Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Bad Image infection


  • This topic is locked This topic is locked
28 replies to this topic

#1 mpias

mpias

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 17 April 2014 - 11:44 AM

Attached File  dds.txt   29.08KB   0 downloadsAttached File  attach.txt   151.24KB   0 downloadsHello ,

My laptop stopped responding few days ago. It runs windows 7 Premium.I used malwarebytes, kaspersky, MRT, and several other ways to fix it, but it still did not work. Today I tried the Kaspersky rescue cd. It finally responds, but I still have the pop up windows of Bad Image 

"C:\PROGRA~3\Wincert\WIN32C~1.DLL is either not designed to run on WIndows or it contains an error. Try installing the program again using the original installation media or contact your system administrator or the software vendor for support"

 

So, I followed the instructions of your post 

http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/ 

downloaded DDS 

 

I attach both files . I get an error that my post is too long if I try to cp them. 
 
I hope this helps. Thanks a lot :)
 

 



BC AdBot (Login to Remove)

 


m

#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:10 PM

Posted 22 April 2014 - 11:45 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/531412 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 mpias

mpias
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 22 April 2014 - 01:10 PM

Hi,
 
I cp the second dds and attach files. I have Windows 7 Home premium edition , 64-bit system. I do not have my CDs of Windows with me. 
 

