Sponsored By

Sign in to follow this  
JoanieZier

need cleaned up

Recommended Posts


Howdy Joanie and welcome to BestTechie !!!  

My name is flashh4 (Chuck) and i will be assisting you with the cleaning of your computer.

Run these 1 at a time & post each log as you get it ! Work them as your time permits you to !!

If you don't understand something, please don't hesitate to ask for clarification before proceeding !!! You can PM me if you need to !!

Perform all actions in the order given.

Please stay with us until we give you the "All Clean Speech"! Just because the problem has stopped it may still need some clean-up !  

Do Not Remove anything or run any tools/programs until advised to do so !


Please note that all instructions given are customized for this computer only, the tools used may cause damage if used on a computer with different infections.  

If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.  


===================================

 

 

 

AdwCleaner
       
Please download adwcleaner by Xplode onto your desktop.
Double click on AdwCleaner.exe to run the tool again.
       Windows XP : Double click on the icon to run it.

       Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

    *Click on the Scan button.
    *AdwCleaner will begin to scan your computer like it did before.
    *After the scan has finished .......
    
    This time, click on the Delete button.
    
    *Press OK when asked to close all programs and follow the onscreen prompts.
    *Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    *After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
    *Copy and paste the contents of that logfile in your next reply.
    *A copy of that logfile will also be saved in the C:\AdwCleaner folder.



NEXT

thisisujrt-1.gif
    Please download Junkware Removal Tool and save to your desk top.

    Shut down your protection software now to avoid potential conflicts.

    * Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    * The tool will open and start scanning your system.
    * Please be patient as this can take a while to complete depending on your system's specifications.
    * On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    * Post the contents of JRT.txt into your next reply !

Re-Boot your computer now !!



NEXT



    Download Malwarebytes' Anti-Malware (save it to your desktop).  >>>   http://api.viglink.com/api/click?format=go&jsonp=vglnk_jsonp_14079554978349&key=bf4adfcbb328b51c165afd7f95bfc060&libId=42688bc4-849b-499e-80b4-6ff4c3b395d8&loc=http%3A%2F%2Fforums.whatthetech.com%2Findex.php%3Fshowtopic%3D128466&v=1&out=http%3A%2F%2Fwww.malwarebytes.org%2Fmbam-download.php&ref=http%3A%2F%2Fforums.whatthetech.com%2Findex.php%3Fs%3De77133f793c31b8c04786ca55ed0fbe6%26showforum%3D27&title=Windows%208%20very%20slow%20and%20drops%20wi-fi%20%5BSolved%5D%20-%20Virus%2C%20Spyware%20%26%20Malware%20Removal&txt=%3Cspan%20style%3D%22color%3A%230000FF%3B%22%3E%3Cstrong%3EMalwarebytes%27%20Anti-Malware%3C%2Fstrong%3E%3C%2Fspan%3E

      * Windows XP : Double click on the icon to run it.
      *  Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
      *  Select Scan tab.

Malwarebytes.png

* Select type of scan to perform:

MBAMScanTab_zps2c5e74bd.gif
   
  * Threat Scan < --- Select this type of scan
  * Custom Scan
  * Hyper Scan

Next click the Scan button.

When the scan is complete, if no malicious items are found you can close the program.

If malicious items are found be sure that everything is checked, and click Quarantine .

When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
 
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.



NEXT



Download DDS and save it to your Desktop.  >>> DDS


    Double click dds.scr to run the tool.
    If using Vista or Windows 7 you will be prompted by UAC, please allow the prompt.
    DDS will now scan your computer.
    When the scan is complete, DDS will open two (2) logs:
        DDS.txt
        Attach.txt
    If not saved these logs will be automatically deleted when closed, so save both to your Desktop.
    Please note it is important that you post BOTH logs in your topic.


Please note: DDS will ask you to attach the second log (Attach.txt), please ignore this notice and post the log instead.


Any problems downloading or running DDS.scr, try THIS alternate (DDS.com) version of DDS http://download.bleepingcomputer.com/sUBs/dds.com

Post next:
1. AdwCleaner Log
2. Junkware Removal Log
3. Malwarebytes log

4. DDS logs (2 logs)

 

Thanks

Chuck

If you have any problems please stop and ask !!
 

Share this post


Link to post
Share on other sites
# AdwCleaner v4.107 - Report created 12/01/2015 at 14:08:52

# Updated 07/01/2015 by Xplode

# Database : 2014-12-21.4 [Local]

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Joanie - JOANIE-PC

# Running from : C:\Users\Joanie\Downloads\adwcleaner_4.107.exe

# Option : Clean

 

***** [ Services ] *****

 

[#] Service Deleted : vToolbarUpdater17.0.12

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\Users\Joanie\AppData\Roaming\UpdaterEX

Folder Deleted : C:\Users\Joanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

File Deleted : C:\Users\Joanie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage

File Deleted : C:\Users\Joanie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal

 

***** [ Scheduled Tasks ] *****

 

Task Deleted : UpdaterEX

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{065C1A21-97F8-45FB-A9F0-861B60FACEC8}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3204358F-5904-46A6-841F-D6B5BE3EF4E3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AE67737-0E3E-44AA-AA5E-46A68BF017FF}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3EE5B726-044A-48D2-AA7B-049BD9A0F62A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60FBBE03-57FF-49D8-B38E-053D3F489825}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6A5182F1-C0B8-42B8-96CC-7F329CD46913}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C153418-8E4D-4FAF-AF27-5201E38463A7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A26A2F05-AC4D-4A1E-9531-9125F7309B78}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5D6240-7DF0-435D-9B9B-F8586A99DE86}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F343045E-E20A-46E1-82D8-9962C43EFC9E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FBB360DC-CB6C-4D6A-808A-2C773151BFFF}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFD7DDAC-EC28-42A5-8D39-917B9078604B}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}

Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}

Key Deleted : HKCU\Software\UpdaterEX

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.uk.ask.com

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.17496

 

 

-\\ Google Chrome v39.0.2171.95

 

 

*************************

 

AdwCleaner[R0].txt - [7683 octets] - [06/10/2013 19:09:58]

AdwCleaner[R1].txt - [3820 octets] - [12/01/2015 14:02:35]

AdwCleaner[s0].txt - [7760 octets] - [06/10/2013 19:11:58]

AdwCleaner[s1].txt - [3734 octets] - [12/01/2015 14:08:52]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [3794 octets] ##########

Share this post


Link to post
Share on other sites

Thanks Joanie for the log. Keep running the programs as your time permits you. We will have more to do after you run all these above ! So stay with it until i give you the all clean !!

 

Chuck

Share this post


Link to post
Share on other sites
Junkware Removal Tool (JRT) by Thisisu

Version: 6.4.1 (12.28.2014:1)

OS: Windows 7 Home Premium x64

Ran by Joanie on Mon 01/12/2015 at 14:25:37.68

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARMANAGER_8CA8B414-316F10F7.pf

Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARUSER_32.EXE-66EEE4D2.pf

 

 

