Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet connection slow, possible infection?


  • This topic is locked This topic is locked
10 replies to this topic

#1 753Charlie

753Charlie

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:17 PM

Posted 28 February 2014 - 06:56 PM

Hello All: I think that I have picked up something elusive.  My svchost.exe keeps connecting to traffic.acwebconnecting.com.  I have at least 10 DNS client errors daily. My intenet connection has been slow and my Chrome extensions have been erased twice. Comodo recently started blocking 224.0.0.252 yesterday.   

 

I am using Windows 7 Home Premium 64.   Windows Essentials antivirus, Comdo Firewall 5.12, and Mvps Hostman. 

I have scanned with, Malewarebytes, Spybot, Windows Essentials, Hitman Pro, TDSSKiller and the scans report clean.  Can someone please help?  My DDS.Txt are below.  Thanks.

 

 

 

DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.11.9600.16518  BrowserJavaVersion: 10.51.2
Run by Cynda at 16:57:14 on 2014-02-28
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4009.2690 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\vds.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Conexant\SAII\SmartAudio.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = https://www.google.com/
uSearch Bar = Preserve
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Google Update] "C:\Users\Cynda\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [<NO NAME>]
mRun: [iSkysoft Helper Compact.exe] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\Users\Cynda\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 2.2\program\quickstart.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001013-0002-0013-ABCDEFFEDCBC}
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
Trusted Zone: dell.com
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{B98BDB4E-E647-4284-B4D6-EAF68F96FEB5} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{B98BDB4E-E647-4284-B4D6-EAF68F96FEB5} : DhcpNameServer = 192.168.1.254
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
BHO-X64: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO-X64:     Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
mRun-x64: [(Default)]
mRun-x64: [iSkysoft Helper Compact.exe] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
 

AppInit_DLLs-X64: C:\Windows\SysWOW64\guard32.dll
Hosts: 0.0.0.0 traffic.acwebconnecting.com
Hosts: 0.0.0.0 office.ad1.ru
Hosts: 0.0.0.0 server.adeasy.ru
Hosts: 0.0.0.0 adfocus.ru
Hosts: 0.0.0.0 ads.roularta.adhese.com
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Cynda\AppData\Roaming\Mozilla\Firefox\Profiles\4njefsnf.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: network.proxy.type - 4
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Cynda\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\system32\DRIVERS\cmdguard.sys --> C:\Windows\system32\DRIVERS\cmdguard.sys [?]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\system32\DRIVERS\cmdhlp.sys --> C:\Windows\system32\DRIVERS\cmdhlp.sys [?]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
R2 RtNdPt60;Realtek NDIS Protocol Driver;C:\Windows\system32\DRIVERS\RtNdPt60.sys --> C:\Windows\system32\DRIVERS\RtNdPt60.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-3-23 652360]
S3 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2011-10-26 162816]
S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-1-29 169752]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\system32\IEEtwCollector.exe /V --> C:\Windows\system32\IEEtwCollector.exe  [?]
S3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.20);C:\Windows\system32\DRIVERS\RtTeam620.sys --> C:\Windows\system32\DRIVERS\RtTeam620.sys [?]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);C:\Windows\system32\DRIVERS\RtVlan620.sys --> C:\Windows\system32\DRIVERS\RtVlan620.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-02-28 00:34:59    --------    d-----w-    C:\ProgramData\Spybot - Search & Destroy
2014-02-28 00:34:59    --------    d-----w-    C:\Program Files (x86)\Spybot - Search & Destroy
2014-02-27 19:17:22    1031560    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8DACF738-53A0-49F2-A937-086E7B40EA12}\gapaengine.dll
2014-02-27 19:17:10    10536864    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{33E21B7A-375F-451D-9123-4B885BD06F87}\mpengine.dll
2014-02-26 18:41:05    10536864    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-02-26 09:16:35    --------    d-----w-    C:\Users\Cynda\AppData\Local\{A052EA95-F3AD-4230-8DC5-029CD67B54B0}
2014-02-25 03:37:42    --------    d-----w-    C:\Users\Cynda\AppData\Local\{2F60D1A7-130C-4317-B8CC-C08099F89E72}
2014-02-24 08:23:44    --------    d-----w-    C:\Users\Cynda\AppData\Local\{112C0E97-BA13-4355-B484-951E8D0AFC45}
2014-02-23 03:04:57    92672    ----a-w-    C:\Windows\System32\CNC470I.DLL
2014-02-23 03:04:57    246272    ----a-w-    C:\Windows\System32\CNC470L.DLL
2014-02-23 03:04:57    229888    ----a-w-    C:\Windows\System32\CNC470O.DLL
2014-02-23 03:04:57    1439744    ----a-w-    C:\Windows\System32\CNC470C.DLL
2014-02-23 01:09:02    --------    d-----w-    C:\Users\Cynda\AppData\Local\{D91044E9-9DD3-40FA-A594-716C77414082}
2014-02-23 00:46:43    --------    d-----w-    C:\Users\Cynda\AppData\Local\{1A45ADA8-B62B-4411-94E4-8B6181CCFA29}
2014-02-23 00:18:53    --------    d-----w-    C:\Users\Cynda\AppData\Local\{682D0AA5-D85B-4C32-A48E-55F8E501D8D8}
2014-02-22 07:50:38    --------    d-----w-    C:\Users\Cynda\AppData\Local\{13F79723-108B-4929-9A29-9F310D187BAF}
2014-02-20 09:02:49    --------    d-----w-    C:\Users\Cynda\AppData\Local\{24498F8C-2AC2-4BAA-AB2C-D68D5FD4038C}
2014-02-19 09:30:23    --------    d-----w-    C:\Users\Cynda\AppData\Local\{4C88577E-A6A2-4094-A0D8-FFBF72FF8785}
2014-02-17 07:25:02    --------    d-----w-    C:\Users\Cynda\AppData\Local\{DE701929-BFE1-4989-896E-799DB3A066F9}
2014-02-14 08:23:50    --------    d-----w-    C:\Users\Cynda\AppData\Local\{437A9D44-85FF-40E8-B48F-50EE288DBC8E}
2014-02-12 20:09:54    3928064    ----a-w-    C:\Windows\System32\d2d1.dll
2014-02-10 22:49:01    --------    d-----w-    C:\Users\Cynda\AppData\Local\{3B8C3F75-A0BF-4A91-8692-D1857F927645}
2014-02-08 09:10:21    --------    d-----w-    C:\Users\Cynda\AppData\Local\{BE95ED34-8C99-4F68-8F41-B4ABB96E0501}
2014-02-04 00:49:35    --------    d-----w-    C:\Users\Cynda\AppData\Local\{02023281-69BC-4741-A990-01EA927EA3BE}
2014-02-01 10:26:57    --------    d-----w-    C:\Users\Cynda\AppData\Local\{340FC51E-84F7-4302-A805-A64E9E157FFA}
2014-02-01 01:09:51    --------    d-----w-    C:\Program Files\Microsoft Windows Performance Toolkit
2014-02-01 01:09:39    --------    d-----w-    C:\Program Files\Microsoft Help Viewer
2014-02-01 01:09:26    --------    d-----w-    C:\Program Files\Debugging Tools for Windows (x64)
2014-02-01 01:08:06    --------    d-----w-    C:\Program Files (x86)\Application Verifier
2014-02-01 01:08:05    --------    d-----w-    C:\Program Files\Application Verifier (x64)
2014-01-30 21:46:27    --------    d-----w-    C:\Users\Cynda\AppData\Local\{5935C150-2AA2-43D9-A9C0-4C370CDC5314}
.
==================== Find3M  ====================
.
2014-02-06 11:30:46    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-02-06 11:30:12    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-02-06 11:07:39    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2014-02-06 11:06:47    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-02-06 10:49:03    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-02-06 10:48:45    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-02-06 10:48:11    708608    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-02-06 10:20:26    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-02-06 10:11:37    5768704    ----a-w-    C:\Windows\System32\jscript9.dll
2014-02-06 10:01:36    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-02-06 10:00:46    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-02-06 09:50:32    2041856    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-02-06 09:47:22    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-02-06 09:46:27    553472    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-02-06 09:25:36    4244480    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-02-06 09:24:52    2334208    ----a-w-    C:\Windows\System32\wininet.dll
2014-02-06 09:09:30    1964032    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-02-06 08:41:35    1820160    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-01-29 09:11:34    96168    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-19 07:33:29    270496    ------w-    C:\Windows\System32\MpSigStub.exe
2013-12-29 07:25:05    89304    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2013-12-24 23:09:41    1987584    ----a-w-    C:\Windows\SysWow64\d3d10warp.dll
2013-12-24 22:48:32    2565120    ----a-w-    C:\Windows\System32\d3d10warp.dll
2013-12-06 02:30:08    2048    ----a-w-    C:\Windows\System32\msxml3r.dll
2013-12-06 02:30:08    1882112    ----a-w-    C:\Windows\System32\msxml3.dll
2013-12-06 02:02:08    2048    ----a-w-    C:\Windows\SysWow64\msxml3r.dll
2013-12-06 02:02:08    1237504    ----a-w-    C:\Windows\SysWow64\msxml3.dll
2013-12-04 02:27:33    485888    ----a-w-    C:\Windows\System32\secproc_isv.dll
2013-12-04 02:27:33    123392    ----a-w-    C:\Windows\System32\secproc_ssp_isv.dll
2013-12-04 02:27:33    123392    ----a-w-    C:\Windows\System32\secproc_ssp.dll
2013-12-04 02:27:16    488448    ----a-w-    C:\Windows\System32\secproc.dll
2013-12-04 02:26:32    528384    ----a-w-    C:\Windows\System32\msdrm.dll
2013-12-04 02:16:51    658432    ----a-w-    C:\Windows\System32\RMActivate_isv.exe
2013-12-04 02:16:51    626176    ----a-w-    C:\Windows\System32\RMActivate.exe
2013-12-04 02:16:50    552960    ----a-w-    C:\Windows\System32\RMActivate_ssp_isv.exe
2013-12-04 02:16:48    553984    ----a-w-    C:\Windows\System32\RMActivate_ssp.exe
2013-12-04 02:03:20    87040    ----a-w-    C:\Windows\SysWow64\secproc_ssp_isv.dll
2013-12-04 02:03:20    87040    ----a-w-    C:\Windows\SysWow64\secproc_ssp.dll
2013-12-04 02:03:20    423936    ----a-w-    C:\Windows\SysWow64\secproc_isv.dll
2013-12-04 02:03:08    428032    ----a-w-    C:\Windows\SysWow64\secproc.dll
2013-12-04 02:02:06    390144    ----a-w-    C:\Windows\SysWow64\msdrm.dll
2013-12-04 01:54:14    510976    ----a-w-    C:\Windows\SysWow64\RMActivate_ssp.exe
2013-12-04 01:54:10    594944    ----a-w-    C:\Windows\SysWow64\RMActivate_isv.exe
2013-12-04 01:54:09    572416    ----a-w-    C:\Windows\SysWow64\RMActivate.exe
2013-12-04 01:54:06    508928    ----a-w-    C:\Windows\SysWow64\RMActivate_ssp_isv.exe
.
============= FINISH: 16:58:05.79 ===============

Attached File  Attach.txt   41.15KB   2 downloads



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,191 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:17 PM

Posted 01 March 2014 - 09:39 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

It migh just be that you Hosts file is malformed.

