Need help cleaning up computer


Recommended Posts

Howdy mama bear and welcome to BestTechie !!!  

My name is flashh4 (Chuck) and i will be assisting you with the cleaning of your computer.

 

Run these 1 at a time & post each log as you get it ! Work them as your time permits you to !!

If you don't understand something, please don't hesitate to ask for clarification before proceeding !!! You can PM me if you need to !!
Do Not Remove anything or run any tools/programs until advised to do so !

Perform all actions in the order given.

Please stay with us until we give you the "All Clean Speech"! Just because the problem has stopped it may still need some clean-up !  

Please note that all instructions given are customized for this computer only, the tools used may cause damage if used on a computer with different infections.  

If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.  


===================================


AdwCleaner
       
Please download adwcleaner by Xplode onto your desktop.
Double click on AdwCleaner.exe to run the tool again.
       Windows XP : Double click on the icon to run it.

       Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

    *Click on the Scan button.
    *AdwCleaner will begin to scan your computer like it did before.
    *After the scan has finished...
    *This time, click on the Clean button.
    *Press OK when asked to close all programs and follow the onscreen prompts.
    *Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    *After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
    *Copy and paste the contents of that logfile in your next reply.
    *A copy of that logfile will also be saved in the C:\AdwCleaner folder.



NEXT

thisisujrt-1.gif
    Please download Junkware Removal Tool and save to your desk top.

    Shut down your protection software now to avoid potential conflicts.

    * Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    * The tool will open and start scanning your system.
    * Please be patient as this can take a while to complete depending on your system's specifications.
    * On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    * Post the contents of JRT.txt into your next reply !

Re-Boot your computer now !!


NEXT


MALWAREBYTES with Pics:

Please download Malwarebytes' Anti-Malware to your desktop.


    * Double-click  mbam-setup.exe and follow the prompts to install the program.
    * At the end, be sure a checkmark is placed next to  Update Malwarebytes' Anti-Malware and  Launch Malwarebytes' Anti-Malware, then click  Finish.
    * If an update is found, it will download and install the latest version.
    * Once the program has loaded, select  Perform quick scan, then click Scan.

mbam-1.jpg


When the scan is complete, click  OK, then  Show Results to view the results.

scan-finished.jpg

    *  Then click  Remove Selected .
    * When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
    * Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.



Please don't attach the scans / logs, use "copy/paste".


Post next:
1. AdwCleaner Log
2. Junkware Removal Log
3. Malwarebytes log
Thanks
Chuck


==========================

NEXT


Download OldTimer to your desk top !
Links: http://oldtimer.geekstogo.com/OTL.com http://oldtimer.geekstogo.com/OTL.scr  
 
If you already have a copy of OTL delete it and use this version.  (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).

* Double click OTL.exe to launch the program.
* Check the following.

o Scan all users.
o Standard Output. o Lop check.
o Purity check. oExtra Registry > Use SafeList  

* Under Extra Registry section, select Use SafeList
* Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
* When finished it will produce two logs.

o OTL.txt (open on your desktop).
o Extras.txt (minimised in your taskbar) The Extras.txt file will only appear the very first time you run OTL.

* Please post me both logs. This may have to be broken into more than one post !   



Post Next:
1. AdwCleaner log
2. Junkware Removal Tool log
3. Malwarebytes Log
4. OTL.txt and Extras.txt (if a Extras.txt is produced)


Thanks
Chuck

Link to post
Share on other sites

# AdwCleaner v3.010 - Report created 22/10/2013 at 20:39:37
# Updated 20/10/2013 by Xplode
# Operating System : Windows Vista Home Premium Service Pack 2 (32 bits)
# Username : family - FAMILY-PC
# Running from : C:\Users\family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E37VNEVS\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Users\family\AppData\Local\Conduit
Folder Deleted : C:\Users\family\AppData\Local\PackageAware
Folder Deleted : C:\Users\family\AppData\LocalLow\AVG Security Toolbar
Folder Deleted : C:\Users\family\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\family\AppData\Roaming\DriverCure

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3007394
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{04D2B915-19FF-41E9-994D-95DC898BEA43}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A5B9C0F5-5616-47CD-A95F-E43B488FACCF}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A5B9C0F5-5616-47CD-A95F-E43B488FACCF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16514

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [search Bar]

-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\family\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [4683 octets] - [22/10/2013 20:35:21]
AdwCleaner[s0].txt - [4615 octets] - [22/10/2013 20:39:37]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [4675 octets] ##########

Link to post
Share on other sites

Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows Vista Home Premium x86
Ran by family on Tue 10/22/2013 at 20:58:46.33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\dw7

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{6C8DB2EC-499B-4897-A784-0E3186C97E9D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C8DB2EC-499B-4897-A784-0E3186C97E9D}

