | Source = MCUpdate | ID = 0
Description = 12:20:01 PM - Error connecting to the internet.  12:20:01 PM -     Unable
 to contact server..  
 
Error - 11/15/2011 3:20:11 PM | Computer Name = Tammy-PC | Source = MCUpdate | ID = 0
Description = 12:20:06 PM - Error connecting to the internet.  12:20:06 PM -     Unable
 to contact server..  
 
Error - 11/15/2011 4:24:14 PM | Computer Name = Tammy-PC | Source = MCUpdate | ID = 0
Description = 1:24:14 PM - Error connecting to the internet.  1:24:14 PM -     Unable
 to contact server..  
 
Error - 11/15/2011 4:24:20 PM | Computer Name = Tammy-PC | Source = MCUpdate | ID = 0
Description = 1:24:19 PM - Error connecting to the internet.  1:24:19 PM -     Unable
 to contact server..  
 
Error - 11/29/2011 6:13:04 PM | Computer Name = Tammy-PC | Source = MCUpdate | ID = 0
Description = 3:13:03 PM - Error connecting to the internet.  3:13:03 PM -     Unable
 to contact server..  
 
Error - 12/9/2011 7:10:33 AM | Computer Name = Tammy-PC | Source = MCUpdate | ID = 0
Description = 4:10:33 AM - Error connecting to the internet.  4:10:33 AM -     Unable
 to contact server..  
 
Error - 12/9/2011 7:10:40 AM | Computer Name = Tammy-PC | Source = MCUpdate | ID = 0
Description = 4:10:38 AM - Error connecting to the internet.  4:10:38 AM -     Unable
 to contact server..  
 
[ System Events ]
Error - 10/30/2016 5:26:42 PM | Computer Name = Tammy-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
 error:   %%5
 
Error - 10/30/2016 6:12:03 PM | Computer Name = Tammy-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 4:08:08 PM on ?10/?30/?2016 was unexpected.
 
Error - 10/30/2016 6:12:10 PM | Computer Name = Tammy-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
 error:   %%5
 
Error - 10/30/2016 6:12:19 PM | Computer Name = Tammy-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
 error:   %%5
 
Error - 10/30/2016 6:52:33 PM | Computer Name = Tammy-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 4:38:54 PM on ?10/?30/?2016 was unexpected.
 
Error - 10/30/2016 6:52:37 PM | Computer Name = Tammy-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
 error:   %%5
 
Error - 10/30/2016 6:52:47 PM | Computer Name = Tammy-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
 error:   %%5
 
Error - 10/30/2016 8:42:57 PM | Computer Name = Tammy-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 6:22:43 PM on ?10/?30/?2016 was unexpected.
 
Error - 10/30/2016 8:43:04 PM | Computer Name = Tammy-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
 error:   %%5
 
Error - 10/30/2016 8:43:14 PM | Computer Name = Tammy-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
 error:   %%5
 
 
< End of report >

 

Share this post


Link to post
Share on other sites

That's good Tammy, be back shortly with a OTL fix !!

Chuck

Share this post


Link to post
Share on other sites

Hi Tammy,

We need to Run an OTL fix !!
Warning This fix is only relevant for this system and no other, using on another computer may cause problems.

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

    * Double-click OTL.exe to start the program.
    * Copy and Paste the following code into the http://img.photobucket.com/albums/v317/flashh4/customFix.png[/IMG].  text box of the OTL tool/program ! Start with and include the colon plus  :OTL
Copy everthing in RED and Paste into the box in the OTL program !!

:OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {431573BD-94AE-4370-B706-D3B1EFCFEC05}
IE:64bit: - HKLM\..\SearchScopes\{431573BD-94AE-4370-B706-D3B1EFCFEC05}: "URL" =
http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND
IE - HKLM\..\SearchScopes,DefaultScope = {BB82DE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKLM\..\SearchScopes\{361BFBE1-0284-4C5C-85AA-3927EF84A325}: "URL" =
http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\..\SearchScopes\{361BFBE1-0284-4C5C-85AA-3927EF84A325}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ADFA_enUS437
IE - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\..\SearchScopes\{957DF095-FEB4-458A-93EE-20C7B5E5DFD2}: "URL" = https://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
IE - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\..\SearchScopes\{ED22977B-C28A-42D9-9F5C-2F18221DDAA9}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
CHR - Extension: No name found = C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\
CHR - Extension: No name found = C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihfmmedoddijgnhkgfgnkeohkpbipol\1.1.0_0\
CHR - Extension: No name found = C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\
CHR - Extension: No name found = C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhjnmacgahapmnnifmneapinilajfol\12.4.200_0\
O2:64bit: - BHO: (
AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: []  File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

@Alternate Data Stream - 158 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:0B4227B4

:Services
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Users\Tammy\Documents\*.tmp files -> C:\Users\Tammy\Documents\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

 

 


:Commands

[emptyjava]
[emptyflash]
[EMPTYTEMP]
[RESETHOSTS]
[CREATERESTOREPOINT]
[Reboot][/color]


# Then click the Run Fix button at the top.
# Click http://img.photobucket.com/albums/v317/flashh4/btnOK.png[/IMG]
# Please post the contents of the fix log file back here if you are prompted to open the file. It can also be found at C:\_OTL\Moved Files as MMDDYYY_HHMMSS.log where MMDDYYY is date format and HHMMSS is time format.
Remember to enable your real time protection.

Post that log next !
Thanks
Chuck

Share this post


Link to post
Share on other sites

Tammy just copy this & paste into the OTL fix box:

 

:OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {431573BD-94AE-4370-B706-D3B1EFCFEC05}
IE:64bit: - HKLM\..\SearchScopes\{431573BD-94AE-4370-B706-D3B1EFCFEC05}: "URL" =
http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND
IE - HKLM\..\SearchScopes,DefaultScope = {BB82DE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKLM\..\SearchScopes\{361BFBE1-0284-4C5C-85AA-3927EF84A325}: "URL" =
http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\..\SearchScopes\{361BFBE1-0284-4C5C-85AA-3927EF84A325}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ADFA_enUS437
IE - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\..\SearchScopes\{957DF095-FEB4-458A-93EE-20C7B5E5DFD2}: "URL" = https://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
IE - HKU\S-1-5-21-4099816973-1217867158-1303274427-1001\..\SearchScopes\{ED22977B-C28A-42D9-9F5C-2F18221DDAA9}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
CHR - Extension: No name found = C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\
CHR - Extension: No name found = C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihfmmedoddijgnhkgfgnkeohkpbipol\1.1.0_0\
CHR - Extension: No name found = C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\
CHR - Extension: No name found = C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhjnmacgahapmnnifmneapinilajfol\12.4.200_0\
O2:64bit: - BHO: (
AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: []  File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

@Alternate Data Stream - 158 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:0B4227B4

:Services
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Users\Tammy\Documents\*.tmp files -> C:\Users\Tammy\Documents\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

 

 


:Commands

[emptyjava]
[emptyflash]
[EMPTYTEMP]
[RESETHOSTS]
[CREATERESTOREPOINT]
[Reboot]

Share this post


Link to post
Share on other sites

Going to leave this open for a few days as user has promised to return shortly to finish !!