I suggest you reset back to the default.
How To:
http://support.microsoft.com/kb/972034

Use the Fix it button on the page.

When all is well you can install the 3rd party hosts file you normally use.
===


Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
===

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.

Let me know what problem persists.

#3 753Charlie

753Charlie
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:17 PM

Posted 01 March 2014 - 10:52 PM

Thank you.. Here are the results of my scans:

 

AdwCleaner

 

# AdwCleaner v3.020 - Report created 01/03/2014 at 13:29:14
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Cynda - DELLY12
# Running from : C:\Users\Cynda\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Cynda\AppData\LocalLow\boost_interprocess
[x] Not Deleted : C:\Users\Cynda\AppData\Roaming\Mozilla\Firefox\Profiles\tqha93qs.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v27.0 (en-US)

[ File : C:\Users\Cynda\AppData\Roaming\Mozilla\Firefox\Profiles\4njefsnf.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Cynda\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1696 octets] - [01/03/2014 13:10:53]
AdwCleaner[S0].txt - [1634 octets] - [01/03/2014 13:29:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1694 octets] ##########

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Cynda on Sat 03/01/2014 at 13:35:39.77
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files

Successfully deleted: [File] C:\Windows\syswow64\shoABD9.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoB162.tmp

 

~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{0020C439-7992-4045-9A25-DCA8163CB5DC}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{0020C497-9A65-4D56-B576-BD49381E96ED}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{007D85AF-7547-4168-BFCD-11F907A93A09}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{00AEAA34-E6A4-4476-8581-5E72E7D3D2B0}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{00F7CFA8-82BF-4134-A419-D310DFFA2BDE}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{0112CD6D-892F-4655-81E3-6DD9654B8350}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{01669EC2-717F-451F-998F-97A549493F03}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{02023281-69BC-4741-A990-01EA927EA3BE}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{02B4CD4E-A2F5-41E0-99D2-98245C78D498}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{03278A28-B8BF-4BB7-8FCC-5BE85048D0C5}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{03ACAFA5-716D-4C13-AD83-8AAF538825D4}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{044AD7D4-F4E9-44FE-ABB9-A496C328B9E3}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{04D6FA70-5AE2-4613-BDEA-9E3B9BA7DEA0}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{0543C7E9-114E-45A8-983D-8F4B18B9F98F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{056AF3B1-78B7-42D8-8718-EC1B2F7C0FD6}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{05C2504F-16CF-4FED-BE3A-51173CC4F56E}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{06286717-D670-41B3-B047-10DA2041E222}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{066322AE-7C25-4165-BCFC-4BF06BB8FE93}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{06AE1E60-84E3-4DC3-9511-C32808216D0E}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{090716B0-4956-4598-9DF7-AF3F68DC8CD4}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{0979FCDA-8F7E-44B0-A178-EAD4A1C2192D}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{0AD90A26-F6CE-4E91-A148-CAE5977B1384}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{0B3CCA17-08FA-4305-A0E9-56FA42C9C219}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{0B766F0B-0E42-49FE-85E7-9FC619277FBD}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{0BF4DA6D-B529-4701-B325-6AD4C12467D0}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{0CEBC2E2-D824-465B-B675-450CDC686B71}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{0D5B4A5B-38DC-49FD-87C9-10D9CEA06F14}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{0D730F8D-7E9C-4FE4-BF89-47E543C40C04}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{0DA5339A-7C89-44DF-8585-A53DE005247B}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{0E807CA3-4C4D-4D7F-8FD1-DD3AEFF671E5}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{107F7E6C-64F4-49E9-8821-DCDECB1F0203}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{10AB4F3D-0835-4565-BB73-3FDC9D589B6D}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{10D8F812-3C90-45F8-817C-EADBEBA03158}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{11064F68-ED2D-4A53-AE4C-010F46D6CECA}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{112C0E97-BA13-4355-B484-951E8D0AFC45}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{1222A11B-9C2F-4A49-B50C-EDD1A38154EA}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{124E7C04-D261-4307-9A92-C94D30460A2E}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{125BC08D-BC69-4186-820F-A31F01A28366}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{12C43819-9B54-4985-B78D-07AD48C89A20}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{12C72DCF-A189-4B3A-A372-A311504DB9C5}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{12CF02D9-B811-4009-8375-1962CEB21E9B}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{13660D98-73EB-4E13-A43B-8A99AE0B50BE}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{1380F2AF-C0E9-42FB-9335-1A4D5FA22631}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{13F6A9C2-DD77-44C6-A0E9-C43C30DF2188}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{13F79723-108B-4929-9A29-9F310D187BAF}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{14DCD4CB-3B40-49CC-99CE-8A4959065E7F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{1530B12E-A51E-4CE8-BC6B-7BF75113D47F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{159110FA-948A-4C08-9AA0-58C548C127CC}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{15AE7A49-5364-4AE7-8765-D1E6B9B1BCA1}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{169C2B5C-EDA1-4111-A13B-9C15E126C9CB}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{178E1A98-1AAF-4EAE-A73D-D03936163200}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{17C2C15D-9AF3-44E9-A89B-80896BED3636}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{1854C125-D3F9-442C-84EC-A30A9B21F60F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{18B9B923-04C6-4779-B595-2628724EE2AF}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{190600D8-EB2D-4F71-9591-7C7CB416BD52}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{19FF1FD2-42C6-4217-B8EC-F213F9D9D92C}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{1A45ADA8-B62B-4411-94E4-8B6181CCFA29}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{1A55C918-37DC-4E4A-8488-70B04BDF9B0B}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{1B1109C7-8AF3-4F4E-8618-5D195308ED0B}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{1B3D458E-338C-4992-B8BE-A8B82C9CA29F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{1C51E20D-2B0A-47EB-9E4D-95CF7FF36B5C}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{1D0637A6-1BE3-44DB-A568-AD81877B3546}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{1DA60197-4D48-4B5F-9766-5D19D0B83591}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{1E03768A-A867-4706-83E9-5BD19E9FA4A0}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{1E795753-1879-4BBB-8F03-7AAF889DC4E4}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{1F2DEF90-1335-4C2D-B325-DD7BF74271AD}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{1F6424FB-CAE2-4015-9C07-C08563CB5DF9}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{209776D6-DD73-4DD2-9D66-95137D015571}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{22832091-F1EE-4FE7-B44A-5BDB3C6D9097}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{22D9712D-C8DB-454B-B2A9-E3B02FB838F6}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{2355D8BD-ED7B-4A9F-8314-352E13025CF1}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{24498F8C-2AC2-4BAA-AB2C-D68D5FD4038C}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{24BDC1B8-5AE2-4B59-BC1D-3EA752AF79F4}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{25F729A5-598E-4867-BBE0-052D656D396B}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{268CC8F8-F3EC-4087-9D3E-A3C38C5CE2C8}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{26B72C59-3C7C-43FA-A1AA-7BC25EE69D8F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{273A17DC-09DC-4163-B1B2-F5A94CB0DF49}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{2770A3CF-2729-4777-81D9-B9E4E8802CE8}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{2842EE67-DB28-4884-A7D1-00DD7BEC5EAC}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{295C7285-C161-4C28-8A3D-5EB2DE6FB1A9}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{2AA15822-14D4-450A-B569-7A76933DEA3D}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{2AB23CBD-CDBD-46CA-B153-3D2D42EB4C58}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{2D129B08-8ABF-4D2E-8A0C-EB092F5EAD68}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{2F239896-F35B-41A3-A8BF-5E96ADB2F376}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{2F60D1A7-130C-4317-B8CC-C08099F89E72}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{2F87DBE0-D5D9-446A-820B-EBF3A400013D}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{3024798F-F10B-48A5-A6E9-2B476D9A373D}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{303A28FF-4403-4658-8E6A-10C1FF8448CE}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{3081A6B9-54E3-4220-8195-9FB4E73441BB}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{31E2DD3D-C8C9-48EE-A57A-AC1D04B9304B}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{327A4CAC-1FDB-491F-935C-7DCB5234D412}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{3340D433-614E-494B-8230-D598FDA36A9E}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{33D41CD3-374F-4721-9AF0-881D70E04AE7}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{33F75A10-B92D-431A-977A-3A24BF8748F4}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{33FB1B37-DB1F-43BA-8EE1-B95852F05C64}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{340B6777-ABA4-458B-A17B-CAD965614B32}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{340FC51E-84F7-4302-A805-A64E9E157FFA}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{355EA8DA-B07D-44F8-862B-9F1C7205CA9F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{3617F0C7-202B-4C09-B12A-9B3D7062BD78}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{363A5702-0CA3-440A-9944-11F81DF72837}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{36D864F1-C27D-412F-94DC-B419D55233C0}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{3704B9C0-2684-4BA0-BDD9-19D10422D959}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{3727ECFB-AC63-4611-80E6-AA9F7BF6F158}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{37466018-7C77-4C33-B828-A0439DD9FCA4}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{37A6CA04-D806-4070-A82A-537DB4B3D366}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{37F9261F-8C21-4E1A-82EE-AE42FBB8A361}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{3814CBF4-1FBF-4509-B97D-48D9B59832B7}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{38BABFB4-707B-49DD-AC9D-B43292DD0CF4}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