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\Users\family\appdata\local\arcadefrontier"
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{005C6E0A-AB67-4068-8767-4179B0D03EFA}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{00683FE1-DE68-42FB-B887-37BAC5796388}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{015643C7-6502-48E8-9820-DF07048060DC}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{02ABDC62-990C-4F7E-BAB1-129DF282DDEE}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{03B766FD-BE91-4D91-B763-59E72EDD8CBC}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{04A5CA66-25FC-4B2F-8CEC-3076A53AB674}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{04A6ED68-F69D-4DAC-A835-EE0690747A28}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{058E9460-3ABA-4C0D-8EAD-09354C1490D5}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{05BFD109-6FA8-4F9D-921D-7932BFEB90D2}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{069170C9-3845-45E6-9F97-68C0AC96BF5E}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{07FA62FC-2552-411B-9BBE-715DC63BC9B3}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{080E7F6A-F2B8-4B76-AEB0-384FEAB4FEB0}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{0875BD47-91B4-4BD8-9060-9CA8BFF56406}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{08B385F1-050F-4B96-953A-51FF75F1FB44}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{094C1514-9322-437A-9C6D-3701370E64BA}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{0990B6D6-171D-496B-9E95-C08C90943AFD}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{09F111B3-DE92-444C-8603-375EB00D8525}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{09F329DC-B646-4B32-8527-829BC4964BD1}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{0A85A33E-E300-4A47-8EDD-86FB3A1422FA}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{0B80EB4D-A14C-4527-AB90-0D1A6C3AC5DD}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{0B828006-D5EB-4C9D-B6BF-259A467BE824}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{0BFE1079-CCA2-4C6A-A2C5-15729FF6BB55}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{0CE7BA2F-B404-4313-9AFF-4A8F5703BB5D}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{0D3442FA-C170-48EC-80BC-826913A79424}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{0DB66DAE-A5DE-4062-9CDC-0723803D1271}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{0E8E66F9-897B-42E5-95DE-1273497E3C93}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{0F6B7E87-530B-4B4E-B716-35AA200C7867}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{1134B30F-24F0-4B5D-B8A3-140095D3089F}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{11512265-7AE0-4E53-828D-1112B660DCF4}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{11C493C2-542E-4DEB-8C90-084AE2A96901}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{12406AE1-1F37-4F1B-AED4-94089DC762D0}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{127CEA1D-AC91-44B6-BA87-468556FC3617}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{1331D4B1-6487-49CD-8462-880B587497A0}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{139CFA4A-F92D-464D-8413-618E5EF7F604}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{13C41F55-64F3-491A-92CF-B084F03EA913}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{143BCA1F-3B20-47FE-A9A9-9E9836DCCFB2}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{149765F1-5CD8-4ED9-9BA2-2C17BE3605CB}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{16CFFB2B-F3F2-451F-82DD-052A93D88796}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{16EBC8E6-4C06-4023-BE8D-E98ADEF9EAB1}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{1771B9FE-08A9-4677-A68E-8C33C2F34517}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{179638FA-9575-4E97-A7F9-C16F1AF3F140}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{18033039-AB7D-4987-AC50-152429BC1218}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{18754708-DC03-46D4-830E-6A0B2B1C2E25}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{18979770-E35C-4EAF-A770-47279D646344}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{19D52343-0E87-43D9-ABB6-894D66EAA175}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{1A22BA10-04EF-4EDF-9197-454483E05E1F}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{1AB47A9D-CA98-4D64-AF5D-956307C3AECA}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{1AC9E2D5-9ED3-403A-94D5-8336BE5BF7CB}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{1B608989-4E5C-43CD-9F57-CCBE66A5F8F7}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{1B9C9CF2-EAB8-4622-AA79-2B23E6D6984D}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{1B9FC1D5-D839-4D1D-93B7-875B0E2893D0}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{1C52626B-5553-42CF-A61E-DD5FBAD453BF}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{1CE8E0AF-CDD2-46D2-A193-877FEAE936BA}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{1D085001-C61F-4EC7-AACA-153FE0A1ABA6}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{1D84A2F2-4A20-4F09-988A-AC3310299069}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{1E0636CD-1B5C-4EF5-8F8F-E875B6785629}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{1E4B1223-6C0A-46A0-829B-A9B53F4AA3E1}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{1FA0EC1A-D9C3-4511-B33D-E316F70D217E}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{1FCCF551-8CD5-4A1F-95EE-3CC8946E3F3D}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{1FDF9E4D-4E91-46DD-AA6A-5AB409DFF806}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{20C0B665-DCFA-4A1D-B204-CEE66D52422F}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{20FC5D77-D17B-4E5D-8DEF-30D2A63B14FF}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{218B7B85-3514-4227-9EB4-DD4C4A4A6E34}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{21B543FC-09BA-4EDB-9EB0-C6B63B6F053E}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{23331432-F671-4F3F-B389-7773D4963817}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{239B2E58-8A0E-47F4-9ECC-DE0B7B1A2FAB}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{242B1284-722C-4FB1-9D11-1BFC27AECECB}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{247584E1-1A00-40A9-97C3-CAAF713254E7}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{24865AE7-EEBE-4EB1-8007-BFFC0057C860}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{248B185A-F8FD-4231-BEC0-C4EA2302167B}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{249A4FCF-A7D3-42B7-A3ED-286AEE16DB8C}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{25EBD5DB-6360-47EE-9E6A-7EB2F9239DBA}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{265B4F2F-3E47-40CE-B921-A9218B2507F3}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{265CF453-9565-4737-A9E0-6FDF776103FB}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{272D3110-EAEB-4CB7-8C6B-B8BDFD5A056D}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{277F9516-900E-47EA-9376-F291CB1DA6CC}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{28047DE8-3A7E-46E4-8828-1A593CA2A583}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{2850483A-6333-46ED-BED6-0C9901155EA2}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{2869E9D6-BD7B-4DDD-9DFA-C21A6DD6D971}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{28CBD5B7-E8E6-4088-A89E-35FAAB48B6A3}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{297CE276-3BD2-46F6-83D0-6515EBC066B6}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{29838AA3-6AD0-4C28-8382-DB6C08CE2C25}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{29CDF31D-2537-440A-B4AD-7CB2C221C158}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{2A8A3372-F84C-48F4-92B4-8105A29E22A7}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{2B0B706F-FCED-4E00-8746-EE35B9E16D93}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{2B9F786E-CB59-4F77-9DFA-997CCD658407}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{2BCFF0B1-0C95-425E-99FE-C0BF562C1698}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{2C0FA161-FD46-4811-B5FE-452D3E4F462E}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{2C2A2C2A-23A8-4A71-82AE-BB4180B03DF6}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{2C88F553-557D-4BC5-A12D-145BFC1FE581}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{2CA28582-B065-490E-BF5A-086EB4BC6FCC}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{2CC6ED2B-A9D9-4812-BE8E-DFCF83ED15DF}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{2CFF8B58-ABEF-4AAF-A4CB-B9A878284477}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{2EBAF5C0-D2FD-4365-89DA-00624F7E394B}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{2F1CC311-3D28-4814-AE71-447BAC1D3EAB}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{2F5855D9-5269-4895-8328-164E21448624}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{30AD4B0D-8439-4455-8D44-5CFF562F20E1}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{30C09B03-4D58-4EDC-B98D-DE7A75DB81B5}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{31A68361-D694-498A-A7C0-31CA122F24FC}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{31F40598-48DA-40C4-9A7A-1F10C4661650}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{32105141-DEAD-4790-B7DA-B717A5171170}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{32B7B944-1C45-475B-87F9-778CB3293018}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{32DC1224-1B7A-4F7E-A599-A46AC18FC09B}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{32F2DA9A-5659-431F-A0B9-DB3B4DCE2D4E}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{33710319-8942-413A-803D-61F56587D42B}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{33ADFF46-7EFD-4253-871A-EE424E9ECC3A}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{34754654-DAE3-45B6-9CD0-CB0AF4CE4724}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{358E4C8E-E498-44FB-ACE0-F107705E564C}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{35D13724-4D57-417C-9205-5A10AA782613}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{369EF8FF-4425-4D86-BC06-EB99BBEF5086}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{37971E42-E3BD-4351-BB8A-AD8A8E78BCCB}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{37BBBC84-6CEE-4EF1-8864-0DF04013E6E4}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{3842CEAA-48FA-46F0-AE11-BCD88FBA209A}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{38AC08DF-34C6-414B-8094-7CB8A4008488}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{3924E5DC-92B8-4D93-A7F6-32A067D65BDA}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{3927B833-F055-4000-92CF-202E02125A84}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{39B0A551-AC07-4DEA-B4A9-F30A33D7EFB1}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{3A137878-8A00-418D-B2B7-4EE7323B862A}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{3A44C98D-F250-4A53-B721-B69CBF55DDA4}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{3A4E8199-9E50-4727-92D8-E4743BED4E1D}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{3A72C201-B5F3-4E6E-9690-C35FD4E20BC1}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{3AA96ECE-3124-411F-9545-A9F83A22024E}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{3AB994D2-4B4C-46A3-8A08-A5E3D83943FB}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{3AF81E32-DD8C-4713-ABDA-E5FC8736D1C9}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{3B8B525D-FE4B-43F4-B6F1-4A9008B29A7E}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{3C4E80E8-D586-492D-B395-CF6AC052987C}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{3D5C67A6-D00D-42B9-8782-2225094E5782}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{3D7ED3DD-8979-496F-ADCA-CDA020AAFBF5}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{3D888CAC-99AE-4A77-98DD-A2BA7F5CBE5C}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{3E30E916-72E9-496B-81CA-E3E3DEFE3D18}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{3EC86349-052A-4E1E-A848-7EDE69DDEF1C}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{3EF54068-2EED-4DA1-9287-AB841C86D9DE}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{3F55E2F0-A2DC-41BF-968F-97791D8B2C8D}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{3FCB314B-2978-4548-BC71-00FE7414234C}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{403D6FC8-38AB-48E1-B9E1-B4CBBF8C70F2}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{4108C87E-C3AB-43AA-80DD-8C3B82AB5758}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{41143B7B-6D82-4059-B9E3-3D1A6BBFE2FF}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{416D8F5E-9DBF-46D4-8221-FF502BA52931}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{418B9B46-C86C-4677-92D2-70D03BB8CBBE}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{422AC345-13D1-49F8-93CB-5B84DC39D3D5}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{42879504-F204-49E0-ABF1-75B15A57282E}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{42AFF452-3E0C-493D-A677-A35F7F122BAF}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{42E6A26E-A77D-4C99-9322-4CD07A4C33DF}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{431EE004-D329-4457-8487-726E9C1EB340}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{43D4367C-1624-4D31-BEF3-FA40B16B6AE4}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{4421A941-224C-4825-AEB3-1D1DF70B81F0}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{44A7776A-4A24-49D0-BF13-356534E4CF95}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{4573A841-1F03-4732-B077-BA67C300CF1D}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{461698A9-A521-4C6C-B899-FFC6E2D600AF}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{46AD2326-5437-4E46-9455-520B7F4223C3}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{481BBA31-C4B8-4D51-8237-1DAE6DAA25F9}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{48D0539A-63B5-4BCF-9D92-0BEE8B0A1E1A}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{49061D4E-99A0-4899-8180-C18B5A1B51B4}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{49D6B4A2-4B90-431F-A3E5-35A7E1939562}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{4A0340A6-7C9B-4695-92F2-82ED276779EA}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{4A3932FC-3970-444C-9C8B-116B48DC8BEB}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{4A43BBB6-BA93-4F0C-95AF-5EB521053B0B}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{4B4C0D68-4752-4379-895D-05F64FBCBB90}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{4BEB711E-9F18-471B-9983-42D1E2319869}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{4C349E95-BB62-4839-86F1-7CDD65C14909}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{4CAFB330-A67A-4088-8A1B-74C4960FC279}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{4D507E00-3C8B-4122-9A61-66F99516FAB8}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{4E4DEAB7-CCD0-456B-989E-F2C002DB8F3B}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{4E5C2662-AD97-4AD5-9E40-0C6DC42A9086}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{4E63EC1D-6AB2-4D12-A2A2-74EC513A2F23}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{4E8AA5D1-1FED-460C-8EC9-439A2CBF7E79}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{4ED9BDD3-0F85-439D-BA91-566D8C9EFA51}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{4F05CB55-9CB0-46E5-869F-CE280BD077F8}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{4FC26FC1-BEE2-43FD-AFF5-1D49DF574BB7}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{50CB30FF-D5C1-4D63-9E1A-FB73D38832BA}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{510F8797-3FB2-4F8D-AEE7-AFAB888629E1}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{523465AE-6562-4561-8033-00A832CFD8A8}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{5234D509-AB3A-4D3A-93EF-25718C66F645}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{525AED71-AF05-49A1-886A-E7676DC422C7}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{5377C8C5-1616-4F24-93C8-BE0C14E2D5E8}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{538AED33-6005-43B3-AC64-EBC084B07317}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{53DBF1A0-0684-48CB-B7A7-593F9A557FCA}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{5413055E-767F-4216-9317-4769F4B94E37}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{542F3651-C5F7-4D10-AC23-6B5A6031F748}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{54DF9780-5AEF-4108-9893-AFDED902B5D5}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{54F28215-9DDE-4FD9-A829-C0573C92BCDC}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{55DA342E-49EA-4EBA-8E81-0C3AACB8371F}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{55E1DA42-E2D4-4D4C-AAF8-EBB88A685CE6}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{55F6EC92-7483-4C88-8AAF-14B188E7623D}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{562BD30D-CDBC-4265-8B29-F3DDCC5A7FD9}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{56BAF9B8-03C5-4E36-BF04-E81BAEE74DCA}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{56D2D819-C5B5-4A72-BD17-AFE4D86298BB}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{57567033-E052-4FBC-A9E9-F2C8EB99EDE0}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{57856691-8F9E-40D8-AB81-583ADF1DEBEB}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{579D0CD4-2C37-4D70-846D-81A449C8718E}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{57D47435-B245-46E5-821A-130219FDC16B}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{58310708-1030-4254-9535-24F50D5BD913}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{58451DE4-9E18-46CD-8505-E391416B5D76}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{5847D5F6-CC8F-4095-B395-75E56A231ED0}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{5878A8B9-1474-42CD-A434-B48434975010}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{58C84F60-06B9-4919-8D87-2A07FD3AF52A}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{58CEED27-B6D2-4E5D-829C-4A9CB953E9F3}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