 

~~~ Folders

 

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{0089900D-8A8C-43EA-BCD4-DF67D1645D40}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{009A5134-B6B5-4667-8E85-7613A1AE21AD}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{00CFFA53-8A61-465F-A0FC-D03B44961627}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{01CEDB73-8177-491F-AA5E-34EF8836EFC3}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{02FD60F9-33EA-43AE-8DC4-2F7F1769DFBD}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{03F30BB9-9633-4EF1-8A62-9BDF2DBF5B73}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{044511E6-98CE-4B20-9C8F-BC89090EBD40}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{04B3AE78-E8EE-4D0B-894E-0FC740178659}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{058D339C-D21C-4FD7-8F1E-1442F6253B59}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{0608981C-EB3E-4178-9A81-BC7918EBAE31}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{061F9B41-D1D1-4B08-820F-F9F7357F6426}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{062FD505-759E-45BD-911F-01E67EAD445F}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{06C7AE44-26EF-4D6A-9D15-7381796A67A4}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{078CE64B-197B-4285-B881-5E8D7246DF82}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{0796C87F-C5C2-4908-BC76-00E6BC436459}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{07C62F6F-553F-45D3-ABF9-B9C9B84942FD}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{08314EF6-DA15-45DB-B71C-381FD2253644}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{094F01E5-CF19-4986-892E-DBB6C70DC01B}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{0A054AEC-8DA3-46AE-BA2E-34164FA06E95}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{0A27FE7D-CDFB-4705-90FD-4ABAEEE4D50F}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{0A48A0DB-7CBE-4D74-9C04-577444F75AA2}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{0A6D9224-CA00-45F1-9CC1-769F1637F752}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{0AC6BB39-126E-42B8-899D-92869E3A3C40}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{0C7963FC-1D31-44E9-A2D7-D84CAA78DA3A}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{0CB8BAB2-42CA-41B0-B679-AAE618B9BA69}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{0CDE4DCE-949C-4E72-9528-AD1ACA9527A1}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{0E294682-B52A-4281-8665-2A43171EC49A}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{0E9E041B-A801-460A-948C-A3C196BEA1B1}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{0EB616A8-CA07-43D9-9961-4A169C931743}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{0F372D75-0869-42A5-9A18-D2A44334E475}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{0FD787BC-CCB0-46DA-B347-92EA1B5433CE}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{106AA049-B9A3-4C33-928F-031E56FA427C}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{124BA411-C7D8-4DD4-B921-DB1E8C0A805E}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{126119C3-B0D7-42C7-BC98-FD548952E6B2}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{14DAC440-8882-48BC-817C-576074B2B1A5}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{15693996-B834-4AD7-835D-6B3EB10EED0C}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{15C315FB-AA2C-444F-99D8-259F0D43F3B2}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{15CADA11-2D8C-4CBD-A7E0-BFEF4CB5C42B}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{16F7AB25-C5EF-4FD6-996F-34D665CCF47A}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{17490AFE-92EE-454C-AED3-8A580548AA58}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{17C3EB8B-291D-44F6-86B8-5328FB501F63}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{182EBADE-7775-49AD-81F8-7D88855CD0AE}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{19136E64-2036-46C6-A8B5-8AF75471581F}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{19803249-48FC-4A8F-9A14-AB7EF5C8FA36}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{19F37C2F-8F2F-4B5B-9A7C-BD706BFC40BD}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{1A3D3CDB-E772-4F5D-B231-7B4F0ED42780}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{1A557B3E-5022-4079-82EF-CD062BD8842A}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{1A5BF889-C21E-45C3-AAFC-ECB8A0A258E9}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{1A5BFC1C-1E14-49AD-BE08-D8A116D6F119}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{1A7675A0-7337-4ABD-82C3-961F39DAD00F}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{1B12FBF6-EE01-4A14-A65B-6DA7F34B740F}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{1C93DC3B-0A10-49BB-9E0D-676C38BA7B27}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{1CF8EDDE-3A19-4241-8033-CBB5B4B2EDF2}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{1D8DFFA0-5431-4C5E-81C3-868935942EEB}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{1E001658-AD5B-45DD-98F7-92BE56313DC8}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{1E6E0F6F-7EA8-4D63-A2A7-36EFDE2F1AE6}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{1EE4E567-920C-4512-9F8C-54D22E1FFF09}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{1FEEDBE4-331E-4024-BB2C-D567473B5A13}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{20051DDA-D073-4A95-AF6E-4CB63DCBC783}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{204306E5-0797-4C00-948D-A3C8F15509AC}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{21055B94-81BC-428D-956F-0908603E13AE}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{211DE8D8-BF76-4BAA-9984-0309C0BEB633}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{21C07D8B-E4DD-4AD2-AEC7-13847C07EF64}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{2311481D-36FF-435F-AB00-5F68B8BB9114}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{2329CEEF-877E-4B36-97C7-527708DE2629}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{23D5EBC9-3BDF-46F3-9F5C-6610AEF72CA0}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{23E95AF2-06B5-4D96-BE57-5DB949D71BB9}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{240EBD2F-0146-4E27-8EBE-578F9F2134DC}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{24312AA9-4639-45C9-A8E0-9CC2BF177A17}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{25542B59-D258-41BE-852B-BF3C0E974565}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{26B4FB60-40E0-4D64-889D-2223144E8CC8}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{2762C617-027D-44C5-A077-4E2424030E3C}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{27B768F1-B3F2-4E6B-9EEC-CB07D6272C41}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{29CF1FF8-92ED-41EB-99BE-FD312F93A77F}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{29E908A7-7808-4EF9-B60B-7228AD86F4DB}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{29EF5DC2-B697-4EAB-8C51-52E2BA3C2D1A}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{2A11B179-27F4-476B-B152-4259F89AC6F0}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{2A51D090-5BBE-4CDF-8326-9E21DD2B8E8F}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{2A9E9000-3842-4F43-AD09-E589DFE7AA91}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{2AD259CE-44A1-4882-BE01-17E5FEC68D2A}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{2AE63CFD-40AF-4325-BB22-6B2100BF0948}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{2BEE5051-FC12-4595-BC95-CD51F05C6EEE}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{2C2AE336-CDBC-48B3-8068-4CB989294669}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{2CB8D92D-7C3E-4860-8F10-E55E1C7C49D1}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{2D2D1557-D730-4D4F-A476-A82BE018B0BF}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{2E044B60-72DD-4250-A086-EF2E08991C33}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{2E25122C-6B13-42B7-A819-096F30E72B5C}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{2F5ECA67-980F-49C9-A590-BA4E84EED3A4}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{300BA5DC-BE9F-41FE-A329-400D8C3C2F37}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{304AFD82-38DC-498B-8B7B-5D8E80337089}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{309E5545-2DA4-45A4-8F4D-E82C7E3893B1}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{30B4B6CD-804F-40DD-AC4F-F95D960492AB}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{30E1B423-9C92-4F41-ADEB-D5B8CD43F91E}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{31B3B64F-7BF7-49D1-887B-C906F134D5DE}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{329E80E6-46A5-4D33-A6D8-D5D7039D5361}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{32A10C85-C727-4EB8-9D9E-3DCD932256C9}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{335824D8-1AC1-4E03-871C-60805958828C}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{344B2F8E-CF1C-4B7E-8B8C-D05C2EF252E8}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{345666FE-2E7E-48F7-9567-3281A45C0BD2}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{34F2693F-7FF8-41FC-B03C-10432FF5B518}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{355A40E1-44CF-42BC-B85F-0775240016BA}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{356400F9-7105-4E33-B919-B6BD83E5FEA2}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{36C2B0EB-3E43-4770-82A8-C9D77A924D5C}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{37001B48-6D94-468E-B3FE-A053BA1B0858}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{37256DE8-45BF-4457-A758-5AC0DFBF63E1}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{37DFA782-D59B-4487-BFA0-DAA02D9B82D0}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{385EC1E1-5D20-4CFC-BB49-EF4329004680}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{386E155B-7AA9-4309-BE4F-458A794C83E0}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{39500145-F863-402D-91F2-B469A13AF9E9}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{39675BFB-B815-4AF9-93B6-417C68013BCF}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{39F2549F-C301-4DA6-B7C2-9BA41388A548}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{3B549A20-F3B8-4356-A893-905A391F37CD}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{3B600113-56BA-448A-9E4F-E4DDE398CEE2}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{3BDE566B-ADB3-4F46-A77C-E92D424E064B}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{3C22B00C-B68B-4509-B800-C5E8D3BB6C35}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{3C68F272-FA34-4486-A6E2-C3A1B4E27825}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{3C69278C-51A4-479A-ADA0-D5ACDF6D8664}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{3D0635EF-9CBE-4A61-A345-CF8A2A455BCF}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{3E7266BE-B5A3-47E1-BB20-CF6B9F3596B3}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{3F318FC9-80AD-4CA7-A7AC-853FA0C9850C}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{403EC20C-644E-45FF-B459-ADCF6869A268}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{406CCABF-6847-44BF-BDDC-00F2124BD581}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{40CA7C8E-A4D0-486D-B0AB-CEF9BBBD0F90}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{412EF188-EEE0-419A-B347-CAAC173AC5B3}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{4156C709-77C9-4AD2-9DB9-A1DE6504EB23}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{41BCAEC5-A57B-4AC4-8042-2A8975A18A17}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{41C9DCF6-DC94-4815-8025-90357B5765D7}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{4346FB61-3010-4514-AF44-1228C71A5BF8}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{441818A7-8251-4E98-B086-A6CD14170A9D}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{44B072F5-8562-4FE4-B9A3-20215B8D2E64}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{45BC2F46-79C6-4480-AE7B-98EC0C0C6C1B}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{45F0F573-0AF2-4D74-BB2F-5E6AE8D96F41}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{46B44BC1-C6E8-47F8-90F6-027E59FD89F5}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{46C552AD-6283-4022-81BF-6067C2BDD819}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{47300103-C329-47F0-AE0D-49C5BDFD8706}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{47369437-A526-4049-A4AA-76952A9125F5}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{47EB3881-E689-48A9-800E-EC79147430A0}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{47F32344-D8ED-45BE-A02B-0D20DFCDE1FB}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{483EA672-1B1E-47AD-B3A8-F4BB03521A01}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{491206F9-86CA-40DD-AA00-62911FC7CC54}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{49EDA0F9-2329-42A3-BEBB-BF338A3EC087}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{4A055AD5-72A2-44BD-9875-365434B9C968}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{4A6C29F1-4094-434B-BD32-E78748CAE6D1}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{4BAA3664-E838-4183-9E0F-F074E432AACC}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{4C36DFD0-7902-4176-BD8D-2A397C5D5D50}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{4CC007AE-573D-4EED-88FE-AF8C150348E3}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{4CEDD74D-5DA6-4524-B62D-A5759930A669}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{4DEA27A4-373B-40DC-9A17-4F8604A7FCB1}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{4FDF1A6D-0C99-4E61-9CEA-B81880DD4CF2}