{39AAFFBB-E4A3-46DB-8057-30713C99293B}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{3A9811FC-6D73-4E2B-AF8C-AA2AD93A50CC}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{3B8C3F75-A0BF-4A91-8692-D1857F927645}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{3D3F4FD5-1251-40B2-8F65-6ECB9DBB0E77}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{3D6FB795-485C-4ED5-9FBD-236E23718500}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{3DC010FA-C6D1-4A69-A6E4-332FC49252B0}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{3E13211E-8A5F-4685-B155-1376D699F423}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{404B4FE2-4738-463C-A083-D7A97E4AF531}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{405858AA-7762-44E9-8A45-EDAC570DAC95}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{40F4AC5D-47A5-45C6-B111-9FE2F00267D9}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{417744F5-7307-44FA-9F84-08A8C222020F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{417ED190-F105-4DFF-AA4D-E41EEA4E947E}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{436EBA29-5F90-46DB-96F6-BE4DBB5E73D6}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{437A9D44-85FF-40E8-B48F-50EE288DBC8E}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{44433D23-47FE-4685-94DE-71871F4544A2}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{4463CD2B-BC9C-4FEE-B4A2-F27C6C9A9847}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{4483076B-A674-4C57-B653-A890B14F9987}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{449EAAA0-95FE-4682-9CF2-9D18080BECC0}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{45394636-D1A0-45C5-99CC-BABE2032D5D6}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{45445CA7-160A-4D45-B753-6DD6715512DF}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{45786795-2103-4C72-96C7-780566A1B43D}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{465329E6-B23F-414C-AE9F-DA11C1CC1CF5}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{467ACDB8-1AF5-43E6-893E-55D52D3F44DD}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{46BA9700-5802-4C38-B27D-FB7B6EC01C21}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{47678D23-3079-4A04-9E49-3C8B4C6DD66E}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{47A18080-5CC3-4124-9FC1-AA61078FA198}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{47CE193B-5B9D-41A6-81FF-92654A649792}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{47E0B444-6F77-457D-A5AE-C098BEEC3CA7}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{48571F53-5B40-4575-AE34-2D7B3B29A568}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{485E38FC-7F55-4910-9E61-9C22FBF33A6A}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{49213C1C-03D4-4A6C-BB5E-13ABBF07AF1B}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{49351A47-FEAC-44DB-AF45-F3060377F8EE}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{4A37C466-C392-4DAD-83FE-8B9204ACF2D4}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{4A54723D-1CBD-460B-8006-2E6457CBD019}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{4A65F140-7DD9-46F9-8909-008E1A675691}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{4B04ECB9-4B52-4138-8C2C-15DADF32E63F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{4B779845-E18D-4063-8C50-485B55952003}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{4B8A6AD0-CECD-4848-A9FB-1A105A371519}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{4B9C6177-F2AD-4858-94B5-7480A6732875}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{4BD5A29E-5C11-40D4-AF97-9B8F7DB5EB3C}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{4BDF4018-0196-4451-BA15-3F5F072EE771}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{4C43CF65-E9BF-416D-A586-0CA9F0BCF853}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{4C88577E-A6A2-4094-A0D8-FFBF72FF8785}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{4FB80772-86BD-4917-8A84-5A479804D302}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{4FD4C34A-AC5B-4FDF-957E-AF094BE135E2}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{50F16F2C-E64B-4272-B908-4AF9C3A30FA2}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{511E47E1-7A00-4E30-95A1-B9C2D4D29625}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{51B9F974-23F6-405F-8D15-0F7C4B1BE95E}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{51E0AC14-C963-4B46-8424-165DB6DC93FD}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{529293AD-D656-48B9-8C49-4CE930DABFE0}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{52B509F6-0B1B-4C20-AD3E-443261A4DE5A}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{52DD6F64-3DDC-4C4C-8D5D-4DF147387BAF}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{53D6BF90-BEEA-45E9-8BC0-6E92ACB849EC}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{542B1994-E5FB-4E5D-BBA2-4043099A66D7}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{54803DD9-FB27-4252-ADF7-EDC0AE8C9905}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{55838DE7-AACA-4738-9423-FC9E225C56ED}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{55A75C88-0477-4CD5-A544-EC1B735C9CA2}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{55ED98EB-BC69-4503-8903-96002117679F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{56443E01-1075-4B03-9414-7626169B067F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{56B3AFD8-FF9B-4F6D-9EF7-B90B73EA3642}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{570D9BA7-1E2F-49DE-A787-B26E6B2DE92C}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{5921DABD-A3ED-42F0-B41A-BEB05BF87AEE}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{5935C150-2AA2-43D9-A9C0-4C370CDC5314}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{5A57E060-1F1A-47CC-854E-996F8F4A15C2}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{5A729A91-7CAC-483D-8718-03FAF3D34391}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{5AFD9841-B5B1-4476-9016-6AE2E0924FF5}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{5BB42DED-7536-4EC2-90A6-D6FFCF0F537E}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{5CF00B03-9CA0-4B6A-8768-3ECA06449ACD}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{5D608F30-98DF-4664-870A-994741A50E5F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{5D7FE324-4AE4-4A68-9130-8B51143AE14D}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{5DB50594-68F5-4C9A-8D0E-E9FCE94B5713}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{5E7CD0A5-369D-4E8C-B866-F1F7223E62AA}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{5F503BB1-304C-4C65-B022-34C8B6695623}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{5F7140CC-C610-44F7-9056-EF8C26F6AAC5}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{6055B3DF-6EA1-4AE6-B033-8C7970458E00}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{607720A1-DDE4-4230-BA2E-C00EBAD78DAA}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{60D52EBE-265E-4166-BCBA-8589A67B133D}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{621ED8B0-8310-4118-9010-18F569EBCCE5}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{62D6734D-7D13-46F8-83D1-8B8383CC3F9E}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{641C6577-3271-433F-A561-FA3B90A1EF5F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{65A45A57-3BD0-4E49-9804-F41FCF6CFAC8}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{6660F659-CA56-4AF7-A8D4-F7937FB89483}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{67847AD2-287C-4172-AB3B-FF90B25AAC97}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{682D0AA5-D85B-4C32-A48E-55F8E501D8D8}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{68C6DB00-B3D9-4FDA-ADB2-7926E1D9D61E}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{68D18012-C693-4D75-A818-7E61D8A9EE0F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{68DD323D-B6F3-400E-A966-90BBE7FE758C}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{6977143B-EEF1-4D4D-8D7D-D61FAF686F69}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{69A89A2B-C216-4510-9487-1F6E74A2152E}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{6A44C9BA-31DA-4336-A361-DB9F75D41E76}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{6B446E15-D886-4BBA-B1AE-56249726221E}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{6BC8CECB-58FA-4AEA-805B-D73714C9CB70}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{6BCB4E10-DDAD-4F3A-BCE8-6BE0B627B530}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{6C881C54-A277-49D0-B467-1D2C6F1796DB}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{6D3CC354-3077-4E12-927A-209891DB578C}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{6D77F942-F65B-419E-9648-0639D6090034}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{6E8ECD3D-9084-46D2-985E-BA859110C28B}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{6F283212-5581-4868-9756-3C295AE052CD}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{6FA85E8F-7B0B-4CB3-81F4-7926CD7C5AE7}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{720356A4-158C-44D5-9DBA-3CB637CE99D6}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{725A6380-4189-40AA-A22F-57DE95E65DB6}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{73358F46-58AF-4B73-AE46-0F5CAD5C26E1}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{744C7791-EBDA-46C0-AB0B-EEDFDDBE9131}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{75185F7C-6A0F-48A2-8EAD-0F024AA93F17}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{75A7BFFD-41EF-40F4-A6F4-A905A4BAC302}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{75D13C5C-F28A-4A75-B0C1-E79B7EB0F906}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{76AF5BF5-E908-4D8B-B447-583E73F85B3F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{76F4FECE-9952-4DDC-A59C-6B589601EB63}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{77B0EEBE-16BC-4420-AA4F-18DE01674B84}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{77E8F04D-404B-44AA-BEB2-CD6B7A962499}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{7877F973-69B3-4097-B0FD-57780598AED7}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{79177226-D146-40E5-9509-8EDC96F2F613}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{791C1FC5-4AE8-48AE-B9F1-91CD7E4DA365}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{792E3CC3-A48E-4D59-A581-5395BF015364}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{79D4EFC3-3AFE-44CE-BF32-90E0F034351F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{7B05D1D6-BC2A-414A-A19C-367E9BD15928}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{7C78B770-09AE-4584-966B-5023EC861616}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{7D12DC6D-092A-4D41-AAD8-CDD3B361133E}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{7DE05675-DF5A-4BFC-8D9A-86054DD13B88}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{7E5E833A-35CB-4CD2-B980-05CD695A283B}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{7F1E2DC4-F2B5-46F3-B188-3CC72411DB94}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{7FAFDB30-BE90-434C-8931-34A76FFD2192}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{7FC55B5F-ED57-4A62-AB73-B6A5D4E1F9CB}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{7FC9EF57-E957-4411-B689-30589BF1368C}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{8128A16C-445B-49F6-A4A6-5D6CED228F47}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{821E22C9-1E66-4F84-A44A-CC5466B2E83F