dds

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16521  BrowserJavaVersion: 10.21.2
Run by oly at 19:46:33 on 2014-04-22
Microsoft Windows 7 Home Premium   6.1.7601.1.1253.30.1033.18.2996.1062 [GMT 2:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Users\oly\AppData\Local\Google\Update\1.3.23.9\GoogleCrashHandler.exe
C:\Users\oly\AppData\Local\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1397311629&from=tugs&uid=WDCXWD5000BEVT-22A0RT0_WD-WXK0A990937109371&q={searchTerms}
uDefault_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1397311629&from=tugs&uid=WDCXWD5000BEVT-22A0RT0_WD-WXK0A990937109371
uDefault_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397311629&from=tugs&uid=WDCXWD5000BEVT-22A0RT0_WD-WXK0A990937109371&q={searchTerms}
mStart Page = about:blank
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://start.facemoods.com/?a=ironto&s={searchTerms}&f=4
uURLSearchHooks: {8aea5d83-e11b-44a6-9651-920f46feb550} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: DataMngr: {9D717F81-9148-4f12-8568-69135F087DB0} - 
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Search-Results Toolbar: {f34c9277-6577-4dff-b2d7-7d58092f272f} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll
TB: Search-Results Toolbar: {f34c9277-6577-4dff-b2d7-7d58092f272f} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Google Update] "C:\Users\oly\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
uRun: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_77_Plugin.exe -update plugin
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
mRun: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
mRun: [PSNUpd] "C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\psnupd.exe" /UpgradeNotification
mRun: [Upg_to_1_3] "C:\ProgramData\Upg_1.0.x_1.3.0\PsUnSetupLauncher.exe" "/FIRST"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office15\ONBttnIE.dll/105
IE: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
TCP: NameServer = 192.168.0.1 192.168.0.2
TCP: Interfaces\{3211F2B4-88D7-4228-B976-0C5E66035888} : DHCPNameServer = 139.7.30.126 139.7.30.125
TCP: Interfaces\{4A45D2E9-238F-469C-AC1F-9611F635012E} : DHCPNameServer = 192.168.0.1 192.168.0.2
TCP: Interfaces\{4A45D2E9-238F-469C-AC1F-9611F635012E}\075647271647563737 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{4A45D2E9-238F-469C-AC1F-9611F635012E}\7596E646027596649602337486C45576 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{4A45D2E9-238F-469C-AC1F-9611F635012E}\D4F647865627665736B6562737 : DHCPNameServer = 192.168.2.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\PROGRA~3\Wincert\WIN32C~1.DLL     
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: DataMngr: {9D717F81-9148-4f12-8568-69135F087DB0} - 
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
x64-Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [PLFSetI] C:\Windows\PLFSetI.exe
x64-Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
x64-Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\
FF - prefs.js: browser.search.selectedEngine - Search Results
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=400&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=6403317284154789&o=APN10645&q=
FF - plugin: C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL
FF - plugin: C:\PROGRA~2\MOZILL~1\plugins\npMeetingJoinPluginOC.dll
FF - plugin: C:\PROGRA~2\MOZILL~1\plugins\nppdf32.dll
FF - plugin: C:\PROGRA~2\MOZILL~1\plugins\nppl3260.dll
FF - plugin: C:\PROGRA~2\MOZILL~1\plugins\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Users\oly\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\oly\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: C:\Users\oly\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\oly\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2014-02-24 09:07; {20d1f7b3-7721-4da0-b6f3-78bb4d7248f4}; C:\Program Files (x86)\Browser Guard\browserguard.xpi
FF - ExtSQL: 2014-04-12 16:08; quick_start@gmail.com; C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\extensions\quick_start@gmail.com
FF - ExtSQL: 2014-04-12 16:09; ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com; C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com
FF - ExtSQL: 2014-04-12 16:09; a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com; C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com
FF - ExtSQL: 2014-04-15 19:25; {ad9a41d2-9a49-4fa6-a79e-71a0785364c8}; C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
FF - ExtSQL: 2014-04-15 19:25; ffxtlbr@mysearchdial.com; C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\extensions\ffxtlbr@mysearchdial.com
FF - ExtSQL: !HIDDEN! 2014-04-12 16:08; quick_start@gmail.com; C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\extensions\quick_start@gmail.com
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109217
FF - user.js: extensions.BabylonToolbar_i.babExt - 
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - a4366488000000000000c417fe1e3d05
FF - user.js: extensions.BabylonToolbar_i.hardId - a4366488000000000000c417fe1e3d05
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15449
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1722:17:54
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
FF - user.js: extensions.autoDisableScopes - 14
.
.
============= SERVICES / DRIVERS ===============
.
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-12-30 202752]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-12-30 844320]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-8-28 1150496]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-9-25 62720]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-11-5 2320920]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-11-5 240160]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-11-5 56344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2009-7-23 40448]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-3-13 111616]
S3 jrdusbser;Modem Interface Device for Legacy Serial Communication;C:\Windows\System32\drivers\jrdusbser.sys [2011-10-24 120832]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-8-6 320040]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-8-2 22528]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-23 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-7-9 1255736]
.
=============== Created Last 30 ================
.
2014-04-19 00:50:10 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FC502934-4E04-483A-82D5-4AB861B03565}\offreg.dll
2014-04-18 15:35:33 -------- d-----w- C:\Users\oly\AppData\Local\{0C13DFBB-2960-40A1-99A5-87A39341D61A}
2014-04-18 11:30:49 10651704 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FC502934-4E04-483A-82D5-4AB861B03565}\mpengine.dll
2014-04-17 16:03:32 -------- d-----w- C:\Users\oly\AppData\Local\{8BF2DFB1-AA2D-4A6F-984C-EF281A7F7608}
2014-04-17 13:44:27 -------- d-----w- C:\Users\oly\AppData\Local\{BB8D005A-52EB-4DF8-A17E-EFAE54921F40}
2014-04-17 12:46:59 -------- d-----w- C:\Users\oly\AppData\Local\{212C6ED2-6F57-4D2F-9FC8-53E78879E195}
2014-04-17 12:41:19 -------- d-----w- C:\Windows\Options
2014-04-17 09:01:31 -------- d-----w- C:\Users\oly\AppData\Local\{8AC2B4FE-C38D-4748-A797-F2042988A8F5}
2014-04-17 08:24:12 -------- d-----w- C:\Users\oly\AppData\Local\{410D9A97-1A91-4604-89DA-6D9D7EAB7F44}
2014-04-15 18:26:42 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-04-15 18:26:42 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-04-15 18:06:56 1684928 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2014-04-15 17:31:58 -------- d-----w- C:\Program Files (x86)\Browser Guard
2014-04-15 17:24:51 -------- d-----w- C:\Users\oly\AppData\Local\PriceMeterLiveUpdate
2014-04-15 17:24:51 -------- d-----w- C:\ProgramData\PriceMeterLiveUpdate
2014-04-15 17:24:51 -------- d-----w- C:\Program Files (x86)\PriceMeterLiveUpdate
2014-04-15 17:24:50 -------- d-----w- C:\Users\oly\AppData\Roaming\PriceMeterUpdater
2014-04-15 17:24:50 -------- d-----w- C:\Users\oly\AppData\Roaming\DigitalSites
2014-04-15 17:10:06 -------- d-----w- C:\Users\oly\AppData\Local\{A6BA189F-B131-472B-A555-898B78A04B46}
2014-04-15 06:45:41 -------- d-----w- C:\Users\oly\AppData\Local\{18C1CA39-7F17-4460-B97F-C9E97AA35C8E}
2014-04-14 21:25:04 -------- d-----w- C:\Users\oly\AppData\Local\{689B18B4-DEBC-4388-8426-50F135D86054}
2014-04-14 16:07:26 -------- d-----w- C:\Users\oly\AppData\Roaming\Advanced System Protector
2014-04-14 16:06:17 -------- d-----w- C:\Users\oly\AppData\Roaming\systweak
2014-04-14 16:06:15 -------- d-----w- C:\Program Files (x86)\RegClean Pro
2014-04-14 15:47:18 -------- d-----w- C:\Users\oly\AppData\Local\{75C57D07-B311-47C7-9E2C-59D31449717A}
2014-04-14 15:17:55 -------- d-----w- C:\ProgramData\Malwarebytes
2014-04-14 15:17:55 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-13 12:56:23 -------- d-----w- C:\Users\oly\AppData\Roaming\AVAST Software
2014-04-13 12:24:34 -------- d-----w- C:\Users\oly\AppData\Local\{3435DD98-8AE1-45C1-9F7F-88F682DBE4F1}
2014-04-13 11:58:35 -------- d-----w- C:\Program Files\AVAST Software
2014-04-13 11:55:40 -------- d-----w- C:\ProgramData\AVAST Software
2014-04-12 14:10:45 -------- d-----w- C:\Users\oly\AppData\Roaming\SupTab
2014-04-12 14:10:34 -------- d-----w- C:\ProgramData\WPM
2014-04-12 14:08:54 -------- d-----w- C:\Users\oly\AppData\Roaming\webssearches
2014-04-12 14:06:46 1097384 ----a-w- C:\Users\oly\AppData\Local\nsjA55A.tmp
2014-04-12 14:06:06 -------- d-----w- C:\Program Files (x86)\MediaPlayerplus
2014-04-12 14:05:52 -------- d-----w- C:\Program Files (x86)\HQVid8.1v4
2014-04-12 14:04:38 -------- d-----w- C:\Users\oly\AppData\Local\Genesis
2014-04-10 01:48:30 -------- d-----w- C:\Users\oly\AppData\Local\{6EFD378D-83B2-43F7-8653-99B70917C4C6}
2014-04-01 18:50:26 -------- d-----w- C:\Users\oly\AppData\Local\{D74B8D96-8D93-4DE2-A3FD-8F50FCDE5AC9}
2014-03-30 09:28:27 -------- d-----w- C:\Users\oly\AppData\Local\{2767B13B-0DED-408E-906E-D9B87F050CEB}
.
==================== Find3M  ====================
.
2014-03-31 07:35:08 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-03-12 00:51:09 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-12 00:51:09 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-03-04 09:44:21 362496 ----a-w- C:\Windows\System32\wow64win.dll
2014-03-04 09:44:21 243712 ----a-w- C:\Windows\System32\wow64.dll
2014-03-04 09:44:21 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2014-03-04 09:44:03 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2014-03-04 09:17:19 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2014-03-04 09:17:05 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2014-03-04 09:16:54 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2014-03-04 09:16:18 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2014-03-04 08:09:30 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2014-03-04 08:09:29 2048 ----a-w- C:\Windows\SysWow64\user.exe
2014-03-01 05:16:26 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-03-01 04:52:55 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-03-01 04:51:59 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-03-01 04:33:52 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-03-01 04:33:34 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-03-01 04:32:59 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-03-01 04:23:49 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-01 03:54:33 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-03-01 03:52:43 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-03-01 03:51:53 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-01 03:38:26 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-03-01 03:37:35 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-03-01 03:35:11 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-03-01 03:14:15 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-03-01 03:10:28 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-03-01 03:00:08 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-03-01 02:32:16 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-07 01:23:30 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-02-04 02:35:56 190912 ----a-w- C:\Windows\System32\drivers\storport.sys
2014-02-04 02:35:49 274880 ----a-w- C:\Windows\System32\drivers\msiscsi.sys
2014-02-04 02:35:35 27584 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2014-02-04 02:32:22 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-02-04 02:32:12 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-02-04 02:28:36 2048 ----a-w- C:\Windows\System32\iologmsg.dll
2014-02-04 02:04:22 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-02-04 02:04:11 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-02-04 02:00:39 2048 ----a-w- C:\Windows\SysWow64\iologmsg.dll
2014-01-29 02:32:18 484864 ----a-w- C:\Windows\System32\wer.dll
2014-01-29 02:06:47 381440 ----a-w- C:\Windows\SysWow64\wer.dll
2014-01-28 02:32:46 228864 ----a-w- C:\Windows\System32\wwansvc.dll
2013-07-16 09:32:14 4188160 ----a-w- C:\Program Files (x86)\GUTCCA7.tmp
2008-05-15 08:59:06 7726360 ----a-w- C:\Program Files (x86)\Google_Earth_CZXV.exe
.
============= FINISH: 19:53:07,28 ===============
 attach
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume2
Install Date: 9/2/2010 7:52:49 μμ
System Uptime: 20/4/2014 5:14:39 μμ (50 hours ago)
.
Motherboard: Acer            |  | Aspire 5740                    
Processor: Intel® Core™ i3 CPU       M 330  @ 2.13GHz | CPU 1 | 2133/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 453 GiB total, 217,994 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Broadcom NetLink ™ Gigabit Ethernet
Device ID: PCI\VEN_14E4&DEV_1692&SUBSYS_033D1025&REV_01\4&367A701E&0&00E0
Manufacturer: Broadcom
Name: Broadcom NetLink ™ Gigabit Ethernet
PNP Device ID: PCI\VEN_14E4&DEV_1692&SUBSYS_033D1025&REV_01\4&367A701E&0&00E0
Service: k57nd60a
.
==== System Restore Points ===================
.
RP566: 13/4/2014 2:55:07 μμ - avast! antivirus system restore point
RP567: 13/4/2014 3:40:07 μμ - avast! antivirus system restore point
RP568: 13/4/2014 3:59:58 μμ - avast! antivirus system restore point
RP569: 13/4/2014 7:55:39 μμ - avast! antivirus system restore point
RP570: 14/4/2014 5:47:47 μμ - avast! antivirus system restore point
RP571: 14/4/2014 11:25:08 μμ - avast! antivirus system restore point
RP572: 14/4/2014 11:30:56 μμ - Removed Bonjour
RP574: 15/4/2014 8:14:33 μμ - Windows Update
RP575: 17/4/2014 10:27:13 πμ - Windows Update
RP576: 17/4/2014 2:16:01 μμ - Απεγκατεστημένο COSMOTE Internet On The Go
RP577: 17/4/2014 2:18:54 μμ - Removed OpenOffice.org 3.4.1
RP578: 17/4/2014 2:19:37 μμ - Removed OpenOffice.org 3.4.1
RP579: 17/4/2014 2:22:54 μμ - Removed STATISTICA 7
RP580: 17/4/2014 2:30:29 μμ - Removed ActivePerl 5.16.3 Build 1603
RP581: 17/4/2014 2:36:07 μμ - Removed CREDANT EMS 64-bit.
RP582: 17/4/2014 2:37:20 μμ - Removed Facebook Video Calling 2.0.0.447
RP583: 17/4/2014 2:42:18 μμ - Configured NTI Media Maker 8
RP584: 17/4/2014 2:49:00 μμ - Configured NTI Backup Now 5
RP585: 17/4/2014 2:52:10 μμ - Removed MyWinLocker.
RP586: 18/4/2014 10:41:26 πμ - Windows Update
.
==== Installed Programs ======================
.
Acer Arcade Deluxe
Acer Backup Manager
Acer Crystal Eye webcam Ver:1.1.124.1120
Acer ePower Management
Acer eRecovery Management
Acer GridVista
Acer Registration
Acer Updater
Acrobat.com
Adobe AIR
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Reader X (10.1.9)
Alcor Micro USB Card Reader
ALPS Touch Pad Driver
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI AVIVO64 Codecs
ATI Catalyst Install Manager
Backup Manager Basic
Bonjour
Broadcom Gigabit NetLink Controller
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
D3DX10
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition
Dropbox
Google Chrome
Google Earth
Google Talk Plugin
Google Update Helper
Google+ Auto Backup
iCloud
Identity Card
Intel® Management Engine Components
Intel® Matrix Storage Manager
iTunes
Java 7 Update 21
Java Auto Updater
Java™ 6 Update 39
Junk Mail filter update
K-Lite Mega Codec Pack 7.0.0
Launch Manager
Mathematica Extras 8.0 (2063897)
Microsoft .NET Framework 4.5.1
Microsoft Access MUI (English) 2013
Microsoft Access Setup Metadata MUI (English) 2013
Microsoft Application Error Reporting
Microsoft DCF MUI (English) 2013
Microsoft Excel MUI (English) 2013
Microsoft Groove MUI (English) 2013
Microsoft InfoPath MUI (English) 2013
Microsoft Lync MUI (English) 2013
Microsoft Office 64-bit Components 2013
Microsoft Office File Validation Add-In
Microsoft Office OSM MUI (English) 2013
Microsoft Office OSM UX MUI (English) 2013
Microsoft Office Professional Plus 2013
Microsoft Office Proofing (English) 2013
Microsoft Office Proofing Tools 2013 - English
Microsoft Office Proofing Tools 2013 - Espanol
Microsoft Office Shared 64-bit MUI (English) 2013
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2013
Microsoft Office Shared MUI (English) 2013
Microsoft Office Shared Setup Metadata MUI (English) 2013
Microsoft Office Suite Activation Assistant
Microsoft OneNote MUI (English) 2013
Microsoft Outlook MUI (English) 2013
Microsoft PowerPoint MUI (English) 2013
Microsoft Publisher MUI (English) 2013
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Word MUI (English) 2013
Microsoft Works
Mozilla Firefox 8.0.1 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Outils de verification linguistique 2013 de Microsoft Office - Francais
PDFCreator
Picasa 3
R for Windows 2.15.0
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
Realtek High Definition Audio Driver
RealUpgrade 1.1
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft Office 2013 (KB2768005) 32-Bit Edition
Security Update for Microsoft Office 2013 (KB2810009) 32-Bit Edition
Security Update for Microsoft Word 2013 (KB2863910) 32-Bit Edition
Skype Click to Call
Skype™ 6.14
Update for Microsoft Access 2013 (KB2768008) 32-Bit Edition
Update for Microsoft Access 2013 (KB2827233) 32-Bit Edition
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition
Update for Microsoft InfoPath 2013 (KB2837648) 32-Bit Edition
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition
Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760539) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760553) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition
Update for Microsoft Office 2013 (KB2817314) 32-Bit Edition
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition
Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition
Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition
Update for Microsoft Office 2013 (KB2826004) 32-Bit Edition
Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition
Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition
Update for Microsoft Office 2013 (KB2863825) 32-Bit Edition
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition
Update for Microsoft Office 2013 (KB2863844) 32-Bit Edition
Update for Microsoft Office 2013 (KB2863860) 32-Bit Edition
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition
Update for Microsoft Project 2013 (KB2727085) 32-Bit Edition
Update for Microsoft Publisher 2013 (KB2837635) 32-Bit Edition
Update for Microsoft Visio 2013 (KB2817306) 32-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition
Update for Microsoft Word 2013 (KB2863909) 32-Bit Edition
Viber
Vim 7.3 (self-installing)
VLC media player 1.1.4
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.11 (32-bit)
Wolfram Mathematica 8 (M-WIN-L 8.0.1 2063990)
.
==== End Of File ===========================
 
 

Thanks for your help.



