Solved Suspected Matrix Ransomware. Need help in removing it.

[Malnutrition]

Ok, I'd like to see the FRST fix Zemana log and ZHP log...

 

[Shrey Aryan]

Zemana AntiMalware 2.72.2.176 (Installed)

-------------------------------------------------------
Scan Result : Completed
Scan Date : 2017-3-20
Operating System : Windows 8.1 64-bit
Processor : 4X Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
BIOS Mode : UEFI
CUID : 12694D99C5D7B145AA10BE
Scan Type : Custom Scan
Duration : 146m 55s
Scanned Objects : 441505
Detected Objects : 0
Excluded Objects : 0
Read Level : Normal
Auto Upload : Enabled
Detect All Extensions : Disabled
Scan Documents : Disabled
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

No threats detected

 

[Shrey Aryan]

I ran ZHPDiag twice and each time I got the error:

What should I do??

 

[Malnutrition]

What should I do??

Skip it, run the FRST fix post that log.

FRST Fix.

Click Here To Download Fixlist.

Download attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

[Malnutrition]

If you have trouble running the FRST fix then run it in Safe Mode

You are also running FRST from the downloads folder. C:\Users\HP-PC\Downloads You need to run FRST and the fixlist from the desktop, in order for the fix to work.

http://support.eset.com/kb2268/?locale=en_US

 

[Shrey Aryan]

I am running FRST, but it seems to go on forever. And there is nothing appearing on the Search bar.

 

[Malnutrition]

Run it in Safe Mode, after you make sure that the fix list and FRST are on the desktop. Also, there is nothing supposed to be in the search bar you are supposed to right click it run as administrator then click Fix.

 

[Malnutrition]

Security Check Scan.

• Download Security Check to your desktop.
• Right click it run as administrator.
• When the program completes, the tool will automatically open a log file.
• Please post that log here in your next post.

Adware Removal Tool Scan.


Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

Hit Ok.

Hit next make sure to leave all items checked, for removal.

The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.


9-Lab Scan.

• Download 9-Lab Removal Tool.
• CLICK HERE to determine whether you're running 32-bit or 64-bit for Windows.
• Disable your antivirus prior to this scan.
  
• Install the program onto your computer, then right click the icon run as administrator.
• Update the program and then run a Full scan!
• Make sure the program updates, might be better to install it update reboot and check for updates again.
• You need to make sure the database updates!!!
• Upon Scan Completion Click on Show Results.
• Then Click On Clean
• Then Click on Save Log.
• Save it to your desktop, copy and paste the contents of the log here in your next reply.

 

[Shrey Aryan]

I have put the FRST and the fixlist files on the desktop and will be running them again.

 

[Shrey Aryan]