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{82CE0ED1-B4FC-4A0E-B615-C1FE51857E0B}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{82E61496-94A0-4883-A7CA-09D0F52DF8DD}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{833D328A-447A-4C64-9652-E467F5E38EB9}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{83E76587-CF05-4C0C-BA3A-4EE3A165E838}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{8400A66F-A702-46C9-84B6-BB7D81400519}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{84FAB69C-3923-44BD-BC92-47C3A47DBF81}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{8508EE41-6B7F-4539-89E4-14FBFB0A5D7F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{85A5DE22-0775-4209-8301-2BED5DA009DB}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{85B91AB0-E527-4187-96E5-9F7305D1DDA5}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{85D4C0AE-014D-436B-B80F-97DD61E9AA01}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{867C711F-E0A4-49B6-B419-63E0341FE3AA}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{86FA294B-BDE8-48F3-8B35-E0ABFBA46B5E}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{8776176C-72CC-440F-AC4F-6E5FEE9D52A7}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{87AE3C46-4A39-41C3-AFB2-10C90292DA16}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{88D2690A-FFFB-499F-9EEE-2B65875C3856}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{890BEFF8-902C-4CF8-9F3D-DE5361E75265}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{8923AAE2-319F-4A36-A358-B44D08D0BDF0}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{89D280D6-787A-4F25-91F5-94CC73AF48C6}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{8A6B69CC-4F86-46E1-A3CC-50546F40119D}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{8AE19B38-4581-459F-B7A5-98084200D255}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{8AF689D2-CE13-4BF5-B935-E5895B9F01A1}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{8B12A752-E65D-45CC-AE3F-17075602301E}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{8B73D7E8-C4DD-43D2-88B2-6D4C726182C7}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{8CD8113B-A7DF-41F7-AAB3-1B65A9A8EAA3}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{8CF059D5-1E53-4EE4-B3C1-BA21E505F737}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{8E68B008-A998-49E5-8ACC-DFE314B61455}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{8EEFF56E-AD8D-4BBD-9D7A-4CDFF7139CDD}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{8F7F4AE2-567B-4585-8DB7-524DA01E817B}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{8FF1CA2B-86CE-4AC4-9176-7BA25427EEE0}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{9072EA32-8A56-48D1-A2E4-3477275BF098}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{90DF870F-470B-43AE-A25B-52C67722F5D3}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{918EA7B4-6A9C-47CD-B26C-EBBB774FADF8}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{91F8DB38-47B7-405C-9C29-FF81EAC38899}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{92A2EB73-9425-4E8A-BDA5-2E7E26D51EAC}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{92E54E4F-9201-489C-BCA1-A204E805D19B}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{954835C2-A4E0-4FD0-86E2-97B416A59913}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{97CB0216-5CF4-4A8C-9083-095CD487CF8C}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{990D88CA-488E-4018-8167-135054BA34E7}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{995F9D89-4FD8-4F33-9386-D09940B26034}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{99C80674-5124-4A08-A7A8-01C2879C218A}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{9ACF2195-F8A5-4806-9126-6E29574706B9}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{9B37F909-A2C2-47D8-A8BB-31E9CD3EB564}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{9B7A4746-F650-4035-8C8C-5BFEB00A0782}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{9BA4C3CC-F259-46C1-987C-90C1521057FB}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{9C2BAC61-03A1-4170-B4A8-9D1D3AFC11CA}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{9E8C2229-6871-4860-8B4F-B063B8FBB025}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{9EC21A4B-2B28-4AB1-9C1D-D506FB481438}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{9ED10A96-A314-4A95-BEB1-D216BE067F1E}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{9F1B83BC-7B85-4C7E-8801-3FACA078C12D}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{9F715F3F-CB7E-4DEA-B965-11194389DECE}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{A052EA95-F3AD-4230-8DC5-029CD67B54B0}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{A0D0A2EB-06C8-4B43-92DC-CED6D814249D}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{A0EC7BF2-C686-4410-A052-FF3BF324B71A}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{A1D1C5E7-E3DA-41FA-92CF-FB7BE32E9AC4}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{A1E2362C-E2B9-4C83-8A4D-DC416A62B869}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{A218422A-B512-4A55-B613-6221967CB67C}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{A294960D-39C6-43B1-9A71-573061870D9A}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{A377332A-363B-46AC-9EA8-83F4F7770204}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{A59EC209-CEA3-4ED8-8229-F958F4BCA853}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{A6243271-3C27-4D9B-9867-6C5CA942E80D}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{A6FCB75E-BAD1-4F00-95ED-A319E033D1C3}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{A79EA943-D273-4972-A62A-60935B52259D}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{A85E7F31-C8DE-44AC-9D92-2F07F1FC22D0}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{A89D4F86-93CE-4918-8ABC-E377127586AD}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{A8B7AA61-B96A-49DA-80BD-4CBFB1AF1EAA}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{AA007293-55AF-477D-B2ED-346158783600}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{AA3E4DAC-14B7-4262-92E1-2590677C6EED}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{AAD4D22F-9892-4F89-A50E-BC0AEA64BA07}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{AB01A545-994A-4B45-B74B-603DCC22726B}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{AB19D1EE-EEEC-4018-B24F-1ED388C3B767}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{AC151F8D-9FAA-4015-85D7-01448CE5CC26}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{AC20D5F1-8443-4148-A03F-A0EA080C1724}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{ACA7B444-FDE6-427A-B2BD-3E6C94B4BAC2}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{ACCF72D3-811B-4658-950F-41804A4509FD}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{ACDC090E-BB03-4597-9120-0B6B75E9C557}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{AD460463-1267-4FA2-920F-E9F3911B5719}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{ADD98581-C3A1-4974-BE17-428A3049BB2F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{AE754CF1-648B-4CEC-ADA4-2C2736B01E77}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{AE9CAF3A-B92B-49B9-832C-DB3986D1689F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{AEF3977B-98FD-4058-B41D-60E4C7988BFE}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{AFED19BA-23E4-43AF-B833-477FAE3B5425}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{B25BA97A-1ABF-4209-A318-C8B58C779AB3}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{B2D649C1-9EDB-4422-A7A7-3F2C77FE9667}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{B3946D6C-7DA3-4F74-B0B7-658B730C6DB4}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{B3C22660-4E50-4571-B3FA-7608B67BF809}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{B4250285-3777-4A5E-B6C1-5F0AF17B6982}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{B4464BC7-844C-4024-A6F9-8EC6552D71C1}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{B49C652F-FE6B-4C85-A66D-70F491D6611A}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{B4E008EB-36C4-480E-A33A-A4A3FFEE650D}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{B5B87585-E574-4FE5-826E-E4C9A6AFE207}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{B5F70E57-40F1-4020-8ADB-D9038B96EEF6}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{B67D941D-EC63-40D8-9D4A-2452EF383027}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{B6FDF63E-6D7A-4B4B-B8E3-AFF6E5C1E151}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{B76728CF-9AB5-4718-84F6-045D20B8F10A}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{B85C5BDD-1CE0-499B-B1EA-EBC2658A8625}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{BB122AE0-E99D-4E4B-B0F6-8C8A30A70D93}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{BBC59386-324B-4909-B314-8EDE4F07D281}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{BC45210D-E86D-463D-B212-4E1EBB6AC2C8}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{BC6F8ADC-1065-464F-9DB8-D1B712155064}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{BCA74019-C9C5-42B5-9AF5-C74DB1136234}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{BCC20575-0DC6-42FA-97A6-57F3D2EA179F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{BCE8A8A8-9EBF-4C89-BAF8-16D51BCC5029}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{BE95ED34-8C99-4F68-8F41-B4ABB96E0501}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{BF0B22B4-6720-4A37-B6A7-B8DC061DFC3D}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{BF43826F-7932-4EDF-B483-FC2F423013FA}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{C000D3FF-CDBF-4BE4-9193-3783DF1DF856}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{C09D3901-E7CB-4472-8A90-65EBDF136F2A}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{C2370A79-C80C-4FE5-AD99-5B2EAD534CFB}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{C2A021C2-F7A6-4645-BE03-26BD846CC522}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{C2AE0E1F-661B-4265-BAA4-7628DF15ED6E}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{C2B4B192-2A64-49F4-8F92-CDAE861050F0}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{C3A67317-9A34-471B-BF61-1BFA4A1D3C85}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{C57E9900-3305-4D1A-A253-A2BD60496404}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{C5FDD61B-0D0A-4FB8-9AFE-9ACAD3CFDD8C}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{C6141B7A-BC8E-4BA9-96D8-151FD8C6D149}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{C6883D3A-5F8F-418B-BE7A-1FB95069724A}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{C7232CA3-20C5-4FF6-BE56-A2133DB27BC6}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{C7EBF022-023F-4C13-AFC2-5C7F3F276B56}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{C811AD65-F605-4167-B698-F01026211E34}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{C8291E4F-6805-4103-BAF5-81063A4DA90A}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{C85AF8A0-0B38-4A3E-92C2-AB162AC9DB3B}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{C8764642-06D3-452A-86EB-AA804968D371}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{C882F880-E4CC-4881-A090-AF9E34794BCB}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{C8C1E1C5-58CE-4E39-9679-266A39CDE080}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{C8EC9FAE-8DB4-4613-B867-954F893696DB}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{C9C3014A-EA70-4560-BD7C-6FA8200B7BCC}