Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot unistall programs - Zip Opener culprit?


  • Please log in to reply
17 replies to this topic

#1 flicksoccer

flicksoccer

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:51 AM

Posted 08 April 2014 - 10:35 AM

Hi,

 

I was having problems trying to uninstall Zip Opener and Update for Zip Opener.  Zip Opener has disappeared, but Update for Zip opener is still present.  Moreover, now I cannot uninstall any program.  I get a message stating please wait while program is being changed or uninstalled.

 

Any assistance would be greatly appreciated!

 

Regards,

 

Flicksoccer



BC AdBot (Login to Remove)

 


#2 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:05:51 PM

Posted 08 April 2014 - 11:31 AM

Hi flicksoccer and welcome to BleepingComputer! :)

 

:step1: Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

:step2:

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

What we need in your next reply:

  • adwcleaner log
  • JRT log

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#3 flicksoccer

flicksoccer
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:51 AM

Posted 08 April 2014 - 11:59 AM

Hi Sirawit,

 

Thanks for your help.  Here are the logfiles:

 

adwcleaner log

# AdwCleaner v3.023 - Report created 08/04/2014 at 12:39:42
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Stephen Giffen - BLUEDELLLAPTOP
# Running from : C:\Users\Stephen Giffen\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Users\Stephen Giffen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage
File Found : C:\Windows\System32\Tasks\Digital Sites
File Found : C:\Windows\Tasks\Digital Sites.job
Folder Found C:\Program Files (x86)\SearchProtect
Folder Found C:\ProgramData\Ask
Folder Found C:\Users\Stephen Giffen\AppData\Local\SearchProtect
Folder Found C:\Users\Stephen Giffen\AppData\LocalLow\AskToolbar
Folder Found C:\Users\Stephen Giffen\AppData\Roaming\DigitalSites

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\dsiteproducts
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites
Key Found : [x64] HKCU\Software\dsiteproducts
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Key Found : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc.1
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.mysearchdial.com/?f=1&a=dsites_14_10_ch&cd=2XzuyEtN2Y1L1QzutDtDtC0D0EtCtA0DtByDtA0Ezyzy0AzztN0D0Tzu0SyBzyzytN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDyDtBzytA0C0CzytGyEyC0E0CtGtCyEyBzytG0Fzy0FzytGyByD0Czy0ByDyByByByEzzyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtCyCzy0B0A0B0AtGyBtByCtCtGyCzzzyyBtG0EtAyE0CtGyDyDzztC0F0E0Dzz0EtAyBtB2Q&cr=1236218461&ir=
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.mysearchdial.com/?f=1&a=dsites_14_10_ch&cd=2XzuyEtN2Y1L1QzutDtDtC0D0EtCtA0DtByDtA0Ezyzy0AzztN0D0Tzu0SyBzyzytN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDyDtBzytA0C0CzytGyEyC0E0CtGtCyEyBzytG0Fzy0FzytGyByD0Czy0ByDyByByByEzzyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtCyCzy0B0A0B0AtGyBtByCtCtGyCzzzyyBtG0EtAyE0CtGyDyDzztC0F0E0Dzz0EtAyBtB2Q&cr=1236218461&ir=

-\\ Google Chrome v33.0.1750.154

[ File : C:\Users\Stephen Giffen\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

JRT log:

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Stephen Giffen on Tue 04/08/2014 at 12:45:37.74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

~~~ Services

 

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\esrv.exe
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dsiteproducts
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.mysearchdialesrvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.mysearchdialesrvc.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3D486993-5CDE-4707-9AA3-DE2BB67924D1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DE608F2D-2900-43AF-BC7D-51F5B1B081B9}

 

~~~ Files

Successfully deleted: [File] "C:\end"

 