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017

Ran by 183-k (20-03-2017 11:35:18) Run:5
Running from C:\Users\HP-PC\Desktop
Loaded Profiles: HP-PC & 183-k (Available Profiles: HP-PC & shrey & 183-k)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
Closeprocesses:
CreateRestorePoint:
Emptytemp:
RemoveProxy:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001\...\Run: [AZ3Tq5k16l3MBynp] => HKU\S-1-5-21-1605944295-1278072363-3366277582-1001\...\Run: [AZ3Tq5k16l3MBynp] => C:\Users\HP-PC\AppData\Roaming\AZ3Tq5k16l3MBynp.hta [35119 2017-03-13] () [35119 2017-03-13] ()
C:\Users\HP-PC\AppData\Roaming\AZ3Tq5k16l3MBynp.hta
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001\...\Run: [GoogleChromeAutoLaunch_7F0416C691E452253BB89BC2BE6D7727] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941912 2017-03-09] (Google Inc.)
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001\...\RunOnce: [Application Restart #7] => C:\Users\HP-PC\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resour (the data entry has 583 more characters).
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001\...\MountPoints2: {52f96c0f-4b14-11e6-82cb-020046a23e01} - "E:\.\StartModem.exe"
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001\...\MountPoints2: {6d4daa1b-2812-11e4-8266-a02bb859a5c2} - "E:\AutoRun.exe"
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001\...\MountPoints2: {fddc09cc-da5b-11e3-825b-806e6f6e6963} - "E:\start.exe"
HKU\S-1-5-21-1605944295-1278072363-3366277582-1005\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
C:\Users\HP-PC\AppData\Local\SweetLabs App Platform
ShortcutTarget: RescueTime.lnk -> C:\Users\183-k\AppData\Local\RescueTime\RescueTime.exe (No File)
Winsock: Catalog5 08 C:\Windows\SysWOW64\wlidNSP.dll [50176 2014-10-29] (Microsoft Corporation)
Winsock: Catalog5 09 C:\Windows\SysWOW64\wlidNSP.dll [50176 2014-10-29] (Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Windows\system32\wlidnsp.dll [74240 2014-10-29] (Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\Windows\system32\wlidnsp.dll [74240 2014-10-29] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{346CCC8E-0B21-4061-9284-6EAA8587D1B6}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{D8CDCD34-1927-4308-BFA6-CD78629C69FD}: [DhcpNameServer] 192.168.43.1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.jp.msn.com/HPALL14/26
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.jp.msn.com/HPALL14/26
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.jp.msn.com/HPALL14/26
HKU\S-1-5-21-1605944295-1278072363-3366277582-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.jp.msn.com/HPALL14/26
SearchScopes: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001 -> {ED62CEEF-D711-461D-8D9E-9ACA3F0E3A2A} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-14] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Users\183-k\Desktop\bin\ssv.dll [2014-10-22] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-14] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Users\183-k\Desktop\bin\jp2ssv.dll [2014-10-22] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2017-03-14] (AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-14] (AVAST Software)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-03-04] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-14] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2017-03-14] (AO Kaspersky Lab)
FF ProfilePath: C:\Users\183-k\AppData\Roaming\Profiles\iyrqfjx7.default [not found]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\yt5wm08v.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\yt5wm08v.default -> Bing
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\yt5wm08v.default -> Bing
FF Keyword.URL: Mozilla\Firefox\Profiles\yt5wm08v.default -> hxxp://www.bing.com/search?FORM=UP22DF&PC=UP22&q=
FF Homepage: Mozilla\Firefox\Profiles\yt5wm08v.default -> hxxp://www.msn.com/?pc=UP22&ocid=UP22DHP&osmkt=en-in
FF SearchPlugin: C:\Users\183-k\AppData\Roaming\Mozilla\Firefox\Profiles\yt5wm08v.default\searchplugins\bingp.xml [2016-02-07]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF => not found
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF => not found
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF => not found
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF => not found
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml [2009-12-22]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml [2009-12-22]
U3 aswbdisk; no ImagePath
S3 mdareDriver_48; \??\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_48.sys [X]
S3 mdareDriver_52; \??\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_52.sys [X]
S3 mdareDriver_53; \??\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_53.sys [X]
S3 mdareDriver_60; \??\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_60.sys [X]
S3 mdareDriver_61; \??\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_61.sys [X]
S3 mdareDriver_62; \??\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_62.sys [X]
U3 aswMBR; \??\C:\Users\183-k\AppData\Local\Temp\aswMBR.sys [X] <==== ATTENTION
2017-03-14 12:29 - 2017-03-15 00:40 - 00000000 ____D C:\Users\183-k\AppData\Roaming\Enigma Software Group
2017-03-14 12:29 - 2017-03-15 00:40 - 00000000 ____D C:\Program Files\Enigma Software Group
2017-03-14 12:29 - 2017-03-14 12:29 - 00000000 ____D C:\sh4ldr
2017-03-14 01:02 - 2017-03-19 11:47 - 00003096 _____ C:\Windows\System32\Tasks\BDAntiCryptoWallTask
2017-03-14 00:58 - 2017-03-14 00:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BDAntiRansomware
2017-03-14 00:58 - 2017-03-14 00:58 - 00000000 ____D C:\Program Files\Bitdefender
2017-03-13 15:41 - 2017-03-13 15:41 - 00035119 _____ C:\Users\HP-PC\AppData\Roaming\AZ3Tq5k16l3MBynp.hta
2017-03-13 15:41 - 2017-03-13 15:41 - 00017624 _____ C:\Users\HP-PC\AppData\Roaming\errlog.txt
2017-03-13 15:41 - 2017-03-13 15:41 - 00000000 _____ C:\Users\HP-PC\AppData\Roaming\AZ3Tq5k16l3MBynp.afn
2017-03-13 14:33 - 2017-03-13 14:33 - 00000000 _____ C:\Users\HP-PC\AppData\Roaming\AZ3Tq5k16l3MBynp.ast
C:\Users\HP-PC\AppData\Roaming\AZ3Tq5k16l3MBynp
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\HP-PC\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\HP-PC\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\HP-PC\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\HP-PC\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\HP-PC\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\HP-PC\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\HP-PC\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\HP-PC\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\HP-PC\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\HP-PC\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\HP-PC\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\HP-PC\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
Task: {0219BF6B-4691-4A8B-B178-56FFF61475DE} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-03-07] (CyberLink Corp.)
Task: {1A863726-086B-42F3-ACBC-DF6752958E12} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {29A46853-9769-454D-AFF2-430468021DE2} - System32\Tasks\SweetLabs App Platform => %LOCALAPPDATA%\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
Task: {5F2066DB-0217-4F83-BBE9-E38D888098E9} - System32\Tasks\SDMsgUpdate (TE) => C:\SmartDraw CI\Messages\SDNotify.exe [2012-08-13] ()
Task: {61AAE424-B58F-4FD8-821A-6461A83209F1} - System32\Tasks\SDMsgUpdate (Local) => C:\SmartDraw CI\Messages\SDNotify.exe [2012-08-13] ()
Task: {8D3CE45B-EA58-4026-9922-10070FD498E3} - System32\Tasks\BDAntiCryptoWallTask => C:\Program Files\Bitdefender\Tools\BDAntiRansomware\BDAntiRansomware.exe [2016-05-16] ()
Task: {A1095FFC-DFCF-4D22-BD61-A029EF25DB12} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-11-30] (Hewlett-Packard Company)
Task: {B69BDAEC-684E-4604-9A48-DF14EC6CCA42} - System32\Tasks\TinyTakeUpgrade => C:\Users\HP-PC\AppData\Local\MangoApps\TinyTake by MangoApps\TinyTake.exe
Task: {DF38DFA3-8A2A-4F3D-A6DB-79F757FF401F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {FE079EE5-FAC7-47D1-8254-37B606874DCD} - System32\Tasks\HPCeeScheduleForHP-PC => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
C:\Windows\system32\Drivers\etc\hosts
hosts:
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{64B9D502-F2A9-4D07-B273-49337AF2CD3C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{D94E5D30-5E92-4364-BBAD-3AA9C3B43892}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{96188C50-7FD1-4C02-8BEE-F46247AA0F84}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{F06983FC-8920-4F3D-AD39-3ED40BE5168B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{D2FB5136-8CCA-4944-B878-5650789950DC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{1B7D9E60-79F4-4183-915B-91634E85450C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{6D61EDC4-F73B-4414-8D90-AD7972CEB22D}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{54CAF249-D498-4C7F-B8C4-C39F2E1BCE20}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{99D6E21E-92B1-423B-86AD-FB5FC8517AD8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [TCP Query User{40384E5F-55E0-499D-9AEC-CA92286AD093}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{A93C04BE-3839-4F93-8564-C2766514A9AE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{1A4F5393-C5B1-4E5C-AE5B-214DC99F4B70}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{2517537D-6605-4903-8DCB-68E19BC804FF}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [TCP Query User{65B266A6-66D4-4E10-B23C-3FBD9B576A95}C:\users\hp-pc\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\hp-pc\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{0C91A68E-1569-4DA7-8549-70DDEC003B4E}C:\users\hp-pc\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\hp-pc\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{316F8418-7F3F-4692-AE72-629A3DA48253}] => (Allow) tunmgr.exe
FirewallRules: [{EEC9BDE7-52BB-4B9C-9419-E45B704D5D7C}] => (Allow) tunmgr.exe
FirewallRules: [{88E06CDD-9511-494A-BA9D-98F04B1AF38A}] => (Allow) mDNSResponder.exe
FirewallRules: [{D17EDF1B-D27C-468B-A50A-8681D0C05702}] => (Allow) mDNSResponder.exe
FirewallRules: [{265A663D-1E01-42C0-ADEE-9122EDF880AD}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
FirewallRules: [{6FD288FF-75F9-43D9-BB0C-A6244923910D}] => (Allow) C:\Program Files (x86)\BlackBerry\BlackBerry Blend\desktopinvokeproxy.exe
FirewallRules: [TCP Query User{5466A29F-7602-4701-8485-DE54D70CDB43}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Block) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [UDP Query User{AF38A96D-61F4-4485-BB03-843BDED0E84B}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Block) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [{C5281240-DE99-43A1-A5E7-D10E4B3DFAB3}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{EF832788-1AB2-43F4-A5F7-8623E4B65025}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [TCP Query User{0570EF7A-B81F-438A-9275-00DCFB086E90}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [UDP Query User{987B2294-3DF7-431A-94A1-70E71B31D31C}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [TCP Query User{599CDD59-2084-42C3-8439-2773CF39318B}C:\users\hp-pc\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\hp-pc\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{44A31A6F-A90F-4A86-A40E-3BB028D870D9}C:\users\hp-pc\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\hp-pc\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{FC773ECF-F98A-480C-99D5-412EDE318A0D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{4D4B1086-6642-4F0E-89FC-D3ED5034BA6E}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Block) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [UDP Query User{FD67FAE2-2BC5-42EC-B297-027A5F1BE508}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Block) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [{0AF9D8E7-9842-41AE-95F2-9FBC5A93E355}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Shortcut: C:\Users\183-k\Links\RecentPlaces.lnk -> L ᐁ À 䘀 耟穭⊇㞡䘚낑�깚馼 ă ꀀv 匱卐뜥䟯ယ怂麌곫-
ἀ ฀ 刀攀挀攀渀琀 瀀氀愀挀攀猀 ⴀ Ѐ System Folder  匱卐檦⡣锽ᇒ횵쀀�퀘e ἀ ⤀ 㨀㨀笀㈀㈀㠀㜀㜀䄀㘀䐀ⴀ㌀㜀䄀㄀ⴀ㐀㘀㄀䄀ⴀ㤀㄀䈀　ⴀ䐀䈀䐀䄀㔀䄀䄀䔀䈀䌀㤀㤀紀
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk -> C:\Windows\Installer\{08CA9554-B5FE-4313-938F-D4A417B81175}\QTPlayer.ico (No File)
Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Calendar.lnk -> [LFz1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweGmicrosoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweQmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.CalendardC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe1SPSMԆi<D*TQ ModernCalendar\CalendarLogo.pngU!ModernCalendar\CalendarBadge.png]%ModernCalendar\CalendarSmallLogo.pngY$ModernCalendar\CalendarWideLogo.pngQ3]%ModernCalendar\CalendarLargeLogo.pngMms-resource:calendarAppTitleY$ModernCalendar\CalendarTinyLogo.pngi1SPS0%G`Mms-resource:calendarAppTitle-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] (No File)
Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Mail.lnk -> [LF1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweGmicrosoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweMmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.MaildC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwev1SPSMԆi<D*TIModernMail\Res\MailLogo.pngMModernMail\Res\MailBadge.pngU!ModernMail\Res\MailSmallLogo.pngQ ModernMail\Res\MailWideLogo.pngrU!ModernMail\Res\MailLargeLogo.pngEms-resource:mailAppTitleQ ModernMail\Res\MailTinyLogo.pnga1SPS0%G`Ems-resource:mailAppTitleq1SPS}@H1U!ms-resource:mailShareDescription-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] (No File)
Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.People.lnk -> [LFr1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweGmicrosoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweOmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.PeopledC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe1SPSMԆi<D*TAModernPeople\People.pngMModernPeople\PeopleSmall.pngIModernPeople\PeopleWide.pngG&MModernPeople\PeopleLarge.png]%ms-resource:///strings/peopleAppNameIModernPeople\PeopleTiny.pngy1SPS0%G`]%ms-resource:///strings/peopleAppName1SPS}@H1e*ms-resource:///strings/raShareDescription-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\7-Zip File Manager.lnk -> C:\Program Files\7-Zip\7zFM.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\7-Zip Help.lnk -> C:\Program Files\7-Zip\7-zip.chm (No File)
Shortcut: C:\Users\HP-PC\OneDrive\Google Chrome.lnk -> C:\Users\HP-PC\AppData\Local\Google\Chrome\Application\chrome.exe (No File)
Shortcut: C:\Users\HP-PC\OneDrive\BlueJ\Select VM.lnk -> I:\BlueJ\bluej.exe (No File)
Shortcut: C:\Users\HP-PC\Links\RecentPlaces.lnk -> L ᐁ À 䘀 耟穭⊇㞡䘚낑�깚馼 ă ꀀv 匱卐뜥䟯ယ怂麌곫-
ἀ ฀ 刀攀挀攀渀琀 瀀氀愀挀攀猀 ⴀ Ѐ System Folder  匱卐檦⡣锽ᇒ횵쀀�퀘e ἀ ⤀ 㨀㨀笀㈀㈀㠀㜀㜀䄀㘀䐀ⴀ㌀㜀䄀㄀ⴀ㐀㘀㄀䄀ⴀ㤀㄀䈀　ⴀ䐀䈀䐀䄀㔀䄀䄀䔀䈀䌀㤀㤀紀
Shortcut: C:\Users\HP-PC\Documents\Corel\CorelDRAW X7 Samples\target.lnk -> C:\Program Files\Corel\CorelDRAW Graphics Suite X7\Draw\Samples (No File)
Shortcut: C:\Users\HP-PC\Documents\Corel\Corel PHOTO-PAINT X7 Samples\target.lnk -> C:\Program Files\Corel\CorelDRAW Graphics Suite X7\PHOTO-PAINT\Samples (No File)
Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk -> C:\Users\HP-PC\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe (No File)
Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk -> C:\Users\HP-PC\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe (No File)
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch\History\set_127180276_en-us.lnk -> C:\Windows\System32\powercpl.dll,- (No File)
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch\History\set_1281075515_en-us.lnk -> [LF5#1SPS՜.+,7AutoListBprop4294967295N8ᭊN{x^aMh 2item1IkLICSettings9$AutolistCacheTime"p5G"AutolistCacheKeySettings0tY^Hg3(gs3EJ.* 1SPSiI~+.{F29F85E0-4FF9-1068-AB91-08002B27B3D9},6*{B725F130-47EF-101A-A5F1-02608C9EEBAC},101SPS_ǵZeMJuEg$<ISettingsPageRestoreRestoreC1SPSU(Ly9K-1SPStk\;Co,oud1AAA_SettingsPageRestoreRestore.settingcontent-msU1SPS<I]@;l9d.settingcontent-ms-1SPSoOM'rT<1SPSjc(=O]C:\Users\HP-PC\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\LocalState\Indexed\Settings\en-US\AAA_SettingsPageRestoreRestore.settingcontent-ms9.settingcontent-msy f^aMh 2PJ
0UCEJQ1SPSOh+'5Recovery optionsy1SPSLX㈷ZJ ZDɬ]C:\Users\HP-PC\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\LocalState\Indexed\Settings\en-US\AAA_SettingsPageRestoreRestore.settingcontent-ms1SPSjc(=O9.settingcontent-ms]C:\Users\HP-PC\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\LocalState\Indexed\Settings\en-US\AAA_SettingsPageRestoreRestore.settingcontent-msw1SPS0%G` 5Recovery options@X1SPStk\;Co,oud1AAA_SettingsPageRestoreRestore.settingcontent-ms1SPSiI~+.{F29F85E0-4FF9-1068-AB91-08002B27B3D9},6*{B725F130-47EF-101A-A5F1-02608C9EEBAC},10U1SPS<I]@;l9d.settingcontent-mse1SPS_ǵZeMJuEg$<ISettingsPageRestoreRestore1SPS@>+lG7*"]C:\Users\HP-PC\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\LocalState\Indexed\Settings\en-US\AAA_SettingsPageRestoreRestore.settingcontent-msu1{1685D4AB-A51B-4AF1-A4E5-CEE87002431D}.Merge Any1SPSOh+'5Recovery options)1SPSMԆi<D*T)1SPSZAZHY$dy1SPSLX㈷ZJ ZDɬ]C:\Users\HP-PC\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\LocalState\Indexed\Settings\en-US\AAA_SettingsPageRestoreRestore.settingcontent-ms-1SPS[l#J`'Hdw1SPS0%G` @X5Recovery options)1SPS՜.+,)1SPSmDpHH@.=xd]Q1SPSOh+'5Recovery options] (No File)
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch\History\set_2747713814_en-us.lnk -> C:\Windows\System32\usercpl.dll,- (No File)
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch\History\set_3839032144_en-us.lnk -> C:\Program Files\Windows Photo Viewer\ImagingDevices.ex (No File)
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch\History\txt_2093339993_en-US.lnk -> 䰀 ĔȀ 쀀 F耀 Ā 蘀 ऀ 䤀 ㅓ偓鿲累栐ꮑࠀ⬧동ⴀ Ȁ
presentation 1 1卐卸杈祯䳞䶼反奃ᆯ餕 ἀ Ā
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch\History\txt_2119866019_en-US.lnk -> 䰀 ĔȀ 쀀 F耀 Ā 蘀 ऀ 䤀 ㅓ偓鿲累栐ꮑࠀ⬧동ⴀ Ȁ
power point 1 1卐卸杈祯䳞䶼反奃ᆯ餕 ἀ Ā
