WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93083 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Slow Computer. Windows Explorer keeps restarting [Solved]

Started by AnthonySzum , Jan 20 2014 01:08 PM

This topic is locked

29 replies to this topic

#1 AnthonySzum

Authentic Member

Authentic Member
102 posts

Posted 20 January 2014 - 01:08 PM

Hello,

My computer has been running slow and in the middle of a task, a pop up log come up and says Windows Explorer is not responding and then it restarts.

Thank you

Here is my current log:

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 2:05:37 PM, on 1/20/2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16526)

FIREFOX: 26.0 (en-US)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Common Files\aol\1323560415\ee\aolsoftware.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Canon\ImageBrowser EX\MFManager.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\cmd.exe
C:\PROGRA~1\Samsung\SAMSUN~1\Samsung Link Tray Agent.exe
C:\Program Files\PeerBlock\peerblock.exe
C:\Program Files\AOL Desktop 9.7\waol.exe
C:\Program Files\AOL Desktop 9.7\shellmon.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\Explorer.EXE
C:\Users\patricia\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....V&pvid=19.7.1.5
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\20.4.0.40\IPS\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe" /m
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1323560415\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Samsung Link] "C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Nero MediaHome 4] "C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
O4 - HKCU\..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL Desktop 9.7\AOL.EXE" -b
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-21-2947770206-2238986850-967503961-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NeroMediaHomeUser.4')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: OneNote Table Of Contents.onetoc2
O4 - Global Startup: ImageBrowser EX Agent.lnk = C:\Program Files\Canon\ImageBrowser EX\MFManager.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: Garmin Communicator Plug-In - https://static.garmi...xControl_32.CAB
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
O23 - Service: Nero MediaHome 4 Service (NeroMediaHomeService.4) - Nero AG - C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks - C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exe
O23 - Service: vToolbarUpdater17.3.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

--
End of file - 10886 bytes

Advertisements

Register to Remove

#2 Tomk

Beguilement Monitor

Global Moderator
20,451 posts

Posted 24 January 2014 - 01:08 AM

Hi AnthonySzum,

:welcome:

My name is Tomk. I would be glad to take a look at your log and help you with solving any malware problems. Logs can take a while to research, so please be patient and I'd be grateful if you would note the following:

I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
The fixes are specific to your problem and should only be used for the issues on this machine.
Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.

I'd like to look at a better log:

Please download DDS by sUBs from one of the following links and save it to your desktop.

dds.scr
dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr or dds.com to run the tool
Click the Run button if prompted with an Open File - Security Warning dialog box.
A black DOS console should open and run for a moment.

When done, DDS will open two (2) logs:
- DDS.txt
- Attach.txt

Save both reports to your desktop
Please include the following logs in your next reply: DDS.txt and Attach.txt
You can ignore the note about zipping the Attach.txt file in most cases.

Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014

#3 AnthonySzum

Authentic Member

Authentic Member
102 posts

Posted 25 January 2014 - 06:41 PM

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 6/30/2009 6:30:56 AM
System Uptime: 1/24/2014 8:21:26 AM (35 hours ago)
.
Motherboard: Dell Inc. | | 0F237N
Processor: Intel® Core™2 Duo CPU T6400 @ 2.00GHz | U2E1 | 2000/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 218 GiB total, 81.327 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 14.911 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Tun Miniport Adapter
Device ID: ROOT\*TUNMP\0001
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TUNMP\0001
Service: tunmp
.
==== System Restore Points ===================
.
RP907: 12/21/2013 8:21:16 AM - Windows Update
RP908: 12/24/2013 3:37:50 PM - Scheduled Checkpoint
RP909: 12/26/2013 5:46:54 PM - Scheduled Checkpoint
RP910: 12/27/2013 12:26:35 PM - Windows Update
RP911: 12/29/2013 5:40:43 PM - Scheduled Checkpoint
RP912: 12/31/2013 9:23:26 AM - Windows Update
RP913: 1/3/2014 9:58:59 AM - Windows Update
RP914: 1/5/2014 2:55:57 PM - Scheduled Checkpoint
RP915: 1/7/2014 8:45:37 AM - Windows Update
RP916: 1/8/2014 12:00:07 PM - Scheduled Checkpoint
RP917: 1/10/2014 10:55:10 AM - Windows Update
RP918: 1/15/2014 12:25:15 PM - Windows Update
RP919: 1/15/2014 4:01:03 PM - Windows Update
RP920: 1/15/2014 7:20:50 PM - Windows Update
RP921: 1/16/2014 8:07:01 PM - Scheduled Checkpoint
RP922: 1/20/2014 1:53:54 PM - Scheduled Checkpoint
RP923: 1/21/2014 10:52:57 AM - Windows Update
RP924: 1/22/2014 1:19:25 PM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.9)
Adobe Shockwave Player 11.5
Advanced Audio FX Engine
Advertising Center
AllShare Framework DMS
AMD APP SDK Runtime
AMD Catalyst Install Manager
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Catalyst Control Center
Big Fish: Game Manager
BitTorrent
Bonjour
Canon PowerShot SX260 HS and SX240 HS Camera User Guide
Canon Utilities CameraWindow DC 8
Canon Utilities ImageBrowser EX
Canon Utilities PhotoStitch
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
Catalyst Pro Control Center
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
CDDRV_Installer
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CleanUp!
Compatibility Pack for the 2007 Office system
Cradle of Rome
D3DX10
Dell-eBay
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Dock
Dell Edoc Viewer
Dell Getting Started Guide
Dell Support Center (Support Software)
Dell Touchpad
Dell Video Chat
Dell Webcam Central
Dell Wireless WLAN Card Utility
DELL0703
DivX Converter
DivX Plus DirectShow Filters
DivX Setup
DivX Version Checker
Dropbox
GameHouse
Garmin Communicator Plugin
Garmin Lifetime Updater
Garmin POI Loader
Garmin USB Drivers
Garmin WebUpdater
Google Earth
Google Update Helper
GoToAssist 8.0.0.514
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HTC BMP USB Driver
HTC Driver Installer
Integrated Webcam Driver (1.06.03.0309)
ITECIR
iTunes
Java 7 Update 9
Java Auto Updater
Java™ 6 Update 34
Junk Mail filter update
K-Lite Codec Pack 9.3.0 (Basic)
KhalInstallWrapper
Live! Cam Avatar Creator
Logitech SetPoint
Luxor 2 HD
Malwarebytes Anti-Malware version 1.75.0.1300
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Primary Interoperability Assemblies 2005
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
mIRC
Move Media Player
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MP3 Rocket
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
Mystery Case Files: Fate's Carnival Collector's Edition
Nero 11
Nero Burning ROM 11
Nero Burning ROM 11 Help (CHM)
Nero ControlCenter
Nero ControlCenter 11
Nero Core Components 11
Nero Express 11
Nero Express 11 Help (CHM)
Nero Installer
Nero MediaHome 4
Nero MediaHome 4 Essentials
Nero MediaHome 4 Help
Nero Online Upgrade
Norton AntiVirus
OGA Notifier 2.0.0048.0
PeerBlock 1.1 (r518)
PowerDVD DX
QuickSet
Revo Uninstaller Pro 3.0.7
RTC Client API v1.2
Samsung Link 1.8.0.1401171024
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition
Segoe UI
SES Driver
Skins
Skype™ 5.10
The Path of Hercules
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
VC80CRTRedist - 8.0.50727.6195
VDownloader 3.9.1326
Viewpoint Media Player
Web Games Player Plugin
WildTangent Games
WildTangent Games App
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0)
Windows Installer Clean Up
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Mobile Device Updater Component
WinPcap 4.1.1
WinRAR archiver
WinZip 12.0
Zune
Zune Language Pack (DEU)
Zune Language Pack (ESP)
Zune Language Pack (FRA)
Zune Language Pack (ITA)
Zune Language Pack (NLD)
Zune Language Pack (PTB)
Zune Language Pack (PTG)
.
==== Event Viewer Messages From Past Week ========
.
1/25/2014 6:41:29 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB970430 (Security Update) into Resolved(Resolved) state
1/20/2014 6:40:49 PM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
1/19/2014 4:12:41 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
1/19/2014 10:57:20 AM, Error: Service Control Manager [7034] - The Samsung Link Service service terminated unexpectedly. It has done this 2 time(s).
1/19/2014 10:56:49 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
1/19/2014 10:56:49 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/19/2014 10:56:49 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
1/18/2014 3:29:42 PM, Error: Service Control Manager [7034] - The Samsung Link Service service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16526 BrowserJavaVersion: 10.9.2
Run by patricia at 19:37:19 on 2014-01-25
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.3066.1549 [GMT -5:00]
.
AV: Norton AntiVirus *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe
C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Common Files\aol\1323560415\ee\aolsoftware.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Canon\ImageBrowser EX\MFManager.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\PROGRA~1\Samsung\SAMSUN~1\Samsung Link Tray Agent.exe
C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
C:\Program Files\PeerBlock\peerblock.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Windows\Explorer.EXE
C:\Program Files\AOL Desktop 9.7\waol.exe
C:\Program Files\AOL Desktop 9.7\shellmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
mStart Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NAV&pvid=19.7.1.5
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton antivirus\engine\20.4.0.40\ips\ipsbho.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Nero MediaHome 4] "c:\program files\nero\nero mediahome 4\NeroMediaHome.exe" /AUTORUN
uRun: [PeerBlock] c:\program files\peerblock\peerblock.exe
uRun: [AOL Fast Start] "c:\program files\aol desktop 9.7\AOL.EXE" -b
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [Dell Webcam Central] "c:\program files\dell webcam\dell webcam central\WebcamDell2.exe" /mode2
mRun: [Dell DataSafe Online] "c:\program files\dell datasafe online\DataSafeOnline.exe" /m
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [DivXMediaServer] c:\program files\divx\divx media server\DivXMediaServer.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [HostManager] c:\program files\common files\aol\1323560415\ee\AOLSoftware.exe
mRun: [Samsung Link] "c:\program files\samsung\samsung link\Samsung Link Tray Agent.exe"
StartupFolder: c:\users\patricia\appdata\roaming\microsoft\windows\start menu\programs\startup\OneNote Table Of Contents.onetoc2
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\imageb~1.lnk - c:\program files\canon\imagebrowser ex\MFManager.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.3.0/GarminAxControl_32.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_34-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_34-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_34-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{76C3B9DE-C5A8-43EF-8F27-3186D57D0C0F} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{EE11DDAE-C9C3-4A7D-B117-2B5F70CD711D} : DHCPNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\17.3.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\patricia\appdata\roaming\mozilla\firefox\profiles\88udgmg2.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3225826&CUI=UN14557985462817721&UM=2&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL -
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\canon\mycamera download plugin\NPCIG.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\17.3.0\npsitesafety.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: c:\program files\iwonei\installr\1.bin\NPjfEISb.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\program files\wildtangent games\app\browserintegration\registered\2\NP_wtapp.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\zylom\zylomgamesplayer\npzylomgamesplayer.dll
FF - plugin: c:\users\patricia\appdata\roaming\move networks\plugins\npqmp071701000002.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_170.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nav\1404000.028\symds.sys [2013-6-13 367704]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nav\1404000.028\symefa.sys [2013-6-13 934488]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-10-31 37664]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_20.1.1.5\definitions\bashdefs\20140121.001\BHDrvx86.sys [2014-1-22 1098968]
R1 ccSet_NAV;Norton AntiVirus Settings Manager;c:\windows\system32\drivers\nav\1404000.028\ccsetx86.sys [2013-6-13 134744]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_20.1.1.5\definitions\ipsdefs\20140124.001\IDSvix86.sys [2014-1-25 394456]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nav\1404000.028\ironx86.sys [2013-6-13 175264]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\nav\1404000.028\symtdiv.sys [2013-6-13 352344]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_f6ef8056\AEstSrv.exe [2009-6-30 81920]
R2 AllShare Framework DMS;AllShare Framework DMS;c:\program files\samsung\allshare framework dms\1.3.23\AllShareFrameworkManagerDMS.exe [2013-12-21 401800]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-11-16 217088]
R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-12-18 155648]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 NAV;Norton AntiVirus;c:\program files\norton antivirus\engine\20.4.0.40\ccsvchst.exe [2013-6-13 144368]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-1-26 50704]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\PassThruSvr.exe [2011-3-31 80896]
R2 SftService;SoftThinks Agent Service;c:\program files\dell datasafe local backup\SftService.exe [2009-6-30 636144]
R2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0;c:\program files\common files\avg secure search\vtoolbarupdater\17.3.0\ToolbarUpdater.exe [2014-1-10 1772056]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdLH3.sys [2012-2-23 83984]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\drivers\CtClsFlt.sys [2009-6-30 144128]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2013-12-13 108120]
R3 k57nd60x;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2009-6-30 203264]
R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\system32\drivers\OA001Ufd.sys [2009-3-6 133632]
R3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\system32\drivers\OA001Vid.sys [2009-3-8 280096]
R3 pbfilter;pbfilter;c:\program files\peerblock\pbfilter.sys [2013-9-11 20080]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-16 418376]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-9-7 701512]
S2 Samsung Link Service;Samsung Link Service;c:\program files\samsung\samsung link\Samsung Link.exe [2014-1-11 577376]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2012-7-12 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]
S3 GamesAppIntegrationService;GamesAppIntegrationService;c:\program files\wildtangent games\app\GamesAppIntegrationService.exe [2014-1-13 227904]
S3 GamesAppService;GamesAppService;c:\program files\wildtangent games\app\GamesAppService.exe [2010-10-12 206072]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-6-9 24576]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2010-6-23 23040]
S3 jumi;%Jumi%;c:\windows\system32\drivers\jumi.sys [2010-6-3 13112]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-9-7 22856]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-6-30 34248]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-6-30 40552]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2010-3-16 17408]
S3 PCD5SRVC{3F6A8B78-EC003E00-05040104};PCD5SRVC{3F6A8B78-EC003E00-05040104} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\dellsu~1\hwdiag\bin\PCD5SRVC.pkms [2008-11-4 22904]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2013-5-27 27192]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2009-2-13 11520]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
S4 PasswordBox;PasswordBox;c:\program files\passwordbox\pbbtnService.exe [2013-11-1 67584]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== File Associations ===============
.
FileExt: .txt: Applications\WORDPAD.EXE="c:\program files\windows nt\accessories\WORDPAD.EXE" "%1" [UserChoice]
FileExt: .ini: inifile - HKCR\Unknown\Shell=c:\windows\system32\rundll32.exe c:\windows\system32\shell32.dll,OpenAs_RunDLL %1 [default=openas]
FileExt: .inf: inffile=c:\windows\system32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 [default=Install - 'Open' doesn't exist]
.
=============== Created Last 30 ================
.
2014-01-24 13:36:24   62576   ----a-w-   c:\programdata\microsoft\windows defender\definition updates\{4822be12-d7d8-4553-9ea2-7cdf7c73be2f}\offreg.dll
2014-01-24 13:25:51   7760024   ----a-w-   c:\programdata\microsoft\windows defender\definition updates\{4822be12-d7d8-4553-9ea2-7cdf7c73be2f}\mpengine.dll
2014-01-16 15:26:26   --------   d-----w-   c:\programdata\BlueStacks
2014-01-12 03:08:04   --------   d-----w-   c:\program files\K-Lite Codec Pack
2014-01-12 03:07:28   --------   d-----w-   c:\users\patricia\Samsung Link
2014-01-12 03:02:57   --------   d-----w-   C:\Upload
2014-01-12 03:02:04   --------   d-----w-   c:\users\patricia\appdata\local\SAMSUNG
2014-01-12 03:01:31   --------   d-----w-   c:\programdata\SAMSUNG
2014-01-12 03:00:22   --------   d-----w-   c:\program files\Samsung
.
==================== Find3M ====================
.
2013-12-18 11:13:56   231584   ------w-   c:\windows\system32\MpSigStub.exe
2013-12-13 23:15:45   74456   ----a-w-   c:\windows\system32\drivers\mbamchameleon.sys
2013-12-13 23:07:23   58696   ----a-w-   c:\windows\system32\AOLParconLink.exe
2013-12-11 18:30:17   71048   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 18:30:17   692616   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2013-11-20 20:13:25   37664   ----a-w-   c:\windows\system32\drivers\avgtpx86.sys
2013-11-14 22:50:50   1806848   ----a-w-   c:\windows\system32\jscript9.dll
2013-11-14 22:42:41   1129472   ----a-w-   c:\windows\system32\wininet.dll
2013-11-14 22:42:32   1427968   ----a-w-   c:\windows\system32\inetcpl.cpl
2013-11-14 22:38:54   142848   ----a-w-   c:\windows\system32\ieUnatt.exe
2013-11-14 22:38:16   420864   ----a-w-   c:\windows\system32\vbscript.dll
2013-11-14 22:35:52   2382848   ----a-w-   c:\windows\system32\mshtml.tlb
2013-10-30 02:13:01   1304064   ----a-w-   c:\windows\system32\WMALFXGFXDSP.dll
2013-10-30 02:12:54   335360   ----a-w-   c:\windows\system32\SysFxUI.dll
2013-10-30 01:43:04   130048   ----a-w-   c:\windows\system32\drivers\drmk.sys
2013-10-30 00:43:06   167936   ----a-w-   c:\windows\system32\drivers\portcls.sys
2013-10-30 00:35:24   2050560   ----a-w-   c:\windows\system32\win32k.sys
2010-01-26 15:11:08   444283   ----a-w-   c:\program files\common files\WinPcapNmap.exe
.
============= FINISH: 19:38:18.40 ===============

#4 Tomk

Beguilement Monitor

Global Moderator
20,451 posts

Posted 25 January 2014 - 09:59 PM

Let's start off with this tool:

Download ComboFix:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link --> http://forums.whatth...ams_t96260.html
Double click on ComboFix.exe & follow the prompts.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Notes:

1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014

#5 AnthonySzum

Authentic Member

Authentic Member
102 posts

Posted 26 January 2014 - 07:24 PM

How does combofix know what to delete?