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{4FFB7B4E-4C8C-409F-B762-69818B85D0C0}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{5023295C-7582-4776-B31A-5C3DE89BCFFE}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{5112EF63-9236-4E7B-9FCE-A71F37F356EC}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{528E587D-74A9-45B1-8BEA-297BE8E1EC29}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{53CF4476-9447-467E-A7CA-8CAF67FEA1EE}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{542E660E-7C21-4260-86C5-7185FBF04D36}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{55AC8B9A-CFC4-485A-B28C-C0731D86FE38}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{57152E51-CA85-451B-B81C-947C80A5110B}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{574563EC-DE38-4AA0-A985-CE004F0452F0}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{59863BF9-6CC5-4146-856F-75E74436888F}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{5A11CE49-F381-47A3-96F6-29E6BFFEA9A5}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{5A6889B2-5AD3-43E8-8E08-B3AF3633C2D2}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{5A7ECFD2-764B-4E08-AFF1-EFF90E09B4B4}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{5B16AC02-A387-494C-B52D-A81C684504B5}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{5B4BA400-BF86-494F-8BA4-1F3BC18BF539}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{5C250FFE-9359-42F0-9D18-BE9018BCCF00}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{5E4100D4-4431-4D06-89F9-96A76D1BB3E8}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{5F7BDFD0-A387-4934-9536-12A198036652}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{600FB911-13CE-40A8-A12F-B86E2A133E3A}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{60E7DB2E-07BE-4D5F-B6ED-3FE97C9231AD}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{61467E0B-6126-45A1-A4C4-AEB96AC6E0BD}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{6341223E-4027-4BA0-8FEA-DAA45E1BAF0F}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{63BBC8EE-1E10-47D8-9543-C8EF9DB9C1CD}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{65367925-BDDC-45CD-94A4-96CDBB9A1D10}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{65F36AC0-59A2-4BDC-860B-70C57A8742F7}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{663C09D0-17B8-468F-B796-1A53ABA98EEF}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{672B70FC-61BC-4531-84D6-C40DF41D53D2}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{6802C3C7-6090-4F19-892B-4FE44A5A8C56}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{69898D0B-76FC-482F-8090-E050C0D0CD02}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{6A4DD8E1-33F6-41D6-BDEB-D45B04F4E19E}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{6AB78051-BAC2-4B9F-8997-272C9E26DE0E}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{6C021A0E-64E3-4148-BBFE-D1ABA9D6B4C8}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{6C49657D-1CD0-4A68-BECF-2C1E5A809A21}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{6D458930-8EFB-46A5-A211-C162D7307A43}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{6FB01812-6C7A-4085-A48B-336E7C66414D}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{705275B6-8DB0-48A9-BA0E-E7DA305942FE}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{715BD2ED-1C01-4A1F-BB64-0F67B4BE4529}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{7160340D-0D2E-4F45-872E-56AABF449769}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{71E3EAFF-30D6-48E2-A9E9-6747C2A6D534}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{71EDF69C-F13B-42AA-9F6D-1EBF604E6AB4}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{73877DE7-4DB4-4ABB-AF5E-84EEB3B623BB}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{738D95B2-1068-40F8-8BF5-6FF16BFE1031}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{744A4783-376B-496C-A90C-D4303CA00A90}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{74661AE1-B177-4E89-85DC-BAD5CDBFE840}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{746EDD8E-3B91-4957-AD9B-91E0BF498579}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{7485EDA6-34E1-4FB0-AFF5-4FC1E2901AF6}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{74C7BE59-D4B8-4E38-AB7D-F2DF616A0CE4}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{7506B542-2D3B-4106-9500-D9802EFEA3A3}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{75AD927C-7E7C-4F31-ACB3-7C1763A32DC5}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{75B3D4F5-9C1C-4164-9244-B635CE18D9BB}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{75D85047-6BCD-46A8-8A75-922E6283A2DD}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{75E0348B-6E6D-41AA-A3AE-A11F02BABD47}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{763C8294-EDE5-44BC-82FD-9A45300F993E}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{76B21571-A515-478B-A6B4-5B18BEA600F9}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{772351B3-FDAF-40F6-BA96-2C2203210687}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{77AE2697-BA75-41B3-BB1A-C2EDCA24FB5F}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{780B4B2C-D59F-453B-B9B2-E18E330D236D}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{79B0C3E6-A877-452F-AA90-27A60DF5E402}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{79B74276-D561-4C78-8F98-0A3092114DAC}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{7C11D6CE-FDEF-4D13-88C7-6E53BCEA4B62}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{7C41BCED-C6D3-486A-A9FA-34BF9DE26A86}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{7D943096-0C0B-42FC-9231-B08CBF217FE9}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{7EAE3DBF-B68A-42EF-BD7D-4C9B5568F899}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{7EDDC321-1591-4F46-968A-837DA55D8FBE}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{7EF86DC0-E1AA-4562-842D-58CF750C399D}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{7F10CF2A-3568-4F2E-9EA7-5CCCB7DE02F6}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{7FA75A6F-D8E3-461F-AEC2-8B7ABC97087F}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{7FBD6317-3679-40EF-8779-1AB68A3AAF3B}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{80218492-A411-40A9-9852-B28430ABD7CA}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{804F16CD-7BB3-4BE3-A606-1A21595812DA}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{8243AF25-B756-4F30-B5A2-92DE6D2FBF4E}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{82EE32BF-27DE-46F3-93B9-986007105F85}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{83635682-6A2F-4283-932F-304D187601CE}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{83CC3BCB-6F72-40EA-BE59-B9AB5FA318FB}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{840981AF-5912-44DE-A9E9-52CF5CFA2BD7}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{8457DB1B-8075-4CBC-A09E-A6A4895022B7}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{871E2601-3744-4F76-BCFC-984E4321C7A5}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{87AF9F32-4542-429C-B415-A3D65F2B7CCA}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{87C64B1A-7289-42B8-BD68-56AACE3AC62C}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{89E4E797-963E-41BB-8416-953ABA1972BD}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{8B7E736F-00EF-44C8-A438-9EA53EC13CC5}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{8B951B95-33A9-4195-8043-E5F2D307C192}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{8C5634E8-54D2-448E-90DD-88B8FFE150B0}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{8C5DFCA9-E2EF-41A5-A20C-71C15AE4DF19}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{8C6EA137-50E0-470F-B0D6-42407E6D1023}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{8D56CEFE-942B-40CF-90AF-4EA07E0E1BF4}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{8DC29A7B-B44E-4C7A-B9CA-104CB8496E69}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{8E3BD8DD-5A4C-4977-9193-9D339EF546D0}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{8F136D94-81D1-413E-B834-8B4BF4F0EE58}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{8FB60687-B8B9-4032-BD1B-76B145834979}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{8FC0C63A-B334-4A93-B798-851AAA188DC3}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{90322AF6-050F-44B4-AD2D-77CB94692F8A}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{906A862D-72FB-4209-B568-8C0AABDBE384}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{90CC27BD-B337-4682-B269-CC534A04077E}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{91197462-46E8-4131-BCDE-8C030FA66C4E}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{91554417-B200-4005-A231-1959605812F7}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{920E2D4F-A742-40F2-897D-6C775419F23E}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{92D1872B-E0C0-4CA6-89F0-46EB3937195C}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{932AB835-8CDF-450B-8985-010A51F5E304}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{93485060-CD3B-4CCB-A163-B96919824F4C}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{945F34CB-CD5F-4C91-932D-605A34C8FC07}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{9531A346-F19D-4E7D-8420-421AB3B020B5}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{95A9DA8F-73A0-4922-B299-1DE22778A62B}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{96AAF0FE-59F2-488F-A791-8D397111E997}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{96C59F99-B753-4E44-96A2-5289352EC7C3}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{9733ACC8-AA80-48FF-B51F-33DA6FB94296}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{97D47A44-7DB9-41F6-9AD2-97EC9304D506}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{980429A2-928E-409F-AB63-C28EF2378AC1}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{9893CF5C-B0F0-4C11-8A5A-A5B7A628DFA1}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{98C14D9E-6282-42FF-BDD3-B3DBAA569080}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{98FD4096-BAD8-44DB-A106-065DA5B3425F}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{9A8EB032-739C-4843-8DA3-B685949036CC}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{9BF32378-53A0-4088-BD3D-F9615F03E561}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{9D51B69D-58EF-4C5D-AB47-6BC2E0B3771F}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{9E188030-0F4A-489E-B888-8AB3026A759D}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{9F59FAA7-3A1D-485B-A035-36EE1F99AD15}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{A206E86B-2B8C-4D96-A48F-383F56EC8EFE}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{A227FBCB-8ACC-4C21-9129-D91A08463AAA}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{A250FDB2-495D-4BF7-8567-629B810A5554}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{A25B2BFB-2705-49A1-AC55-CA8B2D802388}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{A34638B6-B615-474F-B908-822FB68EA3C8}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{A36BF523-BE16-4261-A6C2-89E037BCC1C5}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{A463FB42-9E9C-497E-B0A9-73E2A166618E}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{A49EDF37-7055-4C1E-B6F4-919F1721EDFD}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{A57692D0-6B4B-4C52-95B1-B50BF7A92A90}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{A59CC5E8-240E-4C39-8ABA-C50EEE39B715}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{A6AC1A10-B711-4337-AE09-EE6492A04A4A}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{A6E72B5F-FD87-4C77-B3D9-E8EDCBDFA268}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{A7B1DA35-17FE-4716-8E98-F66900131209}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{A7D2102D-5C57-4D2F-95D8-8B1D8426F72E}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{A7F5F8D0-CC36-4C42-8207-44913413E8A5}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{A8591201-483C-445F-9D90-CACD31F0EB03}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{A85E69BD-5C0E-48CE-9654-90D62D65BC9E}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{A88A148A-3A96-4C4F-81C4-9A08F3B14B50}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{A91677CB-70F9-4F6F-9740-69B8CF085BF6}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{A923BAB0-9B61-4AAD-8A78-7F674239B85A}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{A99C23DD-AB6C-4A4A-98D7-0BD2E5F726B5}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{A9F9EA46-E3FD-4861-BAB7-C0D5705F8D74}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{AB55B061-9356-4818-B622-B24870506199}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{AB869D9D-359C-42B4-BAB6-069060BB6B31}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{ABB7DBB6-D65B-4DD5-88DE-6C2FE15B80D4}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{AC52C004-A449-4C0D-9BF5-5C6BF361B13B}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{AC85AD01-C895-44A4-BB4D-82681BB50F5F}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{AF84A988-B986-4240-BECB-7EF34CED01D3}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{B0CE017B-38F1-4963-A2C3-9F0402A7AE2A}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{B1FAB57A-6D90-4F2C-AF38-A9536DD32B07}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{B2DF6FDC-E1D4-41EA-B9FE-47BEB3C3DC3D}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{B36A78CE-68C6-47E8-B972-EB9A3DADD87D}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{B3AC498C-ED7B-4C4B-8A9B-D1B57AA65D05}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{B4A06323-F025-4CE6