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch\History\txt_2436336599_en-US.lnk -> 䰀 ĔȀ 쀀 F耀 Ā 縀 ऀ 䄀 ㅓ偓鿲累栐ꮑࠀ⬧동─ Ȁ
bob dylan 1 1卐卸杈祯䳞䶼反奃ᆯ餕 ἀ Ā
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch\History\txt_2674333138_en-US.lnk -> 䰀 ĔȀ 쀀 F耀 Ā 縀 ऀ 䄀 ㅓ偓鿲累栐ꮑࠀ⬧동─ Ȁ
Math type 1 1卐卸杈祯䳞䶼反奃ᆯ餕 ἀ Ā
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch\History\txt_989337498_en-US.lnk -> 䰀 ĔȀ 쀀 F耀 Ā 縀 ऀ 䄀 ㅓ偓鿲累栐ꮑࠀ⬧동─ Ȁ
Mathtype 1 1卐卸杈祯䳞䶼反奃ᆯ餕 ἀ Ā
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsReadingList_8wekyb3d8bbwe\Microsoft.WindowsReadingList.lnk -> Tile and icon assets
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Calendar.lnk -> [LFz1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweGmicrosoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweQmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.CalendardC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe1SPSMԆi<D*TQ ModernCalendar\CalendarLogo.pngU!ModernCalendar\CalendarBadge.png]%ModernCalendar\CalendarSmallLogo.pngY$ModernCalendar\CalendarWideLogo.pngQ3]%ModernCalendar\CalendarLargeLogo.pngMms-resource:calendarAppTitleY$ModernCalendar\CalendarTinyLogo.pngi1SPS0%G`Mms-resource:calendarAppTitle-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] (No File)
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Mail.lnk -> [LF1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweGmicrosoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweMmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.MaildC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwev1SPSMԆi<D*TIModernMail\Res\MailLogo.pngMModernMail\Res\MailBadge.pngU!ModernMail\Res\MailSmallLogo.pngQ ModernMail\Res\MailWideLogo.pngrU!ModernMail\Res\MailLargeLogo.pngEms-resource:mailAppTitleQ ModernMail\Res\MailTinyLogo.pnga1SPS0%G`Ems-resource:mailAppTitleq1SPS}@H1U!ms-resource:mailShareDescription-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] (No File)
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.People.lnk -> [LFr1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweGmicrosoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweOmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.PeopledC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe1SPSMԆi<D*TAModernPeople\People.pngMModernPeople\PeopleSmall.pngIModernPeople\PeopleWide.pngG&MModernPeople\PeopleLarge.png]%ms-resource:///strings/peopleAppNameIModernPeople\PeopleTiny.pngy1SPS0%G`]%ms-resource:///strings/peopleAppName1SPS}@H1e*ms-resource:///strings/raShareDescription-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] (No File)
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\57405F7AB8904.MathLogicalTest_b55ywndse5f8y\App.lnk -> [LFKY1SPSU(Ly9K-i,57405F7AB8904.MathLogicalTest_b55ywndse5f8y=57405F7AB8904.MathLogicalTest_1.0.0.0_neutral__b55ywndse5f8yq057405F7AB8904.MathLogicalTest_b55ywndse5f8y!AppZC:\Program Files\WindowsApps\57405F7AB8904.MathLogicalTest_1.0.0.0_neutral__b55ywndse5f8y+1SPSMԆi<D*T1Assets\Logo.jpg=Assets\SmallLogo.jpg9Assets\WideLogo.jpgFFF 5Math Logical TestQ1SPS0%G`5Math Logical Test-1SPSwlE[([8װ=1SPSOYMGm!Hsn Ch.] (No File)
Shortcut: C:\Users\shrey\Links\RecentPlaces.lnk -> L ᐁ À 䘀 耟穭⊇㞡䘚낑�깚馼 ă ꀀv 匱卐뜥䟯ယ怂麌곫-
ἀ ฀ 刀攀挀攀渀琀 瀀氀愀挀攀猀 ⴀ Ѐ System Folder  匱卐檦⡣锽ᇒ횵쀀�퀘e ἀ ⤀ 㨀㨀笀㈀㈀㠀㜀㜀䄀㘀䐀ⴀ㌀㜀䄀㄀ⴀ㐀㘀㄀䄀ⴀ㤀㄀䈀　ⴀ䐀䈀䐀䄀㔀䄀䄀䔀䈀䌀㤀㤀紀
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\ConnectedSearch\History\set_1076774695_en-us.lnk -> [LF5#1SPS՜.+,7AutoListBprop4294967295N8ᭊN{x^aMh 2item1IkLICSettings9$AutolistCacheTime\iG"AutolistCacheKeySettings0tY^Hg3(gs3EJ.* F1SPSiI~+.{F29F85E0-4FF9-1068-AB91-08002B27B3D9},6*{F29F85E0-4FF9-1068-AB91-08002B27B3D9},24*{B725F130-47EF-101A-A5F1-02608C9EEBAC},101SPS_ǵZeMJuEg$<MSettingsPagePCSystemBluetoothC1SPSU(Ly9K-1SPStk\;Co,oyd4AAA_SettingsPagePCSystemBluetooth.settingcontent-msU1SPS<I]@;l9d.settingcontent-ms-1SPSoOM'rTL1SPSjc(=OaC:\Users\shrey\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\LocalState\Indexed\Settings\en-US\AAA_SettingsPagePCSystemBluetooth.settingcontent-ms9.settingcontent-ms q^aMh 2[U
;UCEJ1SPSOh+'9Bluetooth settingsYadd addsbluetoothdevice devicesdisable disablesenable enablespair pairs print printer printers printingremove removessmartunpairaudiodiscover discoverskeyboard keyboardsMouse micephone phonesradio radiosspeaker speakerswireless-find finds}1SPSLX㈷ZJ ZDɬaC:\Users\shrey\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\LocalState\Indexed\Settings\en-US\AAA_SettingsPagePCSystemBluetooth.settingcontent-ms1SPSjc(=O9.settingcontent-msaC:\Users\shrey\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\LocalState\Indexed\Settings\en-US\AAA_SettingsPagePCSystemBluetooth.settingcontent-ms{1SPS0%G`9Bluetooth settings @X1SPStk\;Co,oyd4AAA_SettingsPagePCSystemBluetooth.settingcontent-msF1SPSiI~+.{F29F85E0-4FF9-1068-AB91-08002B27B3D9},6*{F29F85E0-4FF9-1068-AB91-08002B27B3D9},24*{B725F130-47EF-101A-A5F1-02608C9EEBAC},10U1SPS<I]@;l9d.settingcontent-msi1SPS_ǵZeMJuEg$<MSettingsPagePCSystemBluetooth1SPS@>+lG7*"aC:\Users\shrey\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\LocalState\Indexed\Settings\en-US\AAA_SettingsPagePCSystemBluetooth.settingcontent-msu1{1685D4AB-A51B-4AF1-A4E5-CEE87002431D}.Merge Any1SPSOh+'Yadd addsbluetoothdevice devicesdisable disablesenable enablespair pairs print printer printers printingremove removessmartunpairaudiodiscover discoverskeyboard keyboardsMouse micephone phonesradio radiosspeaker speakerswireless9Bluetooth settings-find finds)1SPSMԆi<D*T)1SPSZAZHY$d}1SPSLX㈷ZJ ZDɬaC:\Users\shrey\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\LocalState\Indexed\Settings\en-US\AAA_SettingsPagePCSystemBluetooth.settingcontent-ms-1SPS[l#J`'Hd{1SPS0%G` @X9Bluetooth settings)1SPS՜.+,)1SPSmDpHH@.=xdaU1SPSOh+'9Bluetooth settings] (No File)
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\ConnectedSearch\History\set_3054665329_en-us.lnk -> C:\Windows\system32\rundll32.exe shell32.dll,Control_RunDLL bthprops.cpl,, (No File)
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Calendar.lnk -> [LFz1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweGmicrosoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweQmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.CalendardC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe1SPSMԆi<D*TQ ModernCalendar\CalendarLogo.pngU!ModernCalendar\CalendarBadge.png]%ModernCalendar\CalendarSmallLogo.pngY$ModernCalendar\CalendarWideLogo.pngQ3]%ModernCalendar\CalendarLargeLogo.pngMms-resource:calendarAppTitleY$ModernCalendar\CalendarTinyLogo.pngi1SPS0%G`Mms-resource:calendarAppTitle-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] (No File)
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Mail.lnk -> [LF1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweGmicrosoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweMmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.MaildC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwev1SPSMԆi<D*TIModernMail\Res\MailLogo.pngMModernMail\Res\MailBadge.pngU!ModernMail\Res\MailSmallLogo.pngQ ModernMail\Res\MailWideLogo.pngrU!ModernMail\Res\MailLargeLogo.pngEms-resource:mailAppTitleQ ModernMail\Res\MailTinyLogo.pnga1SPS0%G`Ems-resource:mailAppTitleq1SPS}@H1U!ms-resource:mailShareDescription-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] (No File)
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.People.lnk -> [LFr1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweGmicrosoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweOmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.PeopledC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe1SPSMԆi<D*TAModernPeople\People.pngMModernPeople\PeopleSmall.pngIModernPeople\PeopleWide.pngG&MModernPeople\PeopleLarge.png]%ms-resource:///strings/peopleAppNameIModernPeople\PeopleTiny.pngy1SPS0%G`]%ms-resource:///strings/peopleAppName1SPS}@H1e*ms-resource:///strings/raShareDescription-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] (No File)
ShortcutWithArgument: C:\Users\183-k\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\183-k\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\183-k\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Start Menu.lnk -> C:\Users\183-k\AppData\Local\Pokki\Engine\HostAppService.exe (Pokki) -> /OPEN"menu"
ShortcutWithArgument: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\VIDLE for VPython.lnk -> C:\Python27\pythonw.exe () -> C:\Python27\Lib\site-packages\vidle\idle.py
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\FIRSTRUN.EXE (Microsoft Corporation) -> /OEM
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk -> C:\Users\183-k\AppData\Local\Pokki\Engine\HostAppService.exe (Pokki) -> /OPEN"f22abfeae27a67446927d078890381efc546d3e1"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk -> C:\Users\183-k\AppData\Local\Pokki\Engine\HostAppService.exe (Pokki) -> /OPEN"menu"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7\IDLE (Python GUI).lnk -> C:\Windows\Installer\{79F081BF-7454-43DB-BD8F-9EE596813232}\python_icon.exe () -> "C:\Python27\Lib\idlelib\idle.pyw"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7\Module Docs.lnk -> C:\Windows\Installer\{79F081BF-7454-43DB-BD8F-9EE596813232}\python_icon.exe () -> "C:\Python27\Tools\scripts\pydocgui.pyw"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7\Uninstall Python.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x{79F081BF-7454-43DB-BD8F-9EE596813232}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Configure Picasa Photo Viewer.lnk -> C:\Program Files (x86)\Google\Picasa3\PicasaPhotoViewer.exe (Google Inc.) -> /reconfig
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox (Safe Mode).lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ->
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ->
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MathType 6\Equation Conversion Manager.lnk -> C:\Program Files (x86)\MathType\Setup.exe (Design Science, Inc.) -> -OLEMGR
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MathType 6\MathType Server.lnk -> C:\Program Files (x86)\MathType\MathType.exe (Design Science, Inc.) -> -server
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MathType 6\Remove MathType.lnk -> C:\Program Files (x86)\MathType\Setup.exe (Design Science, Inc.) -> -R
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security\Remove Kaspersky Total Security.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2} REMOVE=ALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection\Kaspersky Secure Connection.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe (AO Kaspersky Lab) -> -navigate ksde://mainwindow
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection\Remove Kaspersky Secure Connection.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i{1CF84962-50F8-48CA-9082-B70F3A02C686} REMOVE=ALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Users\183-k\Desktop\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Users\183-k\Desktop\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IB Questionbank\Questionbank Maths HL.lnk -> C:\Program Files (x86)\IB Questionbank32\IB Questionbank32.exe () -> IB_MH
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IB Questionbank\Questionbank Physics.lnk -> C:\Program Files (x86)\IB Questionbank32\IB Questionbank32.exe () -> IB_PH
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Recovery Manager\HP Recovery Media Creation.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) -> \CRM
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueJ\Select BlueJ VM.lnk -> C:\Program Files (x86)\BlueJ\BlueJ.exe () -> /select
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autograph 3.3\Help.lnk -> C:\Program Files (x86)\Autograph 3.3\LocalisedLauncher.exe (Eastmond Publishing Ltd.(UK)) -> WebHelp\Autograph_Help.htm
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autograph 3.3\Manual.lnk -> C:\Program Files (x86)\Autograph 3.3\LocalisedLauncher.exe (Eastmond Publishing Ltd.(UK)) -> Autograph Manual.pdf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{d58eecb0-0816-11de-8c30-0800200c9a66}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=d58eecb0-0816-11de-8c30-0800200c9a66 /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{b0e43195-dbe0-4647-8e23-84fc3b08cee9}\PlayTasks\0\web.lnk -> C:\Program Files (x86)\WildTangent Games\Web Link - Dragons Of Atlantis\launcher.exe (WildTangent) -> /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{977b5905-4d14-47f1-bbbf-7b92f596695d}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - main\provider.exe (WildTangent) -> /id=977b5905-4d14-47f1-bbbf-7b92f596695d /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{7e008ca2-08ab-4789-af23-36da87658f74}\PlayTasks\0\web.lnk -> C:\Program Files (x86)\WildTangent Games\Web Link - DoubleDown Casino\launcher.exe (WildTangent) -> /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{3eda1e54-8889-41f5-a649-5a306789b7ef}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=3eda1e54-8889-41f5-a649-5a306789b7ef /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{26352374-af55-4b53-b07b-6b0288ed97df}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=26352374-af55-4b53-b07b-6b0288ed97df /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{000d96f5-8034-4b74-a429-b6f0b04c75f4}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=000d96f5-8034-4b74-a429-b6f0b04c75f4 /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\Apps.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) -> \SWR
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\BTR.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) -> \BTR
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\Driver.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) -> \SWR
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\RMC.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) -> \CRM
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\HP-PC\OneDrive\IB Question Banks\Questionbank Chemistry.lnk -> C:\Program Files (x86)\IB Questionbank32\IB Questionbank32.exe () -> IB_CH
ShortcutWithArgument: C:\Users\HP-PC\OneDrive\IB Question Banks\Questionbank Maths HL.lnk -> C:\Program Files (x86)\IB Questionbank32\IB Questionbank32.exe () -> IB_MH
ShortcutWithArgument: C:\Users\HP-PC\OneDrive\IB Question Banks\Questionbank Physics.lnk -> C:\Program Files (x86)\IB Questionbank32\IB Questionbank32.exe () -> IB_PH
ShortcutWithArgument: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SML of New Jersey (2).lnk -> C:\Program Files (x86)\SMLNJ\bin\.run\run.x86-win32.exe () -> "@SMLload=C:\Program Files (x86)\SMLNJ\bin\.heap\sml"
ShortcutWithArgument: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SML of New Jersey.lnk -> C:\Program Files (x86)\SMLNJ\bin\.run\run.x86-win32.exe () -> "@SMLload=C:\Program Files (x86)\SMLNJ\bin\.heap\sml"
ShortcutWithArgument: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) -> /tsr
ShortcutWithArgument: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RescueTime.lnk -> C:\Users\HP-PC\AppData\Local\RescueTime\RescueTime.exe (RescueTime, Inc.) ->
ShortcutWithArgument: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9\Maintenance\MiKTeX Update.lnk -> C:\Users\HP-PC\AppData\Local\Programs\MiKTeX 2.9\miktex\bin\internal\copystart.exe () -> "C:\Users\HP-PC\AppData\Local\Programs\MiKTeX 2.9\miktex/bin/internal\miktex-update.exe"
ShortcutWithArgument: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Multi messenger.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->
ShortcutWithArgument: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\HP-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ->
ShortcutWithArgument: C:\Users\HP-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe (AO Kaspersky Lab) -> -navigate ksde://mainwindow
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ->
ShortcutWithArgument: C:\Users\Public\Desktop\Questionbank Maths HL.lnk -> C:\Program Files (x86)\IB Questionbank32\IB Questionbank32.exe () -> IB_MH
ShortcutWithArgument: C:\Users\Public\Desktop\Questionbank Physics.lnk -> C:\Program Files (x86)\IB Questionbank32\IB Questionbank32.exe () -> IB_PH
ShortcutWithArgument: C:\Users\Public\Desktop\Safe Money.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe (AO Kaspersky Lab) -> -safebanking
ShortcutWithArgument: C:\Users\Public\Desktop\VIDLE for VPython.lnk -> C:\Python27\pythonw.exe () -> C:\Python27\Lib\site-packages\vidle\idle.py
ShortcutWithArgument: C:\Users\shrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FarmVille 2.lnk -> C:\Users\shrey\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe (Pokki) -> /OPEN"34e8f5c0c9e5744bf2cdb514283762dd0524776b"
ShortcutWithArgument: C:\Users\shrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk -> C:\Users\shrey\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe (Pokki) -> /OPEN"f22abfeae27a67446927d078890381efc546d3e1"
ShortcutWithArgument: C:\Users\shrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk -> C:\Users\shrey\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe (Pokki) -> /OPEN"menu"
ShortcutWithArgument: C:\Users\shrey\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\shrey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Start Menu.lnk -> C:\Users\shrey\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe (Pokki) -> /OPEN"menu"
ShortcutWithArgument: C:\Users\shrey\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\shrey\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\shrey\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\shrey\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\shrey\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\shrey\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\shrey\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\shrey\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\shrey\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\shrey\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
CMD: netsh advfirewall reset
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
CMD: bitsadmin /reset /allusers
reboot:
End