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{CB8956EA-ABA9-4532-B702-4BE7B7D4A1C9}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{CB9A63AA-43B8-4269-92B9-B4FF3AEEE5CF}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{CBD85BF5-5BE2-49C4-BF04-AA945811049D}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{CCD874F4-60BC-4C07-8D1C-46BE7C1D2A2E}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{CD0A86FD-452E-449A-91C2-C0EF52F78837}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{CE224DBC-C0F6-44F0-A82F-9B1E8A4B77C8}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{CE74C5EE-73EF-431A-9FA8-0882F2B2180E}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{CEB9CBE4-DB50-48DB-8F7F-211A5E1C7646}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{CEBA2943-553E-460B-A75D-A8873C1B1E16}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{CEDC114F-52A6-4D49-9DA2-6E4FE5A322FC}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{CF3F27D9-F578-44DA-ADF7-30DEB0EDE88D}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{CFF4880D-9F93-46B2-B5FC-32796266C925}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{D02501B4-218F-4B3A-B199-C07925C6C7E1}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{D0FDD4BD-4210-4D55-8336-C9A586304341}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{D19CF79B-B5BA-4C2E-B0BF-F1E3F33E0D5F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{D23280D5-6425-4ADC-81EA-7971402DB32A}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{D3349AEA-F1DB-4297-9180-6B431C829B01}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{D4332B30-E090-42AD-834C-098D76847FF8}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{D4DE3A08-8A66-436F-8822-BAC41F73F06C}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{D534E0A4-BA54-4BC8-947C-2AAEFA03F978}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{D60BBD2F-36E9-4F63-B2B1-12A558F8EB44}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{D72723BF-C5BC-4012-8675-8E21BD5958FC}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{D747AECD-9F9B-43CA-8D1A-AFC1B9397419}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{D7FCA84D-51FA-4E18-ADCB-AFD536DE57F3}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{D91044E9-9DD3-40FA-A594-716C77414082}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{D99448C4-336A-4FDC-B7B4-7CEED8D347C7}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{DA0CA306-CB3C-4EE8-9025-8B77C2CD474F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{DADB6041-599B-49AE-80E3-8FB294FE73CE}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{DBCA86E8-7BFF-46D6-9E81-778F4DFCE9E3}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{DBEDC389-262F-4964-ADB1-4654C06C5051}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{DCEDD963-E9BE-4B83-910D-747C4F3E452F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{DD0832F8-B842-456E-90DC-AD7D24AB0EEF}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{DD18855E-F946-47F9-88A8-74C2ADDDC9F2}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{DD59E6F0-681F-41AB-B901-44654BB2E918}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{DD76CB80-ED7A-47F8-9549-380E0680A382}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{DDABC3BB-92E0-449E-8809-69C8C551326B}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{DDDB28CA-D841-4FBB-9AB8-2F55CEF3CF9D}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{DDFF91DB-B71A-48A3-A62B-27881E801787}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{DE6AA4FB-25FE-4280-B2F2-502CF027C237}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{DE701929-BFE1-4989-896E-799DB3A066F9}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{DF97B5DE-0AF3-422B-AE15-2E1A051804B2}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{E028620E-3D7B-47ED-A4B6-8796F0D020EE}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{E1390670-7F52-4E74-94CF-1AD2E49A223F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{E15B5F7B-5FF1-41DF-8618-57AFE4D3EBC6}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{E205CEBA-31FB-401A-93FD-6567B82DAACC}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{E246B584-411E-4AB1-951C-5FD22422681C}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{E3523238-4296-42CA-B1EC-9109471D9CC3}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{E3C5B494-A54B-4286-8B26-B8A19CE85584}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{E408675A-1C22-4303-B16B-18FB9C4229D4}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{E436EF00-0DE5-47E1-A39A-5B22490C78ED}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{E45021CD-9282-480E-8223-72AE71EBE733}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{E4BD631A-6A15-4833-A1DE-E10213FF01FB}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{E5117AF9-E00D-48E8-8416-A9AE9569BF14}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{E58563F5-BDCB-4D6A-8C24-09CF9A2FE6F9}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{E632CAE0-DC72-4C0B-BB22-EB6ED05053AC}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{E71B8D81-9CEE-4E9E-99C8-1E4402D062E6}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{E7BDE094-41FC-4BCA-B47A-39EFA989BEB6}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{E7C08104-99A8-4E42-9E5E-26A230793145}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{E7D49E0D-3CD2-4C5C-A0AD-AF396C189FFD}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{E7ED7C2D-78AA-4848-ADA1-31DE3E5F3E10}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{E81B2871-40D0-4A6A-9E1D-1782D55CB184}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{E97DD7D4-D958-4DBE-99EC-C787CFC38A9A}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{EA54FEB6-4795-44D3-93E2-DD6232B1EB72}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{EB347FEF-9665-420F-8490-EC812F05E5BB}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{EB7AD34F-B093-464D-9677-510C3D96FDD6}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{EC444A09-5F75-4F1B-8C7D-F726F898B75F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{ECA2CE31-5690-4787-9EA9-65BF34A90C5A}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{ED399139-FE18-4DB8-8779-ABA60AB65ADA}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{ED790DCF-DCC4-4FE6-88B5-297AF029CEB2}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{ED9D6DBC-375C-4F1D-B45D-2AFAF514821D}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{EDC1FC27-2FC4-4A53-9A1D-C28EC62B60DD}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{EDC338E0-8722-4AD0-8998-664863FAE1DC}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{EE88884A-1212-485C-87D8-7635DB9948F7}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{EECABD2E-0927-4627-AA62-A387F70AED8A}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{EECCA10B-7444-49B9-8B63-E8C4EB2414CB}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{EF0B52FC-ED19-4788-8E79-64506F8685AE}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{EF3BB89F-5478-4182-A076-FE2AD5E9E6C3}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{EFC71EB4-8E40-4111-9A49-05195C64E2BA}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{F122E92F-AD9F-4B2A-8F39-212D1242B59F}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{F14ABC34-0EAD-4EBD-B511-7C2543503B74}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{F15F6AC4-9E8D-441B-8E5D-DC1B446EB0F3}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{F191BEF2-A541-4E49-AC59-77B96B76105E}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{F237CC13-6AEA-4033-93C0-5F4EFBBA8E7B}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{F2EA4EAF-60C8-4B2F-8D2C-402BCA7B0985}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{F3383CD7-EC17-4CE6-9C96-F6967E46A7AE}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{F34066A5-F12B-4060-8A63-591E4549D34A}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{F41CF75B-38B9-49D1-8F48-87DE29F8ABD1}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{F434EC92-5F1B-4721-B1ED-B8B2930ABFF1}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{F469E168-D622-40DC-8FB6-89DEE5A2368D}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{F59CF932-A2EF-4925-BA36-868479A3D3FB}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{F63F4095-3E72-4CC9-A5D5-B9001EC153D2}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{F66759F7-41A5-4E40-82CE-EB11F009DD00}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{F68A55CF-72C3-408B-9B8C-F0A55758B9A0}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{F747212E-4971-4401-BDA7-4D01EAA0DAB5}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{F7536DDD-A52F-4825-AC22-62EF90F6A8A6}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{F8339F18-9097-4664-8D5F-31893DE3F3D4}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{FAA25525-9327-4660-84D9-3DC0B72D0BEC}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{FAF74020-9D40-4D4E-9BF6-FFE6D44F1DC5}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{FBCAB487-AA0E-47B5-A981-59B6FEE3A6BB}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{FBD3E742-ECD6-4B12-8663-6CEE24B98A68}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{FCDA326E-3314-4323-84FE-5FE038D16997}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{FCF66EAB-0B28-4DFF-9879-B5B606227CE9}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{FD96C1A3-F465-4B10-8400-62564F997846}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{FDCBED1F-B48B-4444-8E39-BB33B36D528B}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{FE84BB45-2CD6-49C3-A1CF-4CB33DFA54A9}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{FF94D7B7-D430-4755-87FA-BECC0F16A32C}

~~~ FireFox

Successfully deleted the following from C:\Users\Cynda\AppData\Roaming\mozilla\firefox\profiles\4njefsnf.default\prefs.js

user_pref("extensions.optimizegoogle.cookies.SafeSearch", "empty");
user_pref("extensions.optimizegoogle.cookies.enableSafeSearch", false);
Emptied folder: C:\Users\Cynda\AppData\Roaming\mozilla\firefox\profiles\4njefsnf.default\minidumps [487 files]
~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 03/01/2014 at 13:40:00.04
End of JRT log

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-03-2014
Ran by Cynda (administrator) on DELLY12 on 01-03-2014 21:29:32
Running from C:\Users\Cynda\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
(Conexant Systems, Inc) C:\Program Files\Conexant\SAII\SmartAudio.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [309376 2011-03-03] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [519296 2011-02-25] (Conexant Systems, Inc.)
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [9577680 2012-11-07] (COMODO)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] - C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [460872 2012-01-13] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-4260647240-2271912820-1087707178-1001\...\Run: [Google Update] - C:\Users\Cynda\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-27] (Google Inc.)
HKU\S-1-5-21-4260647240-2271912820-1087707178-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-4260647240-2271912820-1087707178-1001\...\MountPoints2: D - D:\autoRcd.exe
AppInit_DLLs: C:\Windows\system32\guard64.dll => C:\Windows\system32\guard64.dll [390392 2012-11-07] (COMODO)
AppInit_DLLs-x32: C:\Windows\SysWOW64\guard32.dll => C:\Windows\SysWOW64\guard32.dll [301264 2012-11-07] (COMODO)
Startup: C:\Users\Cynda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