-9C90-0F5F389C0E24}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{B5526AAE-C0DC-4FA8-BCBD-AE2976964D48}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{B5B976A2-A846-4120-9F73-FEC3681782A6}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{B5EEFD90-16D4-4E7B-B573-14B919716A70}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{B6C4213B-317E-47B4-AFB6-DD0C0B7CB494}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{B6C5321D-5B29-4380-95C1-5B56A30F90DA}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{B6CF3FCD-0505-4E7D-9F21-FFFFDADD910C}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{B95D8081-9D2D-4149-908F-D6ED1838077B}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{B96E76A4-AC98-4132-B8DE-A27C8B922B42}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{BB77BB59-EC28-48A4-B57E-5953E9A296EE}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{BC64B8C4-CE14-433A-85AF-C460EB509F31}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{BE744314-98B6-4C4A-90E7-2988195F4716}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{BE75BD76-277F-4B2A-9F0F-6592ED0E48D9}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{BEAD80EA-5F4F-47EA-9309-090EB102DC28}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{BF4B8385-B802-4C17-A58E-66C8AF8AB9FE}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{BF63C941-4F13-45DB-9EEA-D0793A3B189C}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{BF65F2FB-5081-4EE2-96DD-24CA34FBFBF4}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{BFE76CED-7329-40A3-93AD-99BD36AB7208}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{C1A5DA14-88B4-470D-911F-992660D135BE}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{C1BF442F-C1D5-490A-B949-1A767F590DA4}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{C1E04544-69AD-4955-9D09-A807CA976F3D}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{C36E7C54-327F-4E8F-850A-8C46C028A4AE}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{C396B0A2-EAD5-4768-9BFD-3F902670DF3E}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{C43B4E77-F06E-4D73-8ACC-82EC96098AAC}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{C4F6982A-CF9B-46B6-87C3-757FFD32DA62}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{C57AF73B-BC38-4BE9-A5F4-2060AC49BEBE}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{C7485629-5B8D-4928-AD66-E6F4D315B803}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{C761FD3C-ACDE-42E3-B99E-78738B097525}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{C7A4F6EF-1DF8-41ED-B8A0-9CEE75B91AFA}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{C82BC22F-3783-4987-BA7F-FD3AEF665004}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{C86B5630-B9CD-4F57-9BE8-77A462ED399F}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{C9D6D91E-E6E5-47BC-A0CD-77FA3418B05E}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{C9E5FC03-92EA-4560-96FF-C0A9BB5518DA}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{CA4D2C6F-3A08-4771-ACD7-8327DED50574}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{CA7F0E0C-BA23-4957-BDB0-7CAE9C7A28D3}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{CBCD3327-A376-4C78-8583-272B3C7CFD18}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{CC786A3D-44CE-4612-9624-D350AAF180B7}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{CCEA6211-6A36-4B1E-BB01-E3065FE01849}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{CD007635-0F52-4D68-92D2-6BA1AB798925}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{CE7016BF-B2D6-4C9F-91F4-81C383581ECF}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{CE8B71FC-8AF7-4982-BB9C-D969D6DAF8DB}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{CEDA1DBE-638C-455D-BE79-0EF3E5776AF5}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{D0629ABE-053D-410E-9B32-BC42DCA8FCFF}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{D25E601C-69C4-4534-BD87-EA4CB83BF58A}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{D2712091-E98D-4879-A947-53BFEDD20946}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{D536F7B3-51C8-4453-8E8E-0C8A21B2F924}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{D57641DD-51C5-49CA-A55D-FA84AB664B6E}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{D57902DB-9833-421F-89AA-A325CFC86155}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{D6701BFE-E879-44D5-89FF-4177415D9C09}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{D723AAF3-2F18-423C-AC6A-C019DA73ADF1}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{D739E881-A9F4-40B7-AE47-424EAAAD5947}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{D7618979-1D3E-45AD-94CC-6E5C0D552872}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{D7B72B7C-1AB5-4F60-BF37-697D57FF03CD}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{D8275D68-8931-4EDB-BB80-0A369135E9C5}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{D8AA14EB-3F65-4147-8D00-A0559D106EBA}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{DA07FF22-DC48-4CA7-BBEF-0FE97CE809BC}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{DA450B5F-B5CD-4293-A0A0-16C05D5DB14E}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{DA7FE644-12B5-4D28-B06F-0E9F832B61FE}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{DAA512FF-78AD-46E5-A7EA-EBFAA656A3BF}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{DABBE39F-0453-410C-8935-522E15FFAD5B}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{DAF6902C-8E7D-4C31-968E-64E3A7F1CACA}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{DB18FBE9-3AE4-495B-82AD-08698E20A49B}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{DC0BC81B-900E-4890-9A9A-28381164580A}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{DD72362B-B0A3-4CF4-A3A3-334781768FFB}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{DD72D214-9F7F-4D59-8668-F82ABD9C8C2C}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{DE28510E-6721-4A27-BA44-5A43056C6507}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{DF82D2BB-FA16-47AC-B255-A721E4479439}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{DF889975-34CA-4EAD-821E-09B36F121E5F}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{E0009B35-2F8A-4FD9-A20E-FDADD20D1453}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{E0282597-489F-4012-B1D7-490E9CF64E43}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{E0B59200-6535-47FD-A577-EDC0735FFFA1}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{E0FA4265-F890-492D-82D4-9A030F92281B}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{E11245D0-15C6-418F-B6DC-44EB9E66DD60}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{E1B4B1EF-7BCE-4D84-A60B-4072FCC90DE5}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{E1E13509-AC13-416B-B5A6-AED1E9AEC76F}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{E389DBF2-3297-4C91-846C-6B60A908B1E5}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{E3AC72D1-3884-4E89-962F-38ED7274FE2C}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{E3C62754-CC35-43E3-A367-89663A248BB7}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{E4C105C3-DE98-45CE-840B-C93D383ECFA3}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{E56C1391-7ABE-499B-8D26-12520F990359}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{E5EF3BD4-9A2E-4F56-BA0B-C1698CA96726}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{E69331E7-6903-4252-9D68-FB90F198E429}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{E69ACF35-1227-4716-B4DB-EF20BDF45FF7}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{E70732E1-D860-4E00-8561-1619D83F1204}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{E7C25109-B937-48B2-BF37-2E3FD486A4C4}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{E7E00355-3F29-4568-A6A6-8BDB4B0099CC}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{E9813800-0B55-4AAF-B041-9F2B650A9E76}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{E9D33E5C-A5A1-45D6-8240-5D164D9C1046}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{EAE7F043-DCA7-41FA-B7C8-BE5D53616606}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{EAEBF4DC-BFC8-46A5-8FCB-A251DE5E88AC}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{EB0E61E8-1975-40AC-9DC0-A017EDDD34E7}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{EB22D6C4-6375-49A1-8ADD-4A7AAAFDFC85}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{EB3C61B3-73B9-4817-B8FF-08A3284B0D15}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{EB52B4D4-7918-420A-B3AE-1B81FB1006ED}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{EBC4BA17-513F-4D84-AD1D-E26C185DD11D}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{EBE47587-2FFA-45E5-8DFC-3E8D83C71FEC}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{ECEE35A4-37F2-4C47-9B11-06F6B621F28D}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{EDFCD4B8-8657-4CE1-8189-BB19094CB89B}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{EF354CA1-BD47-43E9-972E-0A3966D1D9EE}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{EFC466A1-4825-49D6-B96E-B239A0388708}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{EFEA5A2A-AA3A-4EE7-A2F1-70C66D57486E}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{F0A07FC5-F9DA-42C0-9FE5-D955FEAFCA6D}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{F18CF822-AB9E-42CF-BFF9-BAC9A37192E7}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{F1AA475E-36D4-44A3-A66B-93F182207330}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{F2A42D6A-98B5-40C9-AF09-F15538130301}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{F2A43502-0A0D-418B-9B52-5DC10018368C}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{F342F2FE-781F-4E70-B641-720D98A1DC80}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{F3B9680E-98D7-4048-B08F-38F1EB106F71}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{F550FE79-09DD-4874-9C9E-B8ED6BB72024}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{F5C8CF2A-FF14-4206-8E7B-4521B818A839}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{F5D14763-963F-44C0-99AD-22E3002C7E90}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{F5EDCA84-B251-498B-BAF1-D5EAFB809A8D}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{F758CD2A-C13F-4AAD-BFAF-F46707EB7F83}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{F75C8197-FA27-4225-A9D4-C7ED9E2924C7}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{F79322FF-FC86-4DDB-8BA0-12D5DA97A094}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{F7FF265C-4FBC-45F5-B418-01329636F7F8}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{F881E6EF-2EC3-4ABA-B768-2A34AC62EBC1}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{F8AC6D3B-8AAB-4C7E-BF13-97425DB7911E}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{F8B8FD9B-99A4-44B9-93EF-09EE081D9564}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{F8F006D8-5686-472E-9577-2840007D1E95}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{FA415B01-DE6F-4885-A755-D2AF9B1455E8}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{FA87FB1E-A3CA-4F6B-9262-36CCC8CE8874}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{FBDD7FD0-336B-46CF-9F97-43EDAEAE3B85}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{FCFC9617-8FAF-409D-98A6-0B1545F6F0C8}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{FD9851BD-377A-4FD5-AE8D-A891C4910A80}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{FDCBD1B7-F109-4D07-9793-CA473615C00E}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{FE7D3C66-9197-44C6-8862-5B37C9E0477F}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{FEB4B6D6-2994-4B85-9601-880EC6A7A3B7}

Successfully deleted: [Empty Folder] C:\Users\Joanie\appdata\local\{FFCFBB44-C136-4139-9E18-77947A43205A}

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Mon 01/12/2015 at 14:31:09.36

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Share this post


Link to post
Share on other sites

Hi Joanie, run these next & post the logs.

 

Download OldTimer to your desk top !
Links: http://oldtimer.geekstogo.com/OTL.com http://oldtimer.geekstogo.com/OTL.scr  
 
If you already have a copy of OTL delete it and use this version.  (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).

* Double click OTL.exe to launch the program.
* Check the following.

o Scan all users.
o Standard Output. o Lop check.
o Purity check. oExtra Registry > Use SafeList  

* Under Extra Registry section, select Use SafeList
* Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
* When finished it will produce two logs.

o OTL.txt (open on your desktop).
o Extras.txt (minimised in your taskbar) The Extras.txt file will only appear the very first time you run OTL.

* Please post me both logs. This may have to be broken into more than one post !   

 

 

NEXT
 

 

 

Security Check

Please download and save SecurityCheck.exe to your Desktop from one of the links below.

Link 1 >>> http://screen317.spywareinfoforum.org/SecurityCheck.exe.

Link 2 >>> http://screen317.changelog.fr/SecurityCheck.exe

    * Double click SecurityCheck.exe and follow the onscreen instructions inside the black box.
    * A Notepad document should open automatically called checkup.txt
    * Please post the contents of that document in your next reply.
 

Post logs next

 

Thanks

Chuck

Share this post


Link to post
Share on other sites
.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium 

Boot Device: \Device\HarddiskVolume2

Install Date: 12/19/2011 3:49:16 PM

System Uptime: 1/13/2015 9:48:18 AM (0 hours ago)

.

Motherboard: Dell Inc. |  | 018D1Y