~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\searchprotect"
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{01C00642-8214-45B6-9DE6-6B1B9E0EEBA6}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{02CE5283-9D19-4438-AB9F-28C092788F88}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{03954042-7F9F-4A8A-8FE8-004E498A51ED}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{03DFD630-4213-4F09-B04C-D256E0F3D3D7}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{042C01BF-15F3-4A93-A257-03B89AF1BF23}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{065F13B4-E368-4633-A010-8C2B9F399E21}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{066C887D-0A88-4CEB-BC4E-96EF669B2554}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{06F6970C-D789-4A79-8027-9B365E197717}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{07E329A3-9BCA-411F-A166-8E18EB71CD9D}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{0847F67C-A81C-470C-BD84-841E62FD84EB}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{08582AB4-1E6A-4AFB-A8C1-34A43C2B6627}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{0A70FA46-DE7D-425E-878C-2C10351C9399}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{0B22F070-013C-4DD0-A33E-D1ECE88E7DE2}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{0D6041A5-EF8D-4BE1-8DC9-815D3975CEEE}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{0E7FC63E-E796-4AD2-BD77-5266F3D5202F}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{0ED02337-77F5-4CBA-97EF-30788BF8A9AC}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{0ED2E375-4073-4FEF-A058-04A734350AE4}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{10470D7C-4B07-456C-BD07-668C78A62F00}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{117C96CE-AF7D-4E95-A71F-628B08FA5F39}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{119F8405-FACF-4F60-90D4-332F6CDCAF85}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{126658C0-149E-4623-B5D0-D8912BE3691A}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{13646E42-6AF8-4BB0-A004-1EE65A37F0C1}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{13C1950F-7486-4704-B478-DB1E8F5560D9}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{1471F242-F503-4A46-9EBE-6E9B15967F75}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{1541B640-B439-4A6C-82EF-044D7B873D56}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{175B140A-1248-4111-8485-91C3A373F7D9}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{17851565-5AFD-4307-9541-3B2F16C0F95C}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{18BB77E3-01E0-49F1-B736-BDF773FDC7DB}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{197C7D81-B15E-4B68-8FA5-0BE46298526B}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{19F69B4F-CFF8-4ABF-B155-BEC4B0E803C9}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{1A8D2AD3-80DC-41DC-BA9B-8B6E696BA480}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{1AD850B2-3239-4E9F-BD1F-D61DB2BBFFA2}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{1B3CE3B2-C8E7-4CAB-BD8C-8BB662607EB7}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{1C51E3B4-2D8F-4B7D-8887-F9679A5FEC18}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{1DEA7765-00B0-4D68-B6BD-47259A0FE638}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{20633ED4-71AE-45EF-9DDF-08DCEC3918EB}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{207145F7-C61B-4395-B1AA-E9DD40279687}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{2451C027-5D56-4C3E-99A7-BC238B36A873}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{26CCEFA6-E679-412E-BD0F-AF2C580037A1}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{2736E518-5746-48A4-855D-99102A1641E9}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{29312A6B-B32B-44F4-BA8F-052159218376}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{29A22647-959D-4438-A130-D4E56FF764A4}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{2AF48CE6-660B-4002-BBCE-7B270DBD53D0}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{2C4A3C9A-7CCA-41A0-98ED-DE7921A5CA10}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{2ED6FD3E-B410-414A-99E2-2A7C086EBFA4}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{309A9751-C4C1-416F-8022-4E963687A97B}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{310B8687-2353-41DB-93EC-C92D3526B1D8}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{316F4812-2404-49C9-8444-1A02849A3C6D}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{32C5E9B4-947E-40A2-B50F-34501E96F9A3}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{3470C93B-9DCA-471B-B6D9-A6FCE3D2449E}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{35E74D00-EAB2-407D-BF6E-94BAC08A9DCD}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{3625B95E-905E-4211-AD91-93A86A9935C9}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{36B64A87-777D-4B13-A7FE-3594AD5A90AA}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{37CAEC05-CD8B-4B69-9C8E-797816306504}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{3A399F74-0E52-4E3D-B7A7-629D3FD0A5B2}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{3B0A7B3B-89AD-4507-99A8-D54725DA6A74}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{3C875B84-1E0F-4BEA-ADD9-75337C61FBF6}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{3D829173-4A8A-4F57-90E1-7D546E455256}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{3DD49F7E-77BC-487A-8922-46A8E44098AA}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{3E89DBD3-3577-48C9-8796-80D0B154A3CF}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{3EA377EE-C4E5-4452-86E4-1C19DA485CAE}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{3F78338A-B0A3-4E55-B3AB-B41A5E028AD6}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{4271B427-9E9B-40D3-91CC-0C3CDD6CC528}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{43F80366-7EFE-4875-B160-1E1975BE6E05}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{44E6AB77-F279-4C07-AFBD-EAE06ABE7031}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{4516421B-8083-4161-85FD-99DC9A6A8D29}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{45F02D8E-1DF3-4F2A-A3E3-7C95471C7DCD}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{46525DC5-DFA0-4033-80F8-ED51B90594B9}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{47009F32-1CCB-4EA4-AAC3-3B958228FF27}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{48F49E91-5FD0-4B6C-8B2E-F127BF28CE40}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{4A4711DB-E97B-462B-A88A-BC19CC1B12EF}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{4B2CCB95-26D4-42A8-B330-45E3BFAD178A}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{4C036110-ED3A-4EC5-A356-A818F0347E05}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{4C5B5D09-4D3E-4540-AACC-22DC05E15EA4}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{4D344570-65FD-44E5-8BA6-507B984EEE3D}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{4D4FA2B8-20A0-480D-8728-9C04BDD0CFD1}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{51DDF8CC-5012-455A-96C8-3D130D6BEFD1}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{52C39DD1-8523-4825-86E9-0126D7F520C8}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{52E54483-2B5D-467E-B7BA-C5C5F70DB059}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{5408D7B2-045F-4489-8182-7608E84E1857}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{550850B2-B2CB-4661-A77F-B608C5371559}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{5821171B-0C55-45D0-A608-AC00FFB89038}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{59973672-0C98-44F2-BD45-2AAAE7F851C3}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{59AC2C37-ACCE-4A71-B517-C0EE6AB047CC}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{5BF57905-087A-4D7D-8F98-64E65A9351C7}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{5D607A87-0022-4BAA-8D91-B2B931ED4F43}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{5EE67B4C-143C-4AA8-BAA2-26DDB42612B4}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{5F2630C4-9C60-4DB1-8D6F-DC68B7F5A275}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{5F8B2FC1-1975-4FE8-B240-99CAE4EF4A5F}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{64185859-927E-4F3C-8DB8-70FE66E84915}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{66D1A331-85DF-4C6D-BD55-DB531B3771B0}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{674A86EA-B4E0-4BD6-AED2-555524DB5BD6}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{68CCE948-8599-4CB1-B054-083C2F08C0FD}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{68EF5B5F-F61D-4801-A91B-FF954B9FDB5A}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{6ACCCF85-BC4B-4ACF-83AF-DA8F1C065FED}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{6BAFDCBC-0EB3-4BDF-BFBE-C291BA01CBF4}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{6C01BBA0-C534-4D58-B727-4E64D1D1FF1F}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{6C91CC41-0729-4777-A5A5-1EC3EE195C5B}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{6D548E84-8F1C-4FBA-B44B-9B1C2957D5E8}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{6D8DA940-64EF-47EF-9614-FB85B651FC40}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{6E162534-E560-4632-A597-1914628D1B11}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{6EB6C553-8DF0-49FA-BC54-E61C1E5214A8}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{6EF7FE50-EDD8-4F99-9819-D7511A233F5E}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{709F753D-E4D5-4FBB-A518-B2423673A3CD}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{711132BB-6161-4240-A1DF-D7D667B9AD72}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{71C73E1F-4348-47FF-BD54-D98E29E9A0B7}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{7693622D-C59C-4854-9D67-0D33B34F4206}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{787C6AC0-87BA-4791-8881-2B02F5DB12BD}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{7A2CF263-4C02-4D88-8F7F-75E9B3CBC098}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{7B87D291-034C-4078-8FCD-E569DD5ECBF2}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{7C2BEC7F-6D10-4DF2-BB61-88FF4C2B4711}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{7CBFCF72-8020-4835-9BC4-718FBE2F0358}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{7FF5F9BD-EF23-4341-BB94-595926A85C14}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{80251FF0-A14C-4DE9-A33D-B97C3F742797}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{80A15B78-9028-4AFB-BE78-6980D251CE0A}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{811DEAF9-DD73-490D-B2A8-8F42AD424611}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{812BDD8F-AFE7-4DA7-8D2E-DC8917651DE4}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{822FB7D6-0889-4C12-A0CF-DCC0A1718D27}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{83E512CF-47A8-44B0-AB43-5186B9617F8F}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{8434C8A8-349F-45C7-AF84-7FC61ACC4B4B}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{84448D3B-2986-446D-96CE-A69830EE67AE}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{84A7D55C-4350-4998-B20E-F706A5EAFCFE}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{85DC0A4B-9F41-45DF-9D46-17A3418BC2CA}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{861BAA0D-ADCC-4E35-99EB-954F540BB1E1}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{862DEE25-F1B4-4EA6-B3FD-240F3DAAE2FF}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{8807ED0E-617D-43B3-BE61-89EECE917397}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{8857EE27-21C5-488F-86D6-5E3860711DB1}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{88FC9553-139E-40DC-80E3-839FC74635E3}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{8A059107-9392-413A-80EB-3A0A59476BA0}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{8A99ED41-C3C1-48BB-A8BD-0361D3FEEC15}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{8B4F3612-519C-4468-8A95-1CC236B791D3}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{8F3219EB-57E1-4668-90CC-84F064458AFB}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{904D47EA-4FC6-4688-BED3-EC032D827CAD}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{90E0729C-34E5-4E6B-A939-29A291B70E26}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{91AE2378-0AD3-4DDD-B86F-11B309A1827A}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{9327B597-534A-4245-9579-1F0BE65632A6}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{93C92D01-FDB0-4439-9FA1-A9F6F490B3F3}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{94D79D26-C843-4061-8C0F-89D968340B7C}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{95C2CF5D-D5E1-405D-8016-E8E43BC70ED1}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{962C5C41-4C67-445B-9846-9F25E4619954}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{966B9D03-6880-472C-8325-BB17F081ED11}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{9720B30A-968F-47AB-8C3F-9C59F95ADCFC}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{97B36DF0-054A-4CE7-9EF4-8EAB89654029}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{9802FCCC-70E7-4DD0-84EF-EFC8D4900A86}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{989A9DB7-0A25-4DCB-A9DC-57B41F1640FC}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{98D6C530-E2F6-4A97-9840-B98F3344D983}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{9E8843D0-750E-46B7-8774-096F9927BD99}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{9FB2D1C3-C8C3-4E7A-B059-8BDF6C5D80DB}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{A07A3519-26CD-44CA-912D-B91DA554CA9E}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{A0F64AC1-9607-49B3-A4F5-D88BAA41BF0C}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{A0FD7A67-F43A-4484-A10B-EF38B05288A1}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{A218BDAF-CB20-4D8A-8148-EC50E6434078}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{A24F28E7-95CE-47A0-94DA-B950B37ED99D}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{A3BB8B6B-0A1D-426C-B45F-E94834CBB82A}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{A54C001A-F8A8-4CEE-BD5F-D7D416B1D455}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{A6DA80A3-F4A5-4674-ADCD-21495CE4B243}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{A846B034-1E87-4DA8-9D8E-5F9CC7C2BFCC}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{A90220BE-1665-4992-85BA-5B3A9BBFB93F}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{AA5994DF-E28E-40FF-B336-B78A5EB718F9}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{AB6ADA5F-CF34-45A2-AFD0-5976C8BC846C}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{AD0B9C92-65E5-41E6-A3A8-7A61E067D88C}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{B0DAED64-F43B-4C99-BADD-F31A6EFAAB98}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{B1CCFC63-9BAD-4DE9-B0DA-B10FE65C9107}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{B1EE7588-172F-4880-ABF3-527F0A864BDE}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{B2C4E39D-F0E3-48E9-93B4-BA1D696937D3}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{B3D2EC46-C05F-4FF8-BBD0-E7C0A4E05FD0}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{B482DA03-9B68-4F84-9F2D-DC9545E6371C}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{B633E6C2-11BF-48D6-9F9D-B7A395E7EBD5}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{B690B4AB-E8AB-45D5-A06F-928B861722E7}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{B7CBE9FC-16FE-4BFF-8F45-DB45E05B755D}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{B9D39688-97D5-40B8-A97C-F0D2BBDC092E}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{BB36F5D4-2D56-458B-8C21-6F522FA920C3}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{BCB7379D-67FB-4D38-903B-95463EC209C5}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{BD4030A4-63CA-4012-968F-BAD33986C4A1}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{BF249C9D-74E0-46F9-B8C6-C9DB36983B6D}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{C12F5F7C-E460-4A94-872F-339FEC6569AB}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{C39C2254-4C25-4A5E-AC75-A726A4984BA4}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{C3BF2749-678B-4E21-A347-A98FAB6C8CA9}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{C487F945-6277-4470-A72F-1628809520F0}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{C4F5423B-0B97-4BCE-B169-9366900111C0}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{C57C74F2-3AF6-48EB-837D-BC6253C53413}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{C933360E-5A2A-479E-94F1-1101C2332735}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{C99986BE-DA2F-4658-9E57-B2BF43C5DAF1}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{CA92FF43-5AA4-4114-89F7-F91EF9612253}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{CBE596C3-9905-48C8-B9D6-82A1D94BEBC0}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{CCCA31B1-F2C3-4E6B-AF69-48EB1F92F52E}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{CCD4897C-11CE-43E5-9521-63FE8120EC88}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{CE5D4A94-21E3-4E5A-BC7B-57CEC67FA50A}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{CF2A2BA3-C54F-474D-950A-269DBD7A0D4F}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{CF79FD6F-00A7-4725-BB15-CD87D34963F5}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{D0D0E1F3-FA29-47E4-AED8-C71E064239E8}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{D1CCB2ED-8AD0-4DE4-8CC1-9AFE3B53F35E}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{D27B418F-D1D7-4A09-9106-29D169FD36A4}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{D3699411-ECC4-4ECC-8D64-103C61241AD2}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{D4D52EC0-7F56-47F4-944C-9A74AB3CE0D1}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{D4F51BE6-1456-4C78-886F-563CAABDF83C}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{D5970921-1D2B-4FF5-9E3C-A132B1D673EB}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{D5B63204-28BB-42D9-8533-07470D578B52}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{D865801B-29C9-4419-A638-45618FEE696C}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{DCB37CB5-644A-4900-A61D-C6F396BDD823}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{DD765882-CEB4-41D2-A85B-D99C7C4FDAAA}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{DE63E2DC-548C-4E10-8109-F8C89DE4067D}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{E1BDF8CA-4F46-45B8-8AD5-BDA86AB0670B}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{E3115D6B-F65E-4BCC-B2FA-4564E2EFBBB5}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{E3D70D50-5D3B-4774-94F5-B87F76323A17}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{E50E55E1-F130-42A5-A6AC-71296615333B}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{E5D1D20E-539F-4452-B1F8-D8A79CA169C2}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{E5DCB7F9-5D63-46D8-9835-FF63CEFD9C07}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{E63A3B02-A9C3-4EB5-B9B6-D60501B6AC07}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{E8A57DCC-565E-4D4C-AB9B-188A4A55D8A8}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{EA731418-EAD8-4708-9D30-5EBF38DF3010}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{EBD453F0-3ED7-40FD-A9A3-AC1A088FFD00}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{ECF70594-35A6-4561-B8D8-1CE3B552B4E7}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{EDAA8BA7-3F83-40A0-9D55-A487DFD653C8}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{EDD24332-DF5A-4E1C-8CE5-333360012DBC}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{EEB4E9D5-65D6-49C1-9E94-71337436FEAA}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{F1161221-332E-4E54-8F49-B103ADBFECA8}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{F15A7228-9E3A-491C-9468-E069B190C92D}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{F20E7597-DAD7-4579-8FCD-4797E8E35F5D}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{F3A4DA45-ECDC-47AE-8755-C73D3D35F581}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{F6C22AED-CC25-423F-8CFB-B18C6A09FF3C}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{FC6ED82C-F92F-4633-AD9E-F76924FA7636}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{FC89C1A0-D183-416F-B724-9488F8C10442}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{FC907F07-99D4-4C2B-9E9C-8B65C6AF7E45}
Successfully deleted: [Empty Folder] C:\Users\Stephen Giffen\appdata\local\{FD9F0726-CA30-40B2-95E7-C97F13F20075}
Successfully deleted: [Folder] "C:\ProgramData\ask"
Successfully deleted: [Folder] "C:\Users\Stephen Giffen\appdata\locallow\asktoolbar"