SearchScopes: HKCU - {49606DC7-976D-4030-A74E-9FB5C842FA68} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{B98BDB4E-E647-4284-B4D6-EAF68F96FEB5}: [NameServer]8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\Cynda\AppData\Roaming\Mozilla\Firefox\Profiles\4njefsnf.default
FF Homepage: hxxp://www.google.com
FF NetworkProxy: "type", 4
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Motive.com/NpMotive,version=1.0 - C:\Program Files (x86)\ATT\8.3.1.7\ma\bin\npMotive.dll No File
FF Plugin-x32: @Motive.com/npMotiveRequest,version=1.0 - C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Cynda\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Cynda\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: DownloadHelper - C:\Users\Cynda\AppData\Roaming\Mozilla\Firefox\Profiles\4njefsnf.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-08-29]
FF Extension: Clean Links - C:\Users\Cynda\AppData\Roaming\Mozilla\Firefox\Profiles\4njefsnf.default\Extensions\{158d7cb3-7039-4a75-8e0b-3bd0a464edd2}.xpi [2012-11-13]
FF Extension: NoScript - C:\Users\Cynda\AppData\Roaming\Mozilla\Firefox\Profiles\4njefsnf.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-02-14]
FF Extension: Adblock Plus - C:\Users\Cynda\AppData\Roaming\Mozilla\Firefox\Profiles\4njefsnf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-02-14]
FF Extension: Greasemonkey - C:\Users\Cynda\AppData\Roaming\Mozilla\Firefox\Profiles\4njefsnf.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-10-17]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-06-14]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Cynda\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Cynda\AppData\Local\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Cynda\AppData\Local\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Cynda\AppData\Local\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java™ Platform SE 7 U51) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Cynda\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Adblock Plus) - C:\Users\Cynda\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-28]
CHR Extension: (Google Wallet) - C:\Users\Cynda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Cynda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-02-28]
CHR Extension: (Readability) - C:\Users\Cynda\AppData\Local\Google\Chrome\User Data\Default\Extensions\oknpjjbmpnndlpmnhmekjpocelpnlfdi [2014-02-28]
CHR HKLM-x32\...\Chrome\Extension: [edmgmpmklgfbohogafcfobonnkogchec] - C:\Program Files (x86)\Common Files\Motive\extensions\MotiveRequest.crx [2014-02-28]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR StartMenuInternet: Google Chrome - C:\Users\Cynda\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2010-01-27] (Adobe Systems)
S4 AdobeActiveFileMonitor5.0; C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [102400 2006-09-14] ()
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2828408 2012-11-07] (COMODO)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [652360 2012-01-13] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [584056 2012-11-07] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [38144 2012-11-07] (COMODO)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [94288 2012-11-07] (COMODO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23152 2011-12-10] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2013-09-11] (Realtek Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [X]
S3 MREMP50; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
S3 PcdrNdisuio; syswow64\drivers\pcdrndisuio.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-01 21:29 - 2014-03-01 21:29 - 00014070 _____ () C:\Users\Cynda\Desktop\FRST.txt
2014-03-01 21:28 - 2014-03-01 21:29 - 00000000 ____D () C:\FRST
2014-03-01 13:41 - 2014-03-01 13:41 - 00050557 _____ () C:\Users\Cynda\Documents\JRT2.txt
2014-03-01 13:40 - 2014-03-01 13:40 - 00050557 _____ () C:\Users\Cynda\Desktop\JRT.txt
2014-03-01 13:35 - 2014-03-01 13:35 - 00000000 ____D () C:\Windows\ERUNT
2014-03-01 13:10 - 2014-03-01 13:29 - 00000000 ____D () C:\AdwCleaner
2014-03-01 13:08 - 2014-03-01 13:08 - 01244192 _____ () C:\Users\Cynda\Desktop\adwcleaner.exe
2014-03-01 12:55 - 2014-03-01 12:55 - 00991232 _____ () C:\Users\Cynda\Desktop\MicrosoftFixit50267.msi
2014-03-01 12:54 - 2014-03-01 12:54 - 02155520 _____ (Farbar) C:\Users\Cynda\Desktop\FRST64.exe
2014-03-01 12:53 - 2014-03-01 12:53 - 01037734 _____ (Thisisu) C:\Users\Cynda\Desktop\JRT.exe
2014-02-28 17:15 - 2014-02-28 17:15 - 00042142 _____ () C:\Users\Cynda\Documents\Attach.txt
2014-02-28 17:15 - 2014-02-28 17:15 - 00017095 _____ () C:\Users\Cynda\Documents\DDS.txt
2014-02-28 15:55 - 2014-02-28 15:55 - 00009506 _____ () C:\Users\Cynda\Documents\cue research.odt
2014-02-27 20:50 - 2014-02-27 20:50 - 00006548 _____ () C:\Users\Cynda\Desktop\startup cc.txt
2014-02-27 18:49 - 2014-02-27 18:49 - 04110135 _____ () C:\Users\Cynda\Downloads\tdsskiller (2).zip
2014-02-27 18:35 - 2014-02-27 18:35 - 00001264 _____ () C:\Users\Cynda\Desktop\Spybot - Search & Destroy.lnk
2014-02-27 18:34 - 2014-02-27 20:22 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-27 18:34 - 2014-02-27 18:37 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-02-27 18:32 - 2014-02-27 18:32 - 01064488 _____ (BillP Studios) C:\Users\Cynda\Downloads\wpsetup.exe
2014-02-27 18:28 - 2014-02-27 18:29 - 16409960 _____ (Safer Networking Limited ) C:\Users\Cynda\Desktop\spybotsd162.exe
2014-02-22 21:11 - 2014-02-22 21:11 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-02-22 21:09 - 2014-02-22 21:09 - 00002101 _____ () C:\Users\Public\Desktop\MP Navigator EX 1.0.lnk
2014-02-22 21:09 - 2014-02-22 21:09 - 00001766 _____ () C:\Users\Public\Desktop\Canon My Printer.lnk
2014-02-22 21:05 - 2014-02-22 21:05 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-02-22 21:04 - 2014-02-22 21:04 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-02-22 21:04 - 2007-03-23 16:33 - 01439744 _____ (CANON INC.) C:\Windows\system32\CNC470C.DLL
2014-02-22 21:04 - 2007-03-23 16:32 - 00092672 _____ (CANON INC.) C:\Windows\system32\CNC470I.DLL
2014-02-22 21:04 - 2007-03-19 10:21 - 00246272 _____ (CANON INC.) C:\Windows\system32\CNC470L.DLL
2014-02-22 21:04 - 2007-03-15 14:13 - 00229888 _____ (Canon Inc.) C:\Windows\system32\CNC470O.DLL
2014-02-14 02:19 - 2014-02-14 02:20 - 00021658 _____ () C:\Users\Cynda\Documents\productkeys.odt
2014-02-13 20:54 - 2014-02-13 23:01 - 00000000 ____D () C:\Users\Cynda\Desktop\8400
2014-02-12 18:06 - 2014-02-06 06:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 18:06 - 2014-02-06 05:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 18:06 - 2014-02-06 05:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 18:06 - 2014-02-06 05:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 18:06 - 2014-02-06 05:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 18:06 - 2014-02-06 05:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 18:06 - 2014-02-06 04:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 18:06 - 2014-02-06 04:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 18:06 - 2014-02-06 04:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 18:06 - 2014-02-06 04:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 18:06 - 2014-02-06 04:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 18:06 - 2014-02-06 04:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 18:06 - 2014-02-06 04:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 18:06 - 2014-02-06 04:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 18:06 - 2014-02-06 04:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 18:06 - 2014-02-06 04:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 18:06 - 2014-02-06 04:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 18:06 - 2014-02-06 04:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 18:06 - 2014-02-06 04:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-12 18:06 - 2014-02-06 03:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 18:06 - 2014-02-06 03:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 18:06 - 2014-02-06 03:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 18:06 - 2014-02-06 03:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 18:06 - 2014-02-06 03:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 18:06 - 2014-02-06 03:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 18:06 - 2014-02-06 03:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-12 18:06 - 2014-02-06 03:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-12 18:06 - 2014-02-06 03:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 18:06 - 2014-02-06 03:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 18:06 - 2014-02-06 03:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 18:06 - 2014-02-06 03:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 18:06 - 2014-02-06 03:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 18:06 - 2014-02-06 03:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-12 18:06 - 2014-02-06 03:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 18:06 - 2014-02-06 02:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 18:06 - 2014-02-06 02:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 18:06 - 2014-02-06 02:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 18:06 - 2014-02-06 02:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 18:06 - 2014-02-06 02:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 14:09 - 2013-12-31 17:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 14:09 - 2013-12-31 17:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 14:09 - 2013-12-24 17:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 14:09 - 2013-12-24 16:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 14:09 - 2013-12-05 20:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 14:09 - 2013-12-05 20:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 14:09 - 2013-12-05 20:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 14:09 - 2013-12-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 14:09 - 2013-12-03 20:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 14:09 - 2013-12-03 20:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 14:09 - 2013-12-03 20:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 14:09 - 2013-12-03 20:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 14:09 - 2013-12-03 20:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 14:09 - 2013-12-03 20:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 14:09 - 2013-12-03 20:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 14:09 - 2013-12-03 20:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 14:09 - 2013-12-03 20:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 14:09 - 2013-12-03 20:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 14:09 - 2013-12-03 20:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 14:09 - 2013-12-03 20:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 14:09 - 2013-12-03 20:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 14:09 - 2013-12-03 20:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 14:09 - 2013-12-03 19:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 14:09 - 2013-12-03 19:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 14:09 - 2013-12-03 19:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 14:09 - 2013-12-03 19:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 14:09 - 2013-11-26 02:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 14:09 - 2013-11-22 16:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-11 00:46 - 2014-02-11 01:26 - 739507178 _____ () C:\Users\Cynda\Downloads\The.Trials.of.Cate.McCall.avi