Chuck

Share this post


Link to post
Share on other sites

Well that didn't work

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{431573BD-94AE-4370-B706-D3B1EFCFEC05}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{431573BD-94AE-4370-B706-D3B1EFCFEC05}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{361BFBE1-0284-4C5C-85AA-3927EF84A325}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{361BFBE1-0284-4C5C-85AA-3927EF84A325}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Registry value HKEY_USERS\S-1-5-21-4099816973-1217867158-1303274427-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKEY_USERS\S-1-5-21-4099816973-1217867158-1303274427-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-4099816973-1217867158-1303274427-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-4099816973-1217867158-1303274427-1001\Software\Microsoft\Internet Explorer\SearchScopes\{361BFBE1-0284-4C5C-85AA-3927EF84A325}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{361BFBE1-0284-4C5C-85AA-3927EF84A325}\ not found.
Registry key HKEY_USERS\S-1-5-21-4099816973-1217867158-1303274427-1001\Software\Microsoft\Internet Explorer\SearchScopes\{957DF095-FEB4-458A-93EE-20C7B5E5DFD2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{957DF095-FEB4-458A-93EE-20C7B5E5DFD2}\ not found.
Registry key HKEY_USERS\S-1-5-21-4099816973-1217867158-1303274427-1001\Software\Microsoft\Internet Explorer\SearchScopes\{ED22977B-C28A-42D9-9F5C-2F18221DDAA9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED22977B-C28A-42D9-9F5C-2F18221DDAA9}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_metadata folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\zh_TW folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\zh_CN folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\vi folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\uk folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\tr folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\th folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sv folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sr folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sl folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sk folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ru folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ro folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pt_PT folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pt_BR folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pl folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\no folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\nl folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\lv folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\lt folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ko folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ja folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\it folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\id folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hu folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hr folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hi folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\he folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fr folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fil folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fi folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\es folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\en folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\el folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\de folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\da folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\cs folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ca folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\bg folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ar folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0 folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\_metadata folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\popup\translations folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\popup\styles\fonts folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\popup\styles folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\popup\scripts folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\popup\images folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\popup folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\pages folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\offline folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\js folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\images folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\icons folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0\data folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.2.5.169_0 folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_metadata folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\hu folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\hr folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\hi folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\he folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\fr folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\fil folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\fi folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\et folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\es_419 folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\es folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\en_US folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\en_GB folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\en folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\el folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\de folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\da folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\cs folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\ca folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\bg folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\ar folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0 folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihfmmedoddijgnhkgfgnkeohkpbipol\1.1.0_0\_metadata folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihfmmedoddijgnhkgfgnkeohkpbipol\1.1.0_0\_locales\en folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihfmmedoddijgnhkgfgnkeohkpbipol\1.1.0_0\_locales folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihfmmedoddijgnhkgfgnkeohkpbipol\1.1.0_0\offlinePhotos folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihfmmedoddijgnhkgfgnkeohkpbipol\1.1.0_0\icons\weatherIcons folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihfmmedoddijgnhkgfgnkeohkpbipol\1.1.0_0\icons folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihfmmedoddijgnhkgfgnkeohkpbipol\1.1.0_0 folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_metadata folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\zh_TW folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\zh_CN folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\vi folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\uk folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\tr folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\th folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\sv folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\sr folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\sl folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\sk folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\ru folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\ro folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\pt_PT folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\pt_BR folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\pl folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\nl folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\nb folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\lv folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\lt folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\ko folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\ja folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\it folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\id folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\hu folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\hr folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\hi folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\fr folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\fil folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\fi folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\et folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\es_419 folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\es folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\en_GB folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\en folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\el folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\de folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\da folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\cs folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\ca folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\bg folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\images folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\html folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\css folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0 folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_metadata folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\zh_TW folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\zh_CN folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\vi folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\uk folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\tr folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\th folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sr folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sl folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sk folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\se folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ru folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ro folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pt_PT folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pt_BR folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pl folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\no folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\nl folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\lv folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\lt folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ko folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ja folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\it folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\id folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hu folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hr folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hi folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fr folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fil folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fi folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\es folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\en folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\el folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\de folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\da folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\cs folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ca folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\bg folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ar folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0 folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_metadata folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\zh_TW folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\zh folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\vi folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\uk folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\tr folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\th folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\te folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ta folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\sw folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\sv folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\sr folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\sl folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\sk folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ru folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ro folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\pt_PT folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\pt_BR folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\pt folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\pl folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\nl folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\nb folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ms folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\mr folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ml folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\lv folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\lt folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ko folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\kn folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ja folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\iw folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\it folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\id folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\hu folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\hr folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\hi folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\gu folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\fr folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\fil folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\fi folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\fa folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\et folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\es folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\en folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\el folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\de folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\da folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\cs folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ca folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\bn folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\bg folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\ar folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales\am folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\_locales folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\cloud_route_details folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\cast_setup folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0 folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhjnmacgahapmnnifmneapinilajfol\12.4.200_0\_metadata folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhjnmacgahapmnnifmneapinilajfol\12.4.200_0\js_ folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhjnmacgahapmnnifmneapinilajfol\12.4.200_0\js folder moved successfully.
C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhjnmacgahapmnnifmneapinilajfol\12.4.200_0 folder moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}\ deleted successfully.
File {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll File not found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
ADS C:\ProgramData\TEMP:0B4227B4 deleted successfully.
Unable to delete ADS C:\ProgramData\TEMP:0B4227B4 .
========== SERVICES/DRIVERS ==========
Error: No service named [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] was found to stop!
Service\Driver key [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] not found.
Error: No service named [1 C:\Users\Tammy\Documents\*.tmp files -> C:\Users\Tammy\Documents\*.tmp -> ] was found to stop!
Service\Driver key [1 C:\Users\Tammy\Documents\*.tmp files -> C:\Users\Tammy\Documents\*.tmp -> ] not found.
Error: No service named [1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] was found to stop!
Service\Driver key [1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] not found.
Error: No service named [1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] was found to stop!
Service\Driver key [1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] not found.
========== COMMANDS ==========
 