#4 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,285 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:12:10 AM

Posted 22 April 2014 - 05:10 PM

Hello! Welcome to BleepingComputer Forums! :welcome:
My name is Georgi and and I will be helping you with your computer problems.

Before we begin, please note the following:

  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The logs can take some time to research, so please be patient with me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
  • Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
  • Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.

 

 

Please download the latest version of Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer. Make sure that Addition.txt is ticked as well.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

 

Regards,

Georgi


cXfZ4wS.png


#5 mpias

mpias
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 23 April 2014 - 12:20 PM

Thank you very much for your reply. 

 

FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014
Ran by oly (administrator) on OLY-PC on 23-04-2014 19:10:55
Running from C:\Users\oly\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\system32\atiesrxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\PLFSetI.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apntex.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\oly\AppData\Local\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Users\oly\AppData\Local\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323072 2009-07-23] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-29] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2009-12-30] ()
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-10-01] (Acer Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-09-25] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1100368 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-29] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-11-13] (Acer Corp.)
HKLM-x32\...\Run: [PSNUpd] => C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\psnupd.exe [152896 2010-07-14] (Panda Security, S.L.)
HKLM-x32\...\Run: [Upg_to_1_3] => C:\ProgramData\Upg_1.0.x_1.3.0\PsUnSetupLauncher.exe [275776 2010-12-16] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [295072 2013-02-20] (RealNetworks, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKU\S-1-5-21-2489540118-3917051639-1185735652-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-2489540118-3917051639-1185735652-1001\...\Run: [Google Update] => C:\Users\oly\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-18] (Google Inc.)
HKU\S-1-5-21-2489540118-3917051639-1185735652-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKU\S-1-5-21-2489540118-3917051639-1185735652-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKU\S-1-5-21-2489540118-3917051639-1185735652-1001\...\Run: [com.apple.dav.bookmarks.daemon] => C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
HKU\S-1-5-21-2489540118-3917051639-1185735652-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1315144 2013-09-04] (Apple Inc.)
HKU\S-1-5-21-2489540118-3917051639-1185735652-1001\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_77_Plugin.exe [841096 2014-03-12] (Adobe Systems Incorporated)
HKU\S-1-5-21-2489540118-3917051639-1185735652-1001\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2489540118-3917051639-1185735652-1001\...\MountPoints2: {a00e7b77-7485-11df-b7ed-00262d79aa34} - E:\LaunchU3.exe -a
HKU\S-1-5-21-2489540118-3917051639-1185735652-1001\...\MountPoints2: {be679925-d445-11e1-90be-9fc793fc0661} - F:\AutoRun.exe
HKU\S-1-5-21-2489540118-3917051639-1185735652-1001\...\MountPoints2: {fec5f097-ae30-11e2-85b1-c1c3448d5f6a} - E:\LaunchU3.exe -a
AppInit_DLLs: C:\PROGRA~3\Wincert\WIN64C~1.DLL => C:\ProgramData\Wincert\win64cert.dll [8704 2012-12-20] ()
AppInit_DLLs-x32: C:\PROGRA~3\Wincert\WIN32C~1.DLL => C:\ProgramData\Wincert\win32cert.dll [7168 2012-12-20] ()
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - (No Name) - {8aea5d83-e11b-44a6-9651-920f46feb550} - No File
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2237994
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2237994
SearchScopes: HKCU - {C652D0FA-591D-445A-AD34-87B8F2E92BBD} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=827316&p={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\Datamngr\x64\BROWSE~1.DLL No File
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\Datamngr\BROWSE~1.DLL No File
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Search-Results Toolbar - {f34c9277-6577-4dff-b2d7-7d58092f272f} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll ()
Toolbar: HKLM - No Name - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} -  No File
Toolbar: HKLM - No Name - !{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -  No File
Toolbar: HKLM - No Name - !{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -  No File
Toolbar: HKLM - No Name - !{73455575-E40C-433C-9784-C78DC7761455} -  No File
Toolbar: HKLM - No Name - !{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -  No File
Toolbar: HKLM - No Name - !{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -  No File
Toolbar: HKLM - No Name - !{AA58ED58-01DD-4d91-8333-CF10577473F7} -  No File
Toolbar: HKLM - No Name - !{B4F3A835-0E21-4959-BA22-42B3008E02FF} -  No File
Toolbar: HKLM - No Name - !{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -  No File
Toolbar: HKLM - No Name - !{DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
Toolbar: HKLM - No Name - !{E33CF602-D945-461A-83F0-819F76A199F8} -  No File
Toolbar: HKLM-x32 - Search-Results Toolbar - {f34c9277-6577-4dff-b2d7-7d58092f272f} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll ()
Toolbar: HKLM-x32 - No Name - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} -  No File
Toolbar: HKLM-x32 - No Name - !{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -  No File
Toolbar: HKLM-x32 - No Name - !{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -  No File
Toolbar: HKLM-x32 - No Name - !{73455575-E40C-433C-9784-C78DC7761455} -  No File
Toolbar: HKLM-x32 - No Name - !{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -  No File
Toolbar: HKLM-x32 - No Name - !{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -  No File
Toolbar: HKLM-x32 - No Name - !{AA58ED58-01DD-4d91-8333-CF10577473F7} -  No File
Toolbar: HKLM-x32 - No Name - !{B4F3A835-0E21-4959-BA22-42B3008E02FF} -  No File
Toolbar: HKLM-x32 - No Name - !{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -  No File
Toolbar: HKLM-x32 - No Name - !{DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
Toolbar: HKLM-x32 - No Name - !{E33CF602-D945-461A-83F0-819F76A199F8} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {8AEA5D83-E11B-44A6-9651-920F46FEB550} -  No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
 
FireFox:
========
FF ProfilePath: C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default
FF user.js: detected! => C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\user.js
FF SelectedSearchEngine: Search Results
FF Keyword.URL: hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=400&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=6403317284154789&o=APN10645&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wolfram.com/Mathematica - C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\oly\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\oly\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\oly\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\oly\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Users\oly\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\oly\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\searchplugins\sweetim.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\webssearches.xml
FF Extension: MediaPlayerplus - C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-04-12]
FF Extension: HQVid8.1v4 - C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\Extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com [2014-04-12]
FF Extension: Quick Start - C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\Extensions\quick_start@gmail.com [2014-04-15]
FF Extension: Zotero - C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\Extensions\zotero@chnm.gmu.edu [2012-04-28]
FF Extension: Zotero Word for Windows Integration - C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\Extensions\zoteroWinWordIntegration@zotero.org [2012-04-28]
FF Extension: MySearchDial NewTab - C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} [2014-04-15]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-01-30]
FF Extension: Skype extension for Firefox - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-03-23]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-07-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-23]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} [2013-02-02]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-06-14]
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-02-20]
FF HKCU\...\Firefox\Extensions: [wcapturex@deskperience.com] - C:\Program Files (x86)\Dictionaries Explorer II\WCaptureMoz
 
==================== Services (Whitelisted) =================
 
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
 
==================== Drivers (Whitelisted) ====================
 
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [120832 2011-10-24] (TCT International Mobile Ltd)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-04-23 19:10 - 2014-04-23 19:12 - 00028122 _____ () C:\Users\oly\Desktop\FRST.txt
2014-04-23 19:10 - 2014-04-23 19:10 - 00000000 ____D () C:\FRST
2014-04-23 19:09 - 2014-04-23 19:09 - 02061312 _____ (Farbar) C:\Users\oly\Desktop\FRST64.exe
2014-04-22 19:53 - 2014-04-22 19:53 - 00029955 _____ () C:\Users\oly\Desktop\dds.txt
2014-04-22 19:53 - 2014-04-22 19:53 - 00009984 _____ () C:\Users\oly\Desktop\attach.txt
2014-04-17 18:14 - 2014-04-17 18:14 - 00688992 ____R (Swearware) C:\Users\oly\Desktop\dds.com
2014-04-17 14:41 - 2014-04-17 14:41 - 00000000 ____D () C:\Windows\Options
2014-04-15 20:26 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-15 20:26 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-15 20:26 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-15 20:26 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-15 20:07 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-15 20:07 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-15 20:07 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-15 20:07 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-15 20:07 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-15 20:07 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-15 20:07 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-15 20:07 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-15 20:07 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-15 20:07 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-15 20:07 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-15 20:07 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-15 20:07 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-15 20:07 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-15 20:07 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-15 20:07 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-15 20:06 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-15 19:31 - 2014-04-15 19:51 - 00000000 ____D () C:\Program Files (x86)\Browser Guard
2014-04-15 19:30 - 2014-04-15 19:30 - 00000000 ____D () C:\Users\oly\Documents\PC Speed Maximizer
2014-04-15 19:24 - 2014-04-15 19:51 - 00000000 ____D () C:\Users\oly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMeter
2014-04-15 19:24 - 2014-04-15 19:24 - 00000000 ____D () C:\Users\oly\AppData\Roaming\PriceMeterUpdater
2014-04-15 19:24 - 2014-04-15 19:24 - 00000000 ____D () C:\Users\oly\AppData\Roaming\DigitalSites
2014-04-15 19:24 - 2014-04-15 19:24 - 00000000 ____D () C:\ProgramData\PriceMeterLiveUpdate
2014-04-15 19:24 - 2014-04-15 19:24 - 00000000 ____D () C:\Program Files (x86)\PriceMeterLiveUpdate
2014-04-14 18:07 - 2014-04-14 18:07 - 00000000 ____D () C:\Users\oly\AppData\Roaming\Advanced System Protector
2014-04-14 18:06 - 2014-04-15 19:51 - 00000000 ____D () C:\Users\oly\AppData\Roaming\systweak
2014-04-14 18:06 - 2014-04-15 19:51 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-04-14 17:17 - 2014-04-15 19:51 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-14 17:17 - 2014-04-14 17:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-13 14:56 - 2014-04-13 14:56 - 00000000 ____D () C:\Users\oly\AppData\Roaming\AVAST Software
2014-04-13 13:58 - 2014-04-13 13:58 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-13 13:55 - 2014-04-13 13:56 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-12 16:10 - 2014-04-14 17:41 - 00000000 ____D () C:\Users\oly\AppData\Roaming\SupTab
2014-04-12 16:10 - 2014-04-14 17:41 - 00000000 ____D () C:\ProgramData\WPM
2014-04-12 16:08 - 2014-04-12 16:08 - 00000316 _____ () C:\Users\oly\AppData\Roaming\aps.uninstall.scan.results
2014-04-12 16:06 - 2014-04-15 19:51 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus
2014-04-12 16:05 - 2014-04-15 19:51 - 00000000 ____D () C:\Program Files (x86)\HQVid8.1v4
2014-03-24 22:08 - 2014-03-24 22:09 - 01759480 _____ (Bandoo Media Inc) C:\Users\oly\Downloads\iLividSetup-r1185-n-bc.exe
 