{59BE3C35-15DA-46C8-A691-CA5F41D3A401}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{5A6423CA-92F1-4616-875E-43A7F1751BFC}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{5AF3E84D-FB9A-4966-9230-1B5F3F4DFF74}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{5B00CD85-32B3-4893-AAB3-2D2FC7331E5E}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{5B4F771B-2644-443D-AC62-31F0E230E736}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{5B5E09D6-20D4-45DB-A94B-C0C45EF45881}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{5B83D099-4829-4F27-9B44-402C688D0315}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{5C067063-FE59-45EA-9CEB-4382D40ACD27}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{5C6D6DC3-A273-42E7-918B-07D7C1C41504}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{5C8F0F1A-429C-4B8A-B1C4-7B089DA31F75}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{5CE99D38-B412-4087-819B-720B7B349B54}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{5D099D3C-6ADE-4FF8-858A-E57096C33144}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{5D3E86B4-085D-4D48-BCF0-C580F46D5884}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{5D9E7AB9-D735-4D03-91B0-8A39EBF7A2EB}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{5DFF0718-D3B7-4D55-8FBC-0CE3103D40AD}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{5E2B26BE-4F2D-4EE6-975D-B360203F06F9}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{5EA854DE-E346-460A-9B9E-5FC407647975}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{5EF69D74-0B08-4EFE-8C6E-C6A6A9FE2DBB}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{5F17C414-4B66-41A3-89FB-75C3E4B43F2A}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{5F7A8DE0-0033-4A5E-B07C-9AEA97D307AB}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{5F991914-3AB4-4390-9B27-49CEC4071891}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{5FB04E3D-B1EB-4451-A489-700DEB88F102}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{6020DBAF-29EA-4CCC-A8AA-289C0BE7F3F9}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{60F52FBC-A15F-4D69-9EAA-D2C1E16CBC73}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{617D1E14-719F-4B60-B19D-332C1D79132F}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{6221FB30-F604-4862-A1FD-7B4F16BFB694}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{62301382-D723-4CCB-87F2-E3D54BC55169}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{62419AB5-6714-496C-B29C-D306AFD35A80}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{62659044-836E-445E-AE9B-969A824B0B68}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{626B5CC3-93F3-407B-9AE7-3161347515D3}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{62CF6652-7045-43DD-8A2C-2D242808B591}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{62E37466-9B97-4B10-9BE0-64BED5EC4BFB}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{62EDBC20-85DA-4A4E-BF4F-2DFA4195288C}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{647EB1FF-89B5-4A24-9431-CDAAE48472B4}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{65B1FF23-E9EA-4B57-8719-6C5A89B56897}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{65B546DC-6342-4023-953F-1DCF6B945F3F}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{65CF7D3E-2EE7-41DD-A782-596ADC3D41C4}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{65FF9223-B680-4783-8267-E702D0871CEA}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{66085062-8115-40E4-9E2D-5CFDA3CE8034}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{662B529E-4BCB-4E2C-BB4E-F695336FA8D9}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{66358117-F66D-4B3F-AAF9-6D770192A9DA}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{6766FDAB-CC88-4BC6-940C-467F84459858}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{67E1FAD0-376F-443E-A3F9-9AE327CFE7CF}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{67E7A4F7-FC9F-40BB-96AA-1F0605203927}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{67F1A484-4ADD-4034-A0DF-536E1674C1F0}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{6810FD5E-3A4E-4E6A-9DD5-D6FF473B58E1}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{696A951C-4E78-4960-B5B7-B6BEC19B619D}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{69BCACF6-EDF2-4EE3-A33D-91066029FE30}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{6AE5FCCB-266F-4015-A355-36698D977512}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{6C0E27D2-3700-4F64-AA53-FDA608E61CCB}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{6C16B833-4D42-4518-BE4F-AB6E3E1813CE}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{6CC8F604-0B5C-435D-9A59-27AF1A80C9B3}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{6CE70169-1372-4A65-BA6C-29F61E3C9DC2}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{6D0D32D9-C3D8-4DAC-8252-3BA386B76D24}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{6D38F34B-B000-4DD3-A6AA-AC1095E1634A}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{6D849355-C93C-4D93-AEBC-3FE0929745C9}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{6DBA6068-2D76-41B6-8C37-49C164A7B502}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{6DCD1901-2111-4236-BB05-D51AEDB94597}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{6EAC42E6-B586-4A99-9233-6E110EA9D53B}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{70945DA3-31F1-4299-A8B8-AA71998E1A31}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{70AD7F81-A2CE-4D17-9D6C-14AFB32CCC9D}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{712CE402-C34C-4F4F-9FF4-6823574023FF}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{714876F7-529B-4AB4-AA27-919064493590}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{718A6CC2-BC14-4668-9C69-B615EFF1C3C2}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{71A3D281-B862-467A-A67A-B3357A2491A0}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{71D28D2F-7012-45D2-86AB-DEAC47280BFB}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{71D47A35-A6B1-47B9-AB53-011E2EC51364}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{72A9F08C-D8CE-4087-A68F-0DB4D693EA03}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{72BC1EC3-AC60-4450-8E4E-576CAC810A63}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{72FFDA88-E31B-4989-A04A-ABC8AB8B4BFF}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{73640070-81A5-4E90-8656-6709A4EF63D6}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{736FEE00-7608-4AB3-BD37-1CD59618EB55}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{7441724A-4CD2-42FC-87FC-3DC13AD333EF}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{74A9EB98-E3EC-4B41-B185-B27B37B1BFE5}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{7543480D-4E4B-4924-8FA8-F5FDD6351BB5}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{756E9C29-F740-42A3-B007-AC122445635D}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{757722CD-4A7D-4A40-B2E4-86EE2ADE485A}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{75FE171A-A3E3-4058-BDCC-2B605218FA62}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{75FEFF77-1231-4C36-865C-01DB792B868B}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{771267A8-76CD-426A-B58B-F83C1C827A90}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{777ACADA-18C6-4398-8D56-EC18A9B965E0}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{77EAE28C-DFAF-434F-B0B5-F056BF78CBA5}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{77FF40BC-9EC9-4116-9AEE-49B8F6C8E6F4}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{7812F8B4-586D-4B3D-9F85-D7CF29D0E738}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{793EE2F0-A844-4199-8C2A-8CE877FF4267}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{7A423FF0-7F63-46A6-A6D0-FAA36A77A5E8}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{7B29ECDF-5788-44C0-9B05-CB477D0EAF8A}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{7B4FC55E-7C36-4CB5-A2B9-97AAC2F34696}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{7B83A20B-E8B4-4F63-B0D8-F5567734727A}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{7D1F67F0-A64D-43E1-A059-7DB11CEC39B2}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{7D44D389-8FDE-4770-99A5-BAAF1F84F4BD}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{7D4F7A09-1042-4EDF-9114-B53B6DB3992E}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{7D59C6AF-2F6A-4714-A0F1-66F98701FE2F}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{7D66EF01-14EF-4F99-B8B5-C17FB53CF5D6}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{7D71848F-3922-4E52-B47E-7B48FEE946F8}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{7D8C80DE-A092-409D-8BD9-2B3E43470E9A}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{7DB0EBB5-28DA-4532-82C0-5D06AD25769D}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{7E150B84-7BF3-4318-98A0-6F96ED929F17}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{7EA0A6FB-0791-4DFB-A5C3-4B21CBE1806A}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{7EEF5F03-FB3D-4868-AD96-A56025D77343}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{7F4B11EA-12B4-4BBE-AC9F-FBCCF57E4017}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{7FE205CD-87D1-4892-B407-9ACE3885301F}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{80059732-5C9C-49EF-8D9C-6F091627BD11}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{8014DFAD-9B53-4CEF-97C3-D7259B43526A}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{80BEB043-5FEF-4BD8-A261-83EADD2B62D0}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{80E9744F-8F4E-4C61-B5C6-13DE869419D1}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{812D251C-2948-492D-8385-099A34B88A66}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{815CC77E-5665-434B-87AD-8209D8B27C16}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{81C8241E-EF28-430B-8671-3F91FE98FDA8}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{820711D8-C71F-4693-8EA3-F1B86BF95A49}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{824CD572-EE12-41BF-A62F-39B7AFEF783D}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{82829E9C-A489-4FE5-9B73-EA58653FAEE9}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{82997B9D-A2E0-4392-97A6-722020467B2F}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{82A160BF-17C8-42D9-889D-65BC84B658D9}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{82EB3FE4-CDF4-42CF-AAE0-2F316F5FA29C}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{836CD97F-5B03-4F52-B69E-57A76A821E92}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{83D566E8-A71F-4DE5-81A0-F43CAAA16CB4}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{840A49A5-47A0-4C0F-B3BD-2096290A94D1}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{84DA25E4-0145-4A3B-994E-A8315AACC563}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{863F2D96-346B-450D-8FA6-DCFA80F80C7A}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{867BC416-A1A9-44F8-91AB-E40C07A67AD6}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{86D60C36-9BA7-4C90-A319-2545B822251C}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{8785DCB4-512D-4644-91F2-96414D0895AA}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{87B9E602-9353-4A39-B544-F6FED206C39D}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{880C9DA4-7603-4DF1-BD2A-287CEC8335D3}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{88277571-A3C2-4EF0-983C-BE3E047A70B5}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{88D4943B-7D3D-48DF-A6D2-8AE49E27FD92}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{89314817-BFC2-409E-B251-CF845D0DE8A9}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{8B98355A-4954-4720-AE51-99143640EDD4}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{8BEA711A-6BD3-44AF-AF98-4BEC2D07E56F}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{8C1FE165-52B5-48D7-8016-2F1712681BD7}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{8CDDC138-91AF-45BC-B913-909802371D1A}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{8D196A61-4EF2-451C-970B-F261D709483B}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{8D6FCE2E-E22B-4E48-8BA0-A2E959828959}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{8E35D1A1-4A15-41E6-A0A8-BA20BB571F88}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{8EEC2280-AC81-4587-AFDE-D678E687C3E7}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{8EFFEEFE-BA29-4E45-B6D9-D2F41D779293}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{8FC1D7FC-8C3E-47B6-845B-3EBB2004D9EC}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{90EC4193-FB5A-4D1C-BC86-C040C8E05BB2}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{9162B929-3DA8-450A-8985-9037EDE94ADC}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{91843EC9-9D4C-4478-B5EA-0C14376FA8C9}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{931AA1F4-A373-464D-BAE2-D28B7D0FEC02}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{93398126-725B-4716-BD38-08A888849896}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{9436F42A-B788-4A8B-9E68-88EF3F99CC68}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{948CE151-7855-4A2A-B829-7F03CC7EF264}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{959ED56D-F856-4F5F-A10B-79F9FB458D0C}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{95D5EF67-6339-4571-93DD-65B717F055AE}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{965A87A8-EC18-48F6-949B-7027A6135D0C}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{9694CF13-1BAC-48EC-94CE-271B800423B0}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{974A8685-6131-4F73-9B5F-5FE554AB5E89}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{977D4CD3-37DC-44A7-A149-269E454646E6}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{97896315-C9F9-4F56-8E88-A4BA0D398478}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{97A7C0D7-6592-480F-B07A-C0C81147915F}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{9A629F53-BDD6-4C1D-9226-20B13C3DEE05}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{9A99668C-7198-4DB7-BE87-F202B6DDAD24}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{9ACBB1BE-30E5-4DF4-8F4C-01DDC6BD9304}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{9B8B14D8-BE34-4CBF-9BCE-38B085AFA245}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{9BE07C29-85D3-4BB2-8CA4-E592FD187358}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{9C50A7D1-F4FB-42E3-9AC3-4F1E94FEFEFC}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{9D335529-93D7-4AFF-BB7E-C0FB61387F71}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{9D9C8EDB-6985-4F07-97A2-4D6369FDCE29}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{9DEB5EE3-57B7-40F9-B772-D09423D70DA5}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{9DFFD8ED-1096-4515-8387-515868084D94}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{9E0B05E9-8DD2-4E6C-87B5-C7CD6EF1E7B8}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{9E9F16D0-36BF-438F-9DD6-0CF63F9AD838}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{9EC09DCE-1051-4C39-B525-1BE59F8D5FBB}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{9EC55BD5-942D-4E34-A39B-3AC7F74F4095}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{9ED2B3FB-BD20-47F1-A6FA-ABB3B502DA3D}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{9F384F47-FE63-4D6F-BEA9-6BDC6FD1A26E}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{9F493015-516E-45C3-A8B2-5A981A98469A}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{9FD0DAD9-6DE1-4AC7-9AD0-CEEEC3EDB8FF}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{A0499B5C-C020-4873-8C54-D3731073AB52}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{A0846139-7FF7-4A4C-8E02-41661A2D5C7C}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{A0CE20AF-C954-45A8-9AF5-DFE3ED0CEFE1}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{A2445DAC-2635-4E13-93EA-3B1D4E08D163}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{A26D5453-B07E-427E-B5E9-7EC18B8D7715}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{A2BD07A4-F5B8-400E-A8DF-D39A34CA8C47}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{A2C2DACD-04A0-4982-BEF2-A7F90EFD0C26}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{A39A414F-24AE-4692-9B51-B07A7F53A099}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{A4B838EE-827C-4F6A-9112-B451BB913723}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{A6251C03-8395-4FBE-BD2B-DC74835C6EB6}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{A67D1271-0ABB-41AC-8C1D-50C2B86E39BB}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{A67D65C3-D239-4E1D-ADDA-BEF94052C092}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{A7F6B83D-E8DF-4BB2-B9D0-9EE1CFFF9912}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{A81F2957-EDBB-41B6-939D-DB0775C5B9B5}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{A8B3D84A-F307-48AB-A989-071CFF328954}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{A8F6F821-41DE-4EAF-AE04-68019CBA2438}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{A9000603-FD25-403A-84BF-1512C00146DC}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{A92AA80C-B192-43DC-9B0D-5B267B12A751}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{A9EA17E6-CCA7-43B2-B1F0-E6DD45E78E8A}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{AA0929E9-F391-4DEE-A29B-923749F7CD04}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{AA0AEB0C-A019-4A09-A6DE-0665EBE6E9E1}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{AA4666A5-06AC-44A0-90B8-10E9D2E0701D}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{AAB34A2B-A288-4F38-9B46-C4C0320D69B1}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{AB267DFF-8512-4AAB-9AE6-EEF09B29DBD0}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{ABBE8725-928D-4F40-B04F-AD4403EE31FD}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{ACF54CD6-0B77-4FBB-8986-FB85BD663378}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{AD241C15-51EB-4C62-ABA5-D1575260D67E}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{AD4564B9-FB72-4E39-961E-09250FF7DC31}