Processor: Pentium® Dual-Core  CPU      E6700  @ 3.20GHz | CPU 1 | 3203/266mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 917 GiB total, 834.237 GiB free.

D: is CDROM ()

E: is Removable

F: is Removable

G: is Removable

H: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP710: 1/10/2015 9:21:35 AM - Windows Update

RP711: 1/12/2015 9:25:42 AM - Installed Rapport

RP714: 1/12/2015 12:18:34 PM - Installed Rapport

RP715: 1/12/2015 12:21:46 PM - Removed Rapport

RP716: 1/12/2015 12:31:12 PM - Restore Operation

RP717: 1/12/2015 12:39:11 PM - Installed Rapport

RP718: 1/12/2015 1:29:07 PM - Windows Update

RP719: 1/12/2015 2:36:25 PM - Installed Rapport

.

==== Installed Programs ======================

.

 Update for Microsoft Office 2007 (KB2508958)

Adobe Flash Player 15 ActiveX

Adobe Reader X (10.1.13) MUI

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Audible Download Manager

Bejeweled 2 Deluxe

Bing Rewards Client Installer

Blackhawk Striker 2

Bonjour

Bounce Symphony

Build-a-lot 2

Cake Mania

Chuzzle Deluxe

Consumer In-Home Service Agreement

D3DX10

Dell DataSafe Local Backup

Dell DataSafe Local Backup - Support Software

Dell DataSafe Online

Dell Edoc Viewer

Dell Getting Started Guide

Dell Marketplace Webslice IE8

Dell MusicStage

Dell PhotoStage

Dell Stage

Dell VideoStage 

Diner Dash 2 Restaurant Rescue

DirectX 9 Runtime

Dora's World Adventure

DriverUpdate

eBay

Escape Whisper Valley

Farm Frenzy

FATE

Final Drive Fury

Final Drive Nitro

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

GoToAssist 8.0.0.514

iCloud

Intel® Control Center

Intel® Graphics Media Accelerator Driver

Intel® Rapid Storage Technology

Internet Explorer

iSEEK AnswerWorks English Runtime

iTunes

Java 7 Update 45

Java Auto Updater

Java 6 Update 27 (64-bit)

Jewel Quest

Jewel Quest Solitaire 2

Junk Mail filter update

LG United Mobile Drivers

Luxor

Malwarebytes Anti-Malware version 2.0.4.1028

 


DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 11.0.9600.17496

Run by Joanie at 9:54:34 on 2015-01-13

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6109.3165 [GMT -7:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\WUDFHost.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\system32\igfxsrvc.exe

C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWNotiAgent.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Windows\system32\sppsvc.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.


BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [bYR_AGENT] C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWNotiAgent.exe

uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRunOnce: [Adobe Speed Launcher] 1421167783

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"

mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUDIBL~1.LNK - C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

TCP: NameServer = 192.168.11.1

TCP: Interfaces\{85CBB874-0697-42A1-A7DF-A87486C6DF92} : DHCPNameServer = 192.168.11.1

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup




x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-11-8 55856]

R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-10-19 46368]

R1 RapportCerberus_80120;RapportCerberus_80120;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80120.sys [2015-1-12 845464]

R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2014-12-22 445816]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-8 13336]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-1-12 1871160]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-1-12 969016]

R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]

R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2014-12-22 1919256]

R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-11-8 1692480]

R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2011-11-8 138752]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-1-12 25816]

R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2015-1-12 129752]

R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2015-1-12 63704]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-11-8 236544]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]

S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-12-9 114688]

S3 RapportKE64;RapportKE64;C:\Windows\System32\drivers\RapportKE64.sys [2012-10-1 535576]

S3 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2014-12-22 558872]

S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]

S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2013-9-24 16152]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2013-2-21 54784]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-21 1255736]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2015-01-13 16:51:23 -------- d-----w- C:\Users\Joanie\AppData\Local\{6FE170CC-550A-45DA-A1CB-78E6EDC8DAA0}

2015-01-13 01:13:52 11870360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E42CDE64-13B8-4415-8F2F-5DA321EC7B4E}\mpengine.dll

2015-01-12 22:55:01 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys

2015-01-12 22:25:57 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys

2015-01-12 22:25:56 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys

2015-01-12 22:25:56 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys

2015-01-12 16:26:41 -------- d-----w- C:\Users\Joanie\AppData\Local\Apple Inc

2014-12-18 09:31:34 144384 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-12-18 09:31:34 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

.

==================== Find3M  ====================

.

2015-01-06 11:36:02 298120 ------w- C:\Windows\System32\MpSigStub.exe

2014-12-23 00:52:44 535576 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys

2014-12-10 01:46:37 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2014-12-10 01:46:36 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2014-12-04 02:50:55 413184 ----a-w- C:\Windows\System32\generaltel.dll

2014-12-04 02:50:45 741376 ----a-w- C:\Windows\System32\invagent.dll

2014-12-04 02:50:40 396800 ----a-w- C:\Windows\System32\devinv.dll

2014-12-04 02:50:38 830976 ----a-w- C:\Windows\System32\appraiser.dll

2014-12-04 02:50:37 227328 ----a-w- C:\Windows\System32\aepdu.dll

2014-12-04 02:50:37 192000 ----a-w- C:\Windows\System32\aepic.dll

2014-12-04 02:44:48 1083392 ----a-w- C:\Windows\System32\aeinv.dll

2014-12-01 23:28:44 1232040 ----a-w- C:\Windows\System32\aitstatic.exe

2014-11-22 03:06:23 2724864 ----a-w- C:\Windows\System32\mshtml.tlb

2014-11-22 03:06:11 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll

2014-11-22 02:50:39 66560 ----a-w- C:\Windows\System32\iesetup.dll

2014-11-22 02:50:10 580096 ----a-w- C:\Windows\System32\vbscript.dll

2014-11-22 02:49:54 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll

2014-11-22 02:48:20 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll

2014-11-22 02:35:29 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe

2014-11-22 02:34:51 814080 ----a-w- C:\Windows\System32\jscript9diag.dll

2014-11-22 02:34:07 6039552 ----a-w- C:\Windows\System32\jscript9.dll

2014-11-22 02:26:31 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe

2014-11-22 02:20:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2014-11-22 02:14:16 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll

2014-11-22 02:07:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll

2014-11-22 02:07:17 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll

2014-11-22 02:06:32 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll

2014-11-22 02:05:02 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll

2014-11-22 01:54:30 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll

2014-11-22 01:47:10 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll

2014-11-22 01:46:58 2125312 ----a-w- C:\Windows\System32\inetcpl.cpl

2014-11-22 01:40:04 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll

2014-11-22 01:29:26 4299264 ----a-w- C:\Windows\SysWow64\jscript9.dll

2014-11-22 01:28:21 2358272 ----a-w- C:\Windows\System32\wininet.dll

2014-11-22 01:22:49 2052096 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2014-11-22 01:21:57 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll

2014-11-22 01:00:20 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll

2014-11-18 21:56:48 1202848 ----a-w- C:\Windows\SysWow64\FM20.DLL

2014-11-11 03:09:06 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll

2014-11-11 03:08:52 241152 ----a-w- C:\Windows\System32\pku2u.dll

2014-11-11 03:08:48 728064 ----a-w- C:\Windows\System32\kerberos.dll

2014-11-11 02:44:45 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll

2014-11-11 02:44:32 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll

2014-11-11 02:44:25 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll

2014-11-11 01:46:26 119296 ----a-w- C:\Windows\System32\drivers\tdx.sys

2014-11-08 03:16:08 2048 ----a-w- C:\Windows\System32\tzres.dll

2014-11-08 02:45:09 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2014-10-30 02:03:43 165888 ----a-w- C:\Windows\System32\charmap.exe

2014-10-30 01:45:43 155136 ----a-w- C:\Windows\SysWow64\charmap.exe

2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll

2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll

2014-10-18 02:05:23 861696 ----a-w- C:\Windows\System32\oleaut32.dll

2014-10-18 02:05:21 4121600 ----a-w- C:\Windows\System32\mf.dll

2014-10-18 01:33:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll

2014-10-18 01:33:13 3209728 ----a-w- C:\Windows\SysWow64\mf.dll

.

============= FINISH:  9:59:06.85 ===============

 

Share this post


Link to post
Share on other sites
Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 1/13/2015

Scan Time: 8:58:18 AM

Logfile: mb.txt

Administrator: Yes

 

Version: 0.00.0.0000

Malware Database: v2015.01.13.12

Rootkit Database: v2015.01.07.01

License: Premium

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Joanie

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 360090

Time Elapsed: 9 min, 27 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 0

(No malicious items detected)

 

Physical Sectors: 0

(No malicious items detected)

Share this post


Link to post
Share on other sites

Joanie those are looking better, now th OTL & Security logs please !!

 

Thanks

Chuck

Share this post


Link to post
Share on other sites
OTL logfile created on: 1/13/2015 2:42:15 PM - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Joanie\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.17501)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

5.97 Gb Total Physical Memory | 3.15 Gb Available Physical Memory | 52.72% Memory free

11.93 Gb Paging File | 9.14 Gb Available in Paging File | 76.62% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 916.66 Gb Total Space | 837.41 Gb Free Space | 91.35% Space Free | Partition Type: NTFS

 

Computer Name: JOANIE-PC | User Name: Joanie | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2015/01/13 14:38:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Joanie\Downloads\OTL.com

PRC - [2014/12/05 18:50:53 | 000,856,904 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

PRC - [2014/12/03 10:06:08 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2014/11/21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

PRC - [2014/11/21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

PRC - [2014/11/21 06:12:46 | 007,229,752 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

PRC - [2014/10/17 15:24:20 | 000,043,816 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

PRC - [2012/12/09 23:43:30 | 000,392,320 | ---- | M] (LG Electronics) -- C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWNotiAgent.exe

PRC - [2012/02/01 10:50:58 | 000,968,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe

PRC - [2011/09/06 11:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe

PRC - [2011/08/18 09:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

PRC - [2011/08/18 09:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe

PRC - [2011/08/01 11:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

PRC - [2011/03/14 09:22:06 | 002,125,472 | ---- | M] (Audible, Inc.) -- C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe

PRC - [2010/11/17 09:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

PRC - [2010/03/03 19:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

PRC - [2010/03/03 19:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2014/12/05 18:50:50 | 009,009,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll

MOD - [2014/12/05 18:50:46 | 001,077,064 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll

MOD - [2014/12/05 18:50:45 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll

MOD - [2014/12/05 18:50:44 | 001,677,128 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll

MOD - [2014/11/13 01:03:59 | 002,297,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\e3641fa3359f37ad12c84183ce765093\System.Core.ni.dll

MOD - [2014/11/13 01:02:51 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\1f861b2b88c8a5a5b3b6c6144dc261d2\IAStorUtil.ni.dll

MOD - [2014/11/13 01:00:25 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7b22741531a2850c807656d0298a96bd\PresentationFramework.Aero.ni.dll

MOD - [2014/11/13 01:00:09 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\875c35969785fa170d186e7ca546ac9e\System.Runtime.Remoting.ni.dll

MOD - [2014/11/13 00:59:59 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1f539baa94516139240877cb6afd72c2\PresentationFramework.ni.dll

MOD - [2014/11/13 00:59:48 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll

MOD - [2014/11/13 00:59:43 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll

MOD - [2014/11/13 00:59:39 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll

MOD - [2014/11/13 00:59:35 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll

MOD - [2014/11/13 00:59:34 | 012,236,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\3d4f835b8078dacc8d5da623e2c3f0ee\PresentationCore.ni.dll

MOD - [2014/11/13 00:59:26 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d97a5aa0eb7697aca7c6e90ae471af2b\WindowsBase.ni.dll

MOD - [2014/11/13 00:59:19 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll

MOD - [2014/10/11 12:05:58 | 001,044,776 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2014/09/15 18:18:09 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll

MOD - [2014/01/20 13:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2012/02/01 10:50:58 | 000,968,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe

MOD - [2012/02/01 10:44:34 | 008,151,040 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll

MOD - [2012/02/01 10:44:34 | 002,278,400 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll

MOD - [2011/08/18 09:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

MOD - [2010/11/24 21:44:02 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll

MOD - [2010/11/17 09:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

 

 

========== Services (SafeList) ==========

 

SRV:64bit: - [2014/11/21 19:35:29 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)

SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV - [2015/01/13 14:03:05 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2015/01/09 02:05:12 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2014/12/03 10:06:08 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2014/11/21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2014/11/21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)

SRV - [2014/03/20 15:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2011/11/08 15:19:47 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)

SRV - [2011/08/18 09:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)

SRV - [2010/11/25 04:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)

SRV - [2010/11/25 04:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)

SRV - [2010/10/12 10:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)

SRV - [2010/08/25 19:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)

SRV - [2010/03/03 19:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2015/01/13 14:36:15 | 000,129,752 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)

DRV:64bit: - [2014/11/21 06:14:22 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)

DRV:64bit: - [2014/11/21 06:14:08 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2013/10/06 19:15:46 | 000,016,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)

DRV:64bit: - [2013/10/01 22:56:01 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)

DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011/11/08 16:56:14 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/11/08 16:56:14 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011/02/14 02:42:36 | 000,028,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)

DRV:64bit: - [2011/02/14 02:42:30 | 000,034,816 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)

DRV:64bit: - [2011/02/14 02:42:28 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)

DRV:64bit: - [2010/11/20 20:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010/11/20 20:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/11/20 20:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2010/03/19 02:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2009/07/30 20:58:42 | 000,236,544 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/03 10:42:08 | 007,342,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/06/04 19:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2009/05/26 05:13:10 | 000,138,752 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)

DRV:64bit: - [2006/11/01 11:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

 

 

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

 

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

 

IE - HKU\S-1-5-21-2480708696-1579292765-635252458-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKU\S-1-5-21-2480708696-1579292765-635252458-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE - HKU\S-1-5-21-2480708696-1579292765-635252458-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKU\S-1-5-21-2480708696-1579292765-635252458-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7VRHB_enUS613

IE - HKU\S-1-5-21-2480708696-1579292765-635252458-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2480708696-1579292765-635252458-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

========== FireFox ==========

 

FF - prefs.js..browser.search.isUS: true

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:35.0

FF - user.js - File not found

 

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

 

[2015/01/13 13:22:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Joanie\AppData\Roaming\Mozilla\Extensions

[2015/01/13 13:21:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions

[2015/01/13 13:21:11 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

 

========== Chrome  ==========

 

CHR - default_search_provider: AVG Secure Search (Enabled)

CHR - default_search_provider: search_url = https://isearch.avg.com/search?cid={E2B166F9-5E9E-4CCF-AF39-72501D2EBCE3}&mid=f066a4d00c1847d0b7d8c94a35e5fff1-4192f7daf6e92295b7e6375b242141ff52929085〈=en&ds=AVG&pr=fr&d=2012-10-19 10:40:50&v=13.2.0.3&sap=dsp&q={searchTerms}

CHR - default_search_provider: suggest_url = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding}

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\pdf.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll

CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll

CHR - plugin: Java Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll

CHR - Extension: No name found = C:\Users\Joanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\

CHR - Extension: No name found = C:\Users\Joanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

 

O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)

O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()

O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)

O4 - HKU\S-1-5-21-2480708696-1579292765-635252458-1000..\Run: [bYR_AGENT] C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWNotiAgent.exe (LG Electronics)

O4 - HKU\S-1-5-21-2480708696-1579292765-635252458-1000..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)

O4 - HKU\S-1-5-21-2480708696-1579292765-635252458-1000..\RunOnce: [Adobe Speed Launcher] 1421184954 File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-2480708696-1579292765-635252458-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-2480708696-1579292765-635252458-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)

O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)

O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.11.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{85CBB874-0697-42A1-A7DF-A87486C6DF92}: DhcpNameServer = 192.168.11.1

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) -  File not found

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2015/01/13 13:21:27 | 000,000,000 | ---D | C] -- C:\Users\Joanie\AppData\Roaming\Mozilla

[2015/01/13 13:21:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service

[2015/01/13 11:10:08 | 000,000,000 | ---D | C] -- C:\Users\Joanie\AppData\Local\{D10FE818-339C-490D-B373-8B2ED97F502C}

[2015/01/13 09:51:23 | 000,000,000 | ---D | C] -- C:\Users\Joanie\AppData\Local\{6FE170CC-550A-45DA-A1CB-78E6EDC8DAA0}

[2015/01/12 15:55:01 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys

[2015/01/12 15:26:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

[2015/01/12 15:25:57 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys

[2015/01/12 15:25:56 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys

[2015/01/12 15:25:56 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2015/01/12 09:26:41 | 000,000,000 | ---D | C] -- C:\Users\Joanie\AppData\Local\Apple Inc

[2014/12/27 10:19:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud

[2014/12/18 02:31:34 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2014/12/18 02:31:34 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

 

========== Files - Modified Within 30 Days ==========

 

[2015/01/13 14:46:27 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2015/01/13 14:45:37 | 000,028,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2015/01/13 14:45:37 | 000,028,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2015/01/13 14:36:15 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys

[2015/01/13 14:35:27 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2015/01/13 14:35:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2015/01/13 14:35:05 | 509,333,503 | -HS- | M] () -- C:\hiberfil.sys

[2015/01/13 14:07:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2015/01/13 14:03:05 | 000,701,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2015/01/13 14:03:05 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2015/01/13 13:21:21 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2015/01/13 10:39:44 | 000,001,123 | ---- | M] () -- C:\Users\Joanie\Desktop\Continue Firefox Installation.lnk

[2015/01/13 10:10:56 | 000,015,613 | ---- | M] () -- C:\Users\Joanie\Documents\mb.xml

[2015/01/12 15:26:02 | 000,001,104 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2015/01/12 15:22:32 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif

[2015/01/12 12:44:23 | 000,782,470 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2015/01/12 12:44:23 | 000,662,384 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2015/01/12 12:44:23 | 000,122,252 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

 

========== Files Created - No Company Name ==========

 

[2015/01/13 13:21:21 | 000,001,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2015/01/13 13:21:21 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2015/01/13 11:07:25 | 000,015,613 | ---- | C] () -- C:\Users\Joanie\Documents\mb.xml

[2015/01/13 10:39:44 | 000,001,123 | ---- | C] () -- C:\Users\Joanie\Desktop\Continue Firefox Installation.lnk

[2015/01/12 15:26:02 | 000,001,104 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2014/09/15 18:22:03 | 000,000,044 | ---- | C] () -- C:\Users\Joanie\AppData\Roaming\WB.CFG

[2014/03/17 14:01:58 | 014,663,680 | ---- | C] () -- C:\Users\Joanie\FEB2013.QDF-backup

[2014/03/17 09:51:54 | 015,958,016 | ---- | C] () -- C:\Users\Joanie\2013taxesbackupfile.QDF

[2013/02/28 17:04:00 | 000,002,395 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini

[2012/10/11 12:20:42 | 000,007,605 | ---- | C] () -- C:\Users\Joanie\AppData\Local\Resmon.ResmonCfg

 

========== ZeroAccess Check ==========

 

[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2014/06/24 19:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 18:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

 

========== Purity Check ==========

 

 

 

< End of report >

Share this post


Link to post
Share on other sites
OTL Extras logfile created on: 1/13/2015 2:42:15 PM - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Joanie\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.17501)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

5.97 Gb Total Physical Memory | 3.15 Gb Available Physical Memory | 52.72% Memory free

11.93 Gb Paging File | 9.14 Gb Available in Paging File | 76.62% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 916.66 Gb Total Space | 837.41 Gb Free Space | 91.35% Space Free | Partition Type: NTFS

 

Computer Name: JOANIE-PC | User Name: Joanie | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

 

[HKEY_USERS\S-1-5-21-2480708696-1579292765-635252458-1000\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

 

========== Security Center Settings ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 

========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

========== Firewall Settings ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{02CA3A0B-B4B7-42E3-BA6B-2F8C2445DA22}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{0E7D91F2-868F-4656-BE08-E26B65EBEC0E}" = rport=137 | protocol=17 | dir=out | app=system | 

"{12B8A1CA-4E81-4A13-B440-E07098D4E18E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | 

"{29FED232-AED5-4FA8-928D-3C5B7F492782}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{3160E75C-DCF5-4481-86CA-58A63103FA58}" = rport=139 | protocol=6 | dir=out | app=system | 

"{34785BCE-764D-4BF5-ACDF-197D9AC1955A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{384DE833-D9E1-4313-8882-B421CA71F6F7}" = rport=138 | protocol=17 | dir=out | app=system | 

"{3A647384-E9AE-40BC-921B-E2C14D0DBC43}" = lport=7000 | protocol=6 | dir=in | name=windows easy transfer tcp port | 

"{5E854ACB-A5F0-413F-B731-3827C2EDCE91}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{5FBFD062-B46B-431F-B182-6434EED0AF6B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{60C91874-F322-453D-8BD0-9CDAFAFC151B}" = lport=139 | protocol=6 | dir=in | app=system | 

"{7963998B-078B-4B9D-A0B1-8783822D0534}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{7CFE56E2-1124-4FBE-824B-80830162ACFD}" = rport=445 | protocol=6 | dir=out | app=system | 