*****************

Processes closed successfully.
Restore point was successfully created.

========= RemoveProxy: =========

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-1605944295-1278072363-3366277582-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1605944295-1278072363-3366277582-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AZ3Tq5k16l3MBynp => value not found.
"C:\Users\HP-PC\AppData\Roaming\AZ3Tq5k16l3MBynp.hta" => not found.
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_7F0416C691E452253BB89BC2BE6D7727 => value removed successfully
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #7 => value removed successfully
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52f96c0f-4b14-11e6-82cb-020046a23e01} => key removed successfully
HKCR\CLSID\{52f96c0f-4b14-11e6-82cb-020046a23e01} => key not found.
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6d4daa1b-2812-11e4-8266-a02bb859a5c2} => key removed successfully
HKCR\CLSID\{6d4daa1b-2812-11e4-8266-a02bb859a5c2} => key not found.
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fddc09cc-da5b-11e3-825b-806e6f6e6963} => key removed successfully
HKCR\CLSID\{fddc09cc-da5b-11e3-825b-806e6f6e6963} => key not found.
HKU\S-1-5-21-1605944295-1278072363-3366277582-1005\Software\Microsoft\Windows\CurrentVersion\Run\\Pokki => value not found.
"C:\Users\HP-PC\AppData\Local\SweetLabs App Platform" => not found.
C:\Users\183-k\AppData\Local\RescueTime\RescueTime.exe => not found.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000008 => key removed successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000009 => key removed successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000008 => key removed successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000009 => key removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{346CCC8E-0B21-4061-9284-6EAA8587D1B6}\\DhcpNameServer => value not found.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D8CDCD34-1927-4308-BFA6-CD78629C69FD}\\DhcpNameServer => value removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-1605944295-1278072363-3366277582-1005\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ED62CEEF-D711-461D-8D9E-9ACA3F0E3A2A} => key removed successfully
HKCR\CLSID\{ED62CEEF-D711-461D-8D9E-9ACA3F0E3A2A} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E38825B-8815-42CF-9126-C58BC28D4591} => key removed successfully
HKCR\CLSID\{2E38825B-8815-42CF-9126-C58BC28D4591} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key removed successfully
HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} => key not found.
HKCR\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key removed successfully
HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => key removed successfully
HKCR\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E38825B-8815-42CF-9126-C58BC28D4591} => key removed successfully
HKCR\Wow6432Node\CLSID\{2E38825B-8815-42CF-9126-C58BC28D4591} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => key removed successfully
HKCR\Wow6432Node\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} => key not found.
HKCR\Wow6432Node\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E} => key removed successfully
HKCR\Wow6432Node\CLSID\{92EF2EAD-A7CE-4424-B0DB-499CF856608E} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => key removed successfully
HKCR\Wow6432Node\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{093F479D-712E-46CD-9E06-62E734A05F68} => value removed successfully
HKCR\CLSID\{093F479D-712E-46CD-9E06-62E734A05F68} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{093F479D-712E-46CD-9E06-62E734A05F68} => value removed successfully
HKCR\Wow6432Node\CLSID\{093F479D-712E-46CD-9E06-62E734A05F68} => key not found.
C:\Users\183-k\AppData\Roaming\Profiles\iyrqfjx7.default => path removed successfully
Firefox DefaultSearchEngine removed successfully
Firefox SelectedSearchEngine removed successfully
Firefox SearchEngineOrder.3 removed successfully
Firefox "Keyword.URL" removed successfully
Firefox "homepage" removed successfully
"C:\Users\183-k\AppData\Roaming\Mozilla\Firefox\Profiles\yt5wm08v.default\searchplugins\bingp.xml" => not found.
HKLM\Software\Mozilla\Firefox\Extensions\\wrc@avast.com => value not found.
HKLM\Software\Mozilla\Firefox\Extensions\\sp@avast.com => value not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\wrc@avast.com => value not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\sp@avast.com => value not found.
C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml => moved successfully
C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml => moved successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => key removed successfully
aswbdisk => service removed successfully
HKLM\System\CurrentControlSet\Services\mdareDriver_48 => key removed successfully
mdareDriver_48 => service removed successfully
HKLM\System\CurrentControlSet\Services\mdareDriver_52 => key removed successfully
mdareDriver_52 => service removed successfully
HKLM\System\CurrentControlSet\Services\mdareDriver_53 => key removed successfully
mdareDriver_53 => service removed successfully
HKLM\System\CurrentControlSet\Services\mdareDriver_60 => key removed successfully
mdareDriver_60 => service removed successfully
HKLM\System\CurrentControlSet\Services\mdareDriver_61 => key removed successfully
mdareDriver_61 => service removed successfully
HKLM\System\CurrentControlSet\Services\mdareDriver_62 => key removed successfully
mdareDriver_62 => service removed successfully
aswMBR => service not found.
"C:\Users\183-k\AppData\Roaming\Enigma Software Group" => not found.
"C:\Program Files\Enigma Software Group" => not found.
C:\sh4ldr => moved successfully
C:\Windows\System32\Tasks\BDAntiCryptoWallTask => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BDAntiRansomware => moved successfully
C:\Program Files\Bitdefender => moved successfully
"C:\Users\HP-PC\AppData\Roaming\AZ3Tq5k16l3MBynp.hta" => not found.
C:\Users\HP-PC\AppData\Roaming\errlog.txt => moved successfully
C:\Users\HP-PC\AppData\Roaming\AZ3Tq5k16l3MBynp.afn => moved successfully
C:\Users\HP-PC\AppData\Roaming\AZ3Tq5k16l3MBynp.ast => moved successfully
"C:\Users\HP-PC\AppData\Roaming\AZ3Tq5k16l3MBynp" => not found.
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208} => key removed successfully
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448} => key removed successfully
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856} => key removed successfully
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4} => key removed successfully
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E} => key removed successfully
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98} => key removed successfully
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247} => key removed successfully
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8} => key removed successfully
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A} => key removed successfully
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2} => key removed successfully
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9} => key removed successfully
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0219BF6B-4691-4A8B-B178-56FFF61475DE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0219BF6B-4691-4A8B-B178-56FFF61475DE} => key removed successfully
C:\Windows\System32\Tasks\YCMServiceAgent => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YCMServiceAgent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1A863726-086B-42F3-ACBC-DF6752958E12} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A863726-086B-42F3-ACBC-DF6752958E12} => key removed successfully
C:\Windows\System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29A46853-9769-454D-AFF2-430468021DE2} => key not found.
C:\Windows\System32\Tasks\SweetLabs App Platform => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SweetLabs App Platform => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F2066DB-0217-4F83-BBE9-E38D888098E9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F2066DB-0217-4F83-BBE9-E38D888098E9} => key removed successfully
C:\Windows\System32\Tasks\SDMsgUpdate (TE) => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SDMsgUpdate (TE) => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{61AAE424-B58F-4FD8-821A-6461A83209F1} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61AAE424-B58F-4FD8-821A-6461A83209F1} => key removed successfully
C:\Windows\System32\Tasks\SDMsgUpdate (Local) => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SDMsgUpdate (Local) => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8D3CE45B-EA58-4026-9922-10070FD498E3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D3CE45B-EA58-4026-9922-10070FD498E3} => key removed successfully
C:\Windows\System32\Tasks\BDAntiCryptoWallTask => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BDAntiCryptoWallTask => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A1095FFC-DFCF-4D22-BD61-A029EF25DB12} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1095FFC-DFCF-4D22-BD61-A029EF25DB12} => key removed successfully
C:\Windows\System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\Update Check => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B69BDAEC-684E-4604-9A48-DF14EC6CCA42} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B69BDAEC-684E-4604-9A48-DF14EC6CCA42} => key removed successfully
C:\Windows\System32\Tasks\TinyTakeUpgrade => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TinyTakeUpgrade => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DF38DFA3-8A2A-4F3D-A6DB-79F757FF401F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF38DFA3-8A2A-4F3D-A6DB-79F757FF401F} => key removed successfully
C:\Windows\System32\Tasks\Adobe Acrobat Update Task => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE079EE5-FAC7-47D1-8254-37B606874DCD} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE079EE5-FAC7-47D1-8254-37B606874DCD} => key removed successfully
C:\Windows\System32\Tasks\HPCeeScheduleForHP-PC => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPCeeScheduleForHP-PC => key removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => key removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => key removed successfully
C:\Windows\system32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\vm-monitoring-nb-session => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{64B9D502-F2A9-4D07-B273-49337AF2CD3C} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D94E5D30-5E92-4364-BBAD-3AA9C3B43892} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{96188C50-7FD1-4C02-8BEE-F46247AA0F84} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F06983FC-8920-4F3D-AD39-3ED40BE5168B} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D2FB5136-8CCA-4944-B878-5650789950DC} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1B7D9E60-79F4-4183-915B-91634E85450C} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6D61EDC4-F73B-4414-8D90-AD7972CEB22D} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{54CAF249-D498-4C7F-B8C4-C39F2E1BCE20} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{99D6E21E-92B1-423B-86AD-FB5FC8517AD8} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{40384E5F-55E0-499D-9AEC-CA92286AD093}C:\program files (x86)\skype\phone\skype.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A93C04BE-3839-4F93-8564-C2766514A9AE}C:\program files (x86)\skype\phone\skype.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1A4F5393-C5B1-4E5C-AE5B-214DC99F4B70} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2517537D-6605-4903-8DCB-68E19BC804FF} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{65B266A6-66D4-4E10-B23C-3FBD9B576A95}C:\users\hp-pc\appdata\local\google\chrome\application\chrome.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0C91A68E-1569-4DA7-8549-70DDEC003B4E}C:\users\hp-pc\appdata\local\google\chrome\application\chrome.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{316F8418-7F3F-4692-AE72-629A3DA48253} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EEC9BDE7-52BB-4B9C-9419-E45B704D5D7C} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{88E06CDD-9511-494A-BA9D-98F04B1AF38A} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D17EDF1B-D27C-468B-A50A-8681D0C05702} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{265A663D-1E01-42C0-ADEE-9122EDF880AD} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6FD288FF-75F9-43D9-BB0C-A6244923910D} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5466A29F-7602-4701-8485-DE54D70CDB43}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AF38A96D-61F4-4485-BB03-843BDED0E84B}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C5281240-DE99-43A1-A5E7-D10E4B3DFAB3} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EF832788-1AB2-43F4-A5F7-8623E4B65025} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0570EF7A-B81F-438A-9275-00DCFB086E90}C:\program files (x86)\connectify\connectify.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{987B2294-3DF7-431A-94A1-70E71B31D31C}C:\program files (x86)\connectify\connectify.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{599CDD59-2084-42C3-8439-2773CF39318B}C:\users\hp-pc\appdata\local\google\chrome\application\chrome.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{44A31A6F-A90F-4A86-A40E-3BB028D870D9}C:\users\hp-pc\appdata\local\google\chrome\application\chrome.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FC773ECF-F98A-480C-99D5-412EDE318A0D} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4D4B1086-6642-4F0E-89FC-D3ED5034BA6E}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FD67FAE2-2BC5-42EC-B297-027A5F1BE508}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0AF9D8E7-9842-41AE-95F2-9FBC5A93E355} => value removed successfully
C:\Users\183-k\Links\RecentPlaces.lnk => moved successfully
ἀ ฀ 刀攀挀攀渀琀 瀀氀愀挀攀猀 ⴀ Ѐ System Folder  匱卐檦⡣锽ᇒ횵쀀�퀘e ἀ ⤀ 㨀㨀笀㈀㈀㠀㜀㜀䄀㘀䐀ⴀ㌀㜀䄀㄀ⴀ㐀㘀㄀䄀ⴀ㤀㄀䈀　ⴀ䐀䈀䐀䄀㔀䄀䄀䔀䈀䌀㤀㤀紀 => Error: No automatic fix found for this entry.
C:\Users\183-k\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk => moved successfully
C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Calendar.lnk => moved successfully
C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Mail.lnk => moved successfully
C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.People.lnk => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\7-Zip File Manager.lnk => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\7-Zip Help.lnk => moved successfully
C:\Users\HP-PC\OneDrive\Google Chrome.lnk => moved successfully
C:\Users\HP-PC\OneDrive\BlueJ\Select VM.lnk => moved successfully
C:\Users\HP-PC\Links\RecentPlaces.lnk => moved successfully
ἀ ฀ 刀攀挀攀渀琀 瀀氀愀挀攀猀 ⴀ Ѐ System Folder  匱卐檦⡣锽ᇒ횵쀀�퀘e ἀ ⤀ 㨀㨀笀㈀㈀㠀㜀㜀䄀㘀䐀ⴀ㌀㜀䄀㄀ⴀ㐀㘀㄀䄀ⴀ㤀㄀䈀　ⴀ䐀䈀䐀䄀㔀䄀䄀䔀䈀䌀㤀㤀紀 => Error: No automatic fix found for this entry.
C:\Users\HP-PC\Documents\Corel\CorelDRAW X7 Samples\target.lnk => moved successfully
C:\Users\HP-PC\Documents\Corel\Corel PHOTO-PAINT X7 Samples\target.lnk => moved successfully
C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk => not found.
C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk => moved successfully
C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch\History\set_127180276_en-us.lnk => moved successfully