[EMPTYJAVA]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Public
 
User: Tammy
->Java cache emptied: 1107019 bytes
 
User: TEMP
 
User: TEMP.Tammy-PC
 
User: TEMP.Tammy-PC.000
 
Total Java Files Cleaned = 1.00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
->Flash cache emptied: 41620 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: Public
 
User: Tammy
->Flash cache emptied: 42259 bytes
 
User: TEMP
->Flash cache emptied: 2834 bytes
 
User: TEMP.Tammy-PC
->Flash cache emptied: 2834 bytes
 
User: TEMP.Tammy-PC.000
->Flash cache emptied: 2834 bytes
 
Total Flash Files Cleaned = 0.00 mb
 
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: Tammy
->Temp folder emptied: 502612357 bytes
->Temporary Internet Files folder emptied: 132018484 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 115870282 bytes
->Google Chrome cache emptied: 46391584 bytes
->Flash cache emptied: 0 bytes
 
User: TEMP
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: TEMP.Tammy-PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: TEMP.Tammy-PC.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 346810562 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42355247 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 1,131.00 mb
 
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
 
OTL by OldTimer - Version 3.2.69.0 log created on 11132016_103741

Files\Folders moved on Reboot...
C:\Users\Tammy\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Tammy\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

 

Share this post


Link to post
Share on other sites

Ok lets do some cleaning of tools/programs we used cleaning !

Clean up of Malware Removal Tools

Now that we are through using these tools, let's clean them off your system so that should you ever need to have malware removed again (we hope not) fresh, updated copies will be downloaded.

    Download Delfix to your desktop and double click it to start the program [url=http://api.viglink.com/api/click?format=go&jsonp=vglnk_jsonp_14102815956339&key=bf4adfcbb328b51c165afd7f95bfc060&libId=64704d6e-537a-4ac2-beea-64e5d35e3f5f&loc=http%3A%2F%2Fwww.geekstogo.com%2Fforum%2Ftopic%2F342065-very-slow-computer-aswmbr-rootkit-not-working%2Fpage-2&v=1&out=https%3A%2F%2Ftoolslib.net%2Fdownloads%2Fviewdownload%2F2-delfix%2F&ref=http%3A%2F%2Fwww.geekstogo.com%2Fforum%2Fforum%2F37-virus-spyware-malware-removal%2F&title=Very%20slow%20computer%2C%20aswMBR%20rootkit%20not%20working%20%5BClosed%5D%20-%20Page%202%20-%20Virus%2C%20Spyware%2C%20Malware%20Removal&txt=here]here[/url]             
    Ensure Remove disinfection tools is ticked
    Also tick:
    o Create registry backup
    o Purge system restore
    o Reset system settings

    o Click Run
    The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.