Here is the log:

ComboFix 14-01-23.02 - patricia 01/26/2014 19:36:39.5.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.3066.1305 [GMT -5:00]
Running from: c:\users\patricia\Desktop\ComboFix.exe
AV: Norton AntiVirus *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Norton AntiVirus *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_loaalbhdjmjgdckmmeflpmbacffgnmme_0
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_loaalbhdjmjgdckmmeflpmbacffgnmme_0\1
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.19.13_0\background.html
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.19.13_0\background.js
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.19.13_0\crossriderManifest.json
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.19.13_0\extension.js
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.19.13_0\icons\actions\icon1.png
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.19.13_0\icons\icon128.png
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.19.13_0\icons\icon16.png
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.19.13_0\icons\icon48.png
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.19.13_0\icons\notifications\icon1.png
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.19.13_0\icons\notifications\icon48.png
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.19.13_0\js\api\chrome.js
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.19.13_0\js\api\cookie.js
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.19.13_0\js\api\message.js
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.19.13_0\js\background.js
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.19.13_0\js\lib\app_api.js
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.19.13_0\js\lib\async_api.js
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.19.13_0\js\lib\bg_app_api.js
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.19.13_0\js\lib\cookie_store.js
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.19.13_0\js\lib\data_store.js
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.19.13_0\js\lib\delegate.js
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.19.13_0\js\lib\events.js
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.19.13_0\js\lib\onBGDocumentLoad.js
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.19.13_0\js\lib\reports.js
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.19.13_0\js\lib\util.js
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.19.13_0\manifest.json
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme\1.19.13_0\popup.html
c:\users\patricia\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\windows\system32\logs
c:\windows\system32\logs\20130217_165613_v1.0.1.log
.
.
(((((((((((((((((((((((((   Files Created from 2013-12-27 to 2014-01-27 )))))))))))))))))))))))))))))))
.
.
2014-01-27 01:11 . 2014-01-27 01:11   --------   d-----w-   c:\users\Public\AppData\Local\temp
2014-01-27 01:11 . 2014-01-27 01:11   --------   d-----w-   c:\users\NeroMediaHomeUser.4\AppData\Local\temp
2014-01-27 01:11 . 2014-01-27 01:11   --------   d-----w-   c:\users\Default\AppData\Local\temp
2014-01-24 13:36 . 2014-01-24 13:36   62576   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{4822BE12-D7D8-4553-9EA2-7CDF7C73BE2F}\offreg.dll
2014-01-24 13:25 . 2013-12-04 02:57   7760024   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{4822BE12-D7D8-4553-9EA2-7CDF7C73BE2F}\mpengine.dll
2014-01-16 15:26 . 2014-01-16 15:26   --------   d-----w-   c:\programdata\BlueStacks
2014-01-12 03:08 . 2014-01-12 03:08   --------   d-----w-   c:\program files\K-Lite Codec Pack
2014-01-12 03:07 . 2014-01-12 03:07   --------   d-----w-   c:\users\patricia\Samsung Link
2014-01-12 03:02 . 2014-01-12 03:02   --------   d-----w-   C:\Upload
2014-01-12 03:02 . 2014-01-12 03:02   --------   d-----w-   c:\users\patricia\AppData\Local\SAMSUNG
2014-01-12 03:01 . 2014-01-12 03:02   --------   d-----w-   c:\programdata\SAMSUNG
2014-01-12 03:00 . 2014-01-12 03:02   --------   d-----w-   c:\program files\Samsung
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-18 11:13 . 2009-10-02 19:28   231584   ------w-   c:\windows\system32\MpSigStub.exe
2013-12-13 23:15 . 2013-12-13 23:15   74456   ----a-w-   c:\windows\system32\drivers\mbamchameleon.sys
2013-12-13 23:07 . 2011-12-10 23:42   58696   ----a-w-   c:\windows\system32\AOLParconLink.exe
2013-12-11 18:30 . 2012-05-13 22:10   692616   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2013-12-11 18:30 . 2011-07-30 23:06   71048   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-20 20:13 . 2013-10-31 13:44   37664   ----a-w-   c:\windows\system32\drivers\avgtpx86.sys
2013-11-14 22:50 . 2013-12-12 21:04   1806848   ----a-w-   c:\windows\system32\jscript9.dll
2013-11-14 22:42 . 2013-12-12 21:04   1129472   ----a-w-   c:\windows\system32\wininet.dll
2013-11-14 22:42 . 2013-12-12 21:04   1427968   ----a-w-   c:\windows\system32\inetcpl.cpl
2013-11-14 22:38 . 2013-12-12 21:04   142848   ----a-w-   c:\windows\system32\ieUnatt.exe
2013-11-14 22:38 . 2013-12-12 21:04   420864   ----a-w-   c:\windows\system32\vbscript.dll
2013-11-14 22:35 . 2013-12-12 21:04   2382848   ----a-w-   c:\windows\system32\mshtml.tlb
2013-10-30 02:13 . 2009-04-11 17:43   1304064   ----a-w-   c:\windows\system32\WMALFXGFXDSP.dll
2013-10-30 02:12 . 2013-12-12 18:45   335360   ----a-w-   c:\windows\system32\SysFxUI.dll
2013-10-30 01:43 . 2013-12-12 18:45   130048   ----a-w-   c:\windows\system32\drivers\drmk.sys
2013-10-30 00:43 . 2013-12-12 18:45   167936   ----a-w-   c:\windows\system32\drivers\portcls.sys
2013-10-30 00:35 . 2013-12-12 18:45   2050560   ----a-w-   c:\windows\system32\win32k.sys
2010-01-26 15:11 . 2012-10-10 23:34   444283   ----a-w-   c:\program files\Common Files\WinPcapNmap.exe
2011-04-14 18:01 . 2013-12-22 16:37   24376   ----a-w-   c:\program files\mozilla firefox\components\Scriptff.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   94208   ----a-w-   c:\users\patricia\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   94208   ----a-w-   c:\users\patricia\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   94208   ----a-w-   c:\users\patricia\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Nero MediaHome 4"="c:\program files\Nero\Nero MediaHome 4\NeroMediaHome.exe" [2009-03-05 4695336]
"PeerBlock"="c:\program files\PeerBlock\peerblock.exe" [2010-11-07 1866864]
"AOL Fast Start"="c:\program files\AOL Desktop 9.7\AOL.EXE" [2013-09-07 72760]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-11-16 641704]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-02-05 128232]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-12-19 76304]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-06-03 206064]
"Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-01-09 405639]
"Dell DataSafe Online"="c:\program files\Dell DataSafe Online\DataSafeOnline.exe" [2009-11-13 1807600]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-12-22 3810304]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-04-27 233472]
"DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2013-09-11 450560]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2013-08-29 1861968]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-03-30 483428]
"HostManager"="c:\program files\Common Files\AOL\1323560415\ee\AOLSoftware.exe" [2010-03-08 41800]
"Samsung Link"="c:\program files\Samsung\Samsung Link\Samsung Link Tray Agent.exe" [2014-01-17 569696]
.
c:\users\patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote Table Of Contents.onetoc2 [2009-8-12 3656]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
ImageBrowser EX Agent.lnk - c:\program files\Canon\ImageBrowser EX\MFManager.exe [2012-11-11 69120]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-7-14 809488]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-7-31 1616976]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe /firstrun [2009-2-27 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2009-06-30 15:58   10536   ----a-w-   c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute   REG_MULTI_SZ     autocheck autochk *\0c:\progra~2\SPYWAR~1\sp_rsdel.exe \??\c:\progra~2\SPYWAR~1\sp_rsdel.dat
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-05-31 00:06   59280   ----a-w-   c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]
2013-09-11 03:09   450560   ----a-w-   c:\program files\DivX\DivX Media Server\DivXMediaServer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2013-08-29 00:23   1861968   ----a-w-   c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Garmin Lifetime Updater]
2012-06-04 13:31   1466760   ----a-w-   c:\program files\Garmin\Lifetime Updater\GarminLifetime.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
2010-03-08 07:27   41800   ----a-w-   c:\program files\Common Files\aol\1323560415\ee\aolsoftware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-06-07 23:33   421776   ----a-w-   c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2012-03-08 22:50   4280184   ----a-w-   c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nero MediaHome 4]
2009-03-05 14:12   4695336   ----a-w-   c:\program files\Nero\Nero MediaHome 4\NeroMediaHome.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VDownloader]
2012-09-27 23:13   881664   ----a-w-   c:\program files\VDownloader\VDownloader.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
2010-11-11 17:55   159472   ----a-w-   c:\program files\Zune\ZuneLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=""
"FirewallOverride"=""
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe [2009-03-30 81920]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ATWPKT2
*Deregistered* - ATWPKT2
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation   REG_MULTI_SZ     FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-13 18:30]
.
2014-01-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-25 00:12]
.
2014-01-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-25 00:12]
.
2011-07-25 c:\windows\Tasks\User_Feed_Synchronization-{3665EB40-7FE9-4CC9-A94B-EAE9FD7003FC}.job
- c:\windows\system32\msfeedssync.exe [2011-07-16 20:16]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NAV&pvid=19.7.1.5
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.3.0/GarminAxControl_32.CAB
FF - ProfilePath - c:\users\patricia\AppData\Roaming\Mozilla\Firefox\Profiles\88udgmg2.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3225826&CUI=UN14557985462817721&UM=2&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL -
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-12178941.sys
MSConfigStartUp-BitTorrent - c:\program files\BitTorrent\bittorrent.exe
MSConfigStartUp-ShopAtHomeWatcher - c:\users\patricia\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-01-26 20:11
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NAV]
"ImagePath"="\"c:\program files\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files\Norton AntiVirus\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCD5SRVC{3F6A8B78-EC003E00-05040104}]
"ImagePath"="\??\c:\progra~1\DELLSU~1\HWDiag\bin\PCD5SRVC.pkms"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(752)
c:\windows\System32\BCMLogon.dll
.
Completion time: 2014-01-26 20:18:29
ComboFix-quarantined-files.txt 2014-01-27 01:18
ComboFix2.txt 2012-09-11 00:00
ComboFix3.txt 2012-09-09 19:59
ComboFix4.txt 2010-10-24 20:36
.
Pre-Run: 87,463,940,096 bytes free
Post-Run: 87,578,308,608 bytes free
.
- - End Of File - - F724B726A2AC912195C06E50F4AC7C7C
5C616939100B85E558DA92B899A0FC36

#6 Tomk

Beguilement Monitor

Global Moderator
20,451 posts

Posted 26 January 2014 - 08:11 PM

Just like your anti-virus works off of a definition list... ComboFix has it's own "target" list that it searches for.

It didn't find anything "terrible". Let's clean out more trash.

Step 1

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Step 2

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click on Scan button. Wait until is finished.
Click on Clean.
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the content of that logfile with your next answer.
You can find the logfile at C:\AdwCleaner\AdwCleaner[S0].txt as well.

Step 3
Go ahead and run a scan with your Malwarebytes' (be sure it is up to date) and them post the log.

In your next reply, post the following log files:

Junkware Removal Tool log
AdwCleaner log
Malwarebytes' Anti-Malware log

Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014

#7 AnthonySzum

Authentic Member

Authentic Member
102 posts

Posted 27 January 2014 - 04:17 PM

I ran the AdwCleaner twice and both times the machine froze, never fully completing. I had to reboot the machine both times.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows Vista ™ Home Premium x86
Ran by patricia on Mon 01/27/2014 at 15:10:55.54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\viprotocol.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\playsushi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\deals plugin
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\fun web products
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\funwebproducts
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondary
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondary.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\conduit.engine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\viewpointmediaplayer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2790392
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2866295
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3225826
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A531D99C-5A22-449b-83DA-872725C6D0ED}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EC291CF8-7ADF-485B-9F07-5B760E85B3EC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F3779AD4-F9A2-4700-B776-A260DDDE8850}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{CD4F6214-E4CE-4DB7-A0B1-8AD48C8B27F1}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EC291CF8-7ADF-485B-9F07-5B760E85B3EC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}

~~~ Files

Successfully deleted: [File] "C:\end"

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\big fish"
Successfully deleted: [Folder] "C:\ProgramData\big fish games"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\ProgramData\viewpoint"
Successfully deleted: [Folder] "C:\Users\patricia\AppData\Roaming\big fish games"
Successfully deleted: [Folder] "C:\Users\patricia\AppData\Roaming\iwin"
Successfully deleted: [Folder] "C:\Users\patricia\appdata\local\apn"
Successfully deleted: [Folder] "C:\Users\patricia\appdata\local\big fish"
Successfully deleted: [Folder] "C:\Users\patricia\appdata\local\big fish games"
Successfully deleted: [Folder] "C:\Users\patricia\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\patricia\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\patricia\appdata\local\deals plugin"
Successfully deleted: [Folder] "C:\Users\patricia\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\patricia\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\patricia\appdata\locallow\funwebproducts"
Successfully deleted: [Folder] "C:\Users\patricia\appdata\locallow\mywebsearch"
Successfully deleted: [Folder] "C:\Users\patricia\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Program Files\bearshare applications"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\epicplay"
Successfully deleted: [Folder] "C:\Program Files\torntv.com"
Failed to delete: [Folder] "C:\Program Files\viewpoint"
Successfully deleted: [Folder] "C:\bigfishcache"
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{0107F3DC-AAD8-4D2F-902C-19B734234B00}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{01DFBF17-1C90-4E1D-8ADB-03B95B97C671}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{03879181-AF89-438B-8494-CB63A7302C1A}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{051D6FA7-0FBF-4FC0-B58C-D1F45061BCD3}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{055AE96A-63A6-4D8D-9194-66A2C84950C3}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{05C354D3-8B13-442B-9FCD-A6272DA52C81}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{0742F59C-4250-496A-8EA3-98052899997B}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{077C5745-4038-425E-BE8F-184DA3089D06}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{0896ACE2-EAAD-46C6-A507-C77454041814}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{08E560D6-AC33-41F5-81D7-D7950D243B9D}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{0915F2E3-980C-4668-A99F-9E6572260E54}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{09659C20-E9E6-4867-9B58-C3F6E4841A32}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{09D82A6A-859C-4A0C-843D-4246A890256F}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{0AD75B7B-DA2B-48E3-BAAE-DC2828FEE464}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{0AFA22BE-CFCF-4EEC-A0C3-78AE5327B829}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{0BC2AF2A-883C-4021-8E59-F2B4D7E9BF3E}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{0D815C79-E1C9-4CF9-9EFD-22755380CCB8}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{0E203562-F050-4A56-8DB3-2DFA79099AEE}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{0E9EED01-2705-4B71-B813-C3531DBCFE13}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{0EC615FF-7F51-433E-A625-44F6E24409D0}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{0F73E00E-5F8E-4527-9E1D-147C22284541}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{0FA1EA32-4C30-4D3C-A0EE-8702D29C2D7A}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{0FAFCEE4-6B34-43CE-954D-56814C374244}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{1078DEB0-031B-4309-8CE0-0BEC0A46F4AB}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{1161432F-32A0-4F3F-9E5D-D61BA4173634}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{12EC5084-BD18-4D56-909D-985EDE764A69}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{139F96BC-7626-47AB-B06D-0B55C6BB29E8}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{146EBDA8-28EF-4451-B97F-46CA93F1C32B}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{1504B596-6547-4CFB-A19D-C75954C80908}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{1513E774-4A01-4D80-B87D-DBEC551DFD77}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{15942C64-B397-48CC-B76E-A99EB63DEE08}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{1602D286-A619-462E-A2A3-D0B5C5352517}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{176FEE30-2B08-4C8D-9D81-988819707F55}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{17DCCB56-71B7-472C-8C1C-3CAA89768742}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{17EB9196-D1D9-45F0-BAD7-52A0EED16C61}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{1820A2CA-F333-4113-9142-A29BF032DACC}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{1825005F-B9F3-4262-BBA0-C6248CE4E9F7}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{18D50392-F126-4FE8-9A16-26573D9AABA1}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{1C5092D2-1439-483F-849F-A3CDB883D916}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{1C6586A4-41A3-4C0B-9DD1-618ECA70B961}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{1C9E4D7F-E1E1-4B56-91A5-535F81BC8158}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{1E25921E-6172-4FC3-8DBF-59CF5182F6D2}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{1E31D498-ABBC-46FD-9A48-FEA8EA726CA8}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{1F87EC16-AA18-4745-B610-9E9F4B5861B8}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{2026789F-69F2-4BEF-8F65-64673370DAB9}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{210925E0-0915-4CF4-A813-1C7B83E4DFA5}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{21D38E73-3328-4106-AFD0-39EEF328A43A}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{235104DE-644B-4401-BC14-F4C89DBFC186}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{2399FE8C-AADC-4CB8-9E0B-494531D32A98}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{23A5503F-A8DB-485E-991F-895CEC9C0F8E}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{23A6604D-168E-487A-AC54-2CD6E7AA1133}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{23C91726-085A-41B8-B2DD-EA6022A99C11}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{2517234E-60A9-4819-AE64-1B9770E3939F}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{25757A6A-7B45-471D-B698-7EC2B889F49D}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{25ADB8E5-C2E0-46F8-B0A0-909251598101}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{261DB462-F0C0-47B4-A04E-78C0A36AB093}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{26B46F11-1576-4B98-857F-7238C7C55181}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{28AC7E87-A068-45CA-B4E4-317D921D9DCF}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{28CD59D6-273E-469E-ACBC-7855D88E8BF3}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{291EFC11-1A4B-4670-806D-A647A8299DB1}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{295D53C9-1CB2-4CE0-9790-24711BA14A4F}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{2C01BB37-1894-4C52-9A04-0B3900F678E8}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{2D1FEE2C-AF38-4B8A-BBB7-71FA969742FE}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{2DA96550-3BB6-42E3-965D-04E12AE4B641}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{2F6B333C-09B6-4C02-99C3-0A604A2E89C5}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{2F9FAEF2-6DD6-4FC5-BD22-0CF01A3B67B0}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{304F3609-D353-4A64-B9CB-1EE77B552D76}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{3079B449-C094-48CE-8704-BDB1DF88A0C6}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{309577A5-E667-4503-BD27-8284367F202C}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{31BD8A23-48C5-4501-B1E8-83BD910E4179}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{32129BD9-F6ED-43DD-BE85-BA2CB93604C5}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{32C0092D-1D40-48CA-9CD0-31F3628A6029}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{32D52D44-15E0-4C92-9AA5-610E13BC4E9F}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{32EE1211-1FC3-4360-B9C3-29EF3B231223}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{3333FF7D-B968-41FB-A3C4-62A336558B2E}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{33E752D9-7819-4271-9A11-5A5A0D3DACD3}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{34BCF4A7-8B0F-45C6-96BB-A73D453B1D74}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{356297DE-DCF5-40F3-A665-52975983266F}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{35A76615-36AE-4123-B6CA-CBBA2B5C0416}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{36219E91-3E2E-4CD3-9E66-9A30A2D1CBE4}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{364AB377-40C2-4111-A124-6FB71605390F}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{373CA75A-AD8A-4AA5-9245-C5E54D9BE4E6}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{37DD297A-03C2-485C-BA02-B80C094CD96A}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{3818BA07-2A4C-4AFF-B91D-964BD4578A3F}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{38597F97-962E-45F7-8624-65C8B17C4CB7}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{3930D4D4-CC03-4129-96D5-82670D0E64BD}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{3A62D5D0-CE2D-481B-A2FD-70656B818590}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{3C7050A9-A311-4D1C-85D2-10C5B9034872}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{3C891E7E-F9E8-443B-B677-8EDC5C2FE9B9}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{3C969EC6-BDBF-4690-A646-224986E85051}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{3CA6BAE8-1054-4ACF-BB28-097B27A881E7}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{3DFD53BA-4BDF-4C81-9235-F286AF04E3D9}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{3E786150-3429-4EF5-BBAD-2C42FE7A3FD3}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{3EF3C8C2-03C8-4E07-83EE-DDCFC30C4FEC}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{4102789B-3A52-455B-BE03-995AC35CF8F7}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{41F9C49A-FB0E-4D9B-AB50-84778378A1D2}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{426C8BCD-E4D4-4B7F-96F1-9A1981246B2A}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{429FFA8E-F8D7-47E1-A625-9A1B7E25F76D}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{42B829E8-7F75-4F7B-8B9D-EDEEF8EF4F4C}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{42CD62AF-1198-4FC9-B888-27E55935984E}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{447AA62C-6335-4474-B16A-5D3CA8D8DC8B}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{449032BC-ACC8-4E85-BDCF-6F0B0584FB75}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{449F3FE9-3F96-4B08-9117-DA49286E082B}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{44A8B419-542F-43C3-8ED2-B996D1070274}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{44FF1142-CFBC-4B18-89CE-C8C9CF82D5AE}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{464CD96A-1D9B-42AD-9B34-FA9E52B65E13}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{46FCC855-8BA2-48D1-A5F2-1A0CC0D7A8E0}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{48B3ADFC-ECFE-45BE-BA83-0184BB344C25}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{48FFAA76-A19E-4CDD-9D0B-969CB29EFF91}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{491D64B5-4593-4AF6-B717-F09DE939FBE0}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{4985259A-AD0B-4107-A983-8E9E16B61745}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{49E6A519-6B2F-44B8-B966-E0B8C1747294}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{4A0EFB03-5B5A-4276-BA4A-81FFCA9A9011}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{4AD5B9E5-904A-43BB-BB9B-FDD7E59DD724}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{4BC478F8-129C-4293-B2B4-7FA9BB36A2E5}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{4BD25EE1-4FC2-40D7-B38C-C985615C3BE7}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{4CE89F06-E94C-426E-AA8C-90EEF62C40CD}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{4D006859-165E-46AD-8A1E-BB3BBE528D41}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{4D70010E-C443-4C15-B105-68448D94296E}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{4DB865C7-3D86-408F-AD59-F211EE5A1176}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{4DC39782-3C07-4FAC-B5F4-88D24BB09F9B}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{4E1AE5D5-3916-4638-B80E-BEA701D7E3B3}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{4E65012C-3ACD-42D6-9FAF-354B490DB83A}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{4E6BD7A8-15E9-4EC4-9AD2-5ECC4B890B24}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{4EF90DE2-5004-4044-85BE-9FC4941CE7EC}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{4F289800-F5C5-48DE-9629-11489433299A}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{4F9596D2-6F6D-4A1D-AC88-F00F3F266485}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{50239C29-6813-4C32-B351-7EE00FE94EE9}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{5148D806-B434-4A12-8623-FA86B4115038}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{51979618-F70E-43C8-BBC4-AFD22CE90243}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{5236EF72-247B-46E1-9A8E-314DA8BA51FD}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{5289FFBD-4108-4300-B5AD-85228B60D275}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{52912599-FF4B-4236-97B3-DE9905E1542B}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{52937E11-7378-4F1C-9BAF-C6AA60437359}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{52A34E8F-880D-447C-A0AB-2885A223EE62}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{53D62D3C-6734-41B4-A86C-5DCF3AD0EAA1}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{5549EB13-8C69-4F6D-B7F5-F01D59F868D9}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{566F52B1-222C-4227-AE7A-590F9B9E8192}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{56AD51B6-4002-4636-BB06-4D3D861DD8D8}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{57297F4B-FAFD-45B2-A282-79375D001B11}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{5775904B-64A0-463F-8509-13B1A1BB3C16}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{57C16178-6312-46CB-BB03-70D4A4A3ECB7}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{58357EA8-5D35-484E-ACD8-5DE6E7DC911F}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{5868F061-34D1-4CA5-A6AA-D4114D97FBDB}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{5913327A-B235-4570-AD84-6B442D0E4A91}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{59610B7E-1C08-45EA-A9D5-0F8C8766AA2B}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{5968DA99-1CCB-45BC-8A10-886E9E38A7D3}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{599C7F50-1B16-4457-B549-56145CFF5898}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{59E705F9-DD4B-45F3-8256-54F4B66C469F}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{59E71053-9692-4934-BDC4-DEBC7A0D9995}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{59F4B0F5-841F-4774-8E66-80BE572AAF18}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{5A2CE174-9C0C-4D68-ACEB-8B4FEF9BF37C}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{5A3A1410-5C6D-4060-92FA-9A3B96D279A6}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{5B5F9D13-55AB-4ED0-BC15-7166492DD83F}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{5BE065E5-FAEA-4655-AEEA-2929025FCB98}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{5C26734A-C60A-4E94-8425-2FDC0C91457A}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{5C285605-3FCA-44D2-8CC9-5AD5917C30AF}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{5C62220A-9B95-4E24-A17B-35A43780E18F}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{5D93DB78-FAD4-45E8-A378-202104D18F40}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{5DE746B7-ABF5-482E-BE28-A91B4ED020CF}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{5E6484EA-8E67-4855-83AF-2211AF1F1267}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{5E8B4F57-2B11-4C4B-94DA-A094DA1432A7}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{5FA8B763-6077-4938-90E8-D7A61A9FF376}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{5FE667E3-907C-490F-960A-27F1C22AD17E}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{617DBF36-1550-4542-99D8-9201BC63CF99}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{61A6FEBD-0B73-47AD-BA46-E73A833531F3}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{63DAB5DE-2E53-4518-BFD1-5187370CBB35}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{64B18E05-44C2-491E-9B67-F23F5129522F}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{64CD4DB0-7BC0-4713-8486-3057154A4533}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{64D6CA1D-0844-4F80-BB5B-AA610A3B3B2E}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{64F21ACE-07A5-4565-AF0B-E96433512243}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{6545CC29-8053-4564-97F2-8A0BEB1E8B9F}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{66AEC329-C8B3-439E-A64D-3C4739B6FA76}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{670A01AA-CE2F-4F4F-BBBD-5E01C104E352}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{671A0B1D-0B0A-4E42-9D72-33230EFFE182}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{6746F753-6331-4443-B80E-FEF9D99D8A09}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{67472B2A-B6B8-4A63-8212-4A5BA3ADF9CE}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{68F2B718-3596-43A3-B7C4-8E2D0F16C14A}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{69032E97-E873-4E93-9AF5-08D275AA95F0}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{696CE73C-191E-47AD-8C3E-348F43C5D7CD}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{69CD1030-B623-40B3-88E9-0D828526937F}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{6A724889-CB09-4436-9559-AFD9669633D7}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{6A7493B3-3EA4-4E9C-BE9B-BB303F6FCFE0}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{6B21F83E-2FCD-4F82-9405-1EB67B8FBFC8}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{6D6FF9B5-14BB-4A61-8CE6-FFA729B86F9E}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{6DABD3D1-CCE4-4E27-915F-322F4C4A3AA7}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{6E65031D-1CBB-4DE6-A030-539BC8A0A067}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{6F08EF74-0D93-4253-8845-0B1FE8D579BC}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{718ACBB1-8946-4E28-88C8-9458FE0AB9D7}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{72B5D8B1-8468-4253-819E-5F7C152DDAA9}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{72B5DE00-8EFB-435F-AF1B-DF2FB5650380}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{73D88A95-D4A1-4C77-9E2C-75E157917B15}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{74021142-0598-4D7A-A662-1504737E5B04}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{740E4414-9AC2-4EDC-A50C-B9BC7FC317BF}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{74362C17-7C83-416E-9581-11C977CEE42E}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{744899E4-D469-46FD-AF09-42B4E3D72591}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{74CD42CD-41A5-48DB-88CF-F457AC7C86CA}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{756864F6-55CF-4E23-A8B4-028A37908C2F}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{762F404A-043D-41A8-91E4-60C7243BD64C}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{76815010-D10A-409E-9C9D-6BA1B55CD991}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{768C4A18-B25C-43B6-A6E2-5358FFF54AFC}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{7896A61B-8273-4975-87EA-115C47A74F06}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{78AD67E6-8F42-4D71-84F2-2A17CD409CA2}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{78DBBD6C-BE87-4053-9DE3-D95BA61EABE2}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{7933CE98-BB3A-469E-A8B9-6093F58913AF}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{7B61B5E7-F94D-4EC0-BC30-BBFCAD4AF8DB}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{7C110972-F4AE-4D9C-B9AA-690153A5F481}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{7CEC2AEB-4252-444D-93D5-617E554293A1}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{7D294E71-4EB7-4AEA-9AC2-3E2DD5BA5417}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{7D304F8F-767F-47A9-8BC8-83F756AF8E73}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{7D9D7F0E-E2C8-406A-A2FE-58EF7BA27597}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{7E235175-B5B2-4367-BC72-3004E6D868F8}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{7EA2D83F-F588-4BC5-9123-61D4C0DABB8A}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{7F4510E9-0D24-4DFE-9836-9ECAD5DC9D70}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{7F908386-4FCD-46FD-A1D8-A4F7308F4799}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{7FF5D038-0238-4208-A892-6050867D62D2}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{81F55390-4672-4031-B128-6D578855D5D1}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{82B841BE-9F65-4D0A-88FC-E355A6E73F3D}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{82D823CC-4BDF-4D88-B4DA-BBB69B3AC5CF}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{841E8024-2440-484E-9F18-C80C9A6A4111}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{84E07EC8-22D7-45C5-A907-48ED2D1FBE97}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{85141101-6DEB-4C5C-8212-57FA1DFFD793}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{863548C3-A609-4635-B6ED-DCD429C949FD}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{8635FD6E-AFC3-4912-ACB3-3D003EC4978C}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{87843989-5A5A-4519-AFDB-9802F72A0628}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{87EB41DE-699C-41C8-9808-E16A43C4AB1D}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{87FB5237-36D7-4DA7-8BBF-2B321589293D}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{887A4EA7-2CA6-426B-A2C6-74631B3C5435}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{898CDD6D-0A0C-4A52-84D6-3C8EFB728676}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{8992F3BA-1C07-4D9E-9141-A792737A44A4}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{89BB6254-CD6E-4F27-A1B2-D8A5D6180E6D}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{89BFA1E3-9376-498C-BB18-D825818647F8}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{8A417A27-700C-46DC-A437-EC1CE5C19BC4}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{8B14218B-453A-473A-AE23-215E66E0A666}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{8B3DA07C-3EAA-47B7-BEC6-537D3BF19C99}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{8BDC34E5-13B2-423C-8800-63344530A364}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{8C58B0AD-89CD-4B75-97AE-1835883E2456}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{8C7262E0-4B0A-43C1-9316-99A413FFF2A9}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{8DA64076-B3FD-4811-877B-5CB3F28823B8}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{8DB0216A-0FC8-44C1-BC84-6B2B93E127D3}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{8DD3D573-EFD7-450E-BC56-D58AB960ECCB}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{8EE66460-11BB-49FB-9E5D-E3AFF2E82197}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{90741304-EE01-4D75-8521-9FCA431DD25F}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{91A3A108-ADF7-4B24-A0DE-20552752BA49}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{91B0BB41-BBA8-4151-B8C6-65E125D7AB20}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{92B994F3-79CE-454B-B8D0-471D50EA6B4B}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{93176C35-4702-41D9-827A-968D82F80698}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{94C68ADE-D873-4ED5-A88F-E6AE95E62C52}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{94FB88D6-8601-4939-B1F0-237BE2C74B02}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{96B69167-CCFC-4DFF-B737-D62B4FC4418D}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{96ECD76B-0114-426B-B36C-8A2CA8FD2AF8}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{973C53A8-08A6-49A7-9243-D1E9AF046136}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{9762AF93-5BA7-4357-916E-2B517656AFE5}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{97AB6CBD-C4B2-4DF3-AD26-A930BECFC35B}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{98170E75-3926-4A08-991D-1AEA9D98C4F1}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{98A88DD4-72F3-4B52-8C33-139FC13C89D6}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{995E197E-09F5-452C-BD71-08642B26E202}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{99961C33-B9F8-4AF9-9DB5-0699F79EF635}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{9BBE9332-D1F5-4B4E-BAAF-2F832E808FEF}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{9BEFA232-94C8-429F-ADF9-F70D1578DB26}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{9C96C9AB-630D-4051-B987-AA91795F342B}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{9D19C5BF-2C91-4081-97A9-C75885B3E2EB}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{9DA0210E-3BCC-4013-9C5C-A1DFE18404F8}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{9FCE8210-B702-4B88-B3AB-3A59CEAFEA93}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{A096A404-B594-414D-BBAB-D8064E48B316}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{A0AB0093-DBD0-4A53-8777-7F9A3D76C584}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{A188F52C-543E-4AE8-826F-20A4E62EEA9A}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{A198FD85-AA17-4682-9D4B-EBA44EBE5AE5}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{A20518DF-28C0-41C5-9A68-F053369F3106}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{A21C4022-992C-4742-93C4-5D99F3B31DA9}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{A2C8AB4A-EE58-4327-88C8-9DA323495DF4}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{A2CFA6EF-BE0F-451F-8C86-A72EBD42A5CC}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{A4CFD1AB-0967-42B6-853B-161B42EE684D}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{A533EDD2-66E4-4543-9C94-BA3ACB0AACC7}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{A560E6DD-860A-4AEB-9C56-A58613088EBF}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{A5E3469A-107D-45D0-90E1-E25E2740FD64}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{A6926683-4A05-4752-AE37-616B31E06746}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{A72EAE90-2220-429A-A292-DB14FD7AFC1C}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{A880AD0D-7EAF-4BE7-9FCB-49DE8BB30F05}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{A8A65CA6-9B9F-43BE-9EF8-85AFFFEC9B75}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{A8A968DE-E3C1-4467-BC97-B67E13017511}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{AA207CE8-5FD6-40B8-9FC9-352D81827497}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{AB5C53CC-9732-472D-8B99-09F2A9D6E742}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{AB94E2FE-7B79-405B-A5A8-A92FC8321055}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{ABE82DC0-55F0-4A7D-AB89-77F86ED5460C}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{AC1D849A-050E-404B-94FC-FC07DD27F936}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{ACB4A937-EF4E-4CB2-B0A6-D4DAB5234935}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{ACD43437-6190-4549-A40C-723338A889F7}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{ACD567C4-8BFB-4427-9ACA-6CB31D72D95F}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{AD01A607-EE86-485C-858D-1A0B66F92AD1}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{AD2F3BCF-6B64-4341-A52D-5EC974374047}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{AD487FF6-5AB9-49AA-ADE5-474FA4BF431F}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{AD96B880-D20E-4ABE-A131-BC6264A06E12}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{AEDAB06A-A260-4F81-B3C3-312143FFA43A}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{AF9A53ED-A236-4114-832C-C92992DDE3F4}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{B0E2924F-D8FA-4970-B6BC-B55321B3C128}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{B12D612B-2AF8-48ED-B6A0-3F70636555C0}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{B19921F3-5CE3-41F6-B4BD-B3746CF0F78A}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{B1CC9BCE-F2A8-4558-B933-E062F106F277}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{B2595987-6FF0-4411-877A-795E99A8B893}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{B25CDA38-EECA-4C87-895A-6704F73609A7}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{B2CA20BD-C931-4904-BF4A-7E72EFD6ED01}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{B3940955-E57E-4090-8534-3675B8D19303}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{B3C5C167-4F82-45BC-9B29-F73697C25D3E}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{B3F60D1D-8E4C-4583-9483-22D5B9984214}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{B407099D-CF3D-48AF-8007-8C4A4B9C2D89}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{B439D134-453B-433D-A87C-E86F332236D2}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{B45A580C-BDC0-4519-8607-B2F252FB1537}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{B58FB888-8650-4AA4-91A4-73C377E9ADC1}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{B64EBAFA-5710-4542-A6A6-71AF3A9977DA}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{B6F3842A-AB83-4A28-843C-5AB2D01AFCEC}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{B71E8927-686B-4FA8-A791-5FC97B3BB376}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{B80C6F6C-6DA0-407F-8F0E-544858C1A114}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{B8562BCA-3FAB-4795-8D16-95EECFADE33D}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{B8818798-C4FE-4E40-94CD-CBABEF74D7B8}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{B8A17A24-4E2D-43A4-9DE8-3D4F59A0F5F1}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{BA6FC64A-0EEA-4A9C-88A6-A51382BBB302}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{BABCC310-E956-48A3-810C-6752020693E3}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{BB4D2760-8097-4711-B863-34510110D632}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{BC1A3FBA-EE35-4416-B675-3BE3E7AE76A7}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{BD0304CA-9F6F-49E8-A368-A096890E8078}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{BD1DF40C-D936-4635-A5D6-6A129642EB52}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{BDA4A645-FDE9-44C3-87EB-7469A5499F73}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{BE1B8170-9F6E-48AE-B839-1E1BABE15EBD}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{BE534B8E-9F15-4CAC-BC57-555093637BFA}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{BE8ED407-3525-42A7-A874-B9A45935DC89}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{BF35E8E7-54CC-47FD-885C-95ABF438924E}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{BF941787-935E-40FE-BE60-586C7BA293E5}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{C0330BD7-C94F-47FD-8433-523E996346E7}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{C076CFDE-DCC3-41C0-B80D-DE7CCD2BA511}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{C07A277A-315E-46E0-B617-ACD39E24F7C6}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{C0918FFF-6CE6-4039-86DA-5263A5133220}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{C098D546-6E4B-4F89-AB6F-7912BB762B51}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{C0D3C4C3-B051-4C6A-9EF6-3ED0597E1B60}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{C1577F30-2036-49F1-9D25-CEE7EE4149E0}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{C1794617-6C76-4A8C-8083-E0EDF9D51587}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{C1C75FA2-7E74-4E65-A88A-D1D3AADDD0D8}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{C1E1478E-509D-4A55-B9E0-7AFCA8A9D898}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{C2961BB0-6E99-424F-946D-128BFDD619CD}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{C2F0C9DD-2A2C-4135-A89D-21699793943E}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{C33D26DA-4F94-4F28-BA48-9C96D6CFB0C6}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{C3FF574E-BF22-4D01-B6CD-62D1C444F17A}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{C4F54F21-F919-4E55-808D-AD3C7C952253}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{C574C2ED-84AE-4FEC-98C0-E40DF925DB89}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{C628E81C-0BC9-4B93-972A-25967DD8B9AB}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{C631A32A-47D0-43C1-8338-BE8F308BB73A}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{C759BB2D-0135-4542-8DF4-EA9FC8F4EBB4}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{C7854737-ABE5-4B58-9849-07EEC8664567}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{C7CDBA21-892A-4407-8ABD-F5C61BE69E9D}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{C88FC3E7-53DE-4CF5-AE74-119963D201C3}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{C8CC7634-B16A-496A-9665-32ABC01D8709}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{CAAFE532-8C55-4B78-8E69-809961D704D2}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{CAB2CBB2-237E-43BB-8862-032211FA6100}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{CAC49EC9-BB17-44D7-BA33-8FB44DD6B205}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{CB01CC47-B387-41BB-AF1A-5D2247399338}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{CB3360B5-91AB-4603-B10C-828F2389B720}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{CBC15B3D-EDA0-4747-808F-6745CFB191F2}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{CBD7B4A3-3A64-4323-8AE5-5573429B74FC}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{CBDD3835-F23D-464A-B147-C81EC2EC25E5}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{CC645043-A86F-434F-ABA3-495DB686297C}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{CCD36380-3D2B-4E5E-87AE-0E3C6606D8C0}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{CCD59E63-C3B7-4C2E-A5DF-B157509AB64A}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{CD1C0BD0-DC21-4859-B80D-26392700834B}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{CDFDAFAB-6623-485B-9C9F-211EAF10C838}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{CE89C61E-73EF-4F7E-B7CD-55C6239370D8}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{CECCCE71-2D98-4B7C-A010-B762A4294CCD}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{D2A1942B-5293-4F20-9D57-A72E12BD2C23}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{D3929DDF-640C-4693-8D4A-E8C51158BEC8}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{D57F6E65-61AC-4E3F-824C-45EECBAE3A04}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{D5AB3B83-1E54-4B99-8BCB-54706156A31C}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{D5B6899C-56D6-4E7F-BFE5-7DF60722AD4F}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{D5DBC1C9-724A-4DBA-A181-B31B9EC0A373}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{D6C40C33-C9F9-4BAA-A4B2-97097417009B}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{D6DA173E-83A7-4930-ABFA-B22F5C40B011}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{D7F1865D-7D57-49BA-A620-03CF4777651B}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{D81DEDFC-55F2-4433-A074-ABFADC6BD641}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{D820A82F-6057-4526-9BFE-E0322299ADDD}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{D91D1103-CD38-4ABA-BBA1-BD207D5EF034}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{D9236FCF-4A05-47E3-8EB1-B71D41CD2CEE}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{D9953375-680C-454A-954F-669A9C568739}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{DB0323A7-1AFA-4C25-B722-685709ED7A0F}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{DE1233C6-3F8A-4691-85F0-E05BB1B30A28}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{DE44A060-91BF-4CB1-BBF0-E113EA889BD1}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{DE6F392A-3211-4224-BC03-579C54128DC3}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{DECD8A71-064E-4175-87AB-E60FB7854828}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{DF0C9AAF-22C8-4F3E-8362-AB4812CB5682}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{E06924DD-5302-4CA8-9F69-10812A445C62}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{E156416F-A086-40E2-9667-F7DE0AF7D6B8}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{E15E34F6-F713-49D2-9FEC-5AAED8AB0F43}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{E42286E1-ADE8-409E-8DE2-AF15DDA8C050}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{E47AE788-E11D-4416-B09A-B39E15EBF7E2}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{E52A5752-5FD3-4F46-852F-2A0E5ED6EE38}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{E5A7EB3E-233D-44BF-B37F-FD4699B7785D}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{E6AD6968-0806-4F99-85A7-0F6D71F58EBC}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{E750C1C1-4C23-477D-84A5-FC5F3BD865C0}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{E7B8125E-2677-4546-99EC-9E069CD43028}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{E7D0D529-825D-4196-8BAE-9BEE8EFE05A8}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{E90B70FE-A012-42C3-A2C1-6AA6370D9AA0}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{E935EB3C-4A7F-4882-B038-E26EEBE05571}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{E9ED6744-B48B-464E-82EE-211B18DCF8FC}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{E9FE4A04-FB03-48EC-974D-BD87E615B71F}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{EB413458-2944-4CCD-B9EB-90D69870DB78}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{EB4AC4B0-6DB5-4D6B-BCA1-A2BD6A76C72F}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{EBC7F06C-410D-4F4A-8F17-648C99E2B9AA}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{ECB5D3B9-D43A-4B11-BD8C-A21A14BC60DA}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{ECD1A0C1-E6D3-4B7C-A790-FA1C41F11199}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{ECE01FA1-D75D-4B72-A6D5-BD0EBD94EEA7}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{ECF048B5-3E42-413C-8EB5-88FA5458C37A}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{ED7ED429-321D-4F3D-B81A-F2FABE9C507E}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{EDF8212D-8B3B-450A-84D4-46EB8FA6E135}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{EE586150-924B-494D-BC51-0990F1432636}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{EEAFC725-A229-46C0-A372-ECB4CC5D9747}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{F46A75D5-2384-4B17-B2B6-56B8533B6EDE}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{F48D2BDB-B9D5-4EC0-B2CD-2827BA5CC007}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{F4A1F998-04E7-4D62-8ED8-0EA111117AE1}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{F5D59EF1-D132-4194-8D52-BED551B8A55D}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{F60DE1AF-46A7-4D09-ADB4-9D98FE2392A7}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{F714029C-9619-4984-A2DE-F5A72B8491FB}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{F827D0B1-39E7-4BF8-BCF5-8AAAC53EEF15}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{F841AC5B-BD9B-4759-B681-2E3C472DC655}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{F940E4FD-6B79-4B30-B03E-442079C14C24}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{FA071DC0-0C3D-4BB8-B58A-3EED1958B10C}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{FA346C8D-20E4-40EF-90D9-23AA127113AA}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{FA595903-FDD8-40B9-99C9-749EADF7AE66}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{FA75292F-EFBE-4586-BD47-3D01F38B8229}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{FB045064-FD86-4536-90BF-9D618EBD5C64}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{FC1FC725-FA2D-4F74-A6C8-84963AFBCEDB}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{FC8C56F3-0637-438C-8ED5-F1377D2E2838}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{FCFAA775-A03A-4B78-BA9E-819A4C22A7CB}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{FE6492EB-326B-4109-937E-937DC40BFF26}
Successfully deleted: [Empty Folder] C:\Users\patricia\appdata\local\{FF3839E9-9FDB-4500-8449-E1BA81AD022A}
Successfully deleted: [Folder] "C:\Users\patricia\appdata\locallow\asktoolbar"