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{AD499924-F0E9-46C4-86B8-158F853F4359}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{AD9988F6-4243-4309-9DA9-8494E947B959}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{AD9AC4F7-6ED2-4C31-A468-584C28736E9C}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{ADDD9452-C1E7-4491-B34F-BA5FAE67A00D}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{AE2D7B00-06BF-4C04-9807-644880843039}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{AE781CFD-3D66-48B6-9866-173218EFF1FD}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{AE92A6CC-9C84-4A45-BF89-3523271EC06B}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{AEC78C32-982D-4EC8-8A15-0725793F1F8C}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{AFCF4D1D-1B2F-4343-83B7-55B051636D24}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{AFDE9CFB-4723-4750-8F63-C378FA453141}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{B0237AC0-0170-4B57-BECC-CDD51B4D6D76}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{B0C2F496-EB18-49F3-AB02-4AACC9D2CCFF}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{B1C24332-7C64-47C8-8527-A5FFA7D2A6B4}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{B207018A-8FFC-4C0D-91A3-CC1737CFC92C}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{B23E541E-80FB-42BD-A309-6D0184DD9179}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{B40A4872-C537-44A4-88D9-629E92FC0A4D}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{B461CCE5-CACA-4DCE-8A8D-4EC91B18B366}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{B4885099-9414-4E47-926A-7BDCC6D641E9}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{B493F36E-8D3D-4FFF-A091-39B10B69D27A}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{B4DEC7F3-C8FB-4A9D-9C1C-836BCE55EF12}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{B525EA72-6B68-4B74-8B54-F0284C79FBBF}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{B55688E1-762D-478F-845C-927E73D1C5D4}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{B58E105D-DA78-4CE0-9890-1B0FB7368B0B}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{B5AC2734-96D1-4CCC-8149-BFA2DD54840A}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{B5F7D186-DD0C-4144-B96C-7A16EC9B1AFB}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{B602B7A2-A041-4AAD-B14E-AAA07239D2B6}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{B6A6421F-B9BC-4407-9FEB-A1EE4E47764C}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{B6D4528D-2FBF-48B9-ABDC-F955F0482F07}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{B6D4BE76-09FD-48F0-9987-B4AB63F0C850}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{B6FDADD0-922A-4803-90B7-55C46087671C}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{B736DD8E-F4C7-4825-AF82-28C9F59990CB}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{B7A68575-06CE-4E02-890F-64C2D4E8F473}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{B85D0513-3473-4DB0-969E-2242604FE2E5}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{B985CCA2-BD0B-4782-9963-33ACE670DAE7}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{BA219F07-E2C2-4FE9-9D5B-084C81A858C2}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{BA31F5E6-BF22-405F-8564-074E96E42C89}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{BA6247DC-A34F-4E2C-AF09-C82BFCFBF9A0}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{BAD05381-EAAF-4723-99E2-9EB7B0004161}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{BB1F3348-AEB6-4996-B841-D447B0C811DE}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{BBFB7649-06A3-400D-B2D3-9FE6B89380AF}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{BC0C5D72-33D0-49D8-AFF6-D55B0DA51EFA}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{BCC37D9F-8ACA-4D33-9C7E-670558D52DA5}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{BD0100A4-564B-4B37-B911-46BA956102B2}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{BD460BCC-18C9-4C57-B2B5-B5FDE8CB2520}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{BD8B60BB-547E-4E39-A78F-3E0A00031A57}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{BE1281B7-95FF-4669-9663-E3510076EBAC}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{BE56BB54-4631-4485-A22B-239A7F57A0CF}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{BF08D7E2-5AEB-422A-B728-687ED6E5AA59}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{BF0D72B9-3857-443F-B10D-30FE09CAA289}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C07774DF-165A-4305-BD93-407C60402621}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C0C2002F-3A87-4C0A-902A-C7573E00C9C5}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C0E82409-B1F6-4F0C-B489-9F7BAEF27CDE}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C111C7B6-114F-4929-A69D-9D1CF2F0E878}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C133C23A-18C2-4821-B7AA-6E45AC3B3DBF}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C1351823-FD3E-49B8-9025-9C04C6BE957E}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C16D4965-4B3A-4EF0-9AAC-CEC33FF3A9B6}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C1C75CCB-AFB5-4C35-8ADF-A93834A5CB51}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C214F4E3-3201-4C04-826A-D56CF39131D9}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C2633314-65DD-4F70-B844-6428A7D1B2BB}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C2BF797D-0D20-40F1-95F4-3CD28B022CD2}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C2F6D52F-A642-4BBD-A9AA-45BCCF2609FE}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C32DFBAB-47B9-420B-BE39-4927F7184DC4}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C3B69DF3-1117-4AAD-BC4D-A7C14C4533BD}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C400A3E1-068D-43C0-A619-138C36CD445F}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C424A461-4592-44E5-AC3D-FD15AF7E288E}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C453CC1F-9A29-4539-962A-152A9600DA57}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C466905F-BA51-48C1-8B61-752C108411C4}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C496E67C-004B-4F8A-8A0C-3245509F538F}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C4A6115E-7BC1-4301-B51E-259753BB044C}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C65ABDD4-EBC8-4E1E-BC72-C4F289A4C75F}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C678B824-5B5A-4A66-A897-1667840C8E2B}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C6887A88-8552-461B-ADE8-306F5A522803}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C6A6FB47-B974-43F7-AF4E-5E56E7392284}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C6C7C0D1-FE37-4EE9-A3C1-E24D84692C6E}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C6CB1C72-9FE5-4D2D-B0BB-5361F016791B}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C6D3DE46-93CE-4AAC-BB53-D7EC483D010E}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C6E2EF27-06EE-4DC4-BC28-CADEBAA1D27E}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C7125F56-F3C0-42D4-A855-898EB0FC6BC3}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{C989889F-12AE-4343-BB30-E8C9E53EA614}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{CA3E7267-A685-4CE5-BD17-D45F5C9844AB}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{CBB648F8-08D4-4CF5-A6CA-E972EB6F4B16}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{CCDA8B1A-770D-4B4B-89FE-128265CC5D8D}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{CCDD7635-D134-4BA0-9000-30B2BA27787B}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{CD18CA03-5E97-4732-B029-3E3E64E80481}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{CD457AEA-862F-478F-86C1-80B5ECA0E539}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{CE3C152E-B4FA-432D-BBD8-79A133829F62}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{CE73A067-3902-43C6-A44A-29C6A20D4E54}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{CEF5200C-455A-4BFB-A781-7E7129163AD1}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{CF99D289-09BA-4661-AD8F-C159EA2CCC8E}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{D0522CC8-F57E-43FB-9A2C-C3415393F939}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{D06B19A0-87CA-416B-B68A-8559D5BA5E86}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{D08AF9B2-BE82-45EE-A210-4B93CD8051B0}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{D157ECC8-EAC3-492F-8B56-6936506BCEA2}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{D1C7100B-4BC6-4B95-A412-5CD7E9E3EB03}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{D1C7DCDA-23F0-49EA-9AEF-0019022418F0}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{D1F289B8-069F-4DC2-B3C3-8639A18BA6B0}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{D2A82AC1-D7C5-45AE-AD3A-012EAD8160A1}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{D2FE1037-EBA1-45CC-909C-89D0EB39DD2A}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{D30F89E7-D035-42EF-95E7-E6E22E61D96A}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{D3181E06-A9DA-4D62-9467-20DA530ECEBC}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{D3C329CC-4122-4AA3-A6A0-DE0D595E7D5C}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{D41D9FC1-BB74-4227-AF8A-87F4FBD4E2A6}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{D4798C87-1A30-442A-AFE3-4B45313A6014}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{D4B62809-9B52-43A8-9E92-497D4B651AB6}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{D63D37AB-648A-43C4-8EA7-BACA65F6ED62}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{D736CB18-1971-460F-AB7D-5E6397143910}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{D7E37A9E-BBC7-4A5A-8108-3E8119862E7D}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{D9438C19-0F68-4A0E-8E0F-CB6CFC56F65B}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{D94CE144-B855-41A7-B217-6C7F14279A7A}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{D99556CD-B7CF-4F7C-9DD6-CC8BC778E19B}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{D9C205C7-B3BC-45CB-B0E0-76716C7D8784}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{DA444E50-CD85-412C-A2BF-6ABB82222937}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{DA8FFF81-5EEA-4C85-8CFC-F861A4817F15}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{DAEA4BD2-D693-41DC-BAE1-43E32A025840}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{DBA4FBCD-534E-4E4D-A9A4-44313D6C07C8}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{DBF7C309-286E-4D53-B08C-35CFAC6505A6}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{DC324602-5866-4E1E-84B8-D7E97FE49A25}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{DCE11628-8828-47C4-99B5-E56025324322}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{DD2A50B4-0E8D-432F-B6EF-29A2A1456C63}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{DDFD236D-D48B-4612-B8D8-771696928C7D}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{DE10D74E-1157-4C30-B23B-178C2A9C9D41}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{DEE17B8E-D0EA-4106-BD77-8A321D649DA9}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{DFEBBB75-E333-4E41-B8B0-DFAFED579D52}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E00879E0-BA06-41BC-8E41-11ACB3B13E20}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E0224BCA-4A77-44B5-8577-2808161E12CF}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E078DF61-DB4B-4C03-A93D-BA4B7C000026}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E132CEC1-5DAA-4628-9DB9-6B2A133F22AA}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E165AA45-F054-4290-8462-1EC9BBB9A0CA}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E16A0682-CF81-49F5-97C0-58D7F6248948}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E1772E11-1006-4272-938D-595F394C004B}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E1F3D259-C172-4327-AAC8-276184E6C87A}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E26B34E9-946D-4AA0-961B-CBD72E359BAE}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E29FB7B5-B099-4702-A6E2-013612773677}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E2BA25C6-A26C-4D92-8D83-23A64ADE4AF8}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E372C5FA-8818-43F5-BE71-F8039F3B992E}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E3E65398-866B-4289-AD0C-6CA403717EE9}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E417EC23-FBA9-4CD8-8DC6-2EDDFDFB0C84}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E45E4E51-C717-45F8-B14D-AD613BA44398}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E4C8CB05-B2E8-4CA7-9B05-7C7909D72D82}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E5429A32-EB06-4B92-AC33-1925228D57AB}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E61C59B7-30CD-476B-949F-133F1EA3D53B}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E67263B8-C8B1-4AC6-AEF1-00E36B375BB0}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E69C5DC3-2E41-4FDD-964F-04D5B1FCA8F6}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E704CA43-7059-4DE5-B410-F3A097787AD9}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E7A666A9-A3FE-4470-AA45-99FEAFB94602}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E83372CA-95C0-4059-874F-783A435EBCD2}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E86FE090-819E-4681-936A-DDFF0D1EC9BE}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E8F0DF39-5127-45EA-9FE6-B2BC45A754D9}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E92D9D4A-EBC9-4AFD-A64D-1EF43C3CC8CD}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E992E504-3825-470F-B8A7-513D71DCC0F6}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{E9A5CE60-BED5-4027-BC3B-FE88EC7DDD51}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{EB0FD204-BE82-49A5-81BD-9323A01DA782}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{EBAAA784-2153-421E-9762-2C621B12ECCD}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{EBBF4B85-E37F-40E0-856C-DE30D6D25830}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{EC402BAC-1930-41F3-87D3-23F2758AA85A}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{ED4BD673-BFD5-4892-8D42-F460EA5DC95E}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{EDB7289A-1C7A-4CDF-833B-AC3D8BA17682}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{EE23EFAC-1EBD-45DB-AE21-60D41BE7FAF1}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{EEA473D2-02D7-4732-9CF4-926A3E5E1C78}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{EF14B457-B068-43AD-BD92-E4A40A63B449}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{F04ED795-1DB1-4F28-B394-D4A372083969}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{F05F641D-F0FA-449A-8499-E4A93DA8689D}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{F14121F8-C413-40B0-BBEC-952DA1564BB5}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{F18B590D-1C40-4538-9583-B63F4FF48FF9}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{F1924E24-2F21-491A-9AC2-0455CE83257D}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{F1DD1FAB-11AA-4F58-B27D-9C6CB330EC95}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{F21435AE-A454-4DC7-B218-5899BCC922F9}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{F2518767-E5D4-48CF-ADC6-D085CEB84A19}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{F2627531-1743-4887-8B0A-884A10CEE855}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{F4B0D5AE-B9DF-4BA8-9B4A-4415C645608B}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{F4F0CD28-2730-4BDB-8FB2-EA1C60B15AEE}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{F4F5FC01-8E58-4B2D-AE35-7723CE9B4947}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{F518CE9B-DD83-483F-9464-E911000CB3F1}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{F55DC9A7-5CE7-4BE4-92F4-335F8AC4C122}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{F59A3751-8B7C-4A67-B18F-3AE9DA69E3C1}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{F63E21C9-4B0A-4722-BB33-13B8988FE901}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{F686CAA0-68A8-473E-8646-9AC38406F369}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{F72A7D34-E083-4658-80BD-0087DA106A84}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{F767EDBC-A67D-45A1-84C6-E282837B77AE}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{F7B7D97F-4C24-4DF5-8E66-2E63DE78753F}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{F7EE4B4F-E8C3-47CC-8A24-967AEADEB1EB}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{F8895E18-4B5C-4168-9534-A509EB230C5E}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{F8B155A5-45C0-4285-9316-622E951BF6A2}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{F900AEB3-FE08-4245-9485-D620A20FAA23}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{F9639D63-7EB9-4722-8935-F9BA7641EFCF}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{FA644D43-6F4D-4A4A-882D-E865B1EB0D5E}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{FACDDF06-7BD3-4FC5-9B52-578F8203EB8F}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{FAFDC7D6-3FD8-4EFB-B34C-D989BDEEA5AD}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{FB4805B9-B81C-49A5-880E-34536A4EED14}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{FB5B0069-6A8B-4CB5-AA19-72721A4F15E7}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{FC4D6E84-55AD-4A8D-9A6C-FC9F42BD8607}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{FD180E24-18D8-45B3-A1EE-BCDDF8F41700}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{FD235650-7D17-44CA-B741-993C315837C0}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{FD5E2C69-894F-4DEF-9BBC-7833005532FD}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{FD98D793-158B-46F7-B99C-D1CCC475F36E}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{FE712CBC-40AB-4149-A474-3C7989E3EB6F}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{FE7378DB-266B-4272-9313-6530DFE54C7C}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{FE8DBFF9-A9B5-43F7-B34B-D7561B84DB26}
Successfully deleted: [Empty Folder] C:\Users\family\appdata\local\{FFFC9067-A208-46CB-BB84-E486328E09C5}