C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch\History\set_1281075515_en-us.lnk => moved successfully
0UCEJQ1SPSOh+'5Recovery optionsy1SPSLX㈷ZJ ZDɬ]C:\Users\HP-PC\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\LocalState\Indexed\Settings\en-US\AAA_SettingsPageRestoreRestore.settingcontent-ms1SPSjc(=O9.settingcontent-ms]C:\Users\HP-PC\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\LocalState\Indexed\Settings\en-US\AAA_SettingsPageRestoreRestore.settingcontent-msw1SPS0%G` 5Recovery options@X1SPStk\;Co,oud1AAA_SettingsPageRestoreRestore.settingcontent-ms1SPSiI~+.{F29F85E0-4FF9-1068-AB91-08002B27B3D9},6*{B725F130-47EF-101A-A5F1-02608C9EEBAC},10U1SPS<I]@;l9d.settingcontent-mse1SPS_ǵZeMJuEg$<ISettingsPageRestoreRestore1SPS@>+lG7*"]C:\Users\HP-PC\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\LocalState\Indexed\Settings\en-US\AAA_SettingsPageRestoreRestore.settingcontent-msu1{1685D4AB-A51B-4AF1-A4E5-CEE87002431D}.Merge Any1SPSOh+'5Recovery options)1SPSMԆi<D*T)1SPSZAZHY$dy1SPSLX㈷ZJ ZDɬ]C:\Users\HP-PC\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\LocalState\Indexed\Settings\en-US\AAA_SettingsPageRestoreRestore.settingcontent-ms-1SPS[l#J`'Hdw1SPS0%G` @X5Recovery options)1SPS՜.+,)1SPSmDpHH@.=xd]Q1SPSOh+'5Recovery options] (No File) => Error: No automatic fix found for this entry.
C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch\History\set_2747713814_en-us.lnk => moved successfully
C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch\History\set_3839032144_en-us.lnk => moved successfully
C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch\History\txt_2093339993_en-US.lnk => moved successfully
presentation 1 1卐卸杈祯䳞䶼反奃ᆯ餕 ἀ Ā => Error: No automatic fix found for this entry.
C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch\History\txt_2119866019_en-US.lnk => moved successfully
power point 1 1卐卸杈祯䳞䶼反奃ᆯ餕 ἀ Ā => Error: No automatic fix found for this entry.
C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch\History\txt_2436336599_en-US.lnk => moved successfully
bob dylan 1 1卐卸杈祯䳞䶼反奃ᆯ餕 ἀ Ā => Error: No automatic fix found for this entry.
C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch\History\txt_2674333138_en-US.lnk => moved successfully
Math type 1 1卐卸杈祯䳞䶼反奃ᆯ餕 ἀ Ā => Error: No automatic fix found for this entry.
C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch\History\txt_989337498_en-US.lnk => moved successfully
Mathtype 1 1卐卸杈祯䳞䶼反奃ᆯ餕 ἀ Ā => Error: No automatic fix found for this entry.
C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsReadingList_8wekyb3d8bbwe\Microsoft.WindowsReadingList.lnk => moved successfully
C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Calendar.lnk => moved successfully
C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Mail.lnk => moved successfully
C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.People.lnk => moved successfully
C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\57405F7AB8904.MathLogicalTest_b55ywndse5f8y\App.lnk => moved successfully
C:\Users\shrey\Links\RecentPlaces.lnk => moved successfully
ἀ ฀ 刀攀挀攀渀琀 瀀氀愀挀攀猀 ⴀ Ѐ System Folder  匱卐檦⡣锽ᇒ횵쀀�퀘e ἀ ⤀ 㨀㨀笀㈀㈀㠀㜀㜀䄀㘀䐀ⴀ㌀㜀䄀㄀ⴀ㐀㘀㄀䄀ⴀ㤀㄀䈀　ⴀ䐀䈀䐀䄀㔀䄀䄀䔀䈀䌀㤀㤀紀 => Error: No automatic fix found for this entry.
C:\Users\shrey\AppData\Local\Microsoft\Windows\ConnectedSearch\History\set_1076774695_en-us.lnk => moved successfully
;UCEJ1SPSOh+'9Bluetooth settingsYadd addsbluetoothdevice devicesdisable disablesenable enablespair pairs print printer printers printingremove removessmartunpairaudiodiscover discoverskeyboard keyboardsMouse micephone phonesradio radiosspeaker speakerswireless-find finds}1SPSLX㈷ZJ ZDɬaC:\Users\shrey\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\LocalState\Indexed\Settings\en-US\AAA_SettingsPagePCSystemBluetooth.settingcontent-ms1SPSjc(=O9.settingcontent-msaC:\Users\shrey\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\LocalState\Indexed\Settings\en-US\AAA_SettingsPagePCSystemBluetooth.settingcontent-ms{1SPS0%G`9Bluetooth settings @X1SPStk\;Co,oyd4AAA_SettingsPagePCSystemBluetooth.settingcontent-msF1SPSiI~+.{F29F85E0-4FF9-1068-AB91-08002B27B3D9},6*{F29F85E0-4FF9-1068-AB91-08002B27B3D9},24*{B725F130-47EF-101A-A5F1-02608C9EEBAC},10U1SPS<I]@;l9d.settingcontent-msi1SPS_ǵZeMJuEg$<MSettingsPagePCSystemBluetooth1SPS@>+lG7*"aC:\Users\shrey\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\LocalState\Indexed\Settings\en-US\AAA_SettingsPagePCSystemBluetooth.settingcontent-msu1{1685D4AB-A51B-4AF1-A4E5-CEE87002431D}.Merge Any1SPSOh+'Yadd addsbluetoothdevice devicesdisable disablesenable enablespair pairs print printer printers printingremove removessmartunpairaudiodiscover discoverskeyboard keyboardsMouse micephone phonesradio radiosspeaker speakerswireless9Bluetooth settings-find finds)1SPSMԆi<D*T)1SPSZAZHY$d}1SPSLX㈷ZJ ZDɬaC:\Users\shrey\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\LocalState\Indexed\Settings\en-US\AAA_SettingsPagePCSystemBluetooth.settingcontent-ms-1SPS[l#J`'Hd{1SPS0%G` @X9Bluetooth settings)1SPS՜.+,)1SPSmDpHH@.=xdaU1SPSOh+'9Bluetooth settings] (No File) => Error: No automatic fix found for this entry.
C:\Users\shrey\AppData\Local\Microsoft\Windows\ConnectedSearch\History\set_3054665329_en-us.lnk => moved successfully
C:\Users\shrey\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Calendar.lnk => moved successfully
C:\Users\shrey\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Mail.lnk => moved successfully
C:\Users\shrey\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.People.lnk => moved successfully
C:\Users\183-k\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk => Shortcut argument removed successfully.
C:\Users\183-k\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk => Shortcut argument removed successfully.
C:\Users\183-k\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Start Menu.lnk => not found.
C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk => Shortcut argument removed successfully.
C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk => Shortcut argument removed successfully.
C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk => Shortcut argument removed successfully.
C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk => Shortcut argument removed successfully.
C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk => Shortcut argument removed successfully.
C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk => Shortcut argument removed successfully.
C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk => Shortcut argument removed successfully.
C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk => Shortcut argument removed successfully.
C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk => Shortcut argument removed successfully.
C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\VIDLE for VPython.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk => not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk => not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7\IDLE (Python GUI).lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7\Module Docs.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7\Uninstall Python.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Configure Picasa Photo Viewer.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox (Safe Mode).lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MathType 6\Equation Conversion Manager.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MathType 6\MathType Server.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MathType 6\Remove MathType.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security\Remove Kaspersky Total Security.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection\Kaspersky Secure Connection.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection\Remove Kaspersky Secure Connection.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IB Questionbank\Questionbank Maths HL.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IB Questionbank\Questionbank Physics.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Recovery Manager\HP Recovery Media Creation.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueJ\Select BlueJ VM.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autograph 3.3\Help.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autograph 3.3\Manual.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\GameExplorer\{d58eecb0-0816-11de-8c30-0800200c9a66}\PlayTasks\0\provider.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\GameExplorer\{b0e43195-dbe0-4647-8e23-84fc3b08cee9}\PlayTasks\0\web.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\GameExplorer\{977b5905-4d14-47f1-bbbf-7b92f596695d}\PlayTasks\0\provider.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\GameExplorer\{7e008ca2-08ab-4789-af23-36da87658f74}\PlayTasks\0\web.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\GameExplorer\{3eda1e54-8889-41f5-a649-5a306789b7ef}\PlayTasks\0\provider.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\GameExplorer\{26352374-af55-4b53-b07b-6b0288ed97df}\PlayTasks\0\provider.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\GameExplorer\{000d96f5-8034-4b74-a429-b6f0b04c75f4}\PlayTasks\0\provider.lnk => Shortcut argument removed successfully.
C:\ProgramData\Hewlett-Packard\Recovery\Links\Apps.lnk => Shortcut argument removed successfully.
C:\ProgramData\Hewlett-Packard\Recovery\Links\BTR.lnk => Shortcut argument removed successfully.
C:\ProgramData\Hewlett-Packard\Recovery\Links\Driver.lnk => Shortcut argument removed successfully.
C:\ProgramData\Hewlett-Packard\Recovery\Links\RMC.lnk => Shortcut argument removed successfully.
C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk => Shortcut argument removed successfully.
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk => Shortcut argument removed successfully.
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk => Shortcut argument removed successfully.
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk => Shortcut argument removed successfully.
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk => Shortcut argument removed successfully.
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk => Shortcut argument removed successfully.
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk => Shortcut argument removed successfully.
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk => Shortcut argument removed successfully.
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk => Shortcut argument removed successfully.
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk => Shortcut argument removed successfully.
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk => Shortcut argument removed successfully.
C:\Users\HP-PC\OneDrive\IB Question Banks\Questionbank Chemistry.lnk => Shortcut argument removed successfully.
C:\Users\HP-PC\OneDrive\IB Question Banks\Questionbank Maths HL.lnk => Shortcut argument removed successfully.
C:\Users\HP-PC\OneDrive\IB Question Banks\Questionbank Physics.lnk => Shortcut argument removed successfully.
C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SML of New Jersey (2).lnk => Shortcut argument removed successfully.
C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SML of New Jersey.lnk => Shortcut argument removed successfully.
C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk => Shortcut argument removed successfully.
C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RescueTime.lnk => Shortcut argument removed successfully.
C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9\Maintenance\MiKTeX Update.lnk => Shortcut argument removed successfully.
C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Multi messenger.lnk => Shortcut argument removed successfully.
C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk => Shortcut argument removed successfully.
C:\Users\HP-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk => Shortcut argument removed successfully.
C:\Users\HP-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk => Shortcut argument removed successfully.
C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk => Shortcut argument removed successfully.
C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk => Shortcut argument removed successfully.
C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk => Shortcut argument removed successfully.
C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk => Shortcut argument removed successfully.
C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk => Shortcut argument removed successfully.
C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk => Shortcut argument removed successfully.
C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk => Shortcut argument removed successfully.
C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk => Shortcut argument removed successfully.
C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk => Shortcut argument removed successfully.
C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk => Shortcut argument removed successfully.
C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk => Shortcut argument removed successfully.
C:\Users\Public\Desktop\Mozilla Firefox.lnk => Shortcut argument removed successfully.
C:\Users\Public\Desktop\Questionbank Maths HL.lnk => Shortcut argument removed successfully.
C:\Users\Public\Desktop\Questionbank Physics.lnk => Shortcut argument removed successfully.
C:\Users\Public\Desktop\Safe Money.lnk => Shortcut argument removed successfully.
C:\Users\Public\Desktop\VIDLE for VPython.lnk => Shortcut argument removed successfully.
C:\Users\shrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FarmVille 2.lnk => Shortcut argument removed successfully.
C:\Users\shrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk => not found.
C:\Users\shrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk => Shortcut argument removed successfully.
C:\Users\shrey\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk => Shortcut argument removed successfully.
C:\Users\shrey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Start Menu.lnk => Shortcut argument removed successfully.
C:\Users\shrey\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk => Shortcut argument removed successfully.
C:\Users\shrey\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk => Shortcut argument removed successfully.
C:\Users\shrey\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk => Shortcut argument removed successfully.
C:\Users\shrey\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk => Shortcut argument removed successfully.
C:\Users\shrey\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk => Shortcut argument removed successfully.
C:\Users\shrey\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk => Shortcut argument removed successfully.
C:\Users\shrey\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk => Shortcut argument removed successfully.
C:\Users\shrey\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk => Shortcut argument removed successfully.
C:\Users\shrey\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk => Shortcut argument removed successfully.
C:\Users\shrey\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk => Shortcut argument removed successfully.