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 04/08/2014 at 12:53:44.96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#4 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:05:51 PM

Posted 08 April 2014 - 08:26 PM

:step1: Double click on AdwCleaner.exe to run the tool again.

  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

:step2: Please download Malwarebytes Anti-Malware mbamicontw5.gif and save it to your desktop.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When the scan is complete, click OK, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).

 

:step3: I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

:step4:

Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.

 

:step5:

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

:step6: Please download MiniToolBox and run it.

Checkmark following boxes:

  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size

Click Go and post the result.

 

What we need in your next reply:

  • adwcleaner log
  • MBAM log
  • ESET log (Only if it found infections.)
  • securitycheck log
  • FSS log
  • Minitoolbox log

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#5 flicksoccer

flicksoccer
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:51 AM

Posted 09 April 2014 - 11:23 AM

Hi Sirawit,

 

I'm about half way through downloading the various malware checkers, but I will be going out of town until Friday.  I will post the log files on Friday.

 

Thanks,

 

Flicksoccer



#6 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:05:51 PM

Posted 09 April 2014 - 11:24 AM

Take your time. Thank you for letting us know! :)


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#7 flicksoccer

flicksoccer
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:51 AM

Posted 11 April 2014 - 08:10 PM

Hi Sirawit,

 

Here are the log files.  Again - thank you for your assistance.  I know there is a lot for you to sift through just judging by the amount of data that came back.