==================== One Month Modified Files and Folders =======
 
2014-04-23 19:12 - 2014-04-23 19:10 - 00028122 _____ () C:\Users\oly\Desktop\FRST.txt
2014-04-23 19:10 - 2014-04-23 19:10 - 00000000 ____D () C:\FRST
2014-04-23 19:09 - 2014-04-23 19:09 - 02061312 _____ (Farbar) C:\Users\oly\Desktop\FRST64.exe
2014-04-23 19:07 - 2012-11-13 05:02 - 00001186 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2489540118-3917051639-1185735652-1001UA.job
2014-04-23 19:07 - 2011-05-19 10:05 - 00000000 ____D () C:\Users\oly\AppData\Roaming\Mozilla
2014-04-23 19:07 - 2010-02-09 22:12 - 00001184 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-23 19:05 - 2013-02-26 06:02 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-23 19:05 - 2009-12-30 01:05 - 01830070 _____ () C:\Windows\WindowsUpdate.log
2014-04-22 22:18 - 2012-11-13 05:02 - 00001134 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2489540118-3917051639-1185735652-1001Core.job
2014-04-22 21:52 - 2010-02-09 22:12 - 00001180 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-22 20:15 - 2009-07-14 06:45 - 00017600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-22 20:15 - 2009-07-14 06:45 - 00017600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-22 19:53 - 2014-04-22 19:53 - 00029955 _____ () C:\Users\oly\Desktop\dds.txt
2014-04-22 19:53 - 2014-04-22 19:53 - 00009984 _____ () C:\Users\oly\Desktop\attach.txt
2014-04-22 00:34 - 2012-11-30 23:42 - 00000000 ____D () C:\Users\oly\Desktop\PhD
2014-04-18 15:03 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-18 15:03 - 2009-07-14 06:51 - 00118139 _____ () C:\Windows\setupact.log
2014-04-18 14:50 - 2010-03-23 02:02 - 00000000 ____D () C:\Users\oly\AppData\Roaming\Skype
2014-04-17 23:54 - 2010-05-22 14:35 - 00002193 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-17 18:14 - 2014-04-17 18:14 - 00688992 ____R (Swearware) C:\Users\oly\Desktop\dds.com
2014-04-17 15:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-17 14:56 - 2009-11-05 05:19 - 00950346 _____ () C:\Windows\PFRO.log
2014-04-17 14:55 - 2009-11-05 02:49 - 00000000 ____D () C:\Program Files (x86)\Acer
2014-04-17 14:51 - 2009-11-05 02:40 - 00000000 ____D () C:\Program Files (x86)\NewTech Infosystems
2014-04-17 14:45 - 2013-06-21 01:15 - 21757952 ____S () C:\Windows\system32\config\SYSTEM.CBT
2014-04-17 14:45 - 2009-11-05 02:49 - 00000000 ____D () C:\Program Files\Google
2014-04-17 14:45 - 2009-11-05 02:49 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-17 14:45 - 2009-07-14 06:45 - 00471920 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-17 14:41 - 2014-04-17 14:41 - 00000000 ____D () C:\Windows\Options
2014-04-17 14:38 - 2009-11-05 02:49 - 00000000 ____D () C:\ProgramData\Google
2014-04-17 14:35 - 2013-04-05 19:17 - 00000000 ____D () C:\Perl
2014-04-17 14:27 - 2010-09-09 13:02 - 00000000 ____D () C:\Users\oly\AppData\Roaming\BSplayer
2014-04-17 14:27 - 2010-09-09 13:02 - 00000000 ____D () C:\Program Files (x86)\Webteh
2014-04-17 14:26 - 2011-03-30 14:49 - 00000000 ____D () C:\Program Files (x86)\Apago
2014-04-17 14:22 - 2010-06-01 13:36 - 00002275 _____ () C:\Users\oly\AppData\Roaming\WWB7_32.DAT
2014-04-17 14:20 - 2010-02-09 20:53 - 00000000 ___RD () C:\Users\oly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-17 14:16 - 2012-07-25 20:52 - 00000000 ____D () C:\Program Files (x86)\COSMOTE
2014-04-17 10:42 - 2009-11-05 05:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-17 10:35 - 2013-08-20 08:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-17 10:33 - 2010-02-15 23:36 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-15 19:51 - 2014-04-15 19:31 - 00000000 ____D () C:\Program Files (x86)\Browser Guard
2014-04-15 19:51 - 2014-04-15 19:24 - 00000000 ____D () C:\Users\oly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMeter
2014-04-15 19:51 - 2014-04-14 18:06 - 00000000 ____D () C:\Users\oly\AppData\Roaming\systweak
2014-04-15 19:51 - 2014-04-14 18:06 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-04-15 19:51 - 2014-04-14 17:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-15 19:51 - 2014-04-12 16:06 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus
2014-04-15 19:51 - 2014-04-12 16:05 - 00000000 ____D () C:\Program Files (x86)\HQVid8.1v4
2014-04-15 19:51 - 2014-02-11 00:17 - 00000000 ____D () C:\Users\oly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-04-15 19:51 - 2013-01-06 22:23 - 00000000 ____D () C:\ProgramData\Wincert
2014-04-15 19:51 - 2013-01-06 22:22 - 00000000 ____D () C:\Program Files (x86)\Search Results Toolbar
2014-04-15 19:51 - 2012-03-07 00:22 - 00000000 ____D () C:\Users\oly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-04-15 19:51 - 2011-11-29 21:29 - 00000000 ____D () C:\Program Files (x86)\DealPly
2014-04-15 19:51 - 2011-09-25 13:58 - 00000000 ____D () C:\Users\oly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-15 19:51 - 2010-02-09 20:53 - 00000000 ___RD () C:\Users\oly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-15 19:51 - 2010-02-09 20:52 - 00000000 ___RD () C:\Users\oly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-15 19:51 - 2010-02-09 20:52 - 00000000 ___RD () C:\Users\oly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-15 19:51 - 2010-02-09 20:52 - 00000000 ____D () C:\Users\oly
2014-04-15 19:51 - 2009-11-05 05:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-04-15 19:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2014-04-15 19:50 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-15 19:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-15 19:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-15 19:48 - 2010-11-01 01:25 - 00000000 ____D () C:\ProgramData\Real
2014-04-15 19:45 - 2013-06-20 18:58 - 00000000 __RHD () C:\MSOCache
2014-04-15 19:30 - 2014-04-15 19:30 - 00000000 ____D () C:\Users\oly\Documents\PC Speed Maximizer
2014-04-15 19:24 - 2014-04-15 19:24 - 00000000 ____D () C:\Users\oly\AppData\Roaming\PriceMeterUpdater
2014-04-15 19:24 - 2014-04-15 19:24 - 00000000 ____D () C:\Users\oly\AppData\Roaming\DigitalSites
2014-04-15 19:24 - 2014-04-15 19:24 - 00000000 ____D () C:\ProgramData\PriceMeterLiveUpdate
2014-04-15 19:24 - 2014-04-15 19:24 - 00000000 ____D () C:\Program Files (x86)\PriceMeterLiveUpdate
2014-04-14 18:07 - 2014-04-14 18:07 - 00000000 ____D () C:\Users\oly\AppData\Roaming\Advanced System Protector
2014-04-14 17:41 - 2014-04-12 16:10 - 00000000 ____D () C:\Users\oly\AppData\Roaming\SupTab
2014-04-14 17:41 - 2014-04-12 16:10 - 00000000 ____D () C:\ProgramData\WPM
2014-04-14 17:17 - 2014-04-14 17:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-13 14:56 - 2014-04-13 14:56 - 00000000 ____D () C:\Users\oly\AppData\Roaming\AVAST Software
2014-04-13 13:58 - 2014-04-13 13:58 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-13 13:56 - 2014-04-13 13:55 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-12 16:08 - 2014-04-12 16:08 - 00000316 _____ () C:\Users\oly\AppData\Roaming\aps.uninstall.scan.results
2014-04-05 14:17 - 2013-08-21 11:25 - 00000000 ____D () C:\Users\oly\Desktop\Diatrofi
2014-04-03 22:19 - 2010-02-21 15:13 - 00001333 _____ () C:\Windows\wininit.ini
2014-04-03 22:13 - 2012-11-13 05:02 - 00004152 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2489540118-3917051639-1185735652-1001UA
2014-04-03 22:13 - 2012-11-13 05:02 - 00003756 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2489540118-3917051639-1185735652-1001Core
2014-03-31 09:35 - 2010-02-10 11:01 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-31 03:16 - 2014-04-15 20:26 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-31 03:13 - 2014-04-15 20:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 02:13 - 2014-04-15 20:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-31 01:57 - 2014-04-15 20:26 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-30 11:33 - 2009-07-14 07:13 - 00786598 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-28 22:47 - 2010-02-09 22:12 - 00004180 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-28 22:47 - 2010-02-09 22:12 - 00003928 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-24 22:09 - 2014-03-24 22:08 - 01759480 _____ (Bandoo Media Inc) C:\Users\oly\Downloads\iLividSetup-r1185-n-bc.exe
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-04-19 00:15
 