You can delete any log files left on your desktop as these are no longer needed.

Share this post


Link to post
Share on other sites

# DelFix v1.013 - Logfile created 13/11/2016 at 11:11:27
# Updated 17/04/2016 by Xplode
# Username : Tammy - TAMMY-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\_OTL
Deleted : C:\AdwCleaner
Deleted : C:\Users\Tammy\Downloads\Extras.Txt
Deleted : C:\Users\Tammy\Downloads\OTL.Txt
Deleted : HKLM\SOFTWARE\OldTimer Tools

########## - EOF - ##########

 

Share this post


Link to post
Share on other sites

 
Congratulation you are clean !!!

Any of the logs that you created for use in the forums or remaining tools that have not yet been removed can be deleted so they aren't cluttering up your desktop.

This is my standard "All Clean Speech." You may have some already installed, these are just recommendations !

Here are some tips to reduce the potential for spyware infection in the future:

Here are some tips to reduce the potential for spyware/malware infection in the future:
 
1. Make your Internet Explorer more secure - This can be done by following these simple instructions:

    From within Internet Explorer click on the Tools menu and then click onOptions.
    Click once on theSecurity tab
    Click once on the Internet icon so it becomes highlighted.
    Click once on the Custom Level button.
    Change the Download signed ActiveX controls to Prompt
    Change the Download unsigned ActiveX controls to Disable
    Change the Initialize and script ActiveX controls not marked as safe to Disable
    Change the Installation of desktop items to Prompt
    Change the Launching programs and files in an IFRAME to Prompt
    Change the Navigate sub-frames across different domains to Prompt
    When all these settings have been made, click on the OK button.
    If it prompts you as to whether or not you want to save the settings, press the Yes button.
    Next press the Apply button and then the OK to exit the Internet Properties page.

2. FireFox  If you use Firefox, I recommend installing the following add-ons to help make your Firefox browser more secure.
[url=https://addons.mozilla.org/en-US/firefox/addon/noscript/]NoScript[/url][/color]

[url= https://adblockplus.org/en/firefox] adblock plus[/url]

 
3. Use and update an anti-virus software - I can not overemphasize the need for you to use and update your anti-virus application on a regular basis.  With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection.
 
4. Firewall Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can lower your risk greatly.   **There are firewalls that could be downloaded and used but I would personally only recommend using one of the following below:
[url=http://download.cnet.com/Online-Armor-Free/3000-10435_4-10426782.html]Online Armor Free[/url]
[url=http://download.cnet.com/Agnitum-Outpost-Firewall-Free/3000-10435_4-10913746.html]Agnitum Outpost Firewall Free [/url]
[url=http://personalfirewall.comodo.com/]Comodo Firewall Free [/url]
 
5. Make sure you keep your Windows OS current. And regularly to download and install any critical updates and service packs. Windows Vista/7 users can open the Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane) to update these systems.  Without these you are leaving the back door open.
 
6.[url=http://www.mywot.com/]WOT[/url](Web of Trust) As "Googling" is such an integral part of internet life, this free browser add on warns you about risky websites that try to scam visitors, deliver malware or send spam. It is especially helpful when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites.  WOT has an add-on available for Firefox, Internet Explorer as well as Google Chrome.
 
7. Finally, I strongly recommend that you read Miekiemoes' great advice [url= http://users.telenet.be/bluepatchy/miekiemoes/prevention.html] How to prevent malware[/url] .

 
Let me know how it's running ?
Any problems ?
It may run a tad slow until a few normal re-boots, but according to all logs you are clean !!

Thanks
Chuck

Share this post


Link to post
Share on other sites

Seeing how the problems are solved & computer looks all clean i will close this topic. If you need it reopened please PM me or any Mod !!

Thanks

Chuck

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0