"{7D682759-E5E8-4DAA-8501-A3BF7A5C7639}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{84482550-AED2-4247-AAD8-5269911C5DE3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{8658165A-E693-480F-8CA1-1FCEA5A42B54}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 

"{8A65C98D-1576-4005-AD76-904BD9BEBD32}" = lport=10243 | protocol=6 | dir=in | app=system | 

"{B2A827C6-735A-432D-BB3B-88A7BBF2D801}" = lport=7000 | protocol=17 | dir=in | name=windows easy transfer udp port | 

"{B4F61B95-4D0B-4B1F-A779-14EEEA112728}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{B51B8CD2-A9D5-4D78-A3F6-43DCEB29F650}" = rport=10243 | protocol=6 | dir=out | app=system | 

"{B5D43151-C04D-4D12-9951-C4BE185622D1}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{BDF2387A-0771-4861-916D-5A5BA7A3F4FD}" = lport=445 | protocol=6 | dir=in | app=system | 

"{CA444C84-DD91-40FF-92A2-E750F869EFAC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{EC2F700B-89EA-4A06-A634-3D1D6C39B165}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 

"{EE955C62-626B-4E83-9BBC-05594BE58869}" = lport=138 | protocol=17 | dir=in | app=system | 

"{F4717A5A-1C45-485B-B3E1-7DDC060D87A3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{F79BEC33-3C3D-406C-BCA8-FD72DAE8C901}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 

"{FF4E2F30-056C-40F1-8D69-DF214FA52104}" = lport=137 | protocol=17 | dir=in | app=system | 

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{03362FA9-421B-4E6E-9A0F-C8BAF14934FD}" = protocol=58 | dir=out | [email protected],-28546 | 

"{0AC6B64C-9B71-435C-B830-30737F62C1DA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{0F0A513D-34B9-4537-8FA4-F0608CAC3493}" = protocol=1 | dir=out | [email protected],-28544 | 

"{0FC5AEB5-6A01-4B3B-BD19-A7625904680B}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe | 

"{17F9E4B1-ED95-44E5-B2AC-1BE20AD205D0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{19451EFF-F632-4CAE-B4D0-929B0D11872C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{2848C515-6CF7-4D07-B3E5-43BC41770A93}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe | 

"{2EBF514F-4F7B-44B2-98D9-60BB7F4505A6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{362BB1DB-0A61-4BAA-8002-EBB8D85905A3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 

"{3981A273-85CD-4A43-AE55-DF45ED7FD1FA}" = protocol=6 | dir=in | app=c:\windows\system32\migwiz\migwiz.exe | 

"{3A02AC94-B088-48D6-8148-DA6CAAD11695}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 

"{5262CED4-233F-4E89-BAE1-57F9266E6FCE}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{556A7CBC-1775-415E-B079-D45FB06548C6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{5C8815ED-7327-43F5-89E2-D3DD1A31007A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{5E5D644A-AA61-4284-81CA-9ABFFD53FBEB}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{6539B32A-6D82-460E-8C86-192DDB1F40D8}" = dir=in | app=c:\program files\dell stage\musicstage\musicstageengine.exe | 

"{6A892A4C-B508-4534-8BBF-EE03E02BDE06}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{6A9AAD33-EDB0-4E47-BDEA-0DCB8E95E322}" = protocol=6 | dir=out | app=system | 

"{6CED63E3-C686-4583-8E86-D51B02923505}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 

"{6EA2EBD9-2BE1-4CA9-B351-A36CCC81B832}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{79C61C8E-FB85-40BB-80E5-D22DFBF92CF6}" = protocol=58 | dir=in | [email protected],-28545 | 

"{7B866D08-792B-4159-928B-29183B122E75}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 

"{7E21EA85-95A3-4D12-9AAE-08238E0BDA86}" = protocol=17 | dir=in | app=c:\windows\system32\migwiz\migwiz.exe | 

"{8745AF96-84A1-44D9-BB11-4C7B95182876}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 

"{8E2D1447-4EEA-465F-8418-A435079077F1}" = dir=in | app=c:\program files\dell stage\dell stage\stage_primary.exe | 

"{9133DCBA-7E75-4D06-891C-822DFBEF1EF9}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 

"{97B04550-5D59-4B49-BAC9-3C9611DC116A}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe | 

"{AB9CAE2F-6258-4D34-878E-DE13D8133438}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{B5068915-8F62-4806-A321-9FB90E6CD8A1}" = dir=in | app=c:\program files\dell stage\dell stage\accuweather\accuweather.exe | 

"{BFC71186-EC7C-4FE5-B871-C823D97968CA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{C6FAF234-371C-4ADE-B3E0-0F8AFB0258D1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{C8BA4E94-0E17-44A7-9C7A-F8A9B8639C99}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 

"{D3089D49-0C74-403F-9ECC-59E179E7451C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 

"{E2487915-0EFA-49FE-B6AD-24F21F707DB8}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 

"{E31E31D6-3D51-413E-BC0F-FE428B9F0FD2}" = protocol=1 | dir=in | [email protected],-28543 | 

"{E3C77A95-D22E-4B10-A4F2-5479A5288100}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 

"{E6220FD3-E9AD-41E0-A577-0B3C84EB3734}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{E766E92D-F998-4ABB-9279-3DA3207CB0D1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{EE64ED1D-3E89-4528-B8F9-2FFE6B4A8CF4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{F096100A-A098-4176-BCD3-C17F025AA58F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{FBCC7B66-EC5E-4D2A-823A-78CF30DE78BD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{FF7BBA97-E57C-4FDA-8C59-EBFDBAD7A9EB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport

"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables

"{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java 6 Update 27 (64-bit)

"{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}" = iTunes

"{309768A4-A2BB-4930-A5A2-8169678C9B4C}" = iCloud

"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup

"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1

"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables

"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007

"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst

"{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}" = Apple Mobile Device Support

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"HDMI" = Intel® Graphics Media Accelerator Driver

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0877F595-254F-45F4-991D-3F72E86B17CE}" = Quicken 2014

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 45

"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections

"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger

"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App

"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}" = QuickTime 7

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology

"{40DEF4E7-EECA-415D-9E40-6E0C6E4E80E3}" = DriverUpdate

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skypeâ„¢ 6.11

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack

"{5FE545A1-D215-4216-9189-E7B39C9D1CC1}" = Quicken 2011

"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter

"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-dell" = WildTangent Games App (Dell Games)

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide

"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online

"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}" = Apple Application Support

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}" = Dell MusicStage

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010

"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars

"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables

"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh

"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AA31EA7B-7917-4000-949B-38E91F848A25}" = Internet Explorer

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.13) MUI

"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime

"{B03954CC-E130-4E57-BC83-869978685902}" = LG United Mobile Drivers

"{C16A92EF-017B-4839-9C75-FBADB5A1FA27}" = TrustedID

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CF67ED0C-F85D-4791-AED3-3FE882EDB45D}" = Dell Marketplace Webslice IE8

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage 

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter

"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"{FE182796-F6BA-486A-8590-89B7E8D1D60F}" = Dell Stage

"Adobe Flash Player ActiveX" = Adobe Flash Player 16 ActiveX

"AudibleDownloadManager" = Audible Download Manager

"Google Chrome" = Google Chrome

"GoToAssist" = GoToAssist 8.0.0.514

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage 

"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.4.1028

"Mozilla Firefox 35.0 (x86 en-US)" = Mozilla Firefox 35.0 (x86 en-US)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"WildTangent dell Master Uninstall" = WildTangent Games

"WinLiveSuite" = Windows Live Essentials

"WT089409" = Bejeweled 2 Deluxe

"WT089410" = Blackhawk Striker 2

"WT089411" = Build-a-lot 2

"WT089412" = Cake Mania

"WT089413" = Chuzzle Deluxe

"WT089414" = Diner Dash 2 Restaurant Rescue

"WT089415" = Dora's World Adventure

"WT089418" = FATE

"WT089420" = Jewel Quest

"WT089422" = Jewel Quest Solitaire 2

"WT089426" = Poker Superstars III

"WT089430" = Virtual Villagers 4 - The Tree of Life

"WT089433" = Polar Golfer

"WT089434" = Escape Whisper Valley

"WT089440" = Namco All-Stars PAC-MAN

"WT089443" = Bounce Symphony

"WT089444" = Final Drive Nitro

"WT089445" = Penguins!

"WT089446" = Wedding Dash - Ready, Aim, Love!

"WT089448" = Zuma Deluxe

"WT089450" = Farm Frenzy

"WT089452" = Plants vs. Zombies - Game of the Year

"WT089499" = Final Drive Fury

"WT089503" = Samantha Swift

"WT089507" = Luxor

"WT089508" = Polar Bowler

 

========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 1/12/2015 6:03:17 PM | Computer Name = Joanie-PC | Source = Application Hang | ID = 1002

Description = The program mbam.exe version 1.0.1.711 stopped interacting with Windows

 and was closed. To see if more information about the problem is available, check

 the problem history in the Action Center control panel.    Process ID: f50    Start Time:

 01d02eb3741e3f60    Termination Time: 15    Application Path: C:\Program Files (x86)\Malwarebytes

 Anti-Malware\mbam.exe    Report Id: cb9b045b-9aa6-11e4-bf56-180373011602  

 

Error - 1/12/2015 6:05:48 PM | Computer Name = Joanie-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 1/12/2015 6:12:12 PM | Computer Name = Joanie-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 1/13/2015 12:50:31 PM | Computer Name = Joanie-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 1/13/2015 1:36:13 PM | Computer Name = Joanie-PC | Source = Application Hang | ID = 1002

Description = The program NOTEPAD.EXE version 6.1.7600.16385 stopped interacting

 with Windows and was closed. To see if more information about the problem is available,

 check the problem history in the Action Center control panel.    Process ID: 14ac    Start

 Time: 01d02f5254172b9e    Termination Time: 13    Application Path: C:\Windows\SysWOW64\NOTEPAD.EXE

 

Report

 Id: 9d18977f-9b4a-11e4-9327-180373011602  

 

Error - 1/13/2015 1:36:44 PM | Computer Name = Joanie-PC | Source = Application Hang | ID = 1002

Description = The program chrome.exe version 39.0.2171.95 stopped interacting with

 Windows and was closed. To see if more information about the problem is available,

 check the problem history in the Action Center control panel.    Process ID: 1720    Start

 Time: 01d02f515d1ffe9f    Termination Time: 13    Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

Report

 Id: 2ee7535e-9b48-11e4-9327-180373011602  

 

Error - 1/13/2015 2:23:18 PM | Computer Name = Joanie-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 1/13/2015 4:14:55 PM | Computer Name = Joanie-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 1/13/2015 5:20:40 PM | Computer Name = Joanie-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 1/13/2015 5:37:00 PM | Computer Name = Joanie-PC | Source = WinMgmt | ID = 10

Description = 

 

[ System Events ]

Error - 1/13/2015 5:33:54 PM | Computer Name = Joanie-PC | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\DR0.

 

Error - 1/13/2015 5:33:54 PM | Computer Name = Joanie-PC | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\DR0.

 

Error - 1/13/2015 5:33:54 PM | Computer Name = Joanie-PC | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\DR0.

 

Error - 1/13/2015 5:33:54 PM | Computer Name = Joanie-PC | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\DR0.

 

Error - 1/13/2015 5:33:54 PM | Computer Name = Joanie-PC | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\DR0.

 

Error - 1/13/2015 5:33:54 PM | Computer Name = Joanie-PC | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\DR0.

 

Error - 1/13/2015 5:33:54 PM | Computer Name = Joanie-PC | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\DR0.

 

Error - 1/13/2015 5:33:54 PM | Computer Name = Joanie-PC | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\DR0.

 

Error - 1/13/2015 5:33:54 PM | Computer Name = Joanie-PC | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\DR0.

 

Error - 1/13/2015 5:33:54 PM | Computer Name = Joanie-PC | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\DR0.

 

 

< End of report >

Share this post


Link to post
Share on other sites
 Results of screen317's Security Check version 0.99.93  

 Windows 7 Service Pack 1 x64 (UAC is enabled)  

 Internet Explorer 11  

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Firewall Enabled!  

 WMI entry may not exist for antivirus; attempting automatic update. 