 

  • adwcleaner log

 

# AdwCleaner v3.023 - Report created 09/04/2014 at 10:02:48
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Stephen Giffen - BLUEDELLLAPTOP
# Running from : C:\Users\Stephen Giffen\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\Stephen Giffen\AppData\Local\SearchProtect
Folder Deleted : C:\Users\Stephen Giffen\AppData\Roaming\DigitalSites
File Deleted : C:\Users\Stephen Giffen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage
File Deleted : C:\Windows\Tasks\Digital Sites.job
File Deleted : C:\Windows\System32\Tasks\Digital Sites
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16521
 
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
 
-\\ Google Chrome v33.0.1750.154
 
[ File : C:\Users\Stephen Giffen\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted : icon_url
Deleted : search_url
Deleted : keyword
 
*************************
 
AdwCleaner[R0].txt - [4688 octets] - [08/04/2014 12:39:42]
AdwCleaner[R1].txt - [3171 octets] - [09/04/2014 10:01:47]
AdwCleaner[S0].txt - [2637 octets] - [09/04/2014 10:02:48]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2697 octets] ##########
 
  • MBAM log

Notes:  Quick scan is not an option in the free version (its actually been re-branded as Hyperscan) - it is greyed out and is not selectable.  I ran the full scan called Threatscan.

There were two logs generated - one listed as protection log and the other as scan log.  I wasn't sure which one you needed so you will find both below.

 

 

Protection log:

 

<?xml version="1.0" encoding="UTF-8"?>
 
-<logs>
 
<record toVersion="2014.3.27.1" name="Rootkit Database" last_modified_tag="674a01c8-8cdb-4732-92b4-4de40f928188" fromVersion="2014.2.20.1" systemname="BLUEDELLLAPTOP" username="SYSTEM" type="Update" source="Manual" datetime="2014-04-09T10:15:58.443993-04:00" LoggingEventType="1" severity="debug"/>
 
<record toVersion="2014.3.27.1" name="Rootkit Database" last_modified_tag="6759b53f-d6c6-4c73-bdc7-96aa1cc4fde9" fromVersion="2014.2.20.1" systemname="BLUEDELLLAPTOP" username="SYSTEM" type="Update" source="Manual" datetime="2014-04-09T10:21:51.084163-04:00" LoggingEventType="1" severity="debug"/>
 
<record toVersion="2014.4.9.5" name="Malware Database" last_modified_tag="af8306ec-b5a3-49c5-b45d-95bff34f1908" fromVersion="2014.3.4.9" systemname="BLUEDELLLAPTOP" username="SYSTEM" type="Update" source="Manual" datetime="2014-04-09T10:21:54.370351-04:00" LoggingEventType="1" severity="debug"/>
 
</logs>
 
Scan log:
 

<?xml version="1.0" encoding="UTF-16"?>
 
-<mbam-log>
 
 
-<header>
 
<date>2014/04/09 10:52:38 -0400</date>
 
<log>mbam-log-2014-04-09 (10-23-34).xml</log>
 
<isadmin>yes</isadmin>
 
</header>
 
 
-<engine>
 
<version>2.00.1.1004</version>
 
<rules-database>v2014.04.09.05</rules-database>
 
<swissarmy-database>v2014.03.27.01</swissarmy-database>
 
<license>free</license>
 
<file-protection>disabled</file-protection>
 
<web-protection>disabled</web-protection>
 
<self-protection>disabled</self-protection>
 
</engine>
 
 
-<system>
 
<osversion>Windows 7 Service Pack 1</osversion>
 
<arch>x64</arch>
 
<username>Stephen Giffen</username>
 
<filesys>NTFS</filesys>
 
</system>
 
 
-<summary>
 
<type>threat</type>
 
<result>completed</result>
 
<objects>258263</objects>
 
<time>1741</time>
 
<processes>0</processes>
 
<modules>0</modules>
 
<keys>0</keys>
 
<values>0</values>
 
<datas>0</datas>
 
<folders>0</folders>
 
<files>4</files>
 
<sectors>0</sectors>
 
</summary>
 
 
-<options>
 
<memory>enabled</memory>
 
<startup>enabled</startup>
 
<filesystem>enabled</filesystem>
 
<archives>enabled</archives>
 
<rootkits>disabled</rootkits>
 
<deeprootkit>disabled</deeprootkit>
 
<shuriken>enabled</shuriken>
 
<pup>enabled</pup>
 
<pum>enabled</pum>
 
</options>
 
 
-<items>
 
 
-<file>
 
<path>C:\$Recycle.Bin\S-1-5-21-3694449711-2199464253-3079195560-1001\$R805VDC.exe</path>
 
<vendor>PUP.Optional.InstallCore</vendor>
 
<action>success</action>
 
<hash>8cbdd355e4975dd96f015592fe05f808</hash>
 
</file>
 
 
-<file>
 
<path>C:\Users\Stephen Giffen\AppData\Local\Temp\is357113909\4168625_stp\HomePageDLL.dll</path>
 
<vendor>PUP.Optional.Installcore</vendor>
 
<action>success</action>
 
<hash>b7922503d9a274c271db2ccc6f94cd33</hash>
 
</file>
 
 
-<file>
 
<path>C:\Users\Stephen Giffen\AppData\Local\Temp\is4352474\mysearchdial.dll</path>
 
<vendor>PUP.Optional.MySearchDial.A</vendor>
 
<action>success</action>
 
<hash>df6a85a33447e551e8574ffdaf52ff01</hash>
 
</file>
 
 
-<file>
 
<path>C:\Users\Stephen Giffen\Downloads\{filedata}.exe</path>
 
<vendor>PUP.Optional.OptimumInstaller.A</vendor>
 
<action>success</action>
 
<hash>2f1a61c7205b6fc770877cca61a0e31d</hash>
 
</file>
 
</items>
 
</mbam-log>
 
  • ESET log (Only if it found infections.)

C:\$Recycle.Bin\S-1-5-21-3694449711-2199464253-3079195560-1001\$R7PH4HE.zip Android/Exploit.Lotoor.AK trojan deleted - quarantined
C:\$Recycle.Bin\S-1-5-21-3694449711-2199464253-3079195560-1001\$RB363U5.zip Android/Exploit.Lotoor.AK trojan deleted - quarantined
C:\$Recycle.Bin\S-1-5-21-3694449711-2199464253-3079195560-1001\$RGF0PF4.zip Android/Exploit.Lotoor.AK trojan deleted - quarantined
C:\Users\Stephen Giffen\AppData\Local\Temp\ICReinstall_ZipSetup.exe a variant of Win32/InstallCore.KO potentially unwanted application deleted - quarantined
C:\Users\Stephen Giffen\AppData\Local\Temp\135861.Uninstall\uninstaller.exe Win32/InstallCore.AZ potentially unwanted application deleted - quarantined
C:\Users\Stephen Giffen\AppData\Local\Temp\1474552.Uninstall\uninstaller.exe Win32/InstallCore.AZ potentially unwanted application deleted - quarantined
C:\Users\Stephen Giffen\AppData\Local\Temp\183160.Uninstall\uninstaller.exe Win32/InstallCore.AZ potentially unwanted application deleted - quarantined
C:\Users\Stephen Giffen\AppData\Local\Temp\290615916.Uninstall\uninstaller.exe Win32/InstallCore.AZ potentially unwanted application deleted - quarantined
C:\Users\Stephen Giffen\AppData\Local\Temp\is357113909\4169090_stp\uninstaller.exe Win32/InstallCore.AZ potentially unwanted application deleted - quarantined
C:\Users\Stephen Giffen\Downloads\ZipSetup.exe a variant of Win32/InstallCore.KO potentially unwanted application deleted - quarantined
  • securitycheck log

Results of screen317's Security Check version 0.99.81  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Norton Internet Security   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Norton Ghost    
 Java™ 6 Update 38  
 Java 7 Update 21  
 Java version out of Date! 
 Adobe Reader XI  
 Google Chrome 33.0.1750.146  
 Google Chrome 33.0.1750.154  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log`````````````````````` 
 
  • FSS log

Farbar Service Scanner Version: 25-02-2014
Ran by Stephen Giffen (administrator) on 11-04-2014 at 20:45:03
Running from "C:\Users\Stephen Giffen\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:

 

==============
 
  • Minitoolbox log

MiniToolBox by Farbar  Version: 23-01-2014

Ran by Stephen Giffen (administrator) on 11-04-2014 at 20:46:40
Running from "C:\Users\Stephen Giffen\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Intel® Centrino® Advanced-N 6250 AGN = Wireless Network Connection (Connected)
Atheros AR8152 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)
Intel® Centrino® WiMAX 6250 = Local Area Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : BlueDellLaptop
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.ga.comcast.net.
 