~~~ FireFox

Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\search_results.xml"
Successfully deleted: [File] C:\Users\patricia\AppData\Roaming\mozilla\firefox\profiles\88udgmg2.default\user.js
Successfully deleted the following from C:\Users\patricia\AppData\Roaming\mozilla\firefox\profiles\88udgmg2.default\prefs.js

user_pref("CT3225826_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1369677036356,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}
user_pref("Smartbar.ConduitHomepagesList", "");
user_pref("Smartbar.ConduitSearchEngineList", "");
user_pref("Smartbar.ConduitSearchUrlList", "");
user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
user_pref("Smartbar.keywordURLSelectedCTID", "");
user_pref("browser.search.defaultthis.engineName", "BitTorrentControl_v12 Customized Web Search");
user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3225826&CUI=UN14557985462817721&UM=2&SearchSource=3&q={searchTerms}");
user_pref("browser.search.order.1", "Search Results");
user_pref("extensions.crossrider.bic", "139692363850e069962411ecc171891d");
user_pref("smartbar.machineId", "YIADQOVBKP9RUVORCGYOTYKHBEG3+8JBFVZP6BJCZPOSKWITKF5PJWT59CBGBTDMC2ZRJXCJIGTIKKIAOH60YQ");
Emptied folder: C:\Users\patricia\AppData\Roaming\mozilla\firefox\profiles\88udgmg2.default\minidumps [137 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 01/27/2014 at 15:16:35.89
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.017 - Report created 27/01/2014 at 15:43:49
# Updated 12/01/2014 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : patricia - PATRICIA-PC
# Running from : C:\Users\patricia\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : vToolbarUpdater17.3.0

***** [ Files / Folders ] *****

File Found : C:\Program Files\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Found : C:\Program Files\Mozilla Firefox\Components\AskSearch.js
File Found : C:\Program Files\Mozilla Firefox\searchplugins\Search_Results.xml
File Found : C:\Users\patricia\AppData\Roaming\Mozilla\Firefox\Profiles\88udgmg2.default\searchplugins\safeguard-secure-search.xml
Folder Found C:\Program Files\AVG SafeGuard toolbar
Folder Found C:\Program Files\Common Files\AVG Secure Search
Folder Found C:\Program Files\Viewpoint
Folder Found C:\ProgramData\AVG SafeGuard toolbar
Folder Found C:\Users\patricia\AppData\Local\AVG SafeGuard toolbar
Folder Found C:\Users\patricia\AppData\Local\PackageAware
Folder Found C:\Users\patricia\AppData\LocalLow\AVG SafeGuard toolbar
Folder Found C:\Users\patricia\AppData\LocalLow\ToggleEN
Folder Found C:\Users\patricia\AppData\Roaming\quickclick

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\ToggleEN
Key Found : HKCU\Software\AVG SafeGuard toolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Deals Plugin
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PlaySushi
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ToggleEN Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Found : HKLM\Software\AVG SafeGuard toolbar
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\Software\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\Software\MetaStream
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D25BF034-5CB1-4DE3-85E5-48A1D0002788}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Found : HKLM\Software\ToggleEN
Key Found : HKLM\Software\Trymedia Systems
Key Found : HKLM\Software\Viewpoint
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16526

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\patricia\AppData\Roaming\Mozilla\Firefox\Profiles\88udgmg2.default\prefs.js ]

Line Found : user_pref("CT3225826_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1369677036356,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Found : user_pref("extensions.enabledItems", "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1,moveplayer@movenetworks.com:7,{AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198,openinregedit@firefox:0.1.2.4,{e0204b[...]
Line Found : user_pref("playsushi.position.button", true);
Line Found : user_pref("plugin.blocklisted.npviewpoint", true);

*************************

AdwCleaner[R0].txt - [5633 octets] - [27/01/2014 15:43:49]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5693 octets] ##########

# AdwCleaner v3.017 - Report created 27/01/2014 at 15:45:07
# Updated 12/01/2014 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : patricia - PATRICIA-PC
# Running from : C:\Users\patricia\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : vToolbarUpdater17.3.0

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.27.09

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
patricia :: PATRICIA-PC [administrator]

Protection: Enabled

1/27/2014 4:42:06 PM
mbam-log-2014-01-27 (16-42-06).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 273884
Time elapsed: 21 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#8 Tomk

Beguilement Monitor

Global Moderator
20,451 posts

Posted 27 January 2014 - 04:41 PM

Interesting. I haven't seen adwcleaner do that before but a colleague just told me he saw that happen last week or so. Though after running the other programs... adwcleaner did run to completion fine.

How do things seem to be working now?

Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014

#9 AnthonySzum

Authentic Member

Authentic Member
102 posts

Posted 28 January 2014 - 02:51 PM

So far a little faster and smoother but I still received an error that Windows Explorer has stopped working and will restart

#10 Tomk

Beguilement Monitor

Global Moderator
20,451 posts

Posted 28 January 2014 - 03:03 PM

OK... let's get another look with a different scan:

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
Press Scan button.
It will produce a log called FRST.txt in the same directory the tool is run from.
Please copy and paste log back here.
The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014

Advertisements

Register to Remove

#11 AnthonySzum

Authentic Member

Authentic Member
102 posts

Posted 28 January 2014 - 04:06 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-01-2014 03
Ran by patricia (administrator) on PATRICIA-PC on 28-01-2014 16:59:56
Running from C:\Users\patricia\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) ===================

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\AEstSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files\Norton AntiVirus\Engine\20.4.0.40\ccsvchst.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Nero AG) C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(SoftThinks) C:\Program Files\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(Symantec Corporation) C:\Program Files\Norton AntiVirus\Engine\20.4.0.40\ccsvchst.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtcmd.exe
() C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(AOL Inc.) C:\Program Files\Common Files\aol\1323560415\ee\aolsoftware.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
() C:\Program Files\Canon\ImageBrowser EX\MFManager.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(AOL Inc.) C:\Program Files\AOL Desktop 9.7\waol.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(AOL LLC) C:\Program Files\Common Files\aol\acs\AOLacsd.exe
(AOL Inc.) C:\Program Files\AOL Desktop 9.7\shellmon.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [PDVDDXSrv] - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128232 2009-02-04] (CyberLink Corp.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [76304 2008-12-18] (Logitech, Inc.)
HKLM\...\Run: [dellsupportcenter] - C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2009-06-03] (SupportSoft, Inc.)
HKLM\...\Run: [Dell Webcam Central] - C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [405639 2009-01-09] (Creative Technology Ltd)
HKLM\...\Run: [Dell DataSafe Online] - C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe [1807600 2009-11-13] ()
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Windows\system32\WLTRAY.exe [3810304 2008-12-22] (Dell Inc.)
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [233472 2009-04-27] (Alps Electric Co., Ltd.)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-10] (DivX, LLC)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-28] ()
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [483428 2009-03-30] (IDT, Inc.)
HKLM\...\Run: [HostManager] - C:\Program Files\Common Files\AOL\1323560415\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM\...\Run: [Samsung Link] - C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [569696 2014-01-17] (Copyright 2013 SAMSUNG)
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKCU\...\Run: [Nero MediaHome 4] - C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe [4695336 2009-03-05] (Nero AG)
HKCU\...\Run: [PeerBlock] - C:\Program Files\PeerBlock\peerblock.exe [1866864 2010-11-06] (PeerBlock, LLC)
HKCU\...\Run: [AOL Fast Start] - C:\Program Files\AOL Desktop 9.7\AOL.EXE [72760 2013-09-07] (AOL Inc.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\NeroMediaHomeUser.4.patricia-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Table Of Contents.onetoc2 ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....V&pvid=19.7.1.5
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://dts.search-re...q={searchTerms}
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\patricia\AppData\Roaming\Mozilla\Firefox\Profiles\88udgmg2.default
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Homepage: hxxp://www.yahoo.com/
FF Keyword.URL: user_pref("keyword.URL", "");
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll No File
FF Plugin: @canon.com/MycameraPlugin - C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @ei.iWon.com/Plugin - C:\Program Files\iWonEI\Installr\1.bin\NPjfEISB.dll (iWon)
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @movenetworks.com/Quantum Media Player - C:\Users\patricia\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @viewpoint.com/VMP - C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll No File
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin: @zylom.com/ZylomGamesPlayer - C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: samsung.com/SamsungLinkPCPlugin - C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll No File
FF Plugin HKCU: @movenetworks.com/Quantum Media Player - C:\Users\patricia\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\patricia\AppData\Roaming\Mozilla\Firefox\Profiles\88udgmg2.default\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\answers.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF Extension: EpicPlay Games - C:\Users\patricia\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@epicplay.com [2011-12-11]
FF Extension: Garmin Communicator - C:\Users\patricia\AppData\Roaming\Mozilla\Firefox\Profiles\88udgmg2.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-11-20]
FF Extension: No Name - C:\Users\patricia\AppData\Roaming\Mozilla\Firefox\Profiles\88udgmg2.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}-trash [2010-05-24]
FF Extension: WOT - C:\Users\patricia\AppData\Roaming\Mozilla\Firefox\Profiles\88udgmg2.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-12-01]
FF Extension: New Tab Homepage - C:\Users\patricia\AppData\Roaming\Mozilla\Firefox\Profiles\88udgmg2.default\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2012-03-21]
FF Extension: ReloadEvery - C:\Users\patricia\AppData\Roaming\Mozilla\Firefox\Profiles\88udgmg2.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2011-06-28]
FF Extension: Search by Image for Google - C:\Users\patricia\AppData\Roaming\Mozilla\Firefox\Profiles\88udgmg2.default\Extensions\{ab4b5718-3998-4a2c-91ae-18a7c2db513e}.xpi [2014-01-09]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} [2013-12-22]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.1.5\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.1.5\IPSFF [2013-10-09]
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.2.101
FF HKLM\...\Firefox\Extensions: [firefox@passwordbox.com] - C:\Program Files\PasswordBox\Firefox
FF Extension: PasswordBox - C:\Program Files\PasswordBox\Firefox [2013-12-01]
FF HKCU\...\Firefox\Extensions: [moveplayer@movenetworks.com] - C:\Users\patricia\AppData\Roaming\Move Networks
FF Extension: Move Media Player - C:\Users\patricia\AppData\Roaming\Move Networks [2009-11-26]

========================== Services (Whitelisted) =================

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe [81920 2009-03-30] (Andrea Electronics Corporation)
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [401800 2013-12-21] (Samsung)
R3 AOL ACS; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [46640 2006-10-23] (AOL LLC)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-12-18] (Stardock Corporation)
S3 GamesAppIntegrationService; C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-13] (WildTangent)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NAV; C:\Program Files\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)
R2 NeroMediaHomeService.4; C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe [255272 2009-03-05] (Nero AG)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2011-03-31] ()
S4 PasswordBox; C:\Program Files\PasswordBox\pbbtnService.exe [67584 2013-11-01] (PasswordBox, Inc.)
S2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [577376 2014-01-17] (Copyright 2013 SAMSUNG)
R2 SftService; C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE [636144 2009-04-17] (SoftThinks)
R2 sprtsvc_DellSupportCenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2009-01-30] (SupportSoft, Inc.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exe [254042 2009-03-30] (IDT, Inc.)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2809856 2008-12-22] (Dell Inc.)

==================== Drivers (Whitelisted) ====================

R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [83984 2012-02-23] (Advanced Micro Devices)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-11-20] (AVG Technologies)
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2008-12-22] (Broadcom Corporation)
R1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.1.5\Definitions\BASHDefs\20140121.001\BHDrvx86.sys [1098968 2013-12-17] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAV\1404000.028\ccSetx86.sys [134744 2013-04-15] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-11-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-11-21] (Symantec Corporation)
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.1.5\Definitions\IPSDefs\20140127.001\IDSvix86.sys [394456 2014-01-21] (Symantec Corporation)
R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [62496 2010-03-08] (ITE Tech. Inc. )
S3 jumi; C:\Windows\System32\DRIVERS\jumi.sys [13112 2010-06-03] (Windows ® Win 7 DDK provider)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [34248 2009-09-16] (McAfee, Inc.)
S3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [40552 2009-09-16] (McAfee, Inc.)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.1.5\Definitions\VirusDefs\20140128.002\NAVENG.SYS [93272 2013-10-07] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.1.5\Definitions\VirusDefs\20140128.002\NAVEX15.SYS [1612376 2013-10-07] (Symantec Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [50704 2010-01-26] (CACE Technologies, Inc.)
R3 OA001Ufd; C:\Windows\System32\DRIVERS\OA001Ufd.sys [133632 2009-03-06] (Creative Technology Ltd.)
R3 OA001Vid; C:\Windows\System32\DRIVERS\OA001Vid.sys [280096 2009-03-08] (Creative Technology Ltd.)
S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [20080 2010-11-06] ()
S3 R300; C:\Windows\System32\DRIVERS\atikmdag.sys [10070016 2012-11-16] (Advanced Micro Devices, Inc.)
R1 SRTSP; C:\Windows\System32\Drivers\NAV\1404000.028\SRTSP.SYS [603224 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAV\1404000.028\SRTSPX.SYS [32344 2013-03-04] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAV\1404000.028\SYMDS.SYS [367704 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAV\1404000.028\SYMEFA.SYS [934488 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142496 2013-06-17] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAV\1404000.028\Ironx86.SYS [175264 2013-03-04] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NAV\1404000.028\SYMTDIV.SYS [352344 2013-04-24] (Symantec Corporation)
R3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2006-11-29] (America Online, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
S3 catchme; \??\C:\Users\patricia\AppData\Local\Temp\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S0 nhipwsax; System32\drivers\lugosh.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 PCD5SRVC{3F6A8B78-EC003E00-05040104}; \??\C:\PROGRA~1\DELLSU~1\HWDiag\bin\PCD5SRVC.pkms [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-01-28 16:59 - 2014-01-28 17:00 - 00023771 _____ C:\Users\patricia\Desktop\FRST.txt
2014-01-28 16:59 - 2014-01-28 16:59 - 00000000 ____D C:\FRST
2014-01-28 16:58 - 2014-01-28 16:58 - 01136640 _____ (Farbar) C:\Users\patricia\Desktop\FRST.exe
2014-01-28 15:39 - 2014-01-28 15:39 - 30401048 _____ (Igor Pavlov) C:\Users\patricia\Desktop\tor-pluggable-transports-browser-2.4.18-rc-1-pt1_en-US.exe
2014-01-28 14:23 - 2014-01-28 14:29 - 00000000 ____D C:\7ae31f5f33fa307685d189
2014-01-27 16:17 - 2014-01-27 16:18 - 00392528 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-27 16:16 - 2014-01-27 16:16 - 00001828 _____ C:\Windows\PFRO.log
2014-01-27 15:43 - 2014-01-27 15:57 - 00000000 ____D C:\AdwCleaner
2014-01-27 15:16 - 2014-01-27 15:16 - 00057283 _____ C:\Users\patricia\Desktop\JRT.txt
2014-01-27 15:10 - 2014-01-27 15:10 - 00000000 ____D C:\Windows\ERUNT
2014-01-27 15:08 - 2014-01-27 15:08 - 01236282 _____ C:\Users\patricia\Desktop\AdwCleaner.exe
2014-01-27 15:07 - 2014-01-27 15:07 - 01037068 _____ (Thisisu) C:\Users\patricia\Desktop\JRT.exe
2014-01-26 20:18 - 2014-01-26 20:18 - 00017975 _____ C:\ComboFix.txt
2014-01-26 19:30 - 2014-01-26 20:19 - 00000000 ____D C:\ComboFix
2014-01-26 19:23 - 2014-01-26 19:23 - 05175240 ____R (Swearware) C:\Users\patricia\Desktop\ComboFix.exe
2014-01-25 19:38 - 2014-01-25 19:40 - 00019348 _____ C:\Users\patricia\Desktop\dds.txt
2014-01-25 19:38 - 2014-01-25 19:40 - 00015481 _____ C:\Users\patricia\Desktop\attach.txt
2014-01-25 19:31 - 2014-01-25 19:32 - 00688992 ____R (Swearware) C:\Users\patricia\Desktop\dds.scr
2014-01-21 13:31 - 2014-01-21 13:31 - 00003200 _____ C:\{8F5D9B3B-64F5-4D49-A165-CBFF605A63E6}
2014-01-19 20:44 - 2014-01-19 21:08 - 00000000 ____D C:\Users\patricia\Desktop\STAND_BY_ME_[1986]_[Eng]_[DvdRip]-Thizz
2014-01-19 12:57 - 2014-01-19 12:57 - 00103208 _____ C:\Users\patricia\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-18 16:01 - 2014-01-18 16:41 - 00000000 ____D C:\Users\patricia\Desktop\The Hobbit An Unexpected Journey 2013 EXTENDED 720p BRRip x264 AC3-JYK
2014-01-18 12:27 - 2014-01-18 12:27 - 00292419 _____ C:\Users\patricia\Documents\LauraCheerleader.zip
2014-01-18 12:27 - 2014-01-18 12:27 - 00000000 ____D C:\Users\patricia\Documents\LauraCheerleader
2014-01-16 10:26 - 2014-01-16 10:26 - 00000000 ____D C:\ProgramData\BlueStacks
2014-01-16 10:25 - 2014-01-16 10:26 - 00002126 ____N C:\Users\Public\Desktop\WildTangent Games App - wildgames.lnk
2014-01-15 16:38 - 2014-01-15 16:38 - 00000000 ____D C:\Users\patricia\Desktop\backups
2014-01-12 12:55 - 2014-01-19 20:59 - 00000000 ____D C:\Users\patricia\Desktop\Mama (2013)
2014-01-11 22:08 - 2014-01-11 22:08 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
2014-01-11 22:07 - 2014-01-11 22:07 - 00000000 ____D C:\Users\patricia\Samsung Link
2014-01-11 22:02 - 2014-01-18 15:30 - 00000000 ____D C:\Users\patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Samsung
2014-01-11 22:02 - 2014-01-11 22:02 - 00000000 ____D C:\Users\patricia\AppData\Local\SAMSUNG
2014-01-11 22:02 - 2014-01-11 22:02 - 00000000 ____D C:\Upload
2014-01-11 22:01 - 2014-01-11 22:02 - 00000000 ____D C:\ProgramData\SAMSUNG
2014-01-11 22:00 - 2014-01-11 22:02 - 00000000 ____D C:\Program Files\Samsung
2014-01-09 16:44 - 2014-01-09 16:44 - 01065368 _____ C:\Users\patricia\Documents\20140108_190236.jpeg