========= netsh advfirewall reset =========

Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 11003
Ok.


========= End of CMD: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


========= netsh winsock reset catalog =========

Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 11003

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= netsh int ip reset c:\resetlog.txt =========

Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 11003
Resetting Global, OK!
Resetting Interface, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


========= ipconfig /release =========


Windows IP Configuration

No operation can be performed on Ethernet 2 while it has its media disconnected.
No operation can be performed on Local Area Connection 3 while it has its media disconnected.
No operation can be performed on Ethernet while it has its media disconnected.

Ethernet adapter Ethernet 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Tunnel adapter Local Area Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Ethernet adapter Ethernet:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . :
Default Gateway . . . . . . . . . :

========= End of CMD: =========


========= ipconfig /renew =========


Windows IP Configuration

No operation can be performed on Ethernet 2 while it has its media disconnected.
No operation can be performed on Local Area Connection 3 while it has its media disconnected.
No operation can be performed on Ethernet while it has its media disconnected.

Ethernet adapter Ethernet 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Tunnel adapter Local Area Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Ethernet adapter Ethernet:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . : dlink.router
IPv4 Address. . . . . . . . . . . : 192.168.0.100
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1

========= End of CMD: =========


========= netsh int ipv4 reset =========

Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 11003
Resetting Interface, OK!
Resetting , failed.
Access is denied.

Restart the computer to complete this action.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 11003
Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 28796747 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 362374133 B
Edge => 0 B
Chrome => 34470875 B
Firefox => 3248565 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 129 B
LocalService => 3045644 B
NetworkService => 2993294 B
HP-PC => 3341559634 B
shrey => 593034863 B
183-k => 434309709 B

RecycleBin => 836827 B
EmptyTemp: => 4.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:37:45 ====

 

[Malnutrition]

Alright, after running the next three tools and posting the logs, please tell me what issues remain.