Ethernet adapter Local Area Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Intel® Centrino® WiMAX 6250
   Physical Address. . . . . . . . . : 00-1D-E1-3D-25-3E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection 3:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
   Physical Address. . . . . . . . . : 00-23-15-8D-AE-E1
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 00-23-15-8D-AE-E1
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Atheros AR8152 PCI-E Fast Ethernet Controller
   Physical Address. . . . . . . . . : F0-4D-A2-5A-09-1D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : hsd1.ga.comcast.net.
   Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6250 AGN
   Physical Address. . . . . . . . . : 00-23-15-8D-AE-E0
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::50a2:7708:af38:6ea9%10(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.107(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, April 11, 2014 4:33:03 PM
   Lease Expires . . . . . . . . . . : Friday, April 18, 2014 8:40:10 PM
   Default Gateway . . . . . . . . . : fe80::16d6:4dff:fe2d:1c24%10
                                       192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{C23AD26F-7555-4E0E-A4C2-760D2BE6090B}:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Default Gateway . . . . . . . . . : 
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.{ECA357C0-DE71-44FF-915A-D018F2519F76}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter 6TO4 Adapter:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:14b3:208:e781:570b(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::14b3:208:e781:570b%17(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.{E9B67B11-1421-421C-8C9E-2D57A838FC60}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.hsd1.ga.comcast.net.:
 
   Connection-specific DNS Suffix  . : hsd1.ga.comcast.net.
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5efe:192.168.0.107%18(Preferred) 
   Default Gateway . . . . . . . . . : 
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.{CFBD2AD0-56CC-4CCD-AE9B-20CE803D93FA}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
1.0.168.192.in-addr.arpa
primary name server = localhost
responsible mail addr = nobody.invalid
serial  = 1
refresh = 600 (10 mins)
retry   = 1200 (20 mins)
expire  = 604800 (7 days)
default TTL = 10800 (3 hours)
Server:  UnKnown
Address:  192.168.0.1
 
Name:    google.com.hsd1.ga.comcast.net
Address:  67.215.65.145
 
 
Pinging google.com [74.125.236.78] with 32 bytes of data:
Reply from 74.125.236.78: bytes=32 time=262ms TTL=47
Reply from 74.125.236.78: bytes=32 time=265ms TTL=47
 
Ping statistics for 74.125.236.78:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 262ms, Maximum = 265ms, Average = 263ms
Server:  UnKnown
Address:  192.168.0.1
 
Name:    yahoo.com.hsd1.ga.comcast.net
Address:  67.215.65.145
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=51ms TTL=51
Reply from 98.139.183.24: bytes=32 time=49ms TTL=49
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 49ms, Maximum = 51ms, Average = 50ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 15...00 1d e1 3d 25 3e ......Intel® Centrino® WiMAX 6250
 14...00 23 15 8d ae e1 ......Microsoft Virtual WiFi Miniport Adapter #2
 13...00 23 15 8d ae e1 ......Microsoft Virtual WiFi Miniport Adapter
 11...f0 4d a2 5a 09 1d ......Atheros AR8152 PCI-E Fast Ethernet Controller
 10...00 23 15 8d ae e0 ......Intel® Centrino® Advanced-N 6250 AGN
  1...........................Software Loopback Interface 1
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.107     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link     192.168.0.107    281
    192.168.0.107  255.255.255.255         On-link     192.168.0.107    281
    192.168.0.255  255.255.255.255         On-link     192.168.0.107    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.0.107    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.0.107    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 10    281 ::/0                     fe80::16d6:4dff:fe2d:1c24
 17     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 17     58 2001::/32                On-link
 17    306 2001:0:9d38:6abd:14b3:208:e781:570b/128
                                    On-link
 10    281 fe80::/64                On-link
 17    306 fe80::/64                On-link
 18    286 fe80::5efe:192.168.0.107/128
                                    On-link
 17    306 fe80::14b3:208:e781:570b/128
                                    On-link
 10    281 fe80::50a2:7708:af38:6ea9/128
                                    On-link
  1    306 ff00::/8                 On-link
 17    306 ff00::/8                 On-link
 10    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (04/11/2014 08:16:05 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15148
 
Error: (04/11/2014 08:16:05 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15148
 
Error: (04/11/2014 08:16:05 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (04/11/2014 08:16:04 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14134
 
Error: (04/11/2014 08:16:04 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14134
 
Error: (04/11/2014 08:16:04 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (04/11/2014 08:16:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13120
 
Error: (04/11/2014 08:16:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13120
 
Error: (04/11/2014 08:16:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (04/11/2014 08:16:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12122
 
 
System errors:
=============
Error: (04/11/2014 04:34:38 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (04/10/2014 03:29:56 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (04/10/2014 03:29:31 AM) (Source: DCOM) (User: )
Description: {7D1933CB-86F6-4A98-8628-01BE94C9A575}
 