==================== One Month Modified Files and Folders =======

2014-01-28 17:00 - 2014-01-28 16:59 - 00023771 _____ C:\Users\patricia\Desktop\FRST.txt
2014-01-28 16:59 - 2014-01-28 16:59 - 00000000 ____D C:\FRST
2014-01-28 16:58 - 2014-01-28 16:58 - 01136640 _____ (Farbar) C:\Users\patricia\Desktop\FRST.exe
2014-01-28 16:58 - 2009-07-26 17:38 - 00007944 _____ C:\Users\patricia\AppData\Local\d3d9caps.dat
2014-01-28 16:44 - 2011-04-24 19:13 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-28 16:30 - 2012-05-13 17:10 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-28 16:24 - 2012-08-24 19:42 - 01253666 _____ C:\Windows\WindowsUpdate.log
2014-01-28 16:07 - 2006-11-02 07:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-28 16:07 - 2006-11-02 07:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-28 15:39 - 2014-01-28 15:39 - 30401048 _____ (Igor Pavlov) C:\Users\patricia\Desktop\tor-pluggable-transports-browser-2.4.18-rc-1-pt1_en-US.exe
2014-01-28 15:15 - 2012-08-29 18:12 - 00000000 ____D C:\Users\patricia\AppData\Local\CrashDumps
2014-01-28 15:15 - 2006-11-02 05:33 - 00707520 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-28 14:29 - 2014-01-28 14:23 - 00000000 ____D C:\7ae31f5f33fa307685d189
2014-01-28 14:20 - 2011-04-24 19:13 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-27 16:18 - 2014-01-27 16:17 - 00392528 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-27 16:18 - 2006-11-02 08:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-27 16:16 - 2014-01-27 16:16 - 00001828 _____ C:\Windows\PFRO.log
2014-01-27 16:15 - 2006-11-02 08:01 - 00032622 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-27 15:57 - 2014-01-27 15:43 - 00000000 ____D C:\AdwCleaner
2014-01-27 15:54 - 2013-05-27 12:56 - 00000000 ____D C:\Users\patricia\AppData\Roaming\BitTorrent
2014-01-27 15:44 - 2013-09-11 22:57 - 00000000 ____D C:\Program Files\PeerBlock
2014-01-27 15:16 - 2014-01-27 15:16 - 00057283 _____ C:\Users\patricia\Desktop\JRT.txt
2014-01-27 15:10 - 2014-01-27 15:10 - 00000000 ____D C:\Windows\ERUNT
2014-01-27 15:08 - 2014-01-27 15:08 - 01236282 _____ C:\Users\patricia\Desktop\AdwCleaner.exe
2014-01-27 15:07 - 2014-01-27 15:07 - 01037068 _____ (Thisisu) C:\Users\patricia\Desktop\JRT.exe
2014-01-26 20:19 - 2014-01-26 19:30 - 00000000 ____D C:\ComboFix
2014-01-26 20:19 - 2009-09-07 20:57 - 00000000 ____D C:\Qoobox
2014-01-26 20:18 - 2014-01-26 20:18 - 00017975 _____ C:\ComboFix.txt
2014-01-26 20:12 - 2006-11-02 05:23 - 00000215 _____ C:\Windows\system.ini
2014-01-26 20:11 - 2011-01-27 17:58 - 00000000 ____D C:\Users\NeroMediaHomeUser.4
2014-01-26 19:23 - 2014-01-26 19:23 - 05175240 ____R (Swearware) C:\Users\patricia\Desktop\ComboFix.exe
2014-01-25 19:40 - 2014-01-25 19:38 - 00019348 _____ C:\Users\patricia\Desktop\dds.txt
2014-01-25 19:40 - 2014-01-25 19:38 - 00015481 _____ C:\Users\patricia\Desktop\attach.txt
2014-01-25 19:32 - 2014-01-25 19:31 - 00688992 ____R (Swearware) C:\Users\patricia\Desktop\dds.scr
2014-01-21 13:31 - 2014-01-21 13:31 - 00003200 _____ C:\{8F5D9B3B-64F5-4D49-A165-CBFF605A63E6}
2014-01-20 14:02 - 2009-08-14 08:39 - 00145920 _____ C:\Users\patricia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-19 21:08 - 2014-01-19 20:44 - 00000000 ____D C:\Users\patricia\Desktop\STAND_BY_ME_[1986]_[Eng]_[DvdRip]-Thizz
2014-01-19 20:59 - 2014-01-12 12:55 - 00000000 ____D C:\Users\patricia\Desktop\Mama (2013)
2014-01-19 12:57 - 2014-01-19 12:57 - 00103208 _____ C:\Users\patricia\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-19 10:56 - 2010-10-08 12:01 - 00000000 ____D C:\Program Files\Common Files\Adobe
2014-01-18 16:41 - 2014-01-18 16:01 - 00000000 ____D C:\Users\patricia\Desktop\The Hobbit An Unexpected Journey 2013 EXTENDED 720p BRRip x264 AC3-JYK
2014-01-18 15:30 - 2014-01-11 22:02 - 00000000 ____D C:\Users\patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Samsung
2014-01-18 15:30 - 2009-07-08 15:35 - 00000000 ____D C:\Users\patricia
2014-01-18 12:27 - 2014-01-18 12:27 - 00292419 _____ C:\Users\patricia\Documents\LauraCheerleader.zip
2014-01-18 12:27 - 2014-01-18 12:27 - 00000000 ____D C:\Users\patricia\Documents\LauraCheerleader
2014-01-16 10:28 - 2010-02-22 20:35 - 00000000 ____D C:\Users\patricia\AppData\Roaming\Boomzap
2014-01-16 10:26 - 2014-01-16 10:26 - 00000000 ____D C:\ProgramData\BlueStacks
2014-01-16 10:26 - 2014-01-16 10:25 - 00002126 ____N C:\Users\Public\Desktop\WildTangent Games App - wildgames.lnk
2014-01-16 10:25 - 2011-08-10 15:10 - 00000000 ____D C:\Program Files\WildTangent Games
2014-01-15 19:11 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\Resources
2014-01-15 16:38 - 2014-01-15 16:38 - 00000000 ____D C:\Users\patricia\Desktop\backups
2014-01-15 16:18 - 2009-06-30 11:19 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-15 16:09 - 2013-08-14 15:50 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 16:03 - 2006-11-02 05:24 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-01-11 22:08 - 2014-01-11 22:08 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
2014-01-11 22:07 - 2014-01-11 22:07 - 00000000 ____D C:\Users\patricia\Samsung Link
2014-01-11 22:02 - 2014-01-11 22:02 - 00000000 ____D C:\Users\patricia\AppData\Local\SAMSUNG
2014-01-11 22:02 - 2014-01-11 22:02 - 00000000 ____D C:\Upload
2014-01-11 22:02 - 2014-01-11 22:01 - 00000000 ____D C:\ProgramData\SAMSUNG
2014-01-11 22:02 - 2014-01-11 22:00 - 00000000 ____D C:\Program Files\Samsung
2014-01-10 21:47 - 2013-11-20 15:14 - 00003711 _____ C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
2014-01-09 16:44 - 2014-01-09 16:44 - 01065368 _____ C:\Users\patricia\Documents\20140108_190236.jpeg
2013-12-29 15:39 - 2013-12-25 10:10 - 00000022 _____ C:\Users\patricia\Documents\order.3423423.zip

Some content of TEMP:
====================
C:\Users\patricia\AppData\Local\temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-01-27 16:23

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-01-2014 03
Ran by patricia at 2014-01-28 17:00:42
Running from C:\Users\patricia\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Norton AntiVirus (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton AntiVirus (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (Version: - Microsoft)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acrobat.com (Version: 1.1.377 - Adobe Systems Incorporated)
Adobe AIR (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (Version: 11.5.6.606 - Adobe Systems, Inc.)
Advanced Audio FX Engine (Version: 1.12.05 - Creative Technology Ltd)
Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden
AllShare Framework DMS (Version: 1.3.23 - Samsung)
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AOL Uninstaller (Choose which Products to Remove) (Version: - AOL Inc.)
Apple Application Support (Version: 2.1.9 - Apple Inc.)
Apple Mobile Device Support (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Control Center (Version: 2.009.0213.2137 - )
Big Fish: Game Manager (Version: 3.2.0.6 - )
BitTorrent (HKCU Version: 7.8.2.30332 - BitTorrent Inc.)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Canon PowerShot SX260 HS and SX240 HS Camera User Guide (Version: 1.0.0.9 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (Version: 8.7.0.11 - Canon Inc.)
Canon Utilities ImageBrowser EX (Version: 1.1.0.18 - Canon Inc.)
Canon Utilities PhotoStitch (Version: 3.1.23.47 - Canon Inc.)
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (Version: 2009.0213.2138.38808 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2009.0213.2138.38808 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2009.0213.2138.38808 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2009.0213.2138.38808 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2009.0213.2138.38808 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2009.0213.2138.38808 - ATI) Hidden
Catalyst Control Center InstallProxy (Version: 2009.0213.2138.38808 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2009.0213.2138.38808 - ATI) Hidden
Catalyst Control Center Localization All (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Pro Control Center (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help Chinese Standard (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help Danish (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help Dutch (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help English (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help Finnish (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help French (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help German (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help Italian (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help Japanese (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help Korean (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help Norwegian (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help Portuguese (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help Russian (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help Spanish (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help Swedish (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
ccc-core-static (Version: 2009.0213.2138.38808 - ATI) Hidden
ccc-utility (Version: 2009.0213.2138.38808 - ATI) Hidden
ccc-utility (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCleaner (Version: 4.08 - Piriform)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Cisco EAP-FAST Module (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (Version: 1.0.13 - Cisco Systems, Inc.)
CleanUp! (Version: - )
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000 - Microsoft Corporation)
Cradle of Rome (Version: 2.2.0.94 - WildTangent) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (Version: 2.25 - Dell)
Dell DataSafe Local Backup (Version: 9.3.10 x86 - Dell)
Dell DataSafe Online (Version: 1.2.0009 - Dell, Inc.)
Dell Dock (Version: 1.0.0 - Dell)
Dell Edoc Viewer (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (Support Software) (Version: 2.2.09085 - Dell)
Dell Touchpad (Version: 7.2.101.219 - ALPS ELECTRIC CO., LTD.)
Dell Video Chat (Version: 6.0 (6567) - SightSpeed Inc.)
Dell Webcam Central (Version: 1.20.10 - Creative Technology Ltd)
Dell Wireless WLAN Card Utility (Version: 5.10.38.30 - Dell Inc.)
DELL0703 (Version: 1.0.0 - WildTangent) Hidden
Dell-eBay (Version: 1.00.0000 - Dell)
DivX Converter (Version: 7.1.0 - DivX, Inc.)
DivX Plus DirectShow Filters (Version: - DivX, Inc.)
DivX Setup (Version: 2.6.1.87 - DivX, LLC)
DivX Version Checker (Version: 7.1.0.9 - DivX, Inc.)
Dropbox (HKCU Version: 1.4.7 - Dropbox, Inc.)
GameHouse (Version: - )
Garmin Communicator Plugin (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Lifetime Updater (Version: 2.1.11 - Garmin)
Garmin POI Loader (Version: 2.7.1 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (Version: 2.5.5 - Garmin Ltd or its subsidiaries)
Google Earth (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (Version: - )
HTC BMP USB Driver (Version: 1.0.5375 - HTC)
HTC Driver Installer (Version: 3.0.0.007 - HTC Corporation)
Integrated Webcam Driver (1.06.03.0309) (Version: 1.06.03.0309 - Creative Technology Ltd.)
ITECIR (Version: 1.9 - ITE)
iTunes (Version: 10.6.3.25 - Apple Inc.)
Java 7 Update 9 (Version: 7.0.90 - Oracle)
Java Auto Updater (Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 34 (Version: 6.0.340 - Oracle)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KhalInstallWrapper (Version: 4.72.40 - Logitech) Hidden
K-Lite Codec Pack 9.3.0 (Basic) (Version: 9.3.0 - )
Live! Cam Avatar Creator (Version: 4.6.2303.1 - Creative Technology Ltd)
Logitech SetPoint (Version: 4.72 - Logitech)
Luxor 2 HD (Version: 3.0.2.38 - WildTangent) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Search Enhancement Pack (Version: 3.0.133.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000 - Microsoft Corporation)
Microsoft VC9 runtime libraries (Version: 1.0.0 - AOL Inc.) Hidden
Microsoft VC9 runtime libraries (Version: 1.0.0 - AOL LLC) Hidden
Microsoft VC9 runtime libraries (Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (Version: 9.7.0621 - Microsoft Corporation)
Move Media Player (HKCU Version: - Move Networks)
Mozilla Firefox 26.0 (x86 en-US) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
MP3 Rocket (Version: 6.4.3 - MP3 TechSupport Inc)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0 - Microsoft Corporation)
Mystery Case Files: Fate's Carnival Collector's Edition (Version: - )
Nero 11 (Version: 11.2.00900 - Nero AG)
Nero Burning ROM 11 (Version: 11.2.10300.0.0 - Nero AG) Hidden
Nero Burning ROM 11 Help (CHM) (Version: 11.0.10300 - Nero AG) Hidden
Nero ControlCenter (Version: 9.0.0.1 - Nero AG) Hidden
Nero ControlCenter 11 (Version: 11.0.12700.0.27 - Nero AG) Hidden
Nero Core Components 11 (Version: 11.0.16300.1.23 - Nero AG) Hidden
Nero Express 11 (Version: 11.2.10300.0.0 - Nero AG) Hidden
Nero Express 11 Help (CHM) (Version: 11.0.10300 - Nero AG) Hidden
Nero Installer (Version: 2.0.0.1 - Nero AG) Hidden
Nero MediaHome 4 (Version: 4.3.21.0 - Nero AG) Hidden
Nero MediaHome 4 Essentials (Version: - Nero AG)
Nero MediaHome 4 Help (Version: 4.2.0.0 - Nero AG) Hidden
Nero Online Upgrade (Version: 1.3.0.0 - Nero AG) Hidden
Norton AntiVirus (Version: 20.4.0.40 - Symantec Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PeerBlock 1.1 (r518) (Version: 1.1.0.518 - PeerBlock, LLC)
PowerDVD DX (Version: 8.2.5024 - Dell Corp.)
QuickSet (Version: 9.2.8 - Dell Inc.)
Revo Uninstaller Pro 3.0.7 (Version: 3.0.7 - VS Revo Group, Ltd.)
RTC Client API v1.2 (Version: 1.2.0000 - Microsoft)
Samsung Link 1.8.0.1401171024 (Version: 1.8.0.1401171024 - Copyright 2013 SAMSUNG)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
SES Driver (Version: 1.0.0 - Western Digital)
Skins (Version: 2009.0213.2138.38808 - ATI) Hidden
Skype™ 5.10 (Version: 5.10.116 - Skype Technologies S.A.)
The Path of Hercules (Version: - )
Update for 2007 Microsoft Office System (KB967642) (Version: - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (Version: - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (Version: - Microsoft)
Update Installer for WildTangent Games App (Version: - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VDownloader 3.9.1326 (Version: - Vitzo Limited)
Web Games Player Plugin (Version: - Zylom Games)
WildTangent Games (Version: 1.0.0.80 - WildTangent)
WildTangent Games (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (Version: 4.0.11.2 - WildTangent) Hidden
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Installer Clean Up (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Mobile Device Updater Component (Version: 04.07.1404.01 - Microsoft Corporation) Hidden
WinPcap 4.1.1 (Version: 4.1.0.1753 - CACE Technologies)
WinRAR archiver (Version: - )
WinZip 12.0 (Version: 12.0.8252 - WinZip Computing, S.L. )
Zune (Version: 04.07.1404.01 - Microsoft Corporation)
Zune (Version: 04.07.1404.01 - Microsoft Corporation) Hidden
Zune Language Pack (DEU) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden
Zune Language Pack (ESP) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden
Zune Language Pack (FRA) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden
Zune Language Pack (ITA) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden
Zune Language Pack (NLD) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden
Zune Language Pack (PTB) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden
Zune Language Pack (PTG) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden

==================== Restore Points =========================

24-12-2013 20:37:50 Scheduled Checkpoint
26-12-2013 22:46:54 Scheduled Checkpoint
27-12-2013 17:26:35 Windows Update
29-12-2013 22:40:43 Scheduled Checkpoint
31-12-2013 14:23:26 Windows Update
03-01-2014 14:58:59 Windows Update
05-01-2014 19:55:57 Scheduled Checkpoint
07-01-2014 13:45:37 Windows Update
08-01-2014 17:00:07 Scheduled Checkpoint
10-01-2014 15:55:10 Windows Update
15-01-2014 17:25:15 Windows Update
15-01-2014 21:01:03 Windows Update
16-01-2014 00:20:50 Windows Update
17-01-2014 01:07:01 Scheduled Checkpoint
20-01-2014 18:53:54 Scheduled Checkpoint
21-01-2014 15:52:57 Windows Update
22-01-2014 18:19:25 Scheduled Checkpoint
27-01-2014 00:30:44 ComboFix created restore point
28-01-2014 19:22:35 Windows Update