==================== End Of Log ============================
 
Have a nice day

Attached Files



#6 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,285 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:12:10 AM

Posted 24 April 2014 - 04:23 AM

Hi,
 
 
Please download the following file => and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 
 
Regards,
Georgi
 


cXfZ4wS.png


#7 mpias

mpias
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 24 April 2014 - 02:36 PM

Hi Georgi,

 

Here is the fix log

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-04-2014
Ran by oly at 2014-04-24 21:31:18 Run:1
Running from C:\Users\oly\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
AppInit_DLLs: C:\PROGRA~3\Wincert\WIN64C~1.DLL => C:\ProgramData\Wincert\win64cert.dll [8704 2012-12-20] ()
AppInit_DLLs-x32: C:\PROGRA~3\Wincert\WIN32C~1.DLL => C:\ProgramData\Wincert\win32cert.dll [7168 2012-12-20] ()
C:\ProgramData\Wincert
URLSearchHook: HKCU - (No Name) - {8aea5d83-e11b-44a6-9651-920f46feb550} - No File
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2237994
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2237994
BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\Datamngr\x64\BROWSE~1.DLL No File
BHO-x32: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\Datamngr\BROWSE~1.DLL No File
BHO-x32: Search-Results Toolbar - {f34c9277-6577-4dff-b2d7-7d58092f272f} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll ()
Toolbar: HKLM - No Name - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} -  No File
Toolbar: HKLM - No Name - !{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -  No File
Toolbar: HKLM - No Name - !{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -  No File
Toolbar: HKLM - No Name - !{73455575-E40C-433C-9784-C78DC7761455} -  No File
Toolbar: HKLM - No Name - !{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -  No File
Toolbar: HKLM - No Name - !{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -  No File
Toolbar: HKLM - No Name - !{AA58ED58-01DD-4d91-8333-CF10577473F7} -  No File
Toolbar: HKLM - No Name - !{B4F3A835-0E21-4959-BA22-42B3008E02FF} -  No File
Toolbar: HKLM - No Name - !{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -  No File
Toolbar: HKLM - No Name - !{DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
Toolbar: HKLM - No Name - !{E33CF602-D945-461A-83F0-819F76A199F8} -  No File
Toolbar: HKLM-x32 - Search-Results Toolbar - {f34c9277-6577-4dff-b2d7-7d58092f272f} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll ()
Toolbar: HKLM-x32 - No Name - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} -  No File
Toolbar: HKLM-x32 - No Name - !{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -  No File
Toolbar: HKLM-x32 - No Name - !{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -  No File
Toolbar: HKLM-x32 - No Name - !{73455575-E40C-433C-9784-C78DC7761455} -  No File
Toolbar: HKLM-x32 - No Name - !{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -  No File
Toolbar: HKLM-x32 - No Name - !{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -  No File
Toolbar: HKLM-x32 - No Name - !{AA58ED58-01DD-4d91-8333-CF10577473F7} -  No File
Toolbar: HKLM-x32 - No Name - !{B4F3A835-0E21-4959-BA22-42B3008E02FF} -  No File
Toolbar: HKLM-x32 - No Name - !{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -  No File
Toolbar: HKLM-x32 - No Name - !{DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
Toolbar: HKLM-x32 - No Name - !{E33CF602-D945-461A-83F0-819F76A199F8} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {8AEA5D83-E11B-44A6-9651-920F46FEB550} -  No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
FF Keyword.URL: hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=400&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=6403317284154789&o=APN10645&q=
FF SearchPlugin: C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\searchplugins\sweetim.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\webssearches.xml
FF Extension: MediaPlayerplus - C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-04-12]
FF Extension: HQVid8.1v4 - C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\Extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com [2014-04-12]
FF Extension: Quick Start - C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\Extensions\quick_start@gmail.com [2014-04-15]
FF Extension: MySearchDial NewTab - C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} [2014-04-15]
2014-04-15 19:31 - 2014-04-15 19:51 - 00000000 ____D () C:\Program Files (x86)\Browser Guard
2014-04-15 19:30 - 2014-04-15 19:30 - 00000000 ____D () C:\Users\oly\Documents\PC Speed Maximizer
2014-04-15 19:24 - 2014-04-15 19:51 - 00000000 ____D () C:\Users\oly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMeter
2014-04-15 19:24 - 2014-04-15 19:24 - 00000000 ____D () C:\Users\oly\AppData\Roaming\PriceMeterUpdater
2014-04-15 19:24 - 2014-04-15 19:24 - 00000000 ____D () C:\Users\oly\AppData\Roaming\DigitalSites
2014-04-15 19:24 - 2014-04-15 19:24 - 00000000 ____D () C:\ProgramData\PriceMeterLiveUpdate
2014-04-15 19:24 - 2014-04-15 19:24 - 00000000 ____D () C:\Program Files (x86)\PriceMeterLiveUpdate
2014-04-14 18:07 - 2014-04-14 18:07 - 00000000 ____D () C:\Users\oly\AppData\Roaming\Advanced System Protector
2014-04-14 18:06 - 2014-04-15 19:51 - 00000000 ____D () C:\Users\oly\AppData\Roaming\systweak
2014-04-14 18:06 - 2014-04-15 19:51 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-04-12 16:10 - 2014-04-14 17:41 - 00000000 ____D () C:\Users\oly\AppData\Roaming\SupTab
2014-04-12 16:10 - 2014-04-14 17:41 - 00000000 ____D () C:\ProgramData\WPM
2014-04-12 16:08 - 2014-04-12 16:08 - 00000316 _____ () C:\Users\oly\AppData\Roaming\aps.uninstall.scan.results
2014-04-12 16:06 - 2014-04-15 19:51 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus
2014-04-12 16:05 - 2014-04-15 19:51 - 00000000 ____D () C:\Program Files (x86)\HQVid8.1v4
2014-03-24 22:08 - 2014-03-24 22:09 - 01759480 _____ (Bandoo Media Inc) C:\Users\oly\Downloads\iLividSetup-r1185-n-bc.exe
2014-04-15 19:51 - 2013-01-06 22:22 - 00000000 ____D () C:\Program Files (x86)\Search Results Toolbar
2014-04-15 19:51 - 2011-11-29 21:29 - 00000000 ____D () C:\Program Files (x86)\DealPly
Task: {9E321510-3D0D-45FF-AEB3-C1F8046D7D56} - \DealPlyUpdate No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:93DE1838
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
C:\Users\oly\AppData\Local\Temp
end
*****************
 
"C:\PROGRA~3\Wincert\WIN64C~1.DLL" => Value Data removed successfully.
"C:\PROGRA~3\Wincert\WIN32C~1.DLL" => Value Data removed successfully.
C:\ProgramData\Wincert => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{8aea5d83-e11b-44a6-9651-920f46feb550} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully.
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} => Key deleted successfully.
HKCR\CLSID\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully.
HKCR\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0} => Key deleted successfully.
HKCR\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f34c9277-6577-4dff-b2d7-7d58092f272f} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{f34c9277-6577-4dff-b2d7-7d58092f272f} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\!{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => Value deleted successfully.
HKCR\CLSID\!{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} => Value deleted successfully.
HKCR\CLSID\!{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{73455575-E40C-433C-9784-C78DC7761455} => Value deleted successfully.
HKCR\CLSID\!{73455575-E40C-433C-9784-C78DC7761455} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Value deleted successfully.
HKCR\CLSID\!{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} => Value deleted successfully.
HKCR\CLSID\!{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{AA58ED58-01DD-4d91-8333-CF10577473F7} => Value deleted successfully.
HKCR\CLSID\!{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{B4F3A835-0E21-4959-BA22-42B3008E02FF} => Value deleted successfully.
HKCR\CLSID\!{B4F3A835-0E21-4959-BA22-42B3008E02FF} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => Value deleted successfully.
HKCR\CLSID\!{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{DBC80044-A445-435b-BC74-9C25C1C588A9} => Value deleted successfully.
HKCR\CLSID\!{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{E33CF602-D945-461A-83F0-819F76A199F8} => Value deleted successfully.
HKCR\CLSID\!{E33CF602-D945-461A-83F0-819F76A199F8} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{f34c9277-6577-4dff-b2d7-7d58092f272f} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{f34c9277-6577-4dff-b2d7-7d58092f272f} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{73455575-E40C-433C-9784-C78DC7761455} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{73455575-E40C-433C-9784-C78DC7761455} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{AA58ED58-01DD-4d91-8333-CF10577473F7} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{B4F3A835-0E21-4959-BA22-42B3008E02FF} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{B4F3A835-0E21-4959-BA22-42B3008E02FF} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{DBC80044-A445-435b-BC74-9C25C1C588A9} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{E33CF602-D945-461A-83F0-819F76A199F8} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{E33CF602-D945-461A-83F0-819F76A199F8} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8AEA5D83-E11B-44A6-9651-920F46FEB550} => Value deleted successfully.
HKCR\CLSID\{8AEA5D83-E11B-44A6-9651-920F46FEB550} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} => Value deleted successfully.
HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key deleted successfully.
Firefox Keyword.URL deleted successfully.
C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\searchplugins\Mysearchdial.xml => Moved successfully.
C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\searchplugins\Search_Results.xml => Moved successfully.
C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\searchplugins\sweetim.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\webssearches.xml => Moved successfully.
C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com => Moved successfully.
C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\Extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com => Moved successfully.
C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\Extensions\quick_start@gmail.com => Moved successfully.
C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} => Moved successfully.
C:\Program Files (x86)\Browser Guard => Moved successfully.
C:\Users\oly\Documents\PC Speed Maximizer => Moved successfully.
C:\Users\oly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMeter => Moved successfully.
C:\Users\oly\AppData\Roaming\PriceMeterUpdater => Moved successfully.
C:\Users\oly\AppData\Roaming\DigitalSites => Moved successfully.
C:\ProgramData\PriceMeterLiveUpdate => Moved successfully.
C:\Program Files (x86)\PriceMeterLiveUpdate => Moved successfully.
C:\Users\oly\AppData\Roaming\Advanced System Protector => Moved successfully.
C:\Users\oly\AppData\Roaming\systweak => Moved successfully.
C:\Program Files (x86)\RegClean Pro => Moved successfully.
C:\Users\oly\AppData\Roaming\SupTab => Moved successfully.
C:\ProgramData\WPM => Moved successfully.
C:\Users\oly\AppData\Roaming\aps.uninstall.scan.results => Moved successfully.
C:\Program Files (x86)\MediaPlayerplus => Moved successfully.
C:\Program Files (x86)\HQVid8.1v4 => Moved successfully.
C:\Users\oly\Downloads\iLividSetup-r1185-n-bc.exe => Moved successfully.
C:\Program Files (x86)\Search Results Toolbar => Moved successfully.
C:\Program Files (x86)\DealPly => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E321510-3D0D-45FF-AEB3-C1F8046D7D56} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E321510-3D0D-45FF-AEB3-C1F8046D7D56} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate => Key deleted successfully.
C:\ProgramData\Temp => ":0B9176C0" ADS removed successfully.
C:\ProgramData\Temp => ":93DE1838" ADS removed successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MCODS => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MpfService => Key deleted successfully.
C:\Users\oly\AppData\Local\Temp => Moved successfully.
 