 

[Shrey Aryan]

SecurityCheck by glax24 & Severnyj v.1.4.0.46 [22.09.16]
WebSite: www.safezone.cc
DateLog: 20.03.2017 12:18:41
Path starting: C:\Users\183-k\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: 183-k
VersionXML: 4.04is-19.03.2017
___________________________________________________________________________

Windows 8.1(6.3.9600) (x64) CoreSingleLanguage Lang: English(0409)
Installation date OS: 28.07.2014 15:47:16
LicenseStatus: Windows(R), CoreSingleLanguage edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: Internet Explorer (C:\Program Files\Internet Explorer\iexplore.exe)
SystemDrive: C: FS: [NTFS] Capacity: [455.7 Gb] Used: [119.4 Gb] Free: [336.3 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.18618
User Account Control enabled
Automatically download and schedule installation
Date install updates: 2017-03-17 05:26:28
Windows Update (wuauserv) - The service has stopped
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office 2007 v.12.0.4518.1014
Microsoft Office 2013 x86 v.15.0.4569.1506
---------------------------- [ Antivirus_WMI ] ----------------------------
Kaspersky Total Security (enabled and up to date)
Windows Defender (disabled and up to date)
Malwarebytes (disabled and up to date)
---------------------------- [ Firewall_WMI ] -----------------------------
Kaspersky Total Security (enabled)
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Malwarebytes (disabled and up to date)
Kaspersky Total Security (enabled and up to date)
Windows Defender (disabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
ESET Online Scanner v3
Kaspersky Secure Connection v.17.0.0.611
Kaspersky Total Security v.17.0.0.611
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes version 3.0.6.1469 v.3.0.6.1469
Zemana AntiMalware v.2.72.0.176
--------------------------- [ OtherUtilities ] ----------------------------
WinRAR 5.10 (64-bit) v.5.10.0 Warning! Download Update
Picasa 3 v.3.9.141.259 Warning! This software is no longer supported.
--------------------------------- [ IM ] ----------------------------------
Skype™ 7.30 v.7.30.105 Warning! Download Update
^Optional update.^
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 25 (64-bit) v.8.0.250 Warning! Download Update
Uninstall old version and install new one (jre-8u121-windows-x64.exe).
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Shockwave Player 12.0 v.12.0.4.144 Warning! Download Update
Adobe Reader XI (11.0.19) v.11.0.19
------------------------------- [ Browser ] -------------------------------
Google Chrome v.57.0.2987.98 Warning! Download Update
Mozilla Firefox (3.5.7) v.3.5.7 (en-US) Warning! Download Update
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.57.0.2987.98
------------------ [ AntivirusFirewallProcessServices ] -------------------
Kaspersky Anti-Virus Service 17.0.0 (AVP17.0.0) - The service is running
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe v.17.0.0.611
klvssbrigde64 (klvssbrigde64) - The service has stopped
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe v.17.0.0.643
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe v.17.0.0.611
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe v.17.0.0.643
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe v.3.0.0.912
Malwarebytes Service (MBAMService) - The service is running
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe v.3.1.0.415
Windows Defender Service (WinDefend) - The service has stopped
Windows Defender Network Inspection Service (WdNisSvc) - The service has stopped
ZAM Controller Service (ZAMSvc) - The service is running
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe v.2.72.0.176
---------------------------- [ UnwantedApps ] -----------------------------
Skype Click to Call v.8.5.0.9167 Warning! Browser's toolbar. It can slow down the working of your browser and have violation privacy problems.
----------------------------- [ End of Log ] ------------------------------

 

[Shrey Aryan]

I ran the Adware Tool Removal Scanner and even removed the threats, but no Log was generated. Where can I find the log?

 

[Shrey Aryan]

With 9-lab Removal I am getting the following error (twice).

 

[Malnutrition]

With 9-lab Removal I am getting the following error (twice).

Reboot the machine and then run the tool again, make sure and push the update button prior to running it.

 

[Malnutrition]

I ran the Adware Tool Removal Scanner and even removed the threats, but no Log was generated. Where can I find the log?

C:\Program Files (x86)\Adware Removal Tool by TSA

 

[Malnutrition]

Overall how is the machine performing now?

 

[Shrey Aryan]

9-lab Removal Tool 1.0.0.39 BETA

9-lab.com

Database version: 165.47817

Windows 8.1 (Version 6.3, Build 0, 64-bit Edition)
Internet Explorer 9.11.9600.18618
183-k :: HP

20-03-2017 14:02:38
9lab-log-2017-03-20 (14-02-38).txt

Scan type: Full
Objects scanned: 58968
Time Elapsed: 40 m 17 s

Registry Keys detected: 3
Adware.RPL.Gen.tv [HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib]
Adware.RPL.Gen.tv [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib]
Adware.RPL.ELEX.vl [HKEY_CLASSES_ROOT\Microsoft.Ptid.Host.List]