==================== Hosts content: ==========================

2006-11-02 05:23 - 2014-01-26 20:11 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {2A1FB96E-1E46-4078-AE75-C86505781BD0} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton AntiVirus\Engine\20.4.0.40\WSCStub.exe [2013-06-03] (Symantec Corporation)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
Task: {50622854-AC9E-4785-B766-1339967170ED} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {6D1CDE98-6D88-4599-AEC1-F0858F1F7C76} - System32\Tasks\Launch BCM WLAN Tray => C:\Windows\system32\WLTRAY.EXE [2008-12-22] (Dell Inc.)
Task: {7BD5BFD5-CFAB-4684-B4DD-42642365E144} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files\Norton AntiVirus\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {8D0546E9-A6C3-4506-A519-18D50B80CFD9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-24] (Google Inc.)
Task: {992ECA9D-3859-43B2-A916-93E94C44C056} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {A66D0914-4988-4889-BBD4-1B29698165A4} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\SymErr.exe
Task: {A7D92301-79B5-42E2-AD05-AF74F49FC922} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {AF33FFB3-F02E-49ED-A046-425986AB8173} - System32\Tasks\{BED5DCC6-7FA5-4A04-8800-6B167997CA73} => C:\Program Files\Skype\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
Task: {B98F64DD-AC10-4B71-9CC5-3D7D3BF07905} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files\Norton AntiVirus\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {BB9B7C65-CD8C-4B92-99F9-5C81336CE627} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {C73EB3A3-9FD6-4334-9BA9-E520F4F7D656} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-24] (Google Inc.)
Task: {D25BF034-5CB1-4DE3-85E5-48A1D0002788} - System32\Tasks\RunAsStdUser Task => C:\Program Files\iWin Games\iWinGames.exe
Task: {D88F6815-BCE8-4A60-A194-83FEBB7DBE53} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\SymErr.exe
Task: {E20D8E5A-C90A-4A97-86AB-A12064282B36} - System32\Tasks\26978e0 => C:\Users\patricia\AppData\Local\Temp\\setup3262526672.exe <==== ATTENTION
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()
Task: {E5DEAF53-191E-490D-A464-F0C3DA5AC984} - System32\Tasks\27c2617c => C:\Users\patricia\AppData\Local\Temp\\setup29426608.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{3665EB40-7FE9-4CC9-A94B-EAE9FD7003FC}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2012-11-16 14:37 - 2012-11-16 14:37 - 00037376 _____ () C:\Windows\system32\atitmpxx.dll
2009-11-13 16:15 - 2009-11-13 16:15 - 00275696 _____ () C:\Program Files\Dell DataSafe Online\SdbShared.dll
2009-04-09 16:29 - 2009-04-09 16:29 - 00058608 _____ () C:\Program Files\Dell DataSafe Online\BalloonWindow.dll
2009-11-13 16:15 - 2009-11-13 16:15 - 00095472 _____ () C:\Program Files\Dell DataSafe Online\SdbUI.dll
2009-11-13 16:15 - 2009-11-13 16:15 - 00152816 _____ () C:\Program Files\Dell DataSafe Online\SdbShared.XmlSerializers.dll
2009-11-13 16:15 - 2009-11-13 16:15 - 00017648 _____ () C:\Program Files\Dell DataSafe Online\cpputils.dll
2009-06-30 10:48 - 2008-12-22 05:32 - 00054784 _____ () C:\Windows\System32\bcmwlrmt.dll
2013-08-28 19:25 - 2013-08-28 19:25 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2014-01-11 22:00 - 2014-01-17 10:24 - 00012800 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
2014-01-11 22:00 - 2014-01-17 10:24 - 00040448 _____ () C:\Program Files\Samsung\Samsung Link\JniIO.dll
2013-12-21 11:15 - 2013-12-21 11:15 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\JNIInterface.dll
2013-12-21 11:15 - 2013-12-21 11:15 - 00119296 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ASFAPI.dll
2013-12-21 11:17 - 2013-12-21 11:17 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MediaDB_Manager.dll
2013-10-01 09:46 - 2013-10-01 09:46 - 00025600 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MediaDB.dll
2013-10-22 09:48 - 2013-10-22 09:48 - 00707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
2013-12-21 11:17 - 2013-12-21 11:17 - 00589824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMS_Manager.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00038912 _____ () C:\Windows\system32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00012800 _____ () C:\Windows\system32\boost_system-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00046592 _____ () C:\Windows\system32\boost_thread-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00227840 _____ () C:\Windows\system32\boost_serialization-vc90-mt-1_47.dll
2012-11-11 19:43 - 2012-08-30 13:39 - 00112128 _____ () C:\Program Files\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2013-09-07 12:20 - 2013-09-07 12:20 - 00048640 _____ () C:\Program Files\AOL Desktop 9.7\zlib.dll
2013-09-07 12:19 - 2013-09-07 12:19 - 21117440 _____ () C:\Program Files\AOL Desktop 9.7\libcef.dll
2013-09-07 12:19 - 2013-09-07 12:19 - 00648704 _____ () C:\Program Files\AOL Desktop 9.7\libglesv2.dll
2013-09-07 12:19 - 2013-09-07 12:19 - 00122880 _____ () C:\Program Files\AOL Desktop 9.7\libegl.dll
2009-06-30 10:48 - 2009-06-30 10:48 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2012-11-16 14:09 - 2012-11-16 14:09 - 00369152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-09-13 21:59 - 2010-03-15 10:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2013-12-22 11:38 - 2013-12-22 11:39 - 03559024 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-12-11 13:30 - 2013-12-11 13:30 - 16242056 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:000D6A25
AlternateDataStreams: C:\ProgramData\TEMP:012BC84F
AlternateDataStreams: C:\ProgramData\TEMP:0C65EA0E
AlternateDataStreams: C:\ProgramData\TEMP:0EC7A545
AlternateDataStreams: C:\ProgramData\TEMP:1A15E356
AlternateDataStreams: C:\ProgramData\TEMP:1AC933DC
AlternateDataStreams: C:\ProgramData\TEMP:1D317030
AlternateDataStreams: C:\ProgramData\TEMP:1E942FB9
AlternateDataStreams: C:\ProgramData\TEMP:206470A5
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:3086B95F
AlternateDataStreams: C:\ProgramData\TEMP:319D783D
AlternateDataStreams: C:\ProgramData\TEMP:395F6776
AlternateDataStreams: C:\ProgramData\TEMP:398D2775
AlternateDataStreams: C:\ProgramData\TEMP:3AF262FC
AlternateDataStreams: C:\ProgramData\TEMP:3D36932D
AlternateDataStreams: C:\ProgramData\TEMP:3D6B89CE
AlternateDataStreams: C:\ProgramData\TEMP:40D8F125
AlternateDataStreams: C:\ProgramData\TEMP:436BE28C
AlternateDataStreams: C:\ProgramData\TEMP:46CBC45C
AlternateDataStreams: C:\ProgramData\TEMP:474022C7
AlternateDataStreams: C:\ProgramData\TEMP:517DBC32
AlternateDataStreams: C:\ProgramData\TEMP:5197985B
AlternateDataStreams: C:\ProgramData\TEMP:526B3022
AlternateDataStreams: C:\ProgramData\TEMP:53B8C5D2
AlternateDataStreams: C:\ProgramData\TEMP:548AE60C
AlternateDataStreams: C:\ProgramData\TEMP:58481C6F
AlternateDataStreams: C:\ProgramData\TEMP:5A15BCD4
AlternateDataStreams: C:\ProgramData\TEMP:5B4686D7
AlternateDataStreams: C:\ProgramData\TEMP:5CD70138
AlternateDataStreams: C:\ProgramData\TEMP:5D432CE3
AlternateDataStreams: C:\ProgramData\TEMP:5EF1AD34
AlternateDataStreams: C:\ProgramData\TEMP:60EA2068
AlternateDataStreams: C:\ProgramData\TEMP:627153F1
AlternateDataStreams: C:\ProgramData\TEMP:639BB5E9
AlternateDataStreams: C:\ProgramData\TEMP:640EA6E8
AlternateDataStreams: C:\ProgramData\TEMP:658DE22A
AlternateDataStreams: C:\ProgramData\TEMP:689AB7E9
AlternateDataStreams: C:\ProgramData\TEMP:68B61847
AlternateDataStreams: C:\ProgramData\TEMP:71004506
AlternateDataStreams: C:\ProgramData\TEMP:737160C1
AlternateDataStreams: C:\ProgramData\TEMP:7B2BB690
AlternateDataStreams: C:\ProgramData\TEMP:7B8AF9AA
AlternateDataStreams: C:\ProgramData\TEMP:7FCB9D0D
AlternateDataStreams: C:\ProgramData\TEMP:881ED4D3
AlternateDataStreams: C:\ProgramData\TEMP:884C7316
AlternateDataStreams: C:\ProgramData\TEMP:895A78C5
AlternateDataStreams: C:\ProgramData\TEMP:89C28CF6
AlternateDataStreams: C:\ProgramData\TEMP:8E5EA40F
AlternateDataStreams: C:\ProgramData\TEMP:97CA3B9E
AlternateDataStreams: C:\ProgramData\TEMP:98982C88
AlternateDataStreams: C:\ProgramData\TEMP:99AC3203
AlternateDataStreams: C:\ProgramData\TEMP:9E9A3410
AlternateDataStreams: C:\ProgramData\TEMP:A02025CE
AlternateDataStreams: C:\ProgramData\TEMP:A4ACFB14
AlternateDataStreams: C:\ProgramData\TEMP:A4E7D25F
AlternateDataStreams: C:\ProgramData\TEMP:A58B27C9
AlternateDataStreams: C:\ProgramData\TEMP:A7964713
AlternateDataStreams: C:\ProgramData\TEMP:A819A132
AlternateDataStreams: C:\ProgramData\TEMP:AE34D87E
AlternateDataStreams: C:\ProgramData\TEMP:B4F0E275
AlternateDataStreams: C:\ProgramData\TEMP:B54E4B5A
AlternateDataStreams: C:\ProgramData\TEMP:B88DC997
AlternateDataStreams: C:\ProgramData\TEMP:BD13A410
AlternateDataStreams: C:\ProgramData\TEMP:C0893153
AlternateDataStreams: C:\ProgramData\TEMP:C3C72D5F
AlternateDataStreams: C:\ProgramData\TEMP:C5CE2DF6
AlternateDataStreams: C:\ProgramData\TEMP:C7F08EA3
AlternateDataStreams: C:\ProgramData\TEMP:C9CDDE5E
AlternateDataStreams: C:\ProgramData\TEMP:CAC06C34
AlternateDataStreams: C:\ProgramData\TEMP:D31BE97C
AlternateDataStreams: C:\ProgramData\TEMP:D3A89E47
AlternateDataStreams: C:\ProgramData\TEMP:D696AA12
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
AlternateDataStreams: C:\ProgramData\TEMP:E0888117
AlternateDataStreams: C:\ProgramData\TEMP:E2295807
AlternateDataStreams: C:\ProgramData\TEMP:E2CFA9CD
AlternateDataStreams: C:\ProgramData\TEMP:E6C6EB3B
AlternateDataStreams: C:\ProgramData\TEMP:E80802C7
AlternateDataStreams: C:\ProgramData\TEMP:E91ADC66
AlternateDataStreams: C:\ProgramData\TEMP:EC855C73
AlternateDataStreams: C:\ProgramData\TEMP:ED2998F5
AlternateDataStreams: C:\ProgramData\TEMP:ED51D3ED
AlternateDataStreams: C:\ProgramData\TEMP:EEB25EAE
AlternateDataStreams: C:\ProgramData\TEMP:F5FC5DCE
AlternateDataStreams: C:\ProgramData\TEMP:F72306CC
AlternateDataStreams: C:\ProgramData\TEMP:FAB64002
AlternateDataStreams: C:\ProgramData\TEMP:FED25C29

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/28/2014 03:15:08 PM) (Source: Application Error) (User: )
Description: Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp 0x49e01da5, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x0d4c91e0,
process id 0x70c, application start time 0xExplorer.EXE0.

Error: (01/27/2014 07:14:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7535

Error: (01/27/2014 07:14:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7535

Error: (01/27/2014 07:14:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/27/2014 07:14:31 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6537

Error: (01/27/2014 07:14:31 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6537

Error: (01/27/2014 07:14:31 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/27/2014 07:14:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5507

Error: (01/27/2014 07:14:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5507

Error: (01/27/2014 07:14:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

System errors:
=============
Error: (01/28/2014 02:22:01 PM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB970430 (Security Update) into Resolved(Resolved) state

Error: (01/28/2014 02:22:01 PM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB970430 (Security Update) into Resolved(Resolved) state

Error: (01/28/2014 02:22:01 PM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB970430 (Security Update) into Resolved(Resolved) state

Error: (01/28/2014 02:22:01 PM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB970430 (Security Update) into Resolved(Resolved) state

Error: (01/28/2014 02:22:01 PM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB970430 (Security Update) into Resolved(Resolved) state

Error: (01/28/2014 02:22:01 PM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB970430 (Security Update) into Resolved(Resolved) state

Error: (01/28/2014 02:22:01 PM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB970430 (Security Update) into Resolved(Resolved) state

Error: (01/28/2014 02:22:01 PM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB970430 (Security Update) into Resolved(Resolved) state

Error: (01/28/2014 02:22:01 PM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB970430 (Security Update) into Resolved(Resolved) state

Error: (01/28/2014 02:22:01 PM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB970430 (Security Update) into Resolved(Resolved) state

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2014-01-28 17:00:20.527
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

Date: 2014-01-28 17:00:20.143
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

Date: 2014-01-28 17:00:19.717
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

Date: 2014-01-28 17:00:19.305
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

Date: 2014-01-28 17:00:11.467
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.1.5\Definitions\BASHDefs\20140121.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-01-28 17:00:11.087
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.1.5\Definitions\BASHDefs\20140121.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-01-28 17:00:10.709
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.1.5\Definitions\BASHDefs\20140121.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-01-28 17:00:10.310
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.1.5\Definitions\BASHDefs\20140121.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-01-27 16:49:40.932
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

Date: 2014-01-27 16:49:40.515
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 65%
Total physical RAM: 3066.17 MB
Available physical RAM: 1048.95 MB
Total Pagefile: 6338.6 MB
Available Pagefile: 4132.5 MB
Total Virtual: 2047.88 MB
Available Virtual: 1920.44 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:217.81 GB) (Free:82.61 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:15 GB) (Free:14.91 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 18000000)
Partition 1: (Not Active) - (Size=78 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=218 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#12 Tomk

Beguilement Monitor

Global Moderator
20,451 posts

Posted 28 January 2014 - 04:31 PM

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

start
Task: {E20D8E5A-C90A-4A97-86AB-A12064282B36} - System32\Tasks\26978e0 => C:\Users\patricia\AppData\Local\Temp\\setup3262526672.exe <==== ATTENTION
Task: {E5DEAF53-191E-490D-A464-F0C3DA5AC984} - System32\Tasks\27c2617c => C:\Users\patricia\AppData\Local\Temp\\setup29426608.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:000D6A25
AlternateDataStreams: C:\ProgramData\TEMP:012BC84F
AlternateDataStreams: C:\ProgramData\TEMP:0C65EA0E
AlternateDataStreams: C:\ProgramData\TEMP:0EC7A545
AlternateDataStreams: C:\ProgramData\TEMP:1A15E356
AlternateDataStreams: C:\ProgramData\TEMP:1AC933DC
AlternateDataStreams: C:\ProgramData\TEMP:1D317030
AlternateDataStreams: C:\ProgramData\TEMP:1E942FB9
AlternateDataStreams: C:\ProgramData\TEMP:206470A5
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:3086B95F
AlternateDataStreams: C:\ProgramData\TEMP:319D783D
AlternateDataStreams: C:\ProgramData\TEMP:395F6776
AlternateDataStreams: C:\ProgramData\TEMP:398D2775
AlternateDataStreams: C:\ProgramData\TEMP:3AF262FC
AlternateDataStreams: C:\ProgramData\TEMP:3D36932D
AlternateDataStreams: C:\ProgramData\TEMP:3D6B89CE
AlternateDataStreams: C:\ProgramData\TEMP:40D8F125
AlternateDataStreams: C:\ProgramData\TEMP:436BE28C
AlternateDataStreams: C:\ProgramData\TEMP:46CBC45C
AlternateDataStreams: C:\ProgramData\TEMP:474022C7
AlternateDataStreams: C:\ProgramData\TEMP:517DBC32
AlternateDataStreams: C:\ProgramData\TEMP:5197985B
AlternateDataStreams: C:\ProgramData\TEMP:526B3022
AlternateDataStreams: C:\ProgramData\TEMP:53B8C5D2
AlternateDataStreams: C:\ProgramData\TEMP:548AE60C
AlternateDataStreams: C:\ProgramData\TEMP:58481C6F
AlternateDataStreams: C:\ProgramData\TEMP:5A15BCD4
AlternateDataStreams: C:\ProgramData\TEMP:5B4686D7
AlternateDataStreams: C:\ProgramData\TEMP:5CD70138
AlternateDataStreams: C:\ProgramData\TEMP:5D432CE3
AlternateDataStreams: C:\ProgramData\TEMP:5EF1AD34
AlternateDataStreams: C:\ProgramData\TEMP:60EA2068
AlternateDataStreams: C:\ProgramData\TEMP:627153F1
AlternateDataStreams: C:\ProgramData\TEMP:639BB5E9
AlternateDataStreams: C:\ProgramData\TEMP:640EA6E8
AlternateDataStreams: C:\ProgramData\TEMP:658DE22A
AlternateDataStreams: C:\ProgramData\TEMP:689AB7E9
AlternateDataStreams: C:\ProgramData\TEMP:68B61847
AlternateDataStreams: C:\ProgramData\TEMP:71004506
AlternateDataStreams: C:\ProgramData\TEMP:737160C1
AlternateDataStreams: C:\ProgramData\TEMP:7B2BB690
AlternateDataStreams: C:\ProgramData\TEMP:7B8AF9AA
AlternateDataStreams: C:\ProgramData\TEMP:7FCB9D0D
AlternateDataStreams: C:\ProgramData\TEMP:881ED4D3
AlternateDataStreams: C:\ProgramData\TEMP:884C7316
AlternateDataStreams: C:\ProgramData\TEMP:895A78C5
AlternateDataStreams: C:\ProgramData\TEMP:89C28CF6
AlternateDataStreams: C:\ProgramData\TEMP:8E5EA40F
AlternateDataStreams: C:\ProgramData\TEMP:97CA3B9E
AlternateDataStreams: C:\ProgramData\TEMP:98982C88
AlternateDataStreams: C:\ProgramData\TEMP:99AC3203
AlternateDataStreams: C:\ProgramData\TEMP:9E9A3410
AlternateDataStreams: C:\ProgramData\TEMP:A02025CE
AlternateDataStreams: C:\ProgramData\TEMP:A4ACFB14
AlternateDataStreams: C:\ProgramData\TEMP:A4E7D25F
AlternateDataStreams: C:\ProgramData\TEMP:A58B27C9
AlternateDataStreams: C:\ProgramData\TEMP:A7964713
AlternateDataStreams: C:\ProgramData\TEMP:A819A132
AlternateDataStreams: C:\ProgramData\TEMP:AE34D87E
AlternateDataStreams: C:\ProgramData\TEMP:B4F0E275
AlternateDataStreams: C:\ProgramData\TEMP:B54E4B5A
AlternateDataStreams: C:\ProgramData\TEMP:B88DC997
AlternateDataStreams: C:\ProgramData\TEMP:BD13A410
AlternateDataStreams: C:\ProgramData\TEMP:C0893153
AlternateDataStreams: C:\ProgramData\TEMP:C3C72D5F
AlternateDataStreams: C:\ProgramData\TEMP:C5CE2DF6
AlternateDataStreams: C:\ProgramData\TEMP:C7F08EA3
AlternateDataStreams: C:\ProgramData\TEMP:C9CDDE5E
AlternateDataStreams: C:\ProgramData\TEMP:CAC06C34
AlternateDataStreams: C:\ProgramData\TEMP:D31BE97C
AlternateDataStreams: C:\ProgramData\TEMP:D3A89E47
AlternateDataStreams: C:\ProgramData\TEMP:D696AA12
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
AlternateDataStreams: C:\ProgramData\TEMP:E0888117
AlternateDataStreams: C:\ProgramData\TEMP:E2295807
AlternateDataStreams: C:\ProgramData\TEMP:E2CFA9CD
AlternateDataStreams: C:\ProgramData\TEMP:E6C6EB3B
AlternateDataStreams: C:\ProgramData\TEMP:E80802C7
AlternateDataStreams: C:\ProgramData\TEMP:E91ADC66
AlternateDataStreams: C:\ProgramData\TEMP:EC855C73
AlternateDataStreams: C:\ProgramData\TEMP:ED2998F5
AlternateDataStreams: C:\ProgramData\TEMP:ED51D3ED
AlternateDataStreams: C:\ProgramData\TEMP:EEB25EAE
AlternateDataStreams: C:\ProgramData\TEMP:F5FC5DCE
AlternateDataStreams: C:\ProgramData\TEMP:F72306CC
AlternateDataStreams: C:\ProgramData\TEMP:FAB64002
AlternateDataStreams: C:\ProgramData\TEMP:FED25C29
end