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 10/22/2013 at 21:04:49.26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Link to post
Share on other sites

Mama bear, that was a good start on the cleaning ! AdwCleaner does a good ! Now to see what Junkware finds along with Malwarebytes.

 

Chuck

 

What Antivirus are you running ?

Also what browser you using ?

 

We will remove these tools/programs after i give you the all clean !! This is in case we have to run any of them again !!

Link to post
Share on other sites

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.10.23.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
family :: FAMILY-PC [administrator]

Protection: Enabled

10/22/2013 9:31:58 PM
mbam-log-2013-10-22 (21-31-58).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 208742
Time elapsed: 14 minute(s), 34 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Users\family\AppData\Local\Temp\ct3007394 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

Files Detected: 3
C:\Users\family\AppData\Local\Temp\mconduitinstaller.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\family\AppData\Local\Temp\ct3007394\ieLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\family\AppData\Local\Temp\ct3007394\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

(end)

Link to post
Share on other sites

Mama Bear, looking pretty good so far ! We are finding lots to clean ! Ok let's continue.

 

Security Check

Please download and save SecurityCheck.exe to your Desktop from one of the links below.

Link 1 >>> http://screen317.spywareinfoforum.org/SecurityCheck.exe.

Link 2 >>> http://screen317.changelog.fr/SecurityCheck.exe

    * Double click SecurityCheck.exe and follow the onscreen instructions inside the black box.
    * A Notepad document should open automatically called checkup.txt
    * Please post the contents of that document in your next reply.


NEXT


Download OldTimer to your desk top !
Links: http://oldtimer.geekstogo.com/OTL.com http://oldtimer.geekstogo.com/OTL.scr  
 
If you already have a copy of OTL delete it and use this version.  (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).

* Double click OTL.exe to launch the program.
* Check the following.

o Scan all users.
o Standard Output. o Lop check.
o Purity check. oExtra Registry > Use SafeList  

* Under Extra Registry section, select Use SafeList
* Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
* When finished it will produce two logs.

o OTL.txt (open on your desktop).
o Extras.txt (minimised in your taskbar) The Extras.txt file will only appear the very first time you run OTL.

* Please post me both logs. This may have to be broken into more than one post !   


Post Next:
1. Security Check log
2. Otl Log

Thanks
Chuck
 

I will look these over in the morning & have a fix for you !!

Link to post
Share on other sites

OTL logfile created on: 10/22/2013 10:04:20 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\family\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1014.48 Mb Total Physical Memory | 400.40 Mb Available Physical Memory | 39.47% Memory free
2.24 Gb Paging File | 0.92 Gb Available in Paging File | 41.18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 110.32 Gb Total Space | 53.71 Gb Free Space | 48.68% Space Free | Partition Type: NTFS
 
Computer Name: FAMILY-PC | User Name: family | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/10/22 22:01:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\family\Downloads\OTL (1).com
PRC - [2013/10/04 23:09:44 | 000,310,352 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2013/09/11 07:21:59 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2013/08/14 15:19:58 | 000,233,048 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
PRC - [2013/08/14 15:19:24 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/07/18 15:51:19 | 000,814,984 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe
PRC - [2013/05/10 01:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2011/05/27 16:58:48 | 000,793,416 | ---- | M] (AVG) -- C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
PRC - [2011/03/15 15:56:18 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/01/27 10:40:58 | 000,323,584 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2009/04/11 00:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/19 01:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/07/26 17:20:02 | 000,077,824 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2007/07/20 21:45:16 | 001,372,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2007/07/06 12:06:52 | 004,669,440 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/06/19 16:28:32 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2007/05/18 04:43:00 | 000,430,080 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2007/01/25 18:50:26 | 000,063,096 | ---- | M] () -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
PRC - [2007/01/25 18:47:50 | 000,136,816 | ---- | M] () -- C:\TOSHIBA\IVP\ISM\pinger.exe
PRC - [2006/11/14 21:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2006/10/05 13:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006/09/19 10:07:28 | 000,827,392 | ---- | M] () -- C:\Windows\vsnpstd3.exe
PRC - [2006/08/23 17:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006/05/25 19:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/07/10 04:08:57 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll
MOD - [2011/05/25 11:53:14 | 000,350,024 | ---- | M] () -- C:\Program Files\AVG\AVG PC Tuneup 2011\madExcept_.bpl
MOD - [2011/05/25 11:53:12 | 000,184,136 | ---- | M] () -- C:\Program Files\AVG\AVG PC Tuneup 2011\madBasic_.bpl
MOD - [2011/05/25 11:53:12 | 000,050,504 | ---- | M] () -- C:\Program Files\AVG\AVG PC Tuneup 2011\madDisAsm_.bpl
MOD - [2010/03/19 17:27:46 | 000,929,792 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2010/01/27 12:41:40 | 000,339,968 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx
MOD - [2010/01/27 12:39:52 | 000,471,040 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCom.dll
MOD - [2010/01/27 12:33:26 | 011,503,616 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESSkin.esx
MOD - [2010/01/27 12:01:00 | 000,315,392 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx
MOD - [2010/01/27 11:54:48 | 000,171,520 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Pcd.esx
MOD - [2010/01/27 11:51:52 | 000,098,304 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx
MOD - [2010/01/27 11:50:28 | 000,684,032 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESEmail.esx
MOD - [2010/01/27 11:39:28 | 000,688,128 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll
MOD - [2010/01/27 11:28:22 | 000,078,848 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx
MOD - [2010/01/27 11:22:34 | 000,761,856 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCliWicMDRW.esx
MOD - [2010/01/27 11:19:40 | 000,233,984 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaControls.esx
MOD - [2010/01/27 11:18:06 | 000,052,224 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll
MOD - [2010/01/27 11:17:02 | 000,143,360 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll
MOD - [2010/01/27 11:10:22 | 000,406,016 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KFx.dll
MOD - [2010/01/27 11:05:14 | 000,084,480 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\keml40.dll
MOD - [2010/01/27 11:01:38 | 000,264,192 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\AppCore.dll
MOD - [2010/01/27 10:58:38 | 000,356,352 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Atlas.dll
MOD - [2010/01/27 10:57:54 | 000,129,536 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\kpries40.dll
MOD - [2010/01/27 10:57:32 | 000,237,568 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll
MOD - [2010/01/27 10:53:46 | 000,152,576 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx
MOD - [2010/01/27 10:51:52 | 000,044,544 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocCamBack.dll
MOD - [2010/01/27 10:51:04 | 000,090,112 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll
MOD - [2010/01/27 10:50:08 | 000,084,480 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx
MOD - [2010/01/27 10:43:32 | 000,062,464 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DibLibIP.dll
MOD - [2010/01/27 09:21:30 | 000,010,240 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll
MOD - [2009/09/28 22:21:50 | 001,396,736 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCommonV.dll
MOD - [2009/09/28 22:21:18 | 000,528,384 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxProcV.dll
MOD - [2009/09/28 22:21:02 | 000,847,872 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxXML2V.dll
MOD - [2009/09/28 22:20:44 | 000,462,848 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxFFV.dll
MOD - [2009/09/28 22:20:34 | 002,236,416 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCmpV.dll
MOD - [2009/09/28 22:19:48 | 000,782,336 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxImV.dll
MOD - [2009/09/28 22:19:32 | 000,155,648 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxZipV.dll
MOD - [2009/09/28 22:19:28 | 000,868,352 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxBaseV.dll
MOD - [2007/05/31 11:01:22 | 000,249,856 | ---- | M] () -- C:\Windows\System32\igfxTMM.dll
MOD - [2007/05/18 04:43:00 | 000,430,080 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
MOD - [2006/09/19 10:07:28 | 000,827,392 | ---- | M] () -- C:\Windows\vsnpstd3.exe
MOD - [2006/03/07 11:05:24 | 001,564,672 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\areaifdll.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2013/08/14 15:19:24 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/05/10 01:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2011/03/15 22:27:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/03/15 15:56:18 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2008/01/19 01:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/07/26 17:20:02 | 000,077,824 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2007/01/25 18:50:26 | 000,063,096 | ---- | M] () [Auto | Running] -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2007/01/25 18:47:50 | 000,136,816 | ---- | M] () [Auto | Running] -- C:\TOSHIBA\IVP\ISM\pinger.exe -- (pinger)
SRV - [2006/11/14 21:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2006/10/05 13:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 17:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006/05/25 19:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\family\AppData\Local\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2009/09/30 19:22:08 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2009/06/10 05:52:58 | 000,347,648 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8187B.sys -- (RTL8187B)
DRV - [2008/07/22 07:42:58 | 000,051,200 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/05/27 02:07:58 | 000,050,560 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MHIKEY10.sys -- (MHIKEY10)
DRV - [2007/07/30 12:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/07/26 17:18:04 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2007/03/26 15:46:30 | 010,252,544 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snpstd3.sys -- (SNPSTD3)
DRV - [2007/02/24 15:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/23 17:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/12/14 16:11:58 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006/11/28 16:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/09 15:32:28 | 000,219,264 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\KR10I.sys -- (KR10I)
DRV - [2006/11/09 15:31:46 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\KR10N.sys -- (KR10N)
DRV - [2006/10/18 12:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006/09/27 21:06:56 | 000,479,488 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\kr3npxp.sys -- (KR3NPXP)
DRV - [2005/02/23 15:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{F613C662-30C3-452C-91AE-561397876BAB}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage};
 
 
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-1326580902-130326992-3557991292-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-1326580902-130326992-3557991292-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-1326580902-130326992-3557991292-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-1326580902-130326992-3557991292-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1326580902-130326992-3557991292-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 40 BF C7 84 D3 CC CB 01  [binary data]
IE - HKU\S-1-5-21-1326580902-130326992-3557991292-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1326580902-130326992-3557991292-1000\..\URLSearchHook: {167d9323-f7cc-48f5-948a-6f012831a69f} - No CLSID value found
IE - HKU\S-1-5-21-1326580902-130326992-3557991292-1000\..\SearchScopes,DefaultScope = {F613C662-30C3-452C-91AE-561397876BAB}
IE - HKU\S-1-5-21-1326580902-130326992-3557991292-1000\..\SearchScopes\{4B97B0BC-0BB5-4251-B7DC-5EBC4FAB4F57}: "URL" = http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-1326580902-130326992-3557991292-1000\..\SearchScopes\{F613C662-30C3-452C-91AE-561397876BAB}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7TSHB_en
IE - HKU\S-1-5-21-1326580902-130326992-3557991292-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@virtools.com/3DviaPlayer: C:\Program Files\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/09/11 07:24:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/09/11 07:24:17 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - Extension: RealDownloader = C:\Users\family\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.1_0\
CHR - Extension: ArcadeFrontier = C:\Users\family\AppData\Local\Google\Chrome\User Data\Default\Extensions\peglehonblabfemopkgmfcpofbchegcl\2.0.244\
 