Files detected: 174
[DCFDD3E0E4F019AA4BF6E9416E6269C7] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\background\background_plugin.js]
[5C5A9A735215B5D75A4DA55A065F436B] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\background\button_control.js]
[53FE18C274C32E5ED7E3A1033A81BD41] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\background\factory_settings.js]
[B17E5F07C87442ACBA5EF509A670D9D2] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\background\fakes.js]
[2E109085299524CC2D6447F123CCFDFA] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\background\injection_id_init.js]
[B82ADDA3D0D8785A12D1CC65A6566F8C] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\background\main.html]
[F3C256ED507B41BE72859D42280CA7D3] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\background\popup_control.js]
[85402F85014C90022CE637B655499B24] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\background\tabs.js]
[857F32287339314F3A97081FF2590A6B] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\common\defaults.js]
[0B87F26AECE14F78ED5D80C4B2322E39] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\common\tracing.js]
[357D907734061E3E25DFAFFB6C088C43] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\content\api_injection.js]
[2789EF7DBF05045391DF7E74EAAF06B0] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\content\content_plugin.js]
[EE4E21CE00F41BE216C54E8BC5E1579B] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\content\fakes.js]
[7AC2EF0C114F3A0306092F9F8069F254] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\content\product_info.js]
[4944E8D6FFF2524B4B542E400123AD79] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\content\script_injection.js]
[C13185C34C7E2A043ABEFC0B22952F22] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\images\button\active_19.png]
[A075301958362016D24FB39C6D4E3718] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\images\button\active_38.png]
[7851FB1D878AEB9AF8C2A72BD4EA31FA] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\images\button\inactive_19.png]
[EE80F14D05BBDE9FA20D00F1CBC0D9A0] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\images\button\inactive_38.png]
[58697D48815C3D78EE04BA060F1B30F2] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\images\button\warning_19.png]
[15CA3DF73C14C1F7159FC388A92EEDD4] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\images\button\warning_38.png]
[C64724122B7CA4DFE2D8BC597B7838F1] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\images\icon_128.png]
[53B81A3CE3466F27802B7767E9B2146E] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\images\icon_16.png]
[B8DB317A822818534C9C931CC85B8D43] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\images\icon_32.png]
[2D6E193A3214007DF80415A147A91822] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\images\icon_48.png]
[194288C92711C4EB603714781686B9C8] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\images\icon_64.png]
[D41D8CD98F00B204E9800998ECF8427E] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\locales_copy.target]
[8F8DECC7553180DEF28D92789D36B0BF] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\manifest.json]
[790AF089887CA58F0061E4DB60828588] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\popup\offline_popup.css]
[6B23662388884765CD42C7BB686E87CB] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\popup\offline_popup.html]
[7126A077EA753374B002ACC0062B1FF2] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\popup\popup.css]
[31ED2F72C1790038C31766DCBC24D54E] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\popup\popup.html]
[86CFCBA3E1CC9C79D875D4539BFD9264] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\popup\popup.js]
[21CD1A46BF039E260234123A519B0E1E] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\popup\popup_plugin.js]
[4A8694DEEEC6D5533C173AC6ADE78D3E] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\snapshot\script.light.js]
[BBD8B0A19DE0E1F646E78146743D75C4] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\snapshot\script.main.js]
[C39A8249F3387DEAE50A061BF93110B2] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\snapshot\script.popup.js]
[A719A53C71287888EDDDA341E45DFDC5] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\ar\messages.json]
[A4D991834E56D036A2EC6309C6D0C68C] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\bg\messages.json]
[313727F96219447B468BEF249DA5A719] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\cs\messages.json]
[80D27A98E067930E90CFA6C17E0B2CE7] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\da\messages.json]
[EE2F5077C5150128C1D12A121290772A] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\de\messages.json]
[B45212F15F0669AB9B1C99E48061147B] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\el\messages.json]
[356B2D2BC48CCB3B724C121A38B1EF69] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\en\messages.json]
[4C43D94FC3F45AA20C90AE43D9786255] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\es\messages.json]
[AA9FC72A1A2B6494A52AD8336B90EFFE] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\es-419\messages.json]
[AA9FC72A1A2B6494A52AD8336B90EFFE] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\es-MX\messages.json]
[23FE775F49AD47BA493B452CB8048137] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\et\messages.json]
[7B2D1CE606263AEDCB2687E1EBB8FE75] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\fa\messages.json]
[4BE3DF35B88ABD3F82A1D8056578F0AD] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\fi\messages.json]
[E0295A32F5FE7E0B859EC10F30D39830] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\fr\messages.json]
[A020ABA8A4EBD21F00D8EAECE18F339A] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\hu\messages.json]
[A6EC25F296A4C9DC27806854D1D4AA98] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\it\messages.json]
[49526BD2B1AFC08EA3C873561F12D88F] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\ja\messages.json]
[DD3CAEC3E94DE8A700C2FBB6E0EA2CBD] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\kk\messages.json]
[DDC4C8EEB9C5BC6C75E4B806CEE0EB9C] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\ko\messages.json]
[0D0B7F86E277A97246DE717F03DE55B8] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\lt\messages.json]
[F8F08F6B6206C8B36B6664D116F0B248] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\lv\messages.json]
[C0305CECDD846CF7BE406BB411F880E0] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\mk\messages.json]
[893082C6B16044056462DD4AA2DF46E1] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\nb\messages.json]
[7CEBAB431B6E130DEA74CEC51FF1FEBF] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\nl\messages.json]
[72109FFE6DFFC1AB263F92274AC31CF0] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\pl\messages.json]
[BB109F39B6F7C5A8E346B98D430783C0] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\pt\messages.json]
[983048D752C6292157906FEEABE4C648] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\pt-BR\messages.json]
[F4D860D0DC8B4B80EA5EC4F3AEAC09CC] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\ro\messages.json]
[1280EB0A531F86956326BF6C07E6FAC0] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\ru\messages.json]
[83ED05EF5E96B2C9237829BF5916DDEA] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\sr-Cyrl\messages.json]
[A2DF2B26515DF1401E79BFCF434A5F8C] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\sr-Latn\messages.json]
[E1B08AA9293F42AE196C2EF753B99D62] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\sv\messages.json]
[876285E6DBEDE293157D03EEF9F000C3] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\th\messages.json]
[D9ED457DCFE40D63E33ADE462A670D04] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\tr\messages.json]
[54E814B62A50E3D40340C6592D5AB327] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\uk\messages.json]
[0B999DEC9FFEAC443814CBA9B67A860A] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\vi\messages.json]
[81E6F64D92526A541468C7DAFFDA3688] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\zh-CN\messages.json]
[D4AF82A22C5798869D9259587FC6095A] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\zh-HK\messages.json]
[D4AF82A22C5798869D9259587FC6095A] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\zh-TW\messages.json]
[02826D6442563AB272A184353981686F] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\zh_CN\messages.json]
[D4AF82A22C5798869D9259587FC6095A] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\zh_HK\messages.json]
[A67BE27CA0115E968B3927B22B808CB7] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\zh_TW\messages.json]
[D0C1DE0D0E18EE311E1C2C43F8EFFB90] Adware.FPL.Gen.tv [c:\users\183-k\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_metadata\verified_contents.json]
[DCFDD3E0E4F019AA4BF6E9416E6269C7] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\background\background_plugin.js]
[5C5A9A735215B5D75A4DA55A065F436B] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\background\button_control.js]
[53FE18C274C32E5ED7E3A1033A81BD41] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\background\factory_settings.js]
[B17E5F07C87442ACBA5EF509A670D9D2] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\background\fakes.js]
[2E109085299524CC2D6447F123CCFDFA] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\background\injection_id_init.js]
[B82ADDA3D0D8785A12D1CC65A6566F8C] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\background\main.html]
[F3C256ED507B41BE72859D42280CA7D3] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\background\popup_control.js]
[85402F85014C90022CE637B655499B24] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\background\tabs.js]
[857F32287339314F3A97081FF2590A6B] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\common\defaults.js]
[0B87F26AECE14F78ED5D80C4B2322E39] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\common\tracing.js]
[357D907734061E3E25DFAFFB6C088C43] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\content\api_injection.js]
[2789EF7DBF05045391DF7E74EAAF06B0] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\content\content_plugin.js]
[EE4E21CE00F41BE216C54E8BC5E1579B] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\content\fakes.js]
[7AC2EF0C114F3A0306092F9F8069F254] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\content\product_info.js]
[4944E8D6FFF2524B4B542E400123AD79] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\content\script_injection.js]
[C13185C34C7E2A043ABEFC0B22952F22] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\images\button\active_19.png]
[A075301958362016D24FB39C6D4E3718] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\images\button\active_38.png]
[7851FB1D878AEB9AF8C2A72BD4EA31FA] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\images\button\inactive_19.png]
[EE80F14D05BBDE9FA20D00F1CBC0D9A0] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\images\button\inactive_38.png]
[58697D48815C3D78EE04BA060F1B30F2] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\images\button\warning_19.png]
[15CA3DF73C14C1F7159FC388A92EEDD4] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\images\button\warning_38.png]
[C64724122B7CA4DFE2D8BC597B7838F1] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\images\icon_128.png]
[53B81A3CE3466F27802B7767E9B2146E] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\images\icon_16.png]
[B8DB317A822818534C9C931CC85B8D43] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\images\icon_32.png]
[2D6E193A3214007DF80415A147A91822] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\images\icon_48.png]
[194288C92711C4EB603714781686B9C8] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\images\icon_64.png]
[D41D8CD98F00B204E9800998ECF8427E] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\locales_copy.target]
[8F8DECC7553180DEF28D92789D36B0BF] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\manifest.json]
[790AF089887CA58F0061E4DB60828588] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\popup\offline_popup.css]
[6B23662388884765CD42C7BB686E87CB] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\popup\offline_popup.html]
[7126A077EA753374B002ACC0062B1FF2] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\popup\popup.css]
[31ED2F72C1790038C31766DCBC24D54E] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\popup\popup.html]
[86CFCBA3E1CC9C79D875D4539BFD9264] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\popup\popup.js]
[21CD1A46BF039E260234123A519B0E1E] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\popup\popup_plugin.js]
[4A8694DEEEC6D5533C173AC6ADE78D3E] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\snapshot\script.light.js]
[BBD8B0A19DE0E1F646E78146743D75C4] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\snapshot\script.main.js]
[C39A8249F3387DEAE50A061BF93110B2] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\snapshot\script.popup.js]
[A719A53C71287888EDDDA341E45DFDC5] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\ar\messages.json]
[A4D991834E56D036A2EC6309C6D0C68C] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\bg\messages.json]
[313727F96219447B468BEF249DA5A719] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\cs\messages.json]
[80D27A98E067930E90CFA6C17E0B2CE7] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\da\messages.json]
[EE2F5077C5150128C1D12A121290772A] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\de\messages.json]
[B45212F15F0669AB9B1C99E48061147B] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\el\messages.json]
[356B2D2BC48CCB3B724C121A38B1EF69] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\en\messages.json]
[4C43D94FC3F45AA20C90AE43D9786255] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\es\messages.json]
[AA9FC72A1A2B6494A52AD8336B90EFFE] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\es-419\messages.json]
[AA9FC72A1A2B6494A52AD8336B90EFFE] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\es-MX\messages.json]
[23FE775F49AD47BA493B452CB8048137] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\et\messages.json]
[7B2D1CE606263AEDCB2687E1EBB8FE75] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\fa\messages.json]
[4BE3DF35B88ABD3F82A1D8056578F0AD] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\fi\messages.json]
[E0295A32F5FE7E0B859EC10F30D39830] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\fr\messages.json]
[A020ABA8A4EBD21F00D8EAECE18F339A] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\hu\messages.json]
[A6EC25F296A4C9DC27806854D1D4AA98] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\it\messages.json]
[49526BD2B1AFC08EA3C873561F12D88F] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\ja\messages.json]
[DD3CAEC3E94DE8A700C2FBB6E0EA2CBD] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\kk\messages.json]
[DDC4C8EEB9C5BC6C75E4B806CEE0EB9C] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\ko\messages.json]
[0D0B7F86E277A97246DE717F03DE55B8] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\lt\messages.json]
[F8F08F6B6206C8B36B6664D116F0B248] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\lv\messages.json]
[C0305CECDD846CF7BE406BB411F880E0] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\mk\messages.json]
[893082C6B16044056462DD4AA2DF46E1] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\nb\messages.json]
[7CEBAB431B6E130DEA74CEC51FF1FEBF] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\nl\messages.json]
[72109FFE6DFFC1AB263F92274AC31CF0] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\pl\messages.json]
[BB109F39B6F7C5A8E346B98D430783C0] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\pt\messages.json]
[983048D752C6292157906FEEABE4C648] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\pt-BR\messages.json]
[F4D860D0DC8B4B80EA5EC4F3AEAC09CC] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\ro\messages.json]
[1280EB0A531F86956326BF6C07E6FAC0] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\ru\messages.json]
[83ED05EF5E96B2C9237829BF5916DDEA] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\sr-Cyrl\messages.json]
[A2DF2B26515DF1401E79BFCF434A5F8C] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\sr-Latn\messages.json]
[E1B08AA9293F42AE196C2EF753B99D62] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\sv\messages.json]
[876285E6DBEDE293157D03EEF9F000C3] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\th\messages.json]
[D9ED457DCFE40D63E33ADE462A670D04] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\tr\messages.json]
[54E814B62A50E3D40340C6592D5AB327] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\uk\messages.json]
[0B999DEC9FFEAC443814CBA9B67A860A] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\vi\messages.json]
[81E6F64D92526A541468C7DAFFDA3688] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\zh-CN\messages.json]
[D4AF82A22C5798869D9259587FC6095A] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\zh-HK\messages.json]
[D4AF82A22C5798869D9259587FC6095A] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\zh-TW\messages.json]
[02826D6442563AB272A184353981686F] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\zh_CN\messages.json]
[D4AF82A22C5798869D9259587FC6095A] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\zh_HK\messages.json]
[A67BE27CA0115E968B3927B22B808CB7] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_locales\zh_TW\messages.json]
[D0C1DE0D0E18EE311E1C2C43F8EFFB90] Adware.FPL.Gen.tv [c:\users\hp-pc\appdata\local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.4_0\_metadata\verified_contents.json]
[F5ABAA16CF5ECF8E107608616B760472] Malware.MPL.Heur.vl [c:\users\hp-pc\LJM1130_M1210_MFP_Full_Solution.exe]
[011B965A47E2BA8CE20A2820B2228338] Adware.PL.VGen.vl [C:\Program Files (x86)\mozilla firefox\defaults\pref\reporter.js]
[DBB466564BBE901C19D8F1B7A609AE91] Adware.MPL.VGen.vl [C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-branding.js]
[F8B36EB9AD9250806B71E806BD04DD3E] Adware.MPL.VGen.vl [C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js]
[63C7996D0224066DB1DE428C81961CF7] Adware.MPL.VGen.vl [C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox.js]
[4EFFFE3332D3091252640AD0FF79152E] PUP.Gen.vl!c [C:\AdwCleaner\quarantine\files\ngsafgnqgbxfvnueynxukxqflzhivgvx\Engine\ServiceHostApp.exe]
[97CD6BE06EA8C15E90A920F67B310333] Adware.Win64.SweetIM.vl!n [C:\AdwCleaner\quarantine\files\ngsafgnqgbxfvnueynxukxqflzhivgvx\Engine\ServiceHostAppUpdater.exe]
[CFB4F7683B28A5B603E0DBE35D32F0F0] PUP.Gen.vl!c [C:\AdwCleaner\quarantine\files\ngsafgnqgbxfvnueynxukxqflzhivgvx\Engine\ServiceStartMenuIndexer.exe]
[548AB37A1D34034E82F5B4F9096C63E2] PUP.Gen.vl!c [C:\AdwCleaner\quarantine\files\ngsafgnqgbxfvnueynxukxqflzhivgvx\Uninstall.exe]
[E179128A67086346ADC6DB752A89861C] PUP.Gen.vl!c [C:\AdwCleaner\quarantine\files\qidbghqyrfoweiwgtaaefbjxoakyeada\Uninstall.exe]
[FB201C9F836C29FB79E7942826E1A4FB] PUP.Gen.vl!c [F:\183-k\AppData\Local\Pokki\Engine\StartMenuIndexer.exe]
[B56091798319C0BA80989A7A5E14683A] Trojan.Win32.Injector.vl!n [C:\Program Files\WindowsApps\57405F7AB8904.MathLogicalTest_1.0.0.0_neutral__b55ywndse5f8y\App2.exe]
[57BBCA03455BBCE96F6B8A48787B8631] Malware.Win32.Gen.sm!s1 [C:\Users\HP-PC\Desktop\libexec\emacs\24.5\i686-pc-mingw32\ddeclient.exe]
[5107C3A8E219F75612080A53D8DE73A5] Trojan.Win32.Amonetize.vl!n [C:\Users\HP-PC\OneDrive\your_file_download.exe]

 

[Shrey Aryan]

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Adware Removal Tool 5.1
Time: 2017_03_20_12_22_37
OS: Windows 8.1 Single Language - x64 Bit
Account Name: 183-k
Adware Definition: 03192017.1
Elapsed time: 11:12
Repair Status:- Automatic Done
\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\

[-] Deleted ->> File ->> C:\Windows\Prefetch\SYNTPHELPER.EXE-878378AE.pf

[-] Deleted ->> Folder ->> C:\Users\183-k\Appdata\Roaming\ZHP\Quarantine\Pokki

[-] Deleted ->> Folder ->> C:\Users\183-k\Appdata\Roaming\ZHP\Quarantine\Pokki\Pokki

[-] Deleted ->> Folder ->> C:\Users\183-k\AppData\Local\Profiles

 

[Shrey Aryan]

When the ransomware hit my computer, there were two issues that I was facing: continuous encryption of files (even if I downloaded or created a new file, it would automatically get encrypted) and second was the popup window that appeared each time I rebooted my computer. Both are gone now, so I am guessing that the problem is solved. But could you please reassure me, or is there something that would confirm that the malware has left my computer?