Error: (04/09/2014 10:55:17 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (04/09/2014 10:06:29 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (04/08/2014 01:15:55 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2014-03-09 16:25:10.983
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Moborobo\MoboroboAssDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-03-09 16:25:10.749
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Moborobo\MoboroboAssDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
 Update for Microsoft Office 2007 (KB2508958)
Adobe Flash Player 12 ActiveX (Version: 12.0.0.77)
Adobe Photoshop Elements 8.0 (Version: 8.0)
Adobe Reader XI (11.0.05) (Version: 11.0.05)
Adobe Shockwave Player 11.6 (Version: 11.6.3.633)
Advanced Audio FX Engine (Version: 1.12.05)
Apple Application Support (Version: 3.0)
Apple Mobile Device Support (Version: 7.1.0.32)
Apple Software Update (Version: 2.1.3.127)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.23)
Bonjour (Version: 3.0.0.10)
Cozi (Version: 1.0.4323.24051)
D3DX10 (Version: 15.4.2368.0902)
Dell Dock (Version: 2.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Home Systems Service Agreement (Version: 2.0.0)
Dell Support Center (Version: 3.2.6032.55)
Dell Webcam Central (Version: 1.40.05)
ESET Online Scanner v3
Google Chrome (Version: 33.0.1750.154)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.5111.1712)
Google Update Helper (Version: 1.3.23.9)
GoToAssist 8.0.0.514
HP Officejet 6500 E710n-z Basic Device Software (Version: 22.50.231.0)
HP Officejet 6500 E710n-z Help (Version: 140.0.2.2)
HP Photo Creations (Version: 1.0.0.6162)
HP PhotoSmart Photo Printing Software
HP Update (Version: 5.002.006.003)
I.R.I.S. OCR (Version: 12.3.4.0)
iCloud (Version: 3.1.0.40)
Intel PROSet Wireless
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2182)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® PROSet/Wireless WiFi Software (Version: 13.01.1000)
Intel® Turbo Boost Technology Monitor (Version: 1.0.186.6)
Intel® Wireless Display (Version: 1.2.20.0)
Intel® PROSet/Wireless WiMAX Software (Version: 2.00.0011)
iTunes (Version: 11.1.4.62)
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 21 (64-bit) (Version: 6.0.210)
Java™ 6 Update 38 (Version: 6.0.380)
Junk Mail filter update (Version: 15.4.3502.0922)
Lightspark 0.5.3-git (Version: 0.5.3-git)
Live! Cam Avatar Creator (Version: 4.6.3009.1)
LiveUpdate 3.2 (Symantec Corporation) (Version: 3.2.0.68)
Malwarebytes Anti-Malware version 2.0.1.1004 (Version: 2.0.1.1004)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Motorola Device Manager (Version: 2.4.5)
Motorola Device Software Update (Version: 13.09.3001)
Motorola Mobile Drivers Installation 6.3.0 (Version: 6.3.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Norton Bootable Recovery Tool Wizard (Version: 4.1.0.15)
Norton Ghost (Version: 15.0.1.36526)
Norton Internet Security (Version: 21.2.0.38)
PowerDVD DX (Version: 8.3.7501)
Quickset64 (Version: 10.6.2)
QuickTime (Version: 7.74.80.86)
Realtek High Definition Audio Driver (Version: 6.0.1.6088)
Roxio Burn (Version: 1.01)
Skype Toolbars (Version: 1.0.4051)
Skype™ 6.11 (Version: 6.11.102)
Sony Mobile Update Engine (Version: 2.14.3.201402131509)
Sony PC Companion 2.10.197 (Version: 2.10.197)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.0.20.0)
TurboTax 2011
TurboTax 2011 wgaiper (Version: 011.000.1788)
TurboTax 2011 WinPerFedFormset (Version: 011.000.3351)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0496)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0222)
TurboTax 2011 wrapper (Version: 011.000.0121)
TurboTax 2012 (Version: 2012.0)
TurboTax 2012 wgaiper (Version: 012.000.1371)
TurboTax 2012 WinPerFedFormset (Version: 012.000.2083)
TurboTax 2012 WinPerReleaseEngine (Version: 012.000.0451)
TurboTax 2012 WinPerTaxSupport (Version: 012.000.0179)
TurboTax 2012 wrapper (Version: 012.000.0127)
TurboTax 2013 (Version: 2013.0)
TurboTax 2013 WinPerFedFormset (Version: 013.000.1036)
TurboTax 2013 WinPerReleaseEngine (Version: 013.000.0312)
TurboTax 2013 WinPerTaxSupport (Version: 013.000.0140)
TurboTax 2013 wrapper (Version: 013.000.0128)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
WildTangent Games (Version: 1.0.0.71)
WildTangent Games App (Dell Games) (Version: 4.0.5.25)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 5.01 (64-bit) (Version: 5.01.0)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 43%
Total physical RAM: 5940.52 MB
Available physical RAM: 3368.04 MB
Total Pagefile: 11879.23 MB
Available Pagefile: 9148.35 MB
Total Virtual: 4095.88 MB
Available Virtual: 3982.61 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:451 GB) (Free:348.6 GB) NTFS
2 Drive d: (TurboTax 2013) (CDROM) (Total:0.38 GB) (Free:0 GB) CDFS
3 Drive e: (USB DISK) (Removable) (Total:1.91 GB) (Free:1.32 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\BLUEDELLLAPTOP
 
Administrator            Guest                    Stephen Giffen           
 
 
**** End of log ****


#8 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:05:51 PM

Posted 11 April 2014 - 11:03 PM

Important warning! From the log I saw that some of your infections are Android Phone infections. You may consider running Malwarebytes Antimalware Mobile on your phones that you connect to the computer recently.
 
And did you install or use these programs?:

Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.5111.1712)
GoToAssist 8.0.0.514

 
We're nearly finished!
 
Below are updates jobs:
 
:step1:
Important Note: Your version of Adobe Flash is out of date.

Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to update Adobe flash:
  • Please download the latest version of Adobe Flash from http://get.adobe.com/flashplayer/otherversions/ to your Desktop
  • Double click the file to start the installation process
  • Repeat 1. and 2. for every other browser you have installed (eg Internet Explorer / Firefox / Chrome / Safari / Opera..) as applicable.
:step2: Your version of Adobe Reader is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Adobe components and update:
  • Download the latest version of Adobe Reader and save it to your desktop.
  • Uncheck the "Free McAfee Security plan Plus" option or any other Toolbar you are offered
  • Click the download button at the bottom.
  • If you use Internet Explorer and do not wish to install the ActiveX element, simply click on the click here to download link on the next page.
  • Remove all older version of Adobe Reader: Go to Add/remove and uninstall all versions of Adobe Reader, Acrobat Reader and Adobe Acrobat.
    If you are unsure of how to use Add or Remove Programs, the please see this tutorial:How To Remove An Installed Program From Your Computer
  • Then from your desktop double-click on Adobe Reader to install the newest version.
    If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the "Adobe Setup - Welcome" window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
Your Adobe Reader is now up to date!
 
:step3: Important Note: Your version of Adobe Shockwave is out of date.

Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Uninstall Adobe Shockwave
  • Open Programs and Features or Add and Remove Programs by clicking the Start / Windows "Orb" button, clicking Control Panel, clicking Programs, and then clicking Programs and Features or Add and Remove Programs.
  • Select any program with Adobe Shockwave in the name, and then click Uninstall.
  • Repeat step 2 until no more programs containing Adobe Shockwave are visible.
Note: Some programs include the option to change or repair the program in addition to uninstalling it, but many simply offer the option to uninstall. To change a program, click Change or Repair. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.

Please follow these steps to Install the latest Adobe Shockwave player: :step4: Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.
- Kaspersky Lab report: Evaluating the threat level of software vulnerabilities
- Microsoft: Unprecedented Wave of Java Exploitation
- Ghosts of Java Haunt Users

Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 8 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit). 64-bit OS users, should read: Which Java download should I choose for my 64-bit Windows operating system?
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to StartBtn.gif > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7/8 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-8-windows-i586.exe (or jre-8-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7/8 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it. The McAfee Security Scan Plus may be installed unless you uncheck the McAfee installation box when updating Java.
-- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version.

Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary. To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.
Thank you.

If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#9 flicksoccer

flicksoccer
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:51 AM

Posted 12 April 2014 - 11:09 AM

Sirawit,

 

All updates above have been made.

 

I know I've used the google toolbar before, but I can't say that I need it.  Never used the go to assist.  Should I uninstall them?

 

And did you install or use these programs?:

Quote

Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.5111.1712)
GoToAssist 8.0.0.514

 

Thanks,

 

flicksoccer



#10 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:05:51 PM

Posted 12 April 2014 - 11:14 AM

Uninstall them then :)
 
Click "start" on the taskbar and then click on the "Control Panel" icon.
Please click the "Program and Features" icon, if you use Categorize mode please click on "Uninstall Programs"
A list of programs installed will be "populated" this may take a bit of time.
If they exist, uninstall the following by clicking on the following entries and selecting "remove":

Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.5111.1712)
GoToAssist 8.0.0.514


Additional instructions can be found here if needed.

Please post here when you finished. And I will give you last instruction. :)

Thank you.

If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#11 flicksoccer

flicksoccer
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:51 AM

Posted 12 April 2014 - 11:22 AM

Hi Sirawit,

 

Google Toolbar for Internet explorer version 1.0 was not available for uninstallation.  I uninstalled the other two.