O1 HOSTS File: ([2006/09/18 15:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKU\S-1-5-21-1326580902-130326992-3557991292-1000\..\Toolbar\WebBrowser: (no name) - {167D9323-F7CC-48F5-948A-6F012831A69F} - No CLSID value found.
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1326580902-130326992-3557991292-1000..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe" File not found
O4 - HKU\S-1-5-21-1326580902-130326992-3557991292-1000..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-1326580902-130326992-3557991292-1000..\Run: [ROC_ROC_APR2013_AV] C:\Users\family\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 19665c616c35382b128c2c5c26e3944c-481f0332a1e22d1b05a1e23801ba9c80cbd2914e --CMPID ROC_APR2013_AV --CMPIDEXTRA 2012 File not found
O4 - HKU\S-1-5-21-1326580902-130326992-3557991292-1000..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1326580902-130326992-3557991292-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} http://zone.msn.com/bingame/zpagames/zpa_txhe.cab79352.cab (MSN Games – Texas Holdem Poker)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab (MSN Games - Installer)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe (Virtools WebPlayer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 67.215.21.202 72.21.70.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A66D4AA-7233-4854-987A-9833D612C287}: DhcpNameServer = 67.215.21.202 72.21.70.3
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\family\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\family\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 15:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{094ca650-da8a-11e2-98e4-001d60f16ca2}\Shell - "" = AutoRun
O33 - MountPoints2\{094ca650-da8a-11e2-98e4-001d60f16ca2}\Shell\AutoRun\command - "" = E:\TL_Bootstrap.exe
O33 - MountPoints2\{e4b999b6-85fe-11df-bf10-001d60f16ca2}\Shell - "" = AutoRun
O33 - MountPoints2\{e4b999b6-85fe-11df-bf10-001d60f16ca2}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/10/22 21:56:39 | 000,000,000 | ---D | C] -- C:\Users\family\AppData\Local\{3A3F5EDF-1654-4418-88B9-30C28748A9AC}
[2013/10/22 21:30:30 | 000,000,000 | ---D | C] -- C:\Users\family\AppData\Roaming\Malwarebytes
[2013/10/22 21:30:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/10/22 21:30:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/10/22 21:30:07 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/10/22 21:30:07 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/10/22 20:58:34 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/10/22 20:34:53 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/12 06:22:08 | 000,000,000 | ---D | C] -- C:\Users\family\AppData\Roaming\Namco
[2013/10/11 11:04:51 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/10/11 11:04:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/10/11 11:04:50 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/10/11 11:04:49 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/10/11 11:04:49 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/10/11 11:04:46 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/10/11 11:04:46 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/10/11 11:04:43 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/10/10 16:46:21 | 000,000,000 | ---D | C] -- C:\Users\family\AppData\Roaming\Oberon Media
[2013/10/10 16:45:47 | 000,000,000 | ---D | C] -- C:\Users\family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games of the Month
[2013/10/10 16:45:42 | 000,000,000 | ---D | C] -- C:\Program Files\Oberon Media SIDR
[2013/10/10 16:45:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Oberon Media
[2013/10/10 16:43:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Oberon Media
[2013/10/10 16:43:44 | 000,000,000 | ---D | C] -- C:\Users\family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArcadeFrontier
[2013/10/10 11:01:57 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013/10/10 11:01:56 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2013/10/10 11:01:56 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2013/10/10 11:01:56 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2013/10/10 11:01:56 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2013/10/10 11:01:56 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2013/10/10 11:01:56 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2013/10/10 11:01:56 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2013/10/10 11:01:54 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2013/10/10 11:01:53 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2013/10/10 11:01:50 | 002,050,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/10/10 11:01:32 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2013/10/10 11:01:32 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2013/10/10 11:01:24 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2013/10/10 11:01:23 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2013/10/10 11:01:17 | 000,025,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/10/22 22:04:15 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/22 21:54:22 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/22 21:53:21 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/10/22 21:53:21 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/10/22 21:53:20 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\ArcadeFrontier.job
[2013/10/22 21:53:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/10/22 21:53:02 | 1062,481,920 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/22 21:30:13 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/10/22 21:22:57 | 000,014,336 | ---- | M] () -- C:\Users\family\Documents\AdwCleaner.wps
[2013/10/22 21:22:57 | 000,000,264 | ---- | M] () -- C:\Users\family\AppData\Roaming\wklnhst.dat
[2013/10/18 13:07:10 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\PC Unleashed.job
[2013/10/16 03:04:41 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\PC Unleashed Defrag.job
[2013/10/13 12:17:07 | 000,640,658 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/10/13 12:17:07 | 000,118,878 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/10/11 11:57:14 | 000,326,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/10/10 16:45:46 | 000,002,236 | ---- | M] () -- C:\Users\family\Desktop\Pacman.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/10/22 21:30:13 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/10/22 21:22:57 | 000,014,336 | ---- | C] () -- C:\Users\family\Documents\AdwCleaner.wps
[2013/10/10 16:45:46 | 000,002,236 | ---- | C] () -- C:\Users\family\Desktop\Pacman.lnk
[2013/10/10 16:43:38 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\ArcadeFrontier.job
[2012/10/17 08:39:21 | 000,270,336 | ---- | C] () -- C:\Windows\tsnpstd3.exe
[2012/10/14 21:29:59 | 000,000,552 | ---- | C] () -- C:\Users\family\AppData\Local\d3d8caps.dat
[2011/11/09 11:48:36 | 000,000,000 | ---- | C] () -- C:\Users\family\AppData\Local\{158F0EC5-D50A-425E-829D-E93A8E998726}
[2011/06/26 09:26:19 | 000,000,000 | ---- | C] () -- C:\Users\family\AppData\Local\{D6620971-574B-44BB-A6A5-EF5337017969}
[2011/04/05 15:48:25 | 000,000,264 | ---- | C] () -- C:\Users\family\AppData\Roaming\wklnhst.dat
[2010/12/24 22:08:40 | 000,000,680 | ---- | C] () -- C:\Users\family\AppData\Local\d3d9caps.dat
[2010/05/05 16:25:40 | 000,035,840 | ---- | C] () -- C:\Users\family\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006/11/02 06:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 11:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 00:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 00:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2011/11/15 23:47:27 | 000,000,000 | ---D | M] -- C:\Users\family\AppData\Roaming\AVG
[2013/10/12 06:22:08 | 000,000,000 | ---D | M] -- C:\Users\family\AppData\Roaming\Namco
[2013/10/10 16:46:22 | 000,000,000 | ---D | M] -- C:\Users\family\AppData\Roaming\Oberon Media
[2011/02/21 18:48:22 | 000,000,000 | ---D | M] -- C:\Users\family\AppData\Roaming\PC Unleashed Online
[2012/09/15 20:20:51 | 000,000,000 | ---D | M] -- C:\Users\family\AppData\Roaming\PhotoParade
[2011/02/24 14:23:25 | 000,000,000 | ---D | M] -- C:\Users\family\AppData\Roaming\PlayFirst
[2011/01/05 21:16:40 | 000,000,000 | ---D | M] -- C:\Users\family\AppData\Roaming\Skinux
[2011/04/30 19:35:52 | 000,000,000 | ---D | M] -- C:\Users\family\AppData\Roaming\Template
[2013/03/30 11:43:56 | 000,000,000 | ---D | M] -- C:\Users\family\AppData\Roaming\TOSHIBA
[2013/07/03 16:18:55 | 000,000,000 | ---D | M] -- C:\Users\family\AppData\Roaming\TuneUp Software
[2013/08/11 04:23:58 | 000,000,000 | ---D | M] -- C:\Users\family\AppData\Roaming\WildTangent
[2013/08/11 04:31:22 | 000,000,000 | ---D | M] -- C:\Users\family\AppData\Roaming\WinBatch
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2011/03/23 10:05:21 | 000,000,036 | ---- | M] ()(C:\Windows\System32\??) -- C:\Windows\System32\ë†Æ§
[2011/03/23 10:05:21 | 000,000,036 | ---- | C] ()(C:\Windows\System32\??) -- C:\Windows\System32\ë†Æ§
[2011/01/13 10:38:39 | 000,000,036 | ---- | M] ()(C:\Windows\System32\??) -- C:\Windows\System32\ﲀɊ
[2011/01/13 10:38:39 | 000,000,036 | ---- | C] ()(C:\Windows\System32\??) -- C:\Windows\System32\ﲀɊ
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 373 bytes -> C:\ProgramData\TEMP:FAC5BCF5
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >

Link to post
Share on other sites

OTL Extras logfile created on: 10/22/2013 10:04:21 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\family\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1014.48 Mb Total Physical Memory | 400.40 Mb Available Physical Memory | 39.47% Memory free
2.24 Gb Paging File | 0.92 Gb Available in Paging File | 41.18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 110.32 Gb Total Space | 53.71 Gb Free Space | 48.68% Space Free | Partition Type: NTFS
 