2014-02-09 15:27 - 2014-02-09 15:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-07 18:05 - 2014-02-07 18:05 - 01142837 _____ () C:\Users\Cynda\Desktop\20071009110058609_SH-S162A_TS03.zip
2014-02-07 18:03 - 2014-02-07 18:03 - 00512072 _____ () C:\Users\Cynda\Downloads\WININQUIRY.exe
2014-02-07 00:26 - 2014-02-07 01:17 - 635184018 _____ () C:\Users\Cynda\Downloads\Nebraska.mp4
2014-01-31 21:30 - 2014-02-01 00:55 - 773308594 _____ () C:\Users\Cynda\Downloads\aqos-duke.avi
2014-01-31 19:09 - 2014-01-31 19:09 - 00000000 ____D () C:\Users\Cynda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Windows Performance Toolkit
2014-01-31 19:09 - 2014-01-31 19:09 - 00000000 ____D () C:\Program Files\Microsoft Windows Performance Toolkit
2014-01-31 19:09 - 2014-01-31 19:09 - 00000000 ____D () C:\Program Files\Microsoft Help Viewer
2014-01-31 19:09 - 2014-01-31 19:09 - 00000000 ____D () C:\Program Files\Debugging Tools for Windows (x64)
2014-01-31 19:08 - 2014-01-31 19:08 - 00000000 ____D () C:\Program Files\Application Verifier (x64)
2014-01-31 19:08 - 2014-01-31 19:08 - 00000000 ____D () C:\Program Files (x86)\Application Verifier
2014-01-31 19:07 - 2014-01-31 19:07 - 00000000 ____D () C:\Program Files\Microsoft SDKs

==================== One Month Modified Files and Folders =======

2014-03-01 21:29 - 2014-03-01 21:29 - 00014070 _____ () C:\Users\Cynda\Desktop\FRST.txt
2014-03-01 21:29 - 2014-03-01 21:28 - 00000000 ____D () C:\FRST
2014-03-01 21:09 - 2012-06-27 21:22 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4260647240-2271912820-1087707178-1001UA.job
2014-03-01 20:41 - 2009-07-13 22:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-01 20:41 - 2009-07-13 22:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-01 20:38 - 2009-07-13 23:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-01 20:37 - 2012-01-03 19:41 - 01282534 _____ () C:\Windows\WindowsUpdate.log
2014-03-01 20:34 - 2013-08-29 14:18 - 00013993 _____ () C:\Windows\setupact.log
2014-03-01 20:34 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-01 14:09 - 2012-06-27 21:22 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4260647240-2271912820-1087707178-1001Core.job
2014-03-01 13:41 - 2014-03-01 13:41 - 00050557 _____ () C:\Users\Cynda\Documents\JRT2.txt
2014-03-01 13:40 - 2014-03-01 13:40 - 00050557 _____ () C:\Users\Cynda\Desktop\JRT.txt
2014-03-01 13:35 - 2014-03-01 13:35 - 00000000 ____D () C:\Windows\ERUNT
2014-03-01 13:29 - 2014-03-01 13:10 - 00000000 ____D () C:\AdwCleaner
2014-03-01 13:08 - 2014-03-01 13:08 - 01244192 _____ () C:\Users\Cynda\Desktop\adwcleaner.exe
2014-03-01 12:55 - 2014-03-01 12:55 - 00991232 _____ () C:\Users\Cynda\Desktop\MicrosoftFixit50267.msi
2014-03-01 12:54 - 2014-03-01 12:54 - 02155520 _____ (Farbar) C:\Users\Cynda\Desktop\FRST64.exe
2014-03-01 12:53 - 2014-03-01 12:53 - 01037734 _____ (Thisisu) C:\Users\Cynda\Desktop\JRT.exe
2014-02-28 17:15 - 2014-02-28 17:15 - 00042142 _____ () C:\Users\Cynda\Documents\Attach.txt
2014-02-28 17:15 - 2014-02-28 17:15 - 00017095 _____ () C:\Users\Cynda\Documents\DDS.txt
2014-02-28 15:55 - 2014-02-28 15:55 - 00009506 _____ () C:\Users\Cynda\Documents\cue research.odt
2014-02-28 15:44 - 2012-02-13 18:23 - 00000000 ____D () C:\Users\Cynda\Documents\VA Claim
2014-02-28 12:24 - 2013-09-09 12:46 - 00172338 _____ () C:\Windows\PFRO.log
2014-02-27 23:31 - 2013-09-07 16:30 - 00000000 ____D () C:\Program Files (x86)\Belarc
2014-02-27 20:50 - 2014-02-27 20:50 - 00006548 _____ () C:\Users\Cynda\Desktop\startup cc.txt
2014-02-27 20:45 - 2012-02-13 19:43 - 00000000 ____D () C:\Users\Cynda\Documents\tqha93qs.default
2014-02-27 20:22 - 2014-02-27 18:34 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-27 18:51 - 2012-10-01 20:20 - 10820032 _____ (SurfRight B.V.) C:\Users\Cynda\Desktop\HitmanPro36_x64.exe
2014-02-27 18:51 - 2012-03-13 22:04 - 00000000 ____D () C:\Windows\pss
2014-02-27 18:49 - 2014-02-27 18:49 - 04110135 _____ () C:\Users\Cynda\Downloads\tdsskiller (2).zip
2014-02-27 18:37 - 2014-02-27 18:34 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-02-27 18:35 - 2014-02-27 18:35 - 00001264 _____ () C:\Users\Cynda\Desktop\Spybot - Search & Destroy.lnk
2014-02-27 18:32 - 2014-02-27 18:32 - 01064488 _____ (BillP Studios) C:\Users\Cynda\Downloads\wpsetup.exe
2014-02-27 18:29 - 2014-02-27 18:28 - 16409960 _____ (Safer Networking Limited ) C:\Users\Cynda\Desktop\spybotsd162.exe
2014-02-25 06:03 - 2014-01-16 15:44 - 00000000 ____D () C:\Users\Cynda\ProcessExplorer
2014-02-25 05:06 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-24 21:11 - 2012-02-13 17:29 - 00000000 ___RD () C:\Users\Cynda\Desktop\My Muz
2014-02-22 21:27 - 2012-02-20 01:49 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-02-22 21:24 - 2012-02-13 17:30 - 00000000 ____D () C:\Users\Cynda\Desktop\My Install
2014-02-22 21:11 - 2014-02-22 21:11 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-02-22 21:09 - 2014-02-22 21:09 - 00002101 _____ () C:\Users\Public\Desktop\MP Navigator EX 1.0.lnk
2014-02-22 21:09 - 2014-02-22 21:09 - 00001766 _____ () C:\Users\Public\Desktop\Canon My Printer.lnk
2014-02-22 21:05 - 2014-02-22 21:05 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-02-22 21:04 - 2014-02-22 21:04 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-02-22 20:31 - 2009-07-13 23:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-02-22 20:26 - 2012-04-26 13:38 - 00000000 ____D () C:\Users\Cynda\AppData\Roaming\Canon
2014-02-22 12:52 - 2012-02-18 23:31 - 01001623 _____ () C:\Windows\system32\Drivers\etc\hosts.old
2014-02-22 12:51 - 2012-02-13 16:50 - 00000000 ____D () C:\Users\Cynda\AppData\Local\Adobe
2014-02-21 18:11 - 2012-06-27 21:37 - 00002371 _____ () C:\Users\Cynda\Desktop\Google Chrome.lnk
2014-02-20 03:02 - 2012-02-14 15:36 - 00000000 ____D () C:\Users\Cynda\AppData\Local\Windows Live
2014-02-19 12:20 - 2009-07-13 23:08 - 00032656 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-17 14:04 - 2012-06-27 21:22 - 00003884 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4260647240-2271912820-1087707178-1001UA
2014-02-17 14:04 - 2012-06-27 21:22 - 00003486 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4260647240-2271912820-1087707178-1001Core
2014-02-14 02:20 - 2014-02-14 02:19 - 00021658 _____ () C:\Users\Cynda\Documents\productkeys.odt
2014-02-14 02:20 - 2012-03-12 13:53 - 00000000 ____D () C:\Users\Cynda\AppData\Roaming\OpenOffice.org2
2014-02-14 02:01 - 2012-02-13 18:23 - 00000000 ____D () C:\Users\Cynda\Documents\workbook current
2014-02-14 01:54 - 2013-01-08 21:08 - 00001805 _____ () C:\Users\Cynda\Documents\Reggie codes.txt
2014-02-13 23:01 - 2014-02-13 20:54 - 00000000 ____D () C:\Users\Cynda\Desktop\8400
2014-02-12 17:02 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2014-02-12 14:19 - 2013-07-12 21:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-12 14:18 - 2012-02-29 03:37 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-12 14:15 - 2011-02-10 10:10 - 00774592 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-11 01:26 - 2014-02-11 00:46 - 739507178 _____ () C:\Users\Cynda\Downloads\The.Trials.of.Cate.McCall.avi
2014-02-09 15:27 - 2014-02-09 15:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-07 18:05 - 2014-02-07 18:05 - 01142837 _____ () C:\Users\Cynda\Desktop\20071009110058609_SH-S162A_TS03.zip
2014-02-07 18:03 - 2014-02-07 18:03 - 00512072 _____ () C:\Users\Cynda\Downloads\WININQUIRY.exe
2014-02-07 01:17 - 2014-02-07 00:26 - 635184018 _____ () C:\Users\Cynda\Downloads\Nebraska.mp4
2014-02-06 06:16 - 2014-02-12 18:06 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 05:30 - 2014-02-12 18:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 05:30 - 2014-02-12 18:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 05:12 - 2014-02-12 18:06 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 05:07 - 2014-02-12 18:06 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 05:06 - 2014-02-12 18:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 04:57 - 2014-02-12 18:06 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 04:56 - 2014-02-12 18:06 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 04:52 - 2014-02-12 18:06 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 04:49 - 2014-02-12 18:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 04:48 - 2014-02-12 18:06 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 04:48 - 2014-02-12 18:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 04:38 - 2014-02-12 18:06 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 04:32 - 2014-02-12 18:06 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 04:20 - 2014-02-12 18:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 04:17 - 2014-02-12 18:06 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 04:11 - 2014-02-12 18:06 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 04:01 - 2014-02-12 18:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 04:00 - 2014-02-12 18:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 03:57 - 2014-02-12 18:06 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 03:57 - 2014-02-12 18:06 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 03:52 - 2014-02-12 18:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 03:52 - 2014-02-12 18:06 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 03:50 - 2014-02-12 18:06 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 03:49 - 2014-02-12 18:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 03:47 - 2014-02-12 18:06 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 03:46 - 2014-02-12 18:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 03:25 - 2014-02-12 18:06 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 03:25 - 2014-02-12 18:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 03:24 - 2014-02-12 18:06 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 03:22 - 2014-02-12 18:06 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 03:13 - 2014-02-12 18:06 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 03:09 - 2014-02-12 18:06 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 03:03 - 2014-02-12 18:06 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 02:55 - 2014-02-12 18:06 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 02:41 - 2014-02-12 18:06 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 02:40 - 2014-02-12 18:06 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 02:36 - 2014-02-12 18:06 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 02:34 - 2014-02-12 18:06 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-02 16:32 - 2012-03-01 18:24 - 00007639 _____ () C:\Users\Cynda\AppData\Local\resmon.resmoncfg
2014-02-01 00:55 - 2014-01-31 21:30 - 773308594 _____ () C:\Users\Cynda\Downloads\aqos-duke.avi
2014-01-31 20:11 - 2012-02-13 15:19 - 00000000 ___RD () C:\Users\Cynda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-31 19:09 - 2014-01-31 19:09 - 00000000 ____D () C:\Users\Cynda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Windows Performance Toolkit
2014-01-31 19:09 - 2014-01-31 19:09 - 00000000 ____D () C:\Program Files\Microsoft Windows Performance Toolkit