 

Flicksoccer



#12 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:05:51 PM

Posted 12 April 2014 - 12:08 PM

Please uninstall these three too:

 

Update Installer for WildTangent Games App
WildTangent Games (Version: 1.0.0.71)
WildTangent Games App (Dell Games) (Version: 4.0.5.25)
 
Then please run Minitoolbox again.
Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size

Click Go and post the result. So I can verify everything are ok now.

 
Thank you.

If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#13 flicksoccer

flicksoccer
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:51 AM

Posted 12 April 2014 - 01:11 PM

Hi Sirawit,

 

I deleted the Wildtangent games.  Only one appeared in the add/remove programs uninstaller.

 

Here is the minitoolbox log:

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Stephen Giffen (administrator) on 12-04-2014 at 14:04:49
Running from "C:\Users\Stephen Giffen\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================

 

========================= IP Configuration: ================================

Intel® Centrino® Advanced-N 6250 AGN = Wireless Network Connection (Connected)
Atheros AR8152 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)
Intel® Centrino® WiMAX 6250 = Local Area Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : BlueDellLaptop
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.ga.comcast.net.

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® Centrino® WiMAX 6250
   Physical Address. . . . . . . . . : 00-1D-E1-3D-25-3E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
   Physical Address. . . . . . . . . : 00-23-15-8D-AE-E1
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 00-23-15-8D-AE-E1
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Atheros AR8152 PCI-E Fast Ethernet Controller
   Physical Address. . . . . . . . . : F0-4D-A2-5A-09-1D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : hsd1.ga.comcast.net.
   Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6250 AGN
   Physical Address. . . . . . . . . : 00-23-15-8D-AE-E0
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::50a2:7708:af38:6ea9%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.107(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, April 12, 2014 11:55:32 AM
   Lease Expires . . . . . . . . . . : Saturday, April 19, 2014 1:29:43 PM
   Default Gateway . . . . . . . . . : fe80::16d6:4dff:fe2d:1c24%10
                                       192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{C23AD26F-7555-4E0E-A4C2-760D2BE6090B}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:305b:6b:e781:570b(Preferred)
   Link-local IPv6 Address . . . . . : fe80::305b:6b:e781:570b%17(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.hsd1.ga.comcast.net.:

   Connection-specific DNS Suffix  . : hsd1.ga.comcast.net.
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5efe:192.168.0.107%18(Preferred)
   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Disabled
1.0.168.192.in-addr.arpa
 primary name server = localhost
 responsible mail addr = nobody.invalid
 serial  = 1
 refresh = 600 (10 mins)
 retry   = 1200 (20 mins)
 expire  = 604800 (7 days)
 default TTL = 10800 (3 hours)
Server:  UnKnown
Address:  192.168.0.1

Name:    google.com.hsd1.ga.comcast.net
Address:  67.215.65.145

Pinging google.com [74.125.236.174] with 32 bytes of data:
Reply from 74.125.236.174: bytes=32 time=263ms TTL=47
Reply from 74.125.236.174: bytes=32 time=265ms TTL=47

Ping statistics for 74.125.236.174:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 263ms, Maximum = 265ms, Average = 264ms
Server:  UnKnown
Address:  192.168.0.1

Name:    yahoo.com.hsd1.ga.comcast.net
Address:  67.215.65.145

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=139ms TTL=50
Reply from 98.138.253.109: bytes=32 time=48ms TTL=50

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 48ms, Maximum = 139ms, Average = 93ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 15...00 1d e1 3d 25 3e ......Intel® Centrino® WiMAX 6250
 14...00 23 15 8d ae e1 ......Microsoft Virtual WiFi Miniport Adapter #2
 13...00 23 15 8d ae e1 ......Microsoft Virtual WiFi Miniport Adapter
 11...f0 4d a2 5a 09 1d ......Atheros AR8152 PCI-E Fast Ethernet Controller
 10...00 23 15 8d ae e0 ......Intel® Centrino® Advanced-N 6250 AGN
  1...........................Software Loopback Interface 1
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.107     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link     192.168.0.107    281
    192.168.0.107  255.255.255.255         On-link     192.168.0.107    281
    192.168.0.255  255.255.255.255         On-link     192.168.0.107    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.0.107    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.0.107    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 10    281 ::/0                     fe80::16d6:4dff:fe2d:1c24
 17     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 17     58 2001::/32                On-link
 17    306 2001:0:9d38:6abd:305b:6b:e781:570b/128
                                    On-link
 10    281 fe80::/64                On-link
 17    306 fe80::/64                On-link
 18    286 fe80::5efe:192.168.0.107/128
                                    On-link
 17    306 fe80::305b:6b:e781:570b/128
                                    On-link
 10    281 fe80::50a2:7708:af38:6ea9/128
                                    On-link
  1    306 ff00::/8                 On-link
 17    306 ff00::/8                 On-link
 10    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/12/2014 01:22:47 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/12/2014 01:21:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/12/2014 11:58:13 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/12/2014 11:58:13 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/12/2014 11:21:30 AM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Removed Java 7 Update 21; Error = 0x81000101).

Error: (04/12/2014 11:10:32 AM) (Source: Application Error) (User: )
Description: Faulting application name: MSIDE0C.tmp, version: 6.0.210.7, time stamp: 0x4c417c96
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x000000000004e4e4
Faulting process id: 0x1e2c
Faulting application start time: 0xMSIDE0C.tmp0
Faulting application path: MSIDE0C.tmp1
Faulting module path: MSIDE0C.tmp2
Report Id: MSIDE0C.tmp3

Error: (04/12/2014 11:08:48 AM) (Source: Application Error) (User: )
Description: Faulting application name: VProSvc.exe, version: 15.0.1.36526, time stamp: 0x4b8e6c9a
Faulting module name: VProSvc.exe, version: 15.0.1.36526, time stamp: 0x4b8e6c9a
Exception code: 0x40000015
Fault offset: 0x002ae3c6
Faulting process id: 0x764
Faulting application start time: 0xVProSvc.exe0
Faulting application path: VProSvc.exe1
Faulting module path: VProSvc.exe2
Report Id: VProSvc.exe3

Error: (04/12/2014 09:54:19 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/12/2014 09:54:19 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/12/2014 09:17:45 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

System errors:
=============
Error: (04/12/2014 11:56:30 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (04/12/2014 11:40:11 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (04/11/2014 04:34:38 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (04/10/2014 03:29:56 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (04/10/2014 03:29:31 AM) (Source: DCOM) (User: )
Description: {7D1933CB-86F6-4A98-8628-01BE94C9A575}