Computer Name: FAMILY-PC | User Name: family | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\PC Unleashed Online\Suite\noapp.exe %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\TOSHIBA\ivp\NetInt\Netint.exe" = C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine -- (TOSHIBA Corporation)
"C:\TOSHIBA\Ivp\ISM\pinger.exe" = C:\TOSHIBA\Ivp\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger -- ()
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{045C5E2D-079A-42E7-B46A-381A8234E50C}" = rport=137 | protocol=17 | dir=out | app=system |
"{0FAD2D41-4CA3-442D-9E81-9BEA8934FA66}" = lport=139 | protocol=6 | dir=in | app=system |
"{36F2C76B-F696-4985-B39B-B6825547D4CC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{38E4CD1E-FB31-4D9B-83C4-B0AAA5556A95}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{3A97312F-8A13-482E-A214-9FEC6CC95EAD}" = lport=137 | protocol=17 | dir=in | app=system |
"{5C7FBCBB-AF3F-4E9D-8A58-1B4A7FCDAC24}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{6AB657D5-2CCA-4635-A80B-CCCD84F6C937}" = rport=139 | protocol=6 | dir=out | app=system |
"{76A40C9B-458A-432C-9F83-76A6A281D4E6}" = rport=445 | protocol=6 | dir=out | app=system |
"{9D0A9107-4C1B-4EAB-B002-403F00FD81D0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{AF24289C-DC78-4ECE-8641-3908D9E1EDD3}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{D53D9761-D153-41DB-B947-84E5860F76A0}" = lport=445 | protocol=6 | dir=in | app=system |
"{E6A939DE-187A-4637-869C-8B2B805D6896}" = rport=138 | protocol=17 | dir=out | app=system |
"{E6BFD77F-9083-40F8-8D58-03BBFA476D60}" = lport=138 | protocol=17 | dir=in | app=system |
"{EAD82A93-D0F2-46AA-95B5-7AD52154554F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0106BC1F-F776-4D0A-A876-D9A67E9DA4CF}" = dir=out | app=c:\windows\system32\drivers\bleservicesctrl.exe |
"{03E4B6B4-CE5B-4ADE-9AC9-D5514BC7C737}" = dir=in | app=c:\windows\system32\drivers\bleservicesctrl.exe |
"{3DCB68D9-F4C3-4706-912F-91116EE3C4C4}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{4DD32A73-64C7-4D75-B357-C1ACC4FC266A}" = dir=out | app=c:\windows\system32\uti.exe |
"{4FE33772-338F-4909-A411-4ECCA209D761}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{54EE14C7-CDFE-4873-89AA-B80A5ED8F5D3}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{56C880BF-FC41-49C6-8094-A4708A4D9B1E}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{69167EED-3DEC-4EBC-BEA2-FA308F1A6234}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{6CD73537-0D0B-4A0E-BBC0-04524E831128}" = dir=out | app=c:\windows\system32\trustedinstaller.exe |
"{6F328F60-3228-44AC-BA1D-C67A2A1A43EF}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{703F4064-4109-409A-8AA6-FE31EE0974C8}" = dir=in | app=c:\windows\system32\trustedinstaller.exe |
"{716DE25F-D476-4141-AC41-4C413DA45C30}" = protocol=58 | dir=out | [email protected],-203 |
"{7FCAA87D-F417-4B41-A75A-1F752A5BD53B}" = protocol=1 | dir=out | [email protected],-28544 |
"{843DCD4B-A0D7-463C-9C60-4F500AFF23B7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8D431B66-64DC-44B5-855A-200F44F0F668}" = dir=in | app=c:\windows\system32\drivers\blds.exe |
"{90A59FED-C850-4FDC-8A1A-E8AB605FBC6D}" = protocol=58 | dir=in | app=system |
"{96001331-3B3B-4A17-AE3A-CD3E7E1C2358}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{A4BAFBE6-927A-4E84-8F11-D68F896F6C1F}" = protocol=58 | dir=out | [email protected],-28546 |
"{AE90BE7D-1732-4AD9-A4D4-E3A0BD7D1FE5}" = protocol=58 | dir=in | [email protected],-28545 |
"{B9287A6B-6681-4A10-BB6E-B256BA329B0C}" = dir=out | app=c:\windows\system32\drivers\blds.exe |
"{B96590A7-A23F-43BF-B931-D96DEF43B3C5}" = protocol=1 | dir=in | [email protected],-28543 |
"{BC6EB3EF-B4DF-4C41-8274-3B3A3B7F2A4D}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{BCE515DE-4381-4E1C-92C1-C0194D39C61B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{BE1B4D80-A983-4222-9D36-6A9B657DDDFE}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{C107BE53-950D-45DE-A71E-CA3071DCADF0}" = dir=in | app=c:\windows\system32\uti.exe |
"{C52ABC72-A352-4DBE-8904-6F779FA3C748}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{C7791CA4-55CF-486E-83F4-616C45E798B5}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{CD0816E8-8963-4B81-9ACA-8D55FD12A5CF}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{D8150DFB-2F3B-48FF-A891-F02034AB5C5B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{DCFBE1D2-5E5D-4A16-9075-7DAE9917BE1D}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{DDC7DA8B-6884-4B3A-9560-71D764733FB8}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{F8C84597-39D4-4A6C-B41B-4D32BF18C300}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP270_series" = Canon MP270 series MP Drivers
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2C544254-39F2-4ACA-B779-ABF7297C96CF}" = Accessibility
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java SE Runtime Environment 6
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{425A2BC2-AA64-4107-9C29-484245BBEA05}" = TOSHIBA Software Upgrades
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Media Driver Vista x86 Ver.3.33.03
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6F6D8BC6-CE36-493B-996F-04CD8CCC35A8}" = Bing Bar
"{759142E8-25B0-42AE-B408-4215065D3F4B}" = Windows Live Family Safety
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{97BBECCF-B1FD-4010-8D4B-EFC9E3CCEECF}" = Driver Whiz
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}" = Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B01DD1A4-F4E1-4CE7-AB6E-3168C5BD5D30}" = 3DVIA player 5.0.0.20
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}" = Windows Live Family Safety
"{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}" = Toshiba Registration
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}" = RealDownloader
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = GE MiniCam Pro
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"118392197" = Pacman
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"HDMI" = Intel® Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PhotoParade.exe" = PhotoParade Player
"Picasa 3" = Picasa 3
"RealPlayer 16.0" = RealPlayer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The Weather Channel App" = The Weather Channel App
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"WildTangent toshiba Master Uninstall" = TOSHIBA Games
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Zylom Games Player Plugin" = Zylom Games Player Plugin
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1326580902-130326992-3557991292-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4AFCAFDC-D870-41FA-B9FB-1442B9DAFE76}" = ArcadeFrontier
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 10/22/2013 11:55:23 PM | Computer Name = family-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe".
Dependent
 Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"
could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
[ OSession Events ]
Error - 3/30/2012 4:47:18 PM | Computer Name = family-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 61
 seconds with 0 seconds of active time.  This session ended with a crash.
 
 
< End of report >
 

Link to post
Share on other sites

Results of screen317's Security Check version 0.99.74 
 Windows Vista Service Pack 2 x86 (UAC is enabled) 
 Internet Explorer 9 
 Internet Explorer 8 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300 
 AVG PC Tuneup 2011 
 Java SE Runtime Environment 6
 Java version out of Date!
 Adobe Flash Player  11.6.602.180 
 Adobe Reader 10.1.8 Adobe Reader out of Date! 
 Google Chrome 30.0.1599.101 
 Google Chrome 30.0.1599.69 
````````Process Check: objlist.exe by Laurent```````` 
 Windows Defender MSASCui.exe
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe  
 Windows Defender MSASCui.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 1 %
````````````````````End of Log``````````````````````
 

Link to post
Share on other sites

mama bear, please DO NOT install anything else until we are threw with the cleaning, that is in the first part of my speech !!!! I know those were out of date but we wait till clean before i recommend installing anything ! I will give you a free Antivirus when we are done, the same 1 i use !

 

I will look over the OTL report & be back soon with a fix !

 

Chuck

Link to post
Share on other sites

Morning mama bear, We need to Run an OTL fix !!

    * Double-click OTL.exe to start the program.
    * Copy and Paste the following code into the customFix.png. Do not include the word Code

:OTLPRC - [2011/05/27 16:58:48 | 000,793,416 | ---- | M] (AVG) -- C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exeMOD - [2011/05/25 11:53:14 | 000,350,024 | ---- | M] () -- C:\Program Files\AVG\AVG PC Tuneup 2011\madExcept_.bplMOD - [2011/05/25 11:53:12 | 000,184,136 | ---- | M] () -- C:\Program Files\AVG\AVG PC Tuneup 2011\madBasic_.bplMOD - [2011/05/25 11:53:12 | 000,050,504 | ---- | M] () -- C:\Program Files\AVG\AVG PC Tuneup 2011\madDisAsm_.bplSRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\family\AppData\Local\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)IE - HKLM\..\SearchScopes,DefaultScope =IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRCIE - HKLM\..\SearchScopes\{F613C662-30C3-452C-91AE-561397876BAB}: "URL" = http://www.google.co...Page={startPage};IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value foundIE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value foundIE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-21-1326580902-130326992-3557991292-1000\..\URLSearchHook: {167d9323-f7cc-48f5-948a-6f012831a69f} - No CLSID value foundIE - HKU\S-1-5-21-1326580902-130326992-3557991292-1000\..\SearchScopes,DefaultScope = {F613C662-30C3-452C-91AE-561397876BAB}IE - HKU\S-1-5-21-1326580902-130326992-3557991292-1000\..\SearchScopes\{4B97B0BC-0BB5-4251-B7DC-5EBC4FAB4F57}: "URL" = http://www.bing.com/...rc=IE-SearchBoxIE - HKU\S-1-5-21-1326580902-130326992-3557991292-1000\..\SearchScopes\{F613C662-30C3-452C-91AE-561397876BAB}: "URL" = http://www.google.co...&rlz=1I7TSHB_enO3 - HKU\S-1-5-21-1326580902-130326992-3557991292-1000\..\Toolbar\WebBrowser: (no name) - {167D9323-F7CC-48F5-948A-6F012831A69F} - No CLSID value found.O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not foundO4 - HKU\S-1-5-21-1326580902-130326992-3557991292-1000..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe" File not foundO13 - gopher Prefix: missingO33 - MountPoints2\{094ca650-da8a-11e2-98e4-001d60f16ca2}\Shell - "" = AutoRunO33 - MountPoints2\{094ca650-da8a-11e2-98e4-001d60f16ca2}\Shell - "" = AutoRunO33 - MountPoints2\{e4b999b6-85fe-11df-bf10-001d60f16ca2}\Shell - "" = AutoRunO33 - MountPoints2\{e4b999b6-85fe-11df-bf10-001d60f16ca2}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -aO33 - MountPoints2\{094ca650-da8a-11e2-98e4-001d60f16ca2}\Shell\AutoRun\command - "" = E:\TL_Bootstrap.exe:Filesipconfig  /flushdns /c    :Commands[emptyjava][emptyflash][EMPTYTEMP][RESETHOSTS][CREATERESTOREPOINT][Reboot]

# Then click the Run Fix button at the top.
# Click btnOK.png
# Please post the contents of the fix log file back here if you are prompted to open the file. It can also be found at C:\_OTL\Moved Files as MMDDYYY_HHMMSS.log where MMDDYYY is date format and HHMMSS is time format.
Remember to enable your real time protection. (disregard if none)

 

 

 

 

 

NEXT

 

 

 

Run RogueKiller

IMPORTANT: Do not reboot your computer if at all possible otherwise the malware will reactivate and you will have to run RogueKiller again

Download RogueKiller to your desktop. >>> http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

    close all running programs
    for Windows Vista/Seven, right click -> run as administrator, for XP simply double-click on RogueKiller.exe
    when the prescan is finished, click on Scan
    click on Report and copy/paste the content in your next post.[/list
    If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe

Please post the contents of the RKreport.txt in your next reply.
 

 

 

Post Next:

1. OTL fix report

2. RogueKiller log

 

 

Thanks

Chuck

Link to post
Share on other sites

All processes killed
========== OTL ==========
No active process named BoostSpeed.exe was found!
Error: No service named ACDaemon was found to stop!
Service\Driver key ACDaemon not found.
File C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe not found.
Error: No service named NwlnkFwd was found to stop!
Service\Driver key NwlnkFwd not found.
File system32\DRIVERS\nwlnkfwd.sys not found.
Error: No service named NwlnkFlt was found to stop!
Service\Driver key NwlnkFlt not found.
File system32\DRIVERS\nwlnkflt.sys not found.
Error: No service named IpInIp was found to stop!
Service\Driver key IpInIp not found.
File system32\DRIVERS\ipinip.sys not found.
Error: No service named cpuz132 was found to stop!
Service\Driver key cpuz132 not found.
File C:\Users\family\AppData\Local\Temp\cpuz132\cpuz132_x32.sys not found.
Error: No service named blbdrive was found to stop!
Service\Driver key blbdrive not found.
File C:\Windows\system32\drivers\blbdrive.sys not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F613C662-30C3-452C-91AE-561397876BAB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F613C662-30C3-452C-91AE-561397876BAB}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1326580902-130326992-3557991292-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{167d9323-f7cc-48f5-948a-6f012831a69f} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{167d9323-f7cc-48f5-948a-6f012831a69f}\ not found.
HKEY_USERS\S-1-5-21-1326580902-130326992-3557991292-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1326580902-130326992-3557991292-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4B97B0BC-0BB5-4251-B7DC-5EBC4FAB4F57}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B97B0BC-0BB5-4251-B7DC-5EBC4FAB4F57}\ not found.
Registry key HKEY_USERS\S-1-5-21-1326580902-130326992-3557991292-1000\Software\Microsoft\Internet Explorer\SearchScopes\{F613C662-30C3-452C-91AE-561397876BAB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F613C662-30C3-452C-91AE-561397876BAB}\ not found.
Registry value HKEY_USERS\S-1-5-21-1326580902-130326992-3557991292-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{167D9323-F7CC-48F5-948A-6F012831A69F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{167D9323-F7CC-48F5-948A-6F012831A69F}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NDSTray.exe not found.
Registry value HKEY_USERS\S-1-5-21-1326580902-130326992-3557991292-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DW6 not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{094ca650-da8a-11e2-98e4-001d60f16ca2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{094ca650-da8a-11e2-98e4-001d60f16ca2}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{094ca650-da8a-11e2-98e4-001d60f16ca2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{094ca650-da8a-11e2-98e4-001d60f16ca2}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e4b999b6-85fe-11df-bf10-001d60f16ca2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e4b999b6-85fe-11df-bf10-001d60f16ca2}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e4b999b6-85fe-11df-bf10-001d60f16ca2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e4b999b6-85fe-11df-bf10-001d60f16ca2}\ not found.
File F:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{094ca650-da8a-11e2-98e4-001d60f16ca2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{094ca650-da8a-11e2-98e4-001d60f16ca2}\ not found.
File E:\TL_Bootstrap.exe not found.
========== FILES ==========
< ipconfig  /flushdns /c     >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\family\Downloads\cmd.bat deleted successfully.
C:\Users\family\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYJAVA]
 