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014

#13 AnthonySzum

Authentic Member

Authentic Member
102 posts

Posted 28 January 2014 - 05:14 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 28-01-2014 03
Ran by patricia at 2014-01-28 18:12:22 Run:1
Running from C:\Users\patricia\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start
Task: {E20D8E5A-C90A-4A97-86AB-A12064282B36} - System32\Tasks\26978e0 => C:\Users\patricia\AppData\Local\Temp\\setup3262526672.exe <==== ATTENTION
Task: {E5DEAF53-191E-490D-A464-F0C3DA5AC984} - System32\Tasks\27c2617c => C:\Users\patricia\AppData\Local\Temp\\setup29426608.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:000D6A25
AlternateDataStreams: C:\ProgramData\TEMP:012BC84F
AlternateDataStreams: C:\ProgramData\TEMP:0C65EA0E
AlternateDataStreams: C:\ProgramData\TEMP:0EC7A545
AlternateDataStreams: C:\ProgramData\TEMP:1A15E356
AlternateDataStreams: C:\ProgramData\TEMP:1AC933DC
AlternateDataStreams: C:\ProgramData\TEMP:1D317030
AlternateDataStreams: C:\ProgramData\TEMP:1E942FB9
AlternateDataStreams: C:\ProgramData\TEMP:206470A5
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:3086B95F
AlternateDataStreams: C:\ProgramData\TEMP:319D783D
AlternateDataStreams: C:\ProgramData\TEMP:395F6776
AlternateDataStreams: C:\ProgramData\TEMP:398D2775
AlternateDataStreams: C:\ProgramData\TEMP:3AF262FC
AlternateDataStreams: C:\ProgramData\TEMP:3D36932D
AlternateDataStreams: C:\ProgramData\TEMP:3D6B89CE
AlternateDataStreams: C:\ProgramData\TEMP:40D8F125
AlternateDataStreams: C:\ProgramData\TEMP:436BE28C
AlternateDataStreams: C:\ProgramData\TEMP:46CBC45C
AlternateDataStreams: C:\ProgramData\TEMP:474022C7
AlternateDataStreams: C:\ProgramData\TEMP:517DBC32
AlternateDataStreams: C:\ProgramData\TEMP:5197985B
AlternateDataStreams: C:\ProgramData\TEMP:526B3022
AlternateDataStreams: C:\ProgramData\TEMP:53B8C5D2
AlternateDataStreams: C:\ProgramData\TEMP:548AE60C
AlternateDataStreams: C:\ProgramData\TEMP:58481C6F
AlternateDataStreams: C:\ProgramData\TEMP:5A15BCD4
AlternateDataStreams: C:\ProgramData\TEMP:5B4686D7
AlternateDataStreams: C:\ProgramData\TEMP:5CD70138
AlternateDataStreams: C:\ProgramData\TEMP:5D432CE3
AlternateDataStreams: C:\ProgramData\TEMP:5EF1AD34
AlternateDataStreams: C:\ProgramData\TEMP:60EA2068
AlternateDataStreams: C:\ProgramData\TEMP:627153F1
AlternateDataStreams: C:\ProgramData\TEMP:639BB5E9
AlternateDataStreams: C:\ProgramData\TEMP:640EA6E8
AlternateDataStreams: C:\ProgramData\TEMP:658DE22A
AlternateDataStreams: C:\ProgramData\TEMP:689AB7E9
AlternateDataStreams: C:\ProgramData\TEMP:68B61847
AlternateDataStreams: C:\ProgramData\TEMP:71004506
AlternateDataStreams: C:\ProgramData\TEMP:737160C1
AlternateDataStreams: C:\ProgramData\TEMP:7B2BB690
AlternateDataStreams: C:\ProgramData\TEMP:7B8AF9AA
AlternateDataStreams: C:\ProgramData\TEMP:7FCB9D0D
AlternateDataStreams: C:\ProgramData\TEMP:881ED4D3
AlternateDataStreams: C:\ProgramData\TEMP:884C7316
AlternateDataStreams: C:\ProgramData\TEMP:895A78C5
AlternateDataStreams: C:\ProgramData\TEMP:89C28CF6
AlternateDataStreams: C:\ProgramData\TEMP:8E5EA40F
AlternateDataStreams: C:\ProgramData\TEMP:97CA3B9E
AlternateDataStreams: C:\ProgramData\TEMP:98982C88
AlternateDataStreams: C:\ProgramData\TEMP:99AC3203
AlternateDataStreams: C:\ProgramData\TEMP:9E9A3410
AlternateDataStreams: C:\ProgramData\TEMP:A02025CE
AlternateDataStreams: C:\ProgramData\TEMP:A4ACFB14
AlternateDataStreams: C:\ProgramData\TEMP:A4E7D25F
AlternateDataStreams: C:\ProgramData\TEMP:A58B27C9
AlternateDataStreams: C:\ProgramData\TEMP:A7964713
AlternateDataStreams: C:\ProgramData\TEMP:A819A132
AlternateDataStreams: C:\ProgramData\TEMP:AE34D87E
AlternateDataStreams: C:\ProgramData\TEMP:B4F0E275
AlternateDataStreams: C:\ProgramData\TEMP:B54E4B5A
AlternateDataStreams: C:\ProgramData\TEMP:B88DC997
AlternateDataStreams: C:\ProgramData\TEMP:BD13A410
AlternateDataStreams: C:\ProgramData\TEMP:C0893153
AlternateDataStreams: C:\ProgramData\TEMP:C3C72D5F
AlternateDataStreams: C:\ProgramData\TEMP:C5CE2DF6
AlternateDataStreams: C:\ProgramData\TEMP:C7F08EA3
AlternateDataStreams: C:\ProgramData\TEMP:C9CDDE5E
AlternateDataStreams: C:\ProgramData\TEMP:CAC06C34
AlternateDataStreams: C:\ProgramData\TEMP:D31BE97C
AlternateDataStreams: C:\ProgramData\TEMP:D3A89E47
AlternateDataStreams: C:\ProgramData\TEMP:D696AA12
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
AlternateDataStreams: C:\ProgramData\TEMP:E0888117
AlternateDataStreams: C:\ProgramData\TEMP:E2295807
AlternateDataStreams: C:\ProgramData\TEMP:E2CFA9CD
AlternateDataStreams: C:\ProgramData\TEMP:E6C6EB3B
AlternateDataStreams: C:\ProgramData\TEMP:E80802C7
AlternateDataStreams: C:\ProgramData\TEMP:E91ADC66
AlternateDataStreams: C:\ProgramData\TEMP:EC855C73
AlternateDataStreams: C:\ProgramData\TEMP:ED2998F5
AlternateDataStreams: C:\ProgramData\TEMP:ED51D3ED
AlternateDataStreams: C:\ProgramData\TEMP:EEB25EAE
AlternateDataStreams: C:\ProgramData\TEMP:F5FC5DCE
AlternateDataStreams: C:\ProgramData\TEMP:F72306CC
AlternateDataStreams: C:\ProgramData\TEMP:FAB64002
AlternateDataStreams: C:\ProgramData\TEMP:FED25C29
end
*****************

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E20D8E5A-C90A-4A97-86AB-A12064282B36} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E20D8E5A-C90A-4A97-86AB-A12064282B36} => Key deleted successfully.
C:\Windows\System32\Tasks\26978e0 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\26978e0 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E5DEAF53-191E-490D-A464-F0C3DA5AC984} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5DEAF53-191E-490D-A464-F0C3DA5AC984} => Key deleted successfully.
C:\Windows\System32\Tasks\27c2617c => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\27c2617c => Key deleted successfully.
C:\ProgramData\TEMP => ":000D6A25" ADS removed successfully.
C:\ProgramData\TEMP => ":012BC84F" ADS removed successfully.
C:\ProgramData\TEMP => ":0C65EA0E" ADS removed successfully.
C:\ProgramData\TEMP => ":0EC7A545" ADS removed successfully.
C:\ProgramData\TEMP => ":1A15E356" ADS removed successfully.
C:\ProgramData\TEMP => ":1AC933DC" ADS removed successfully.
C:\ProgramData\TEMP => ":1D317030" ADS removed successfully.
C:\ProgramData\TEMP => ":1E942FB9" ADS removed successfully.
C:\ProgramData\TEMP => ":206470A5" ADS removed successfully.
C:\ProgramData\TEMP => ":2CB9631F" ADS removed successfully.
C:\ProgramData\TEMP => ":3086B95F" ADS removed successfully.
C:\ProgramData\TEMP => ":319D783D" ADS removed successfully.
C:\ProgramData\TEMP => ":395F6776" ADS removed successfully.
C:\ProgramData\TEMP => ":398D2775" ADS removed successfully.
C:\ProgramData\TEMP => ":3AF262FC" ADS removed successfully.
C:\ProgramData\TEMP => ":3D36932D" ADS removed successfully.
C:\ProgramData\TEMP => ":3D6B89CE" ADS removed successfully.
C:\ProgramData\TEMP => ":40D8F125" ADS removed successfully.
C:\ProgramData\TEMP => ":436BE28C" ADS removed successfully.
C:\ProgramData\TEMP => ":46CBC45C" ADS removed successfully.
C:\ProgramData\TEMP => ":474022C7" ADS removed successfully.
C:\ProgramData\TEMP => ":517DBC32" ADS removed successfully.
C:\ProgramData\TEMP => ":5197985B" ADS removed successfully.
C:\ProgramData\TEMP => ":526B3022" ADS removed successfully.
C:\ProgramData\TEMP => ":53B8C5D2" ADS removed successfully.
C:\ProgramData\TEMP => ":548AE60C" ADS removed successfully.
C:\ProgramData\TEMP => ":58481C6F" ADS removed successfully.
C:\ProgramData\TEMP => ":5A15BCD4" ADS removed successfully.
C:\ProgramData\TEMP => ":5B4686D7" ADS removed successfully.
C:\ProgramData\TEMP => ":5CD70138" ADS removed successfully.
C:\ProgramData\TEMP => ":5D432CE3" ADS removed successfully.
C:\ProgramData\TEMP => ":5EF1AD34" ADS removed successfully.
C:\ProgramData\TEMP => ":60EA2068" ADS removed successfully.
C:\ProgramData\TEMP => ":627153F1" ADS removed successfully.
C:\ProgramData\TEMP => ":639BB5E9" ADS removed successfully.
C:\ProgramData\TEMP => ":640EA6E8" ADS removed successfully.
C:\ProgramData\TEMP => ":658DE22A" ADS removed successfully.
C:\ProgramData\TEMP => ":689AB7E9" ADS removed successfully.
C:\ProgramData\TEMP => ":68B61847" ADS removed successfully.
C:\ProgramData\TEMP => ":71004506" ADS removed successfully.
C:\ProgramData\TEMP => ":737160C1" ADS removed successfully.
C:\ProgramData\TEMP => ":7B2BB690" ADS removed successfully.
C:\ProgramData\TEMP => ":7B8AF9AA" ADS removed successfully.
C:\ProgramData\TEMP => ":7FCB9D0D" ADS removed successfully.
C:\ProgramData\TEMP => ":881ED4D3" ADS removed successfully.
C:\ProgramData\TEMP => ":884C7316" ADS removed successfully.
C:\ProgramData\TEMP => ":895A78C5" ADS removed successfully.
C:\ProgramData\TEMP => ":89C28CF6" ADS removed successfully.
C:\ProgramData\TEMP => ":8E5EA40F" ADS removed successfully.
C:\ProgramData\TEMP => ":97CA3B9E" ADS removed successfully.
C:\ProgramData\TEMP => ":98982C88" ADS removed successfully.
C:\ProgramData\TEMP => ":99AC3203" ADS removed successfully.
C:\ProgramData\TEMP => ":9E9A3410" ADS removed successfully.
C:\ProgramData\TEMP => ":A02025CE" ADS removed successfully.
C:\ProgramData\TEMP => ":A4ACFB14" ADS removed successfully.
C:\ProgramData\TEMP => ":A4E7D25F" ADS removed successfully.
C:\ProgramData\TEMP => ":A58B27C9" ADS removed successfully.
C:\ProgramData\TEMP => ":A7964713" ADS removed successfully.
C:\ProgramData\TEMP => ":A819A132" ADS removed successfully.
C:\ProgramData\TEMP => ":AE34D87E" ADS removed successfully.
C:\ProgramData\TEMP => ":B4F0E275" ADS removed successfully.
C:\ProgramData\TEMP => ":B54E4B5A" ADS removed successfully.
C:\ProgramData\TEMP => ":B88DC997" ADS removed successfully.
C:\ProgramData\TEMP => ":BD13A410" ADS removed successfully.
C:\ProgramData\TEMP => ":C0893153" ADS removed successfully.
C:\ProgramData\TEMP => ":C3C72D5F" ADS removed successfully.
C:\ProgramData\TEMP => ":C5CE2DF6" ADS removed successfully.
C:\ProgramData\TEMP => ":C7F08EA3" ADS removed successfully.
C:\ProgramData\TEMP => ":C9CDDE5E" ADS removed successfully.
C:\ProgramData\TEMP => ":CAC06C34" ADS removed successfully.
C:\ProgramData\TEMP => ":D31BE97C" ADS removed successfully.
C:\ProgramData\TEMP => ":D3A89E47" ADS removed successfully.
C:\ProgramData\TEMP => ":D696AA12" ADS removed successfully.
C:\ProgramData\TEMP => ":DFC5A2B2" ADS removed successfully.
C:\ProgramData\TEMP => ":E0888117" ADS removed successfully.
C:\ProgramData\TEMP => ":E2295807" ADS removed successfully.
C:\ProgramData\TEMP => ":E2CFA9CD" ADS removed successfully.
C:\ProgramData\TEMP => ":E6C6EB3B" ADS removed successfully.
C:\ProgramData\TEMP => ":E80802C7" ADS removed successfully.
C:\ProgramData\TEMP => ":E91ADC66" ADS removed successfully.
C:\ProgramData\TEMP => ":EC855C73" ADS removed successfully.
C:\ProgramData\TEMP => ":ED2998F5" ADS removed successfully.
C:\ProgramData\TEMP => ":ED51D3ED" ADS removed successfully.
C:\ProgramData\TEMP => ":EEB25EAE" ADS removed successfully.
C:\ProgramData\TEMP => ":F5FC5DCE" ADS removed successfully.
C:\ProgramData\TEMP => ":F72306CC" ADS removed successfully.
C:\ProgramData\TEMP => ":FAB64002" ADS removed successfully.
C:\ProgramData\TEMP => ":FED25C29" ADS removed successfully.

==== End of Fixlog ====

#14 AnthonySzum

Authentic Member

Authentic Member
102 posts

Posted 28 January 2014 - 05:15 PM

Btw, for some reason I dont have notepad on the machine, only wordpad. Would you know how to get notepad back on here?

#15 Tomk

Beguilement Monitor

Global Moderator
20,451 posts

Posted 28 January 2014 - 05:53 PM

Btw, for some reason I dont have notepad on the machine, only wordpad. Would you know how to get notepad back on here?

Hold the windows key and press R to bring up the run window. Type Notepad in the box and click OK.

You should also be able to find it by clicking on start, then selecting All Programs, then Accessories... and it should be there.

Let's get an online scan. It will probably take a couple hours:

ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Vista users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

Please go here then click on:

Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
Select the option YES, I accept the Terms of Use then click on:
When prompted allow the Add-On/Active X to install.
Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
Now click on Advanced Settings and select the following:

- Scan for potentially unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth Technology
Now click on:
The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
When completed the Online Scan will begin automatically.
Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
Now click on:
Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014

Body Background

skin color theme