==== End of Fixlog ====
 
Thanks for the help


#8 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,285 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:12:10 AM

Posted 24 April 2014 - 06:09 PM

Hello,

 

Is the Bad Image error gone?

 

 

STEP 1

 

 

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

 

 

STEP 2

 

 

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

 

Regards,

Georgi


cXfZ4wS.png


#9 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,285 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:12:10 AM

Posted 29 April 2014 - 04:45 AM

Hi,

 

Are you still around?

 

 

Regards,

Georgi


cXfZ4wS.png


#10 mpias

mpias
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 29 April 2014 - 06:01 AM

Hi Georgi,

 

I am not home these days, so I will check in a couple of days if the error is still there. If it is not do I need still need to do the 2 steps that you mention on the previous reply?

 

Thanks again :),

mpias



#11 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,285 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:12:10 AM

Posted 29 April 2014 - 06:10 AM

Hi,

 

Ok, thanks for letting me know. :)

 

If it is not do I need still need to do the 2 steps that you mention on the previous reply?

 

Yes, it's recommended to use them to make sure that all leftovers from any potentially unwanted applications are gone. :)

 

 

Regards,

Georgi


cXfZ4wS.png


#12 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,285 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:12:10 AM

Posted 07 May 2014 - 01:32 PM

Hello,

 

Do you still need assistance?

 

 

Regards,

Georgi


cXfZ4wS.png


#13 mpias

mpias
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 07 May 2014 - 03:12 PM

Hello Georgi,

 

I did the 2 steps. 

First log file :

# AdwCleaner v3.207 - Report created 07/05/2014 at 21:14:22
# Updated 05/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : oly - OLY-PC
# Running from : C:\Users\oly\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BabylonUpdater
[#] Folder Deleted : C:\ProgramData\Browser Manager
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Users\oly\AppData\Local\apn
Folder Deleted : C:\Users\oly\AppData\Local\Babylon
Folder Deleted : C:\Users\oly\AppData\Local\Genesis
Folder Deleted : C:\Users\oly\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\oly\AppData\Local\PriceMeterLiveUpdate
Folder Deleted : C:\Users\oly\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\oly\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\oly\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\oly\AppData\LocalLow\facemoods.com
Folder Deleted : C:\Users\oly\AppData\LocalLow\ilividtoolbarguid
Folder Deleted : C:\Users\oly\AppData\LocalLow\searchresultstb
Folder Deleted : C:\Users\oly\AppData\Roaming\Babylon
Folder Deleted : C:\Users\oly\AppData\Roaming\webssearches
Folder Deleted : C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\ilividtoolbarguid
Folder Deleted : C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm
Folder Deleted : C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Extensions\iagcajndpnfncplednpbnkahadegklfa
Folder Deleted : C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd
File Deleted : C:\Users\oly\AppData\Local\speedial.crx
File Deleted : C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\user.js
File Deleted : C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Key Deleted : HKCU\Software\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklfa
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Key Deleted : HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wsconduit__166_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wsconduit__166_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2035700
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2237994
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2405280
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\softonicdownloader_for_realplayer-sp_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\softonicdownloader_for_realplayer-sp_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKCU\Software\AnyProtect
Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\genesis
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\ilividtoolbarguid
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\mysearchdial.com
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ilividtoolbarguid
Key Deleted : HKCU\Software\AppDataLow\Software\MediaPlayerplus
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DealPly
Key Deleted : HKLM\Software\iLividSRTB
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\DataMngr
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17041
 
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
 
-\\ Mozilla Firefox v8.0.1 (en-US)
 
[ File : C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\prefs.js ]
 
Line Deleted : user_pref("browser.search.selectedEngine", "Search Results");
 
-\\ Google Chrome v34.0.1847.131
 
[ File : C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://start.facemoods.com/?a=ironto&s={searchTerms}&f=4
Deleted [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={28542D35-1AC2-11E1-97C4-00262D79AA34}
Deleted [Search Provider] : hxxp://dts.search-results.com/sr?src=crb&gct=ds&appid=400&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=6403317284154789&q={searchTerms}
Deleted [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1397311629&from=tugs&uid=WDCXWD5000BEVT-22A0RT0_WD-WXK0A990937109371&q={searchTerms}
Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Deleted [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites05_14_16_ff&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtC0EtA0DtDyDyCyEzzzztN0D0Tzu0SzztAyCtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StA0EtAyByByC0C0BtG0CyDyCtAtGyE0CzytDtGzz0EtC0AtGyDyD0AzztD0BtBtDyC0EtBtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtAyCtAyBtAyBtAtG0AzztAtCtGyB0FtCtDtGyD0EyD0FtGtDzz0F0DyE0AzztCyDyC0D0A2Q&cr=91979805&ir=
Deleted [Search Provider] : hxxp://www.cell.com/action/doSearch?searchType=quick&searchText={searchTerms}&occurrences=all&journalCode=&searchScope=fullSite
Deleted [Startup_urls] : hxxp://start.mysearchdial.com/?f=1&a=dsites05_14_16_ch&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtC0EtA0DtDyDyCyEzzzztN0D0Tzu0SzztAyCtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StAyBtC0E0B0E0F0AtGyB0B0DyDtG0DtC0CyDtG0B0A0CzztGtD0CtByDyD0FtCzzzzyDtCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtAyCtAyBtAyBtAtG0AzztAtCtGyB0FtCtDtGyD0EyD0FtGtDzz0F0DyE0AzztCyDyC0D0A2Q&cr=741511541&ir=
Deleted [Startup_urls] : hxxp://start.mysearchdial.com/?f=1&a=dsites05_14_16_ff&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtC0EtA0DtDyDyCyEzzzztN0D0Tzu0SzztAyCtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StA0EtAyByByC0C0BtG0CyDyCtAtGyE0CzytDtGzz0EtC0AtGyDyD0AzztD0BtBtDyC0EtBtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtAyCtAyBtAyBtAtG0AzztAtCtGyB0FtCtDtGyD0EyD0FtGtDzz0F0DyE0AzztCyDyC0D0A2Q&cr=91979805&ir=
Deleted [Extension] : deghekbbihbapplmbffglehkdhkeibbm
Deleted [Extension] : gaiilaahiahdejapggenmdmafpmbipje
Deleted [Extension] : iagcajndpnfncplednpbnkahadegklfa
Deleted [Extension] : jplinpmadfkdgipabgcdchbdikologlh
Deleted [Extension] : majjphhgppkndjjkmhhnbgafooenebhd
Deleted [Extension] : niapdbllcanepiiimjjndipklodoedlc
Deleted [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma
 
*************************
 
AdwCleaner[R0].txt - [12606 octets] - [07/05/2014 21:10:33]
AdwCleaner[S0].txt - [13375 octets] - [07/05/2014 21:14:22]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13436 octets] ##########
 