Error: (04/09/2014 10:55:17 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (04/09/2014 10:06:29 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (04/08/2014 01:15:55 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-03-09 16:25:10.983
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Moborobo\MoboroboAssDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-03-09 16:25:10.749
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Moborobo\MoboroboAssDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
Adobe Flash Player 13 ActiveX (Version: 13.0.0.182)
Adobe Flash Player 13 Plugin (Version: 13.0.0.182)
Adobe Photoshop Elements 8.0 (Version: 8.0)
Adobe Reader XI (11.0.06) (Version: 11.0.06)
Adobe Shockwave Player 12.1 (Version: 12.1.0.150)
Advanced Audio FX Engine (Version: 1.12.05)
Apple Application Support (Version: 3.0)
Apple Mobile Device Support (Version: 7.1.0.32)
Apple Software Update (Version: 2.1.3.127)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.23)
Bonjour (Version: 3.0.0.10)
Cozi (Version: 1.0.4323.24051)
D3DX10 (Version: 15.4.2368.0902)
Dell Dock (Version: 2.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Home Systems Service Agreement (Version: 2.0.0)
Dell Support Center (Version: 3.2.6032.55)
Dell Webcam Central (Version: 1.40.05)
ESET Online Scanner v3
Google Chrome (Version: 34.0.1847.116)
Google Update Helper (Version: 1.3.23.9)
HP Officejet 6500 E710n-z Basic Device Software (Version: 22.50.231.0)
HP Officejet 6500 E710n-z Help (Version: 140.0.2.2)
HP Photo Creations (Version: 1.0.0.6162)
HP PhotoSmart Photo Printing Software
HP Update (Version: 5.002.006.003)
I.R.I.S. OCR (Version: 12.3.4.0)
iCloud (Version: 3.1.0.40)
Intel PROSet Wireless
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2182)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® PROSet/Wireless WiFi Software (Version: 13.01.1000)
Intel® Turbo Boost Technology Monitor (Version: 1.0.186.6)
Intel® Wireless Display (Version: 1.2.20.0)
Intel® PROSet/Wireless WiMAX Software (Version: 2.00.0011)
iTunes (Version: 11.1.4.62)
Java 8 (64-bit) (Version: 8.0.0)
Java Auto Updater (Version: 2.8.00.132)
Junk Mail filter update (Version: 15.4.3502.0922)
Lightspark 0.5.3-git (Version: 0.5.3-git)
Live! Cam Avatar Creator (Version: 4.6.3009.1)
LiveUpdate 3.2 (Symantec Corporation) (Version: 3.2.0.68)
Malwarebytes Anti-Malware version 2.0.1.1004 (Version: 2.0.1.1004)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Motorola Device Manager (Version: 2.4.5)
Motorola Device Software Update (Version: 13.09.3001)
Motorola Mobile Drivers Installation 6.3.0 (Version: 6.3.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Norton Bootable Recovery Tool Wizard (Version: 4.1.0.15)
Norton Ghost (Version: 15.0.1.36526)
Norton Internet Security (Version: 21.2.0.38)
PowerDVD DX (Version: 8.3.7501)
Quickset64 (Version: 10.6.2)
QuickTime (Version: 7.74.80.86)
Realtek High Definition Audio Driver (Version: 6.0.1.6088)
Roxio Burn (Version: 1.01)
Skype Toolbars (Version: 1.0.4051)
Skype™ 6.11 (Version: 6.11.102)
Sony Mobile Update Engine (Version: 2.14.3.201402131509)
Sony PC Companion 2.10.197 (Version: 2.10.197)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.0.20.0)
TurboTax 2011
TurboTax 2011 wgaiper (Version: 011.000.1788)
TurboTax 2011 WinPerFedFormset (Version: 011.000.3351)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0496)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0222)
TurboTax 2011 wrapper (Version: 011.000.0121)
TurboTax 2012 (Version: 2012.0)
TurboTax 2012 wgaiper (Version: 012.000.1371)
TurboTax 2012 WinPerFedFormset (Version: 012.000.2083)
TurboTax 2012 WinPerReleaseEngine (Version: 012.000.0451)
TurboTax 2012 WinPerTaxSupport (Version: 012.000.0179)
TurboTax 2012 wrapper (Version: 012.000.0127)
TurboTax 2013 (Version: 2013.0)
TurboTax 2013 WinPerFedFormset (Version: 013.000.1036)
TurboTax 2013 WinPerReleaseEngine (Version: 013.000.0312)
TurboTax 2013 WinPerTaxSupport (Version: 013.000.0140)
TurboTax 2013 wrapper (Version: 013.000.0128)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 5.01 (64-bit) (Version: 5.01.0)

========================= Devices: ================================

========================= Memory info: ===================================

Percentage of memory in use: 40%
Total physical RAM: 5940.52 MB
Available physical RAM: 3518.19 MB
Total Pagefile: 11879.23 MB
Available Pagefile: 9363.09 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.09 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:451 GB) (Free:344.12 GB) NTFS
2 Drive d: (TurboTax 2013) (CDROM) (Total:0.38 GB) (Free:0 GB) CDFS
3 Drive e: (USB DISK) (Removable) (Total:1.91 GB) (Free:1.32 GB) FAT32

========================= Users: ========================================

User accounts for \\BLUEDELLLAPTOP

Administrator            Guest                    Stephen Giffen          

**** End of log ****



#14 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:05:51 PM

Posted 13 April 2014 - 01:15 AM

All clean! Congratulations! :clapping:

Now let's do some cleanup.

Empty Adwcleaner quarantine.

  • Open adwcleaner.exe
  • Click Uninstall
  • Confirm the prompt.
  • The adwcleaner.exe and all its data are removed.

Tools to delete:

  • JRT.exe
  • SecurityCheck.exe
  • FSS.exe
  • Minitoolbox.exe
  • All logs on your desktop.

Tools to keep:

  • MBAM, you can regularly do scans with it.
  • ESET online scan, same reason.

Finally, I will give you some advice to make your computer more secure

For a nice list of freeware programmes in all categories, please have a look at this thread with freeware products that are regarded as useful by the users of this forum: Commonly Used Freeware Replacements.
Please also have a look at the following links, giving some advice and suggestions for preventing future infections:

Now you should Set a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since System Restore is a protected directory, your tools can not access it to delete these bad files which sometimes can reinfect your system. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:

  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then go to Start > Run and type: Cleanmgr
  • Click "OK".
  • Click the "More Options" Tab.
  • Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.

I recommend you regularly visit the Windows Update Site , you where lagging behind on a few of them!

  • Lots of Hacking/Trojans use the methods found (plugged by the updates) that have not been stopped by people not updating.
  • By updating your machine, you have one less headache! thumb.gif
  • Update ALL Critical updates and any other Windows updates for services/programs that you use.
  • If you wish, you can also use automatic updates. This is a good thing to have if you want to be up-to-date all the time, but can also be a bit of an annoyance due to its handling and the sizes of the updates. If you wish to turn on automatic updates then you will find here is a nice little article about turning on automatic updates.
  • Note that it will download them for you, but you still have to actually click install.
  • If you do not want to have automatic updates turned on, or are on dial-up, you can always download updates seperately at: http://windowsupdate.microsoft.com.

It is also a good idea to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities. You can check these by visiting Secunia Software Inspector and Calendar of Updates.

Another recommend, is to download HostMan. It safeguards you with a regularly updated Hosts-file that blocks dangerous sites from opening. This adds another bit of safety while surfing the Internet. For installlation and setting up, follow these steps:

  • Double-click the Downloaded installer and install the tool to a location of your choice
  • Via the Startmenu, navigate to HostsMan and run the program.
    • Click "Hosts" in the menu
    • Click "Manage Updates" in the submenu
    • Out of the three, select atleast one of the three (I have MVPS Host as my main one)
    • Click "Add Update." After that you will only need to click on the following button to retrieve updates:
      HostsXpert_update.png
  • Click the X to exit the program.
  • Note: If you were using a custom Hosts file you will need to replace any of those entries yourself.

Finally, and definitely the MOST IMPORTANT step, click on the following tutorial and follow each step listed there:

Simple and easy ways to keep your computer safe and secure on the Internet

Glad I was able to help and if there any other problems related to your computer please feel free to post them in the appropriate forum. Though we help people with spyware and viruses here at BC, we also help people with other computer problems! Do not forget to tell your friends about us!

Thank you, and enjoy your cleaned computer! :)

 


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#15 flicksoccer

flicksoccer
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:51 AM

Posted 13 April 2014 - 11:06 AM

Thank you Sirawit!  I appreciate you taking your time to volunteer.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users