`````````Anti-malware/Other Utilities Check:````````` 

 Java 7 Update 45  

 Java version 32-bit out of Date! 

 Adobe Reader 10.1.13 Adobe Reader out of Date!  

 Mozilla Firefox (35.0) 

 Google Chrome (39.0.2171.71) 

 Google Chrome (39.0.2171.95) 

````````Process Check: objlist.exe by Laurent````````  

 Malwarebytes Anti-Malware mbamservice.exe  

 Malwarebytes Anti-Malware mbam.exe  

 Malwarebytes Anti-Malware mbamscheduler.exe   

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C: 0% 

````````````````````End of Log`````````````````````` 

Share this post


Link to post
Share on other sites

Hi Joanie, ok lets continue !

 

Go to add/remove panel in Control Panel and remove only this  >>>  Javaâ„¢ 6 Update 27 (64-bit) and Java version 32-bit if present !

Also delete >>> Adobe Reader 10.1.13

 

We will install new ones when we are done cleaning !!!!!!

========================================

We need to Run an OTL fix !!
Warning This fix is only relevant for this system and no other, using on another computer may cause problems.

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

    * Double-click OTL.exe to start the program.
    * Copy and Paste the following code into the customFix.png.  text box of the OTL tool/program ! Start with and include the colon plus  :OTL

:OTLIE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRCIE:64bit:'>http://www.bing.com/search?q={searchTerms}&FORM=IE8SRCIE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRCIE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBoxIE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKU\S-1-5-21-2480708696-1579292765-635252458-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}IE - HKU\S-1-5-21-2480708696-1579292765-635252458-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRCIE - HKU\S-1-5-21-2480708696-1579292765-635252458-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7VRHB_enUS613FF - user.js - File not foundFF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not foundFF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundO3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.O13 - gopher Prefix: missingO18:64bit: - Protocol\Handler\livecall - No CLSID value foundO18:64bit: - Protocol\Handler\ms-help - No CLSID value foundO18:64bit: - Protocol\Handler\msnim - No CLSID value foundO18:64bit: - Protocol\Handler\skype4com - No CLSID value foundO18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value foundO18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value foundO18:64bit: - Protocol\Handler\wlpg - No CLSID value foundO20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) -  File not foundO21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.:Commands[emptyjava][emptyflash][EMPTYTEMP][RESETHOSTS][CREATERESTOREPOINT][Reboot]

# Then click the Run Fix button at the top.
# Click btnOK.png
# Please post the contents of the fix log file back here if you are prompted to open the file. It can also be found at C:\_OTL\Moved Files as MMDDYYY_HHMMSS.log where MMDDYYY is date format and HHMMSS is time format.
Remember to enable your real time protection.
 

 

Post the log when done !

We are close to being done.

 

Thanks

Chuck

Share this post


Link to post
Share on other sites
All processes killed

========== OTL ==========

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{49606DC7-976D-4030-A74E-9FB5C842FA68}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

HKEY_USERS\S-1-5-21-2480708696-1579292765-635252458-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_USERS\S-1-5-21-2480708696-1579292765-635252458-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

Registry key HKEY_USERS\S-1-5-21-2480708696-1579292765-635252458-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.

64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.


64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.

File Protocol\Handler\livecall - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.

File Protocol\Handler\ms-help - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.

File Protocol\Handler\msnim - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.

File Protocol\Handler\skype4com - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.

File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.

File Protocol\Handler\wlmailhtml - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.

File Protocol\Handler\wlpg - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist\ deleted successfully.

64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

========== COMMANDS ==========

 

[EMPTYJAVA]

 

User: All Users

 

User: Default

 

User: Default User

 

User: Joanie

->Java cache emptied: 24237743 bytes

 

User: Public

 

Total Java Files Cleaned = 23.00 mb

 

 

[EMPTYFLASH]

 

User: All Users

 

User: Default

 

User: Default User

 

User: Joanie

->Flash cache emptied: 23773 bytes

 

User: Public

 

Total Flash Files Cleaned = 0.00 mb

 

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 67 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Joanie

->Temp folder emptied: 329562718 bytes

->Temporary Internet Files folder emptied: 829237609 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 4213565 bytes

->Google Chrome cache emptied: 414922202 bytes

->Flash cache emptied: 0 bytes

 

User: Public

->Temp folder emptied: 0 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 257245492 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 78039 bytes

%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 666 bytes

RecycleBin emptied: 1963654297 bytes

 

Total Files Cleaned = 3,623.00 mb

 

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

Restore point Set: OTL Restore Point

 

OTL by OldTimer - Version 3.2.69.0 log created on 01132015_155616

 

Files\Folders moved on Reboot...

C:\Users\Joanie\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

C:\Users\Joanie\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

 

PendingFileRenameOperations files...

 

Registry entries deleted on Reboot...

Share this post


Link to post
Share on other sites

Joanie, that cleaned up nice !

 

Clean up with OTL


    Right-click OTL.exe and select " Run as administrator " to run it.
    This will remove all the tools we used to clean your pc.
    Close all other programs apart from OTL as this step will require a reboot
    On the OTL main screen, press the CleanUp! button
    Say Yes to the prompt and then allow the program to reboot your computer.

You can now delete any tools we used if they remain on your Desktop.




========================




Update Adobe Reader

Make sure you uncheck the box to install McAfee Security Scan Plus

  1. Please uninstall unless you already have Adobe Reader XXX XXX xxx before installing the latest version by going to Start > Control Panel and double clicking on Add/Remove Programs. Locate Adobe Reader XX xxx xx and click on Change/Remove to uninstall it.
  2. Click here to download the latest version of Adobe Acrobat Reader.
  3. Select your Windows version and click on Download. If you are using Internet Explorer, you will receive prompts. Allow the installation to be ran and it will be installed automatically for you.

    If you are using other browsers, it will prompt you to save a file. Save this file to your desktop and run it to install the latest version of Adobe Reader.
  4. Close your Internet browser and open it again.




============================

Update Java Runtime

Make sure you uncheck any boxes that want you to install tool bars or anything other than Java

You are using an old version of Java. Sun's Java is sometimes updated in order to eliminate the exploitation of vulnerabilities in an existing version. For this reason, it's extremely important that you keep the program up to date, and also remove the older more vulnerable versions from your system. [*]Please go here to install Java >>> http://www.java.com/en/

  [o]  click on the Free Java Download Button
  [o]  click on Agree and start Free download
  [o]  click on Run
  [o]  click on run again
  [o]  click on install
  [o]  when install is complete click on close
[*]Reboot your computer



Let me know how it's running ?? It may run a bit slow until a few normal reboots !!

Thanks
Chuck
 

 

=======================

 

 

Joanie:

 
Congratulation you are clean !!!

Any of the logs that you created for use in the forums or remaining tools that have not yet been removed can be deleted so they aren't cluttering up your desktop.

This is my standard "All Clean Speech." You may have some already installed, these are just recommendations !

Here are some tips to reduce the potential for spyware infection in the future:

Here are some tips to reduce the potential for spyware/malware infection in the future:
 
1. Make your Internet Explorer more secure - This can be done by following these simple instructions:

    From within Internet Explorer click on the Tools menu and then click onOptions.
    Click once on theSecurity tab
    Click once on the Internet icon so it becomes highlighted.
    Click once on the Custom Level button.
    Change the Download signed ActiveX controls to Prompt
    Change the Download unsigned ActiveX controls to Disable
    Change the Initialize and script ActiveX controls not marked as safe to Disable
    Change the Installation of desktop items to Prompt
    Change the Launching programs and files in an IFRAME to Prompt
    Change the Navigate sub-frames across different domains to Prompt
    When all these settings have been made, click on the OK button.
    If it prompts you as to whether or not you want to save the settings, press the Yes button.
    Next press the Apply button and then the OK to exit the Internet Properties page.

2. FireFox  If you use Firefox, I recommend installing the following add-ons to help make your Firefox browser more secure.
NoScript

adblock plus

 
3. Use and update an anti-virus software - I can not overemphasize the need for you to use and update your anti-virus application on a regular basis.  With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection.
 
4. Firewall Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can lower your risk greatly.   **There are firewalls that could be downloaded and used but I would personally only recommend using one of the following below:
Online Armor Free
Agnitum Outpost Firewall Free
Comodo Firewall Free
 
5. Make sure you keep your Windows OS current. And regularly to download and install any critical updates and service packs. Windows Vista/7 users can open the Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane) to update these systems.  Without these you are leaving the back door open.
 
6.WOT(Web of Trust) As "Googling" is such an integral part of internet life, this free browser add on warns you about risky websites that try to scam visitors, deliver malware or send spam. It is especially helpful when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites.  WOT has an add-on available for Firefox, Internet Explorer as well as Google Chrome.
 
7. Finally, I strongly recommend that you read Miekiemoes' great advice How to prevent malware .

 
Let me know how it's running ?
Any problems ?
It may run a tad slow until a few normal re-boots, but according to all logs you are clean !!

Thanks
Chuck

Share this post


Link to post
Share on other sites

Click the free avast button >>>  http://www.avast.com/en-us/download-software .........  avast! Free Antivirus is FREE - you only need to register it with an email address once per year.
This what i use for Antivirus protection !
 

Happy Surfing

 

I will lock this afer 5 days !!

 

Chuck

Share this post


Link to post
Share on other sites

No it will not show a log, it will just close out after removing the tools !!

 

You should be good to go ! It all looks clean !

 

Chuck

Share this post


Link to post
Share on other sites

Let me know if you removed the thing that was installed with Avast ??

 

Thanks for the compliment Joanie !!

 

Chuck

 

I will lock this after 5 days !

Share this post


Link to post
Share on other sites

This topic is now locked ! If for some reason you need it opened please PM me or any Mod !

 

Thanks

Chuck

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this