2014-01-31 19:09 - 2014-01-31 19:09 - 00000000 ____D () C:\Program Files\Microsoft Help Viewer
2014-01-31 19:09 - 2014-01-31 19:09 - 00000000 ____D () C:\Program Files\Debugging Tools for Windows (x64)
2014-01-31 19:08 - 2014-01-31 19:08 - 00000000 ____D () C:\Program Files\Application Verifier (x64)
2014-01-31 19:08 - 2014-01-31 19:08 - 00000000 ____D () C:\Program Files (x86)\Application Verifier
2014-01-31 19:07 - 2014-01-31 19:07 - 00000000 ____D () C:\Program Files\Microsoft SDKs
2014-01-31 19:07 - 2009-07-13 23:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-01-31 19:07 - 2009-07-13 21:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-01-31 18:34 - 2013-11-25 15:37 - 00000000 ____D () C:\Program Files\ProcessExplorer
2014-01-31 01:39 - 2012-02-18 23:31 - 00989149 _____ () C:\Windows\system32\Drivers\etc\HOSTS.bak
2014-01-31 01:24 - 2013-01-02 22:35 - 00000000 ____D () C:\ProgramData\xml_param
2014-01-31 01:22 - 2012-12-29 02:58 - 00000000 ____D () C:\ProgramData\iSkysoft Video Converter
2014-01-30 14:58 - 2012-02-13 18:25 - 00000000 ____D () C:\Users\Cynda\Documents\Lawsuits

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-02-28 00:20

==================== End Of Log ============================
 

 

Attached Files



#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,191 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:17 PM

Posted 02 March 2014 - 09:34 AM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.

start

HKLM-x32\...\Run: [] - [X]
SearchScopes: HKCU - {49606DC7-976D-4030-A74E-9FB5C842FA68} URL =
FF Plugin-x32: @Motive.com/NpMotive,version=1.0 - C:\Program Files (x86)\ATT\8.3.1.7\ma\bin\npMotive.dll No File
FF Plugin-x32: @Motive.com/npMotiveRequest,version=1.0 - C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll No File
CHR Plugin: (Google Update) - C:\Users\Cynda\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll No File
CHR HKLM-x32\...\Chrome\Extension: [edmgmpmklgfbohogafcfobonnkogchec] - C:\Program Files (x86)\Common Files\Motive\extensions\MotiveRequest.crx [2014-02-28]
S3 cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [X]
S3 MREMP50; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]

end

Save the files as fixlist.txt in to the same folder as FRST
Run FRST and click Fix only once and wait
The tool will create a log (Fixlog.txt) please post it to your reply.
===

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===

Please let me know what problem persists.

#5 753Charlie

753Charlie
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:17 PM

Posted 02 March 2014 - 04:25 PM

Save the files as fixlist.txt in to the same folder as FRST
Run FRST and click Fix only once and wait
The tool will create a log (Fixlog.txt) please post it to your reply.
===

 

Question: I saved FRST to my desktop. After cleaning, I moved it to my received files, along with all of the other logs and downloaded utilities from yesterday.  Do I need to make a separate folder for FRST, then add  fixlist.txt  to it before running FRST again?  Thanks.



#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,191 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:17 PM

Posted 03 March 2014 - 07:30 AM

The Fixlist.txt must be in the same folder as the FRST.EXE tool.
It does not need to be in a separate sub-folder.

#7 753Charlie

753Charlie
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:17 PM

Posted 03 March 2014 - 03:38 PM

As per your request.  Thanks for all of your help.  Do I need to uninstall MVPS/Hostman and do a re-install?

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-03-2014 01
Ran by Cynda at 2014-03-03 14:28:42 Run:1
Running from C:\Users\Cynda\Documents\My Received Files
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start

HKLM-x32\...\Run: [] - [X]
SearchScopes: HKCU - {49606DC7-976D-4030-A74E-9FB5C842FA68} URL =
FF Plugin-x32: @Motive.com/NpMotive,version=1.0 - C:\Program Files (x86)\ATT\8.3.1.7\ma\bin\npMotive.dll No File
FF Plugin-x32: @Motive.com/npMotiveRequest,version=1.0 - C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll No File
CHR Plugin: (Google Update) - C:\Users\Cynda\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll No File
CHR HKLM-x32\...\Chrome\Extension: [edmgmpmklgfbohogafcfobonnkogchec] - C:\Program Files (x86)\Common Files\Motive\extensions\MotiveRequest.crx [2014-02-28]
S3 cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [X]
S3 MREMP50; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]

end
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68} => Key deleted successfully.
HKCR\CLSID\{49606DC7-976D-4030-A74E-9FB5C842FA68} => Key not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@Motive.com/NpMotive,version=1.0 => Key deleted successfully.
C:\Program Files (x86)\ATT\8.3.1.7\ma\bin\npMotive.dll not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@Motive.com/npMotiveRequest,version=1.0 => Key deleted successfully.
C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll not found.
C:\Users\Cynda\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll not found.
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\edmgmpmklgfbohogafcfobonnkogchec => Key deleted successfully.
"C:\Program Files (x86)\Common Files\Motive\extensions\MotiveRequest.crx" => File/Directory not found.
cpudrv64 => Service deleted successfully.
MREMP50 => Service deleted successfully.
MREMP50a64 => Service deleted successfully.
MREMPR5 => Service deleted successfully.
MRENDIS5 => Service deleted successfully.
MRESP50 => Service deleted successfully.
MRESP50a64 => Service deleted successfully.

==========================================================

Results of screen317's Security Check version 0.99.79  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
 Windows Firewall Disabled!  
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Spybot - Search & Destroy
 HostsMan 4.0.94 RC2   
 Java 7 Update 51  
 Adobe Reader XI  
 Mozilla Firefox (27.0)
 Google Chrome 32.0.1700.107  
 Google Chrome 33.0.1750.117  
 Google Chrome plugins...  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
 Comodo Firewall cmdagent.exe
 Comodo Firewall cfp.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
 

 

 



#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,191 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:17 PM

Posted 04 March 2014 - 08:11 AM


Do I need to uninstall MVPS/Hostman and do a re-install?
Follow the instructions about Hostman on this page.
http://winhelp2002.mvps.org/hosts.htm
===

Your logs are clean.

Any remaining issues?

#9 753Charlie

753Charlie
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:17 PM

Posted 04 March 2014 - 06:41 PM

Your logs are clean.  Any remaining issues?

 

============================================

 

Thank you for your expert help..   I got infected despite being very cautious and proactive with security.  The only issue that I have left is that  C: Windows\system32\ ntoskrnl.exe is running in my taskmanager..  Thanks again.

 

 


Edited by 753Charlie, 04 March 2014 - 06:42 PM.


#10 nasdaq

nasdaq

  • Malware Response Team
  • 39,191 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:17 PM

Posted 05 March 2014 - 09:14 AM


What is Ntoskrnl.exe
http://www.runscanner.net/lib/ntoskrnl.exe.html

===

All you had was some PUP (Potentially Unwanted Program) installed without your consent.
These are possibly installed when you download and run 3rd party software. Nothing very malisious but a nusance.

~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{0020C439-7992-4045-9A25-DCA8163CB5DC}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{0020C497-9A65-4D56-B576-BD49381E96ED}
Successfully deleted: [Empty Folder] C:\Users\Cynda\appdata\local\{007D85AF-7547-4168-BFCD-11F907A93A09}
etc...

These folders are created by Windows Live Mail.
Use the Junk Removal tool on occasion to remove them. Nothing to worry about.
===



If all is well:

Please consider using these ideas to help secure your computer. While there is no way to guarantee safety when you use a computer, these steps will make it much less likely that you will need to endure another infection. While we really like to help people, we would rather help you protect yourself so that you won't need that help in the future.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

Having an effective antivirus is a must for everyone.
In addition to many excellent commercial products there are plenty of good free antivirus programs available. I can recommend:

If you are satisfied with your current protection programs you can ignore the instructions on Antivirus or Firewall listed below.In addition to an antivirus I recommend using a firewall. A software firewall is a software program that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet. I can recommend one of the following free products:Please note: Many installer offer third-party downloads that are installed automatically when you do not uncheck certain checkboxes. While most of the time not being malicious you usually do not want these on your computer. Be careful during the installation process and you will avoid seeing tons of new unwanted toolbars in your favorite web browser.

Please consider installing and running some of the following programs; they are either free or have free versions of commercial programs:

Malwarebytes Anti-Malware (MBAM)
The free version of MBAM can be used to scan the system for traces of malware. Scanning your system regularly will make it harder for malware to reside on your system.
A tutorial on using MBAM can be found here.
Please Note: Only the paid for version has real time capabilities.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent malware from ever installing on your computer may be found here.

Please keep these programs up-to-date and run them whenever you suspect a problem to prevent malware problems. A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time. Passive protectors, like SpywareBlaster can be run with any of them.

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different than the older version of rogues mentioned above.

Please keep your programs up to date. This applies to Java, Adobe Flashplayer, Adobe Reader and your Internet Browsers in particular. Vulnerabilities in these programs are often exploited in order to install malware on your PC. Visiting a prepared web page suffices to infect your system.

In general Firefox, Opera and Google Chrome are considered to be more secure than Internet Explorer. In addition there are many useful add-ons that can protect you from possible risks:
  • WOT will warn you when you try to visit sites with poor reputation. The reputation is based on user ratings and is usually very accurate.
  • Script Blocker can help blocking many attempts to infect your system via malicious websites by only allowing scripts at sites you trust.
  • NoScript is a popular Firefox addon,
  • ScriptNo a popular Google Chrome addon.
For much more useful information, please also read Tony Klein's excellent article: How did I get infected in the first place

Hopefully these steps will help to keep you error free. If you run into more difficulty, we will certainly do what we can to help.
===

#11 nasdaq

nasdaq

  • Malware Response Team
  • 39,191 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:17 PM

Posted 11 March 2014 - 08:37 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users