User: All Users
 
User: Default
 
User: Default User
 
User: family
->Java cache emptied: 0 bytes
 
User: Public
 
Total Java Files Cleaned = 0.00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: family
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0.00 mb
 
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: family
->Temp folder emptied: 493729675 bytes
->Temporary Internet Files folder emptied: 2726068415 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 92585623 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 923245214 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 160182436 bytes
 
Total Files Cleaned = 4,192.00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
 
OTL by OldTimer - Version 3.2.69.0 log created on 10232013_075755

Files\Folders moved on Reboot...
C:\Users\family\AppData\Local\Temp\Low\JavaDeployReg.log moved successfully.
C:\Users\family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WSIMBLNK\2q6dNtNfG1YHziVjQ1hUSA[1].woff moved successfully.
C:\Users\family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WSIMBLNK\search[2].htm moved successfully.
C:\Users\family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WSIMBLNK\sNpRL69iYnSa-pHm90cZTA[1].woff moved successfully.
C:\Users\family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WSIMBLNK\zrt_lookup[1].htm moved successfully.
C:\Users\family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U1E1DIE6\like[1].htm moved successfully.
C:\Users\family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PTRP9NB3\ads[2].htm moved successfully.
C:\Users\family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PTRP9NB3\postmessageRelay[2].htm moved successfully.
C:\Users\family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PTRP9NB3\search[2].htm moved successfully.
C:\Users\family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PTRP9NB3\xd_arbiter[1].htm moved successfully.
C:\Users\family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L6M2MO8M\xd_arbiter[1].htm moved successfully.
C:\Users\family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L1ENBYW1\ads[1].htm moved successfully.
C:\Users\family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\08974WSG\fastbutton[1].htm moved successfully.
C:\Users\family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
C:\Users\family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SuggestedSites.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Link to post
Share on other sites

RogueKiller V8.7.5 [Oct 22 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : family [Admin rights]
Mode : Scan -- Date : 10/23/2013 11:36:27
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 6 ¤¤¤
[RUN][sUSP PATH] HKCU\[...]\Run : ROC_ROC_APR2013_AV (C:\Users\family\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 19665c616c35382b128c2c5c26e3944c-481f0332a1e22d1b05a1e23801ba9c80cbd2914e --CMPID ROC_APR2013_AV --CMPIDEXTRA 2012 [-][x][x][x]) -> FOUND
[RUN][sUSP PATH] HKUS\S-1-5-21-1326580902-130326992-3557991292-1000\[...]\Run : ROC_ROC_APR2013_AV (C:\Users\family\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 19665c616c35382b128c2c5c26e3944c-481f0332a1e22d1b05a1e23801ba9c80cbd2914e --CMPID ROC_APR2013_AV --CMPIDEXTRA 2012 [-][x][x][x]) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 3 ¤¤¤
[V1][sUSP PATH] ArcadeFrontier.job : C:\Users\family\AppData\Local\ArcadeFrontier\veragent.exe [x] -> FOUND
[V2][sUSP PATH] ArcadeFrontier : C:\Users\family\AppData\Local\ArcadeFrontier\veragent.exe [x] -> FOUND
[V2][sUSP PATH] RunAsStdUser Task : "C:\Users\family\AppData\Local\VooMuuSA\bin\2.0.7.0\VooMuuSA.exe" [x] -> FOUND

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤
[inline] EAT @explorer.exe (FwDoNothingOnObject) : FirewallAPI.dll -> HOOKED (Unknown @ 0x36C77E66)
[inline] EAT @explorer.exe (FwEnableMemTracing) : FirewallAPI.dll -> HOOKED (Unknown @ 0x36C77E66)
[inline] EAT @explorer.exe (FwSetMemLeakPolicy) : FirewallAPI.dll -> HOOKED (Unknown @ 0x36C77E66)
[Address] IAT @iexplore.exe (SHGetValueW) : SHLWAPI.dll -> HOOKED (C:\Program Files\Internet Explorer\IEShims.dll @ 0x6BF84927)
[Address] IAT @iexplore.exe (SHRegGetValueW) : SHLWAPI.dll -> HOOKED (C:\Program Files\Internet Explorer\IEShims.dll @ 0x6BF84984)
[Address] IAT @iexplore.exe (SHSetValueW) : SHLWAPI.dll -> HOOKED (C:\Program Files\Internet Explorer\IEShims.dll @ 0x6BFA2BC2)
[Address] IAT @iexplore.exe (PathIsURLW) : SHLWAPI.dll -> HOOKED (C:\Program Files\Internet Explorer\IEShims.dll @ 0x6BF8FA79)

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

ÿþ1

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK1237GSX +++++
--- User ---
[MBR] 63becf0e32e277935cbc317ef53cbc9e
[bSP] 729a7c92ac78ff20747501e34972a562 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 112972 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_10232013_113627.txt >>

 

 

Link to post
Share on other sites

Hi mama bear, ok lets continue, not much to go !!

 

Clean up with OTL


    Right-click OTL.exe and select " Run as administrator " to run it.
    This will remove all the tools we used to clean your pc.
    Close all other programs apart from OTL as this step will require a reboot
    On the OTL main screen, press the CleanUp! button
    Say Yes to the prompt and then allow the program to reboot your computer.

You can now delete any tools we used if they remain on your Desktop.

 

 

Hows it running ??

It should be faster, it will get a little faster after a few re-boots.

 

 

 

=======================

 

 

I know you may have some of these installed, this is just my standard all clean speech !

Congratulation you are clean !!!

Any of the logs that you created for use in the forums or remaining tools that have not yet been removed can be deleted so they aren't cluttering up your desktop.

Here are some tips to reduce the potential for spyware infection in the future:


 1. Make your Internet Explorer more secure - This can be done by following these simple instructions:

  * From within Internet Explorer click on the Tools menu and then click on Options.
   * Click once on the  Security tab
   * Click once on the  Internet icon so it becomes highlighted.
   * Click once on the  Custom Level button.
   * Change the  Download signed ActiveX controls to Prompt
   * Change the  Download unsigned ActiveX controls to Disable
   * Change the  Initialize and script ActiveX controls not marked as safe to Disable
  *  Change the  Installation of desktop items to Prompt
   * Change the  Launching programs and files in an IFRAME to Prompt
   * Change the  Navigate sub-frames across different domains to Prompt
   * When all these settings have been made, click on the  OK button.
   * If it prompts you as to whether or not you want to save the settings, press the  Yes button.
  *  Next press the  Apply button and then the  OK to exit the Internet Properties page.


 2. Enable Protected Mode in Internet Explorer . This helps Windows Vista users stay more protected from attack by running Internet Explorer with restricted privileges as well as reducing the ability to write, alter or destroy data on your system or install malicious code. To make sure this is running follow these steps:

  *  Open  Internet Explorer
  *  Click on  Tools > Internet Options
  *  Press  Security tab
   * Select Internet zone then place check next to Enable Protected Mode if not already done
  *  Do the same for  Local Intranet, Trusted Sites and  Restricted Sites and then press  Apply
  *  Restart Internet Explorer and in the bottom right corner of your screen you will see Protected Mode: On showing you it is enabled.


NOTE: Fire Fox is a great browser also >>> http://www.mozilla.org/en-US/firefox/fx/
I use & like FireFox !!

3. Use and update an anti-virus software - I can not overemphasize the need for you to use and update your anti-virus application on a regular basis. With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection.

 4. Firewall Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can lower your risk greatly. A tutorial on firewalls can be found here. **There are firewalls listed in this tutorial that could be downloaded and used but I would personally only recommend using one of the following two below:

Online Armor Free
Online Armor Free

Agnitum Outpost Firewall Free Agnitum Outpost Firewall

5. Make sure you keep your Windows OS current. Windows XP users can visit Windows update Windows update
 regularly to download and install any critical updates and service packs.  Windows Vista/7 users can open the  Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane) to update these systems. Without these you are leaving the back door open.

 6. Consider a custom hosts file such as MVPS HOSTS
 This custom hosts file effectively blocks a wide range of unwanted ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers. For information on how to download and install, please read this tutorial by WinHelp2002

Note: Be sure to follow the instructions to disable the  DNS Client service  before installing a custom hosts file.

 7. WOT (Web of Trust)
WOT As "Googling" is such an integral part of internet life, this free browser add on warns you about risky websites that try to scam visitors, deliver malware or send spam. It is especially helpful when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites. WOT has an add-on available for Firefox, Internet Explorer as well as Google Chrome.

8.Finally, I strongly recommend that you read TonyKlein's good advice
 


A must is a great Antivirus, i recommend you using AVAST its free >>> http://www.avast.com/free-antivirus-download

You are behind on some updates, please visit the Secunia Software Inspector >>>http://secunia.com/vulnerability_scanning/online/   
Update any vulnerable software you have. Many malware now use zero day exploits in outdated versions of browsers and third party programs like Flash Player,Java Runtime , Winzip, Acrobat Reader etc to allow them to install silently without your knowledge or detection by your antivirus protection.

To insure better safety, these are a must have:
Rule #1 ........ Good Antivirus
Rule #2 ........ Good Firewall
Rule #3 ........ Good Router is Great ! (optional but best)


Happy surfing and Stay Clean
Chuck
 

Link to post
Share on other sites

mama bear, this is to delete what RogueKiller found !!

 

Open RogueKiller :     
* Quit all programs that you may have started.
* Wait until the Status box shows "Scan Finished"
* click on "delete"
* Wait until the Status box shows "Deleting Finished"
* Click on "Report" and copy/paste the content of the Notepad into your next reply.
* The log should be found in RKreport[1].txt on your Desktop
* Exit/Close RogueKiller+
 

 

 

The free Avast is IMO the best Antivirus out there ! Here is the best way to set it up !

 

Instructions

 1. Right-click the Avast icon located in the notification area of the Windows task bar. Select "Program Settings" to launch the Avast settings window.
 2. Click "Common" in the left column to view common configuration needs. Place a check mark next to each option you want to enable.
 3. Click "Appearance" in the left column to change how the Avast icon and user interface is displayed on your computer. You can choose to animate the Avast icon and select optional translucent effects for the user interface.
 4. Select "Chest" from the left column. Configure the options for the Chest size. The Chest is where quarantined files are kept. Additionally, you can configure the maximum size of report files to be sent when a virus is found on your computer.
 5. Click "Confirmations" to alter when Avast will question you about what to do with an infected file or before performing certain actions.
 6. Choose the "Language" option located in the left column to install additional languages for Avast. By default, English is the only available language.
 7. Use the "Sounds" selection to change Avast sounds or to disable Avast sounds completely.
 8. Configure the Log file limit and the logging level by selecting "Logging" from the left column. Select "Exclusions" to add files for Avast to ignore when scanning your computer.
 9. Click "Update" to configure update options. You can choose Avast to automatically update, ask when a new update is available, or only allow manual updates.
10.   Select "Troubleshooting" to configure options that help when you are having problems with Avast. You can configure Avast to only display pop-ups if a full screen application is not running or to disable the rootkit scan Avast Antivirus performs as your system boots up.
11. Click "OK" to apply the new configuration and close the configuration options.
 

 

Now how is it running ??

 

Chuck

Link to post
Share on other sites

Hi, sorry it took so long to get back!  I did check all the boxes and select Delete on Rogue Killer and then just closed out of it.  Maybe I didn't wait long enough to receive a report?  In the process of taking some of the protective measures you recommended, my computer accidently got shut off by my daughter, so I'm not sure all that got completed.  The computer is running a little slower now, lots of internal sounds as it's performing different things.  But when I've got a bit more time I'll go through the protective measure instructions again and make sure that process is completed.  Thank you so much for your time and advice, I very much appreciate it!!

Link to post
Share on other sites

mama bear, you are quite welcome ! When it re-boots a few normal times it should speed up ! MS always takes a while to boot up, but when you search for specific sites or just Googling it should be a lot faster after the junk we cleaned !

 

I will lock this after 5 days so there is no drive-byes ! If you need it re-opened just PM me or another Mod !

 

Chuck

Happy Surfing !!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.