Second:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by oly on ’« 07/05/2014 at 22:02:38,95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2489540118-3917051639-1185735652-1001\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dsiteproducts
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2489540118-3917051639-1185735652-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetupV1 (1)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetupV1 (1)_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetupV1 (1)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetupV1 (1)_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\oly\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\oly\AppData\Roaming\thinstall"
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{00493BFA-FA1E-41B9-A8EE-D1CD1F190C4D}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{0105027E-D413-410B-A799-D326AAF755B6}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{01C8FFC3-5FCC-4E72-9652-24369D912C6B}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{01D421AC-0E52-4052-BBC3-6E0917E2D3C9}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{02CA73FF-7849-48F8-8DE9-B3599CC010E5}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{02FC2AF4-4892-4D6C-BAA3-A2C12ED3134D}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{03134C1F-11E5-411A-901D-259DEA7AE56F}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{0332B8F4-D83E-4D03-B747-9B2704AB4A39}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{03820E23-D834-4D97-99CE-7674F3299DDE}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{03BD57C8-5A98-4ABB-B68D-40F9C968046B}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{03D527FC-4C5D-46BC-B900-FE6F2473E958}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{03FA6ECE-3E08-4A08-B350-7241F8501C92}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{0516A843-F52C-40AD-B2BB-CFB19000F594}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{0538FDF3-CD19-418F-BAD0-97A816AEC202}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{060D80A2-F5C7-47B7-9C38-1B2DC470F7CC}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{061544D6-5695-4CFF-97B3-CDE5001CBCDF}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{065741A6-B79B-4117-90EE-20367F4748C0}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{06AA3085-79A3-49E3-B5F7-35FD6A45BB66}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{08644D32-15D0-44F2-BB4A-C1B60C080B3B}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{08CB427B-CED9-4606-A961-2A7C87B9743D}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{09CEADFC-F31E-4E87-8263-98B6DCC98D33}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{0B833854-05F4-485B-BCD5-09E76ED4C731}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{0BC116FD-88EC-4B0B-8CF4-419EECDB2944}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{0BC90A4D-667B-48D4-B111-B5632CB90CE3}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{0C13DFBB-2960-40A1-99A5-87A39341D61A}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{0C16379A-ED97-42A7-9015-7FB166DCA701}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{0CC73DBE-853E-40B1-A8D6-5F4A1FFBD544}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{0DC9C90B-A18E-4AC8-B679-AE6B7CDE2258}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{0EA6FBE5-568C-4484-B19E-D823C1F6FBA1}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{0F30E284-E5BA-4258-92AB-08445E1B2C2B}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{0F456B8D-ABCA-4602-8B75-24D5B9A1E5B2}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{1042E548-2D67-4541-9496-7FD675F7C399}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{108DCCE4-2820-4B13-ADCE-C3B739511445}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{1105DE96-5A88-4B33-B35D-148457A870BC}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{116381ED-9E84-4AE6-A693-B298E1E18E84}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{11DFF59F-0553-4D29-B117-9969ADA96ACB}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{1241301E-0AC4-4504-8179-E7F54B2D0345}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{127B02BF-5B09-44B3-98D2-F1539CEFE2FA}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{130B9DF1-BDB0-4EA3-86D6-8EEDF5508BD0}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{138C20B0-C317-474C-8775-C44293BCAB59}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{139A2436-D0B4-4332-94E0-FCBB01749153}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{13C2A68C-78B2-46D2-8204-182C99D43069}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{13D11D37-4810-456C-A0A0-803AC7D45D08}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{15D5F8D2-181C-4FD4-9624-F7272F868A17}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{15EE3891-561C-45EB-9318-2B85885C8C93}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{1671F7BA-E24D-41E0-A58C-37F2388BA9C8}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{168D907F-CC9D-41C8-9566-5CABA0734B06}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{16D02604-D8DE-433A-B3D1-D1345AC989DD}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{1701E7DD-B12D-4098-BE52-F6C62571BB5A}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{17180ABD-63E7-4601-93AC-A80B1425D3E3}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{17B99FFA-BBC3-4C02-A0B2-547C009FD0BC}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{18180A1A-B451-415B-A9DD-B4F1370C80B2}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{18819073-03B3-4E36-869E-AB7AAF7F03F9}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{18C1CA39-7F17-4460-B97F-C9E97AA35C8E}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{193B56E4-10D7-48EB-9D17-301DEC1E61B5}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{19EF80BC-E2F4-498C-BE39-C05827E2DF14}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{1A9CAE25-D61D-4009-AD50-D4728F0B28D8}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{1AE5C038-4A40-411E-82EC-B9CF7C8C2699}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{1B0BA1E3-93A5-4C1A-B646-5C9054E84142}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{1B1D8997-BE51-416A-8F0A-3BA3FE3DBC48}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{1B2D06E1-909E-4EAD-A6C5-386D98C4CD85}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{1B61F131-C888-4F06-8E30-66C98D360680}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{1C25855C-A029-42F1-B66F-67BFDA673FE8}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{1D09EFFF-97A2-470B-A630-A2E51DC94E4D}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{1DC31198-0FE4-453F-95BF-CCC3F9F1B134}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{1E0E3B3E-423B-4A75-821C-9D00882BC258}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{1E14D302-D4EC-4835-AC29-B3837583AE2B}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{1F08C374-E382-4A58-8B14-45739A325388}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{1F9CD36F-9218-40B5-BB5B-1A221BC1444C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{1FA527FB-E281-4EEA-B6EE-4AB2FA823643}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{20DF9EAE-37B9-4D6E-913C-446C558DBBF2}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{212C6ED2-6F57-4D2F-9FC8-53E78879E195}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{222BC352-0913-4C73-BFD7-49F02440FCB5}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{22519C54-066B-465D-A45C-B153828B9778}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{22B7AA0E-401C-49AC-8F8E-F7279D51BFAE}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{23D4988F-44B3-47C0-96C8-2B9A45A64498}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{245DFF75-5E6C-4A28-9719-4893DB9DE8D6}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{2539024B-C0D0-429D-A28B-77052BA6B434}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{253F13E5-5D7F-4AC9-874D-3EFC2B8981ED}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{2767B13B-0DED-408E-906E-D9B87F050CEB}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{287FC205-8CB6-4ADA-ACB1-2AC359009BB5}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{291A0E4E-097E-4CB3-B3C3-38ABE7A9C15D}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{29F7A87E-D68E-4EC9-8404-B682E156BFD5}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{2A046F0A-5BE8-4CDB-B82F-AE155B0137C3}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{2C0EC187-0C3C-4B55-BC04-4BDF8A71DEBF}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{2CA1AE20-87A7-43FF-A00B-4E8A5EF68E06}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{2D798835-5D85-4E13-8E92-BDE27CF656FC}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{2D9B6F07-96A7-4975-8CB1-7782933A6C07}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{2E6CB562-D9F9-4CD3-8925-6A8950B90038}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{303690B6-768B-4AFE-B0C8-55D33CB753C5}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{31B11F82-9747-4243-8ACA-1ACB5E94A068}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{31CDC08D-26D3-4E09-809F-2B2305537877}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{32566B17-4576-4F77-814C-DF666FDA39D0}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{32715B67-8AD2-4F3F-A51C-E86B043123E2}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{32CA57E2-B723-40D8-A66F-80421520B282}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{3305B610-ECE1-4806-A346-A85B95A66B0B}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{33209BAE-2986-42DA-8A7C-4A4AD5B228DB}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{3329B04F-2DDC-4ADD-A62A-D84753FAE8B4}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{33B8DF69-CD5D-42AF-BE0F-4E1372323EA4}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{3435DD98-8AE1-45C1-9F7F-88F682DBE4F1}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{3501A2A9-202C-4ECE-A8D7-F2662C4FBEFB}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{35BF4527-674D-4E0B-9072-27329CC63A8C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{36B9150A-07B2-4ACB-8229-2AA329AFA0F3}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{36E0F175-DCBA-490F-BE7F-4307EAA2CAE8}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{370B6AB8-9FCF-41BC-B4C7-00B171278D19}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{37522DF1-E662-4955-98F0-EAC72E8B866A}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{37656B40-8D0C-491C-84E0-255C31FF277F}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{37D5C91B-52F1-4107-864C-830C0EC9CA9F}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{383222DC-4EA5-4688-8887-BBF59432E6FD}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{3860A757-0A25-4330-9B64-CB7AE92B3BEC}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{387064A4-FFC4-4379-8329-79823221DF2C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{387D06E1-A20B-47C7-B039-A0851AAA7E37}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{38CC54CA-0E79-4BBF-871C-1E1E3FBF4370}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{39113883-2209-4BD3-8BC1-8B5486BD3D33}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{391F1107-C26C-462B-8CA0-4E26F9569FC3}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{397777E3-189B-4A4C-969D-40408C3EA3F6}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{39D88810-3466-4893-A277-9C16F1DFCB6E}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{3A851CD7-85F7-48C6-A750-1BC91CFE1ECF}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{3B10A127-7A64-4918-92F1-C20B7C1A9E79}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{3B2DE78F-F3F8-471A-A3B5-392DBE46D751}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{3BF839BF-026E-4199-9696-997EEC77BA18}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{3C27513E-A35A-4B88-82D0-BA088F7D4B88}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{3C7A781B-BB72-49DC-99D2-C62B7CDBBFDB}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{3C9ADD10-5A06-4EA0-8FF1-381E0891A783}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{3D35F710-F7C9-4A24-B9D1-EF10C60880F1}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{3D85E89B-9727-4033-BABF-7C04FE670166}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{3DC1D3AD-B360-4370-86CC-BFB6A3B0B638}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{3E4E7E49-19A1-4445-ACD2-725FFDC33783}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{3E675E33-19EB-49AF-8D1B-CB106E1EBAD6}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{3E6FA525-EA7C-4024-8F85-2673928B3F54}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{3EC8726F-3BB2-4757-81F7-A5C6E3D718D3}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{3EEA5DCB-E59C-4B2B-8952-568D8BBE56F2}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{3F30BB32-8B4B-41A5-A2D0-31210C11F291}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{3F42ABC1-B2F1-4342-B2A0-22B66F16E98F}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{4014AF3C-D172-4824-8A30-2B3DE9848275}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{40431EF7-35EC-4F66-BCFD-F0DD6A3056D9}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{40D9C16B-52C4-4C5F-8D41-C0A27C72E76F}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{40DAF02F-8C4B-44B7-936A-EC968898A764}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{410D9A97-1A91-4604-89DA-6D9D7EAB7F44}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{4168D170-591A-43D7-94BA-0610EBC794C1}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{41B18B3A-38C6-40E1-AAD4-15B2187768A9}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{41C075BA-81D3-4224-9405-F68A14EA4F75}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{41C459D9-6840-4520-800D-A57B38E60E7C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{41E65E20-3C65-4D21-85E0-64CB41BCC53B}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{4232AAB4-5B9D-4316-BBCE-231059A8DC47}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{423A18CE-6CA3-4724-9050-A9C48D26104E}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{423C58C7-36B7-4A5E-884C-6ABDF58B3897}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{43B0C0EB-551B-4E4B-808F-E1946C97255C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{43B820F3-1E7A-4E51-BF6D-C8A6A40FDA75}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{4407CD22-A9EE-4382-8DD8-E0B576D06F30}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{441EF16C-6BDE-429A-94A2-6D2D8DE5E437}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{44272E77-B1EA-45AD-848A-52586EC60AD6}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{44663ED0-F447-4FE2-9FEA-204A4AE3CD07}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{45DE01C6-05C6-47F9-B2B2-AB4AF6CE407E}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{465722E2-1554-48C7-AF51-F88FA39212D1}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{46B33AAD-9602-4E70-98E1-18E435A7E1EB}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{46C73F46-95B1-4F6E-8455-A77D5AE1BE92}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{470F49C6-C064-47CD-89CA-38BA895D54ED}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{47726914-BA96-42AD-8444-D3B1D6C6B7BE}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{4788DB04-D845-4394-9A6E-D4714363A815}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{47B60EA0-D2A2-4D4A-98D1-8932C4330DBD}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{4829B810-497B-4E16-9DB1-6B6C83F5B215}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{487C932B-57B6-4B76-9E6C-AA18E796B603}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{494866DB-1A3E-4C2E-9EEE-291CAF58E0D9}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{498AF5E8-38B6-41FA-A4AF-FAC2F33F02C4}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{4A0AE3A8-0FB2-4C42-936A-3A4D373A3312}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{4B45BEF2-FD73-4F8F-B927-B17F280A7631}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{4B6866A1-EE5F-428B-B66D-D43A01EF60D3}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{4B706406-7304-4A07-83B6-15DAC51D2376}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{4B899DE5-26DA-400C-B337-D5F3FF67E388}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{4CC35839-C956-4461-95AE-1B70D1E5BD5C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{4DA41E50-B108-40D6-AD61-D515019C05D8}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{4DC4ADF1-2BC2-4947-B841-CAECC3E4784A}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{4DC6E7D1-BFA2-4E04-B8F2-5BE66133456F}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{4EC84239-E15B-4B77-B6AB-9059B66DB5F2}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{50ACA5CD-EAEE-49CB-B867-9C61EB00AB5D}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{515EAE75-4167-4599-9D03-A1A5458E0B89}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{51A2E4F1-1098-44ED-881E-C5A33427FC39}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{51B6568B-5D6C-45B5-8C73-B55CB2FF37E5}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{5276CE92-5557-4A7B-A5A7-80B6612E7101}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{528B29D2-8BFF-4055-8655-F378691593B5}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{52A7FBB8-BCB7-4990-B5E4-EDE438303867}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{52FBFCDF-44DF-4009-9112-F730958B7D88}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{53B054D7-A020-465F-8354-CC94E8E68D5D}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{53F8E1C1-E94B-4F2C-B8EA-C157807AAB15}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{54105833-79BD-4DBE-A39A-A4C2A005BA2C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{54197C5A-9BA2-4157-8BA7-5B2FECB6C732}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{54231646-2656-4EE3-97AF-F11E158E2A24}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{54573BF6-015E-4201-A07C-A069CEE6395E}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{549CF050-BE4E-4A62-9474-FC5AE3A7B342}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{55DE9EDD-F6AC-4F0D-8644-1C01AFEF4947}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{55F583E4-2083-4BF5-A3C1-B4DA1B099FB7}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{560EFB0C-DA3A-4ADD-AD3E-E0FAF0144A93}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{5678A8FE-CC3F-4BC3-A4EC-475A4D92B916}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{578DCF38-92A3-4A66-B4F9-763347808C1B}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{57C1AD2A-AA94-49F3-8B37-EB6E24179512}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{58136733-F400-49D4-BEAA-55A9BC75B179}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{594383B5-0019-4586-B956-4414AAAFF18E}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{59554110-66D6-4E48-B1EA-9E870036C057}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{5A1568E4-CBD6-4808-A471-4124ED9F460B}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{5AA7DF7E-944F-44BB-947D-894AF5E2E6CB}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{5B899607-64F2-40BC-843A-CFA5271CC729}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{5C6FFF37-DA10-492F-A384-BEAE8CA9BC9E}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{5C7F61E3-5E8A-4993-8E43-4088F297C455}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{5CD43822-1438-4217-B03C-07F5F647C9CD}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{5D4BDBF0-B3D9-40E8-821D-BBC789BB151A}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{5DB236D2-2C30-444C-AF6C-C1E3ADABB7BE}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{5DEA12CD-A733-4769-99A8-EA902FB0E3DD}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{5E87093E-17DA-442D-991A-EE6E0304A76F}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{5ED91FE8-7373-4FBD-BE0E-C622D4FC295A}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{5F3098D4-21F9-45CB-9B5F-A16C6D9A6D91}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{5F38B8BE-9849-4221-91F4-12B6874AF9E8}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{5FFC1101-8801-467F-9611-D70562E62567}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{600880E2-E29A-42EA-AB7B-969679152E15}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{604ED46F-693C-4B17-A7A0-6A9C136E1FC6}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{60D20920-A62C-4B39-82C5-DCD5FAB2DC2A}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{612B7277-8E03-45FB-8404-51F5829761D8}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{6234482F-417F-4F3D-9E71-B26B68E975E4}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{63D63D67-BFA5-4313-83F8-A7F5B48205B7}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{642C2699-8908-4EC4-8F09-87835E014B36}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{643CBB9F-690E-4FBA-910D-F595E371DAB3}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{65231165-7079-46AC-9146-A0AA85A172D3}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{657D558B-86AC-4808-AE68-6421F98CBEE7}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{65CE6ACE-0C8D-47C6-8ED1-30DD15F249B1}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{67223048-E403-4443-A3AD-F5A591E9C04C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{68338645-970D-4952-9AC1-6FCB72BA7DA6}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{687E9B23-B7DF-439C-870C-90F04238D653}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{689B18B4-DEBC-4388-8426-50F135D86054}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{68BC864A-9884-40B1-A3C4-D75DF9684F26}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{692562C6-E611-4A6A-91CC-A69571A39C09}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{6B41A829-FBE7-4325-829B-A8D6655EA067}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{6BDC18E1-A169-42A7-9774-271FCD46014B}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{6C1C4C0E-CEB6-4C4C-BEEB-320FA13E44F4}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{6C8236C3-DE28-48D7-99B1-4B84AD5CD76D}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{6D84AD92-AF22-4AF9-8499-360D24BBA1D3}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{6DAF109D-3E83-4B1A-809D-624D58128B7F}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{6E4A7043-F615-4015-B968-E86859EE2098}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{6EFD378D-83B2-43F7-8653-99B70917C4C6}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{6F01A978-488E-40BA-B5F5-996AEF769203}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{6F4514A8-D815-4DEB-B28F-0495F01A5B04}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{6F59435E-F231-4D35-99C3-1E192BBF5DD6}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{702DC728-369C-4362-B2A6-19A3D058D283}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{7034F6B0-BA39-4923-BFE3-FEF7BD19223E}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{7115EF6B-0D91-4BC7-82DF-B719449A943C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{7282EAC1-5876-4817-ACC4-EA54E42F849E}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{72AA0D1C-9F50-43B3-89B2-ADCBC2D2B8AE}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{73123DB1-8AD4-4626-90E7-26C1C10DFA5C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{743E8717-CC75-407D-A26F-813DCC7D09F3}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{74C971AD-2332-4F3D-AFE0-10F42A95DCBE}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{74E3F600-540A-4A59-8B82-C7DFECB15089}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{74F12C7A-5761-42F4-A5B6-4F35E046D694}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{75205733-A5BA-4BF2-9B2E-945D94507463}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{75359EE5-08A5-4007-9836-8001E233A94A}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{754507BB-7848-4C52-8DAB-DDEEA31E62D5}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{75C57D07-B311-47C7-9E2C-59D31449717A}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{764536C9-2319-42C5-B88A-4D4A2B3797AD}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{76CE155E-9AF0-4538-AA18-BF66CB27F927}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{772966C7-3B58-4CAB-B59F-9CBC7EF2EEF7}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{778C5DF3-77AA-419C-8A75-5E9C61DF7AD9}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{779E9D32-9EA7-4621-9583-3A6142B2EBDE}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{7883A568-C4FB-47E7-B5BA-11359BFF5744}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{7951982D-7941-46DC-BB1D-6C702F5E552A}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{7A7D9CC1-E396-4170-85EA-2EED4DDA1C89}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{7B3C7E9D-BBB5-4362-A48E-082ADEFBCA29}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{7C08EBE9-FA45-491B-A106-3003ED8FBFD0}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{7C13B080-839C-4EB1-A7BE-AFE422F980A2}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{7C27FF5C-7FBB-4FDD-A87B-CE815101AE7C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{7C62812B-DB83-4981-B88A-1C73709503F1}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{7D82E2BD-24C1-4786-B9E4-C1D8DDCF9470}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{7E134E4E-0635-48DB-B2AC-CA68BFA9518E}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{7EE92AD7-3029-4BBF-94D9-111C2D99A37D}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{7FB5D473-AEBF-494C-BF1B-6DA62EA9F7C5}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{8008BD15-807E-4393-A7A5-2AA4CC93FC5F}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{80BAE562-8AF5-4106-AE8B-38BE4CD44DDC}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{821BBB62-671F-462C-973F-C426B5D84E6B}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{82A1885F-FACD-4D24-B398-209F9BBDD658}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{8349E08B-318E-40F1-98D8-5CEE1D58C487}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{85980B73-1866-4B83-A5A3-318E95A8DAA0}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{85C6CBEA-6223-42BF-90C2-2CDC4B23C8ED}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{85DB5711-DA48-40D8-81BF-D67B0FC2A43C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{86208EA3-4584-4CC9-B4D5-EC0EFA09F8EE}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{865EE1A0-39E4-4D7F-BED0-603BB524AC76}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{86A4B1CC-CB98-4D2D-8ABE-2753259C2569}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{86D50CBD-C184-470C-B723-610ADE369F6E}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{86EE53D1-37A9-4D5F-9C69-4A42FFF2EFBB}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{86F13A71-4D60-4B57-851F-13536BB38B5A}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{873049DA-E83C-4913-9F56-713077328632}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{8827A943-9BF9-4506-A5F3-9FF818C04134}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{88F7D45C-A508-44F1-ACA4-D203FFDD99B3}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{8952A081-C825-4B4A-94CA-03236A90B0B4}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{8AC2B4FE-C38D-4748-A797-F2042988A8F5}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{8BAA7D18-636C-4125-9115-48AC70E3EA09}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{8BF2DFB1-AA2D-4A6F-984C-EF281A7F7608}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{8C28C6E3-D79D-40EC-8F84-76061EE5C300}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{8C49CE41-7E75-4C08-8CFA-B5850B3E8593}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{8C4E458F-9D84-479C-8199-996202858D3C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{8CB19E61-7BFC-4DD6-9971-67696996C5B5}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{8DDABD82-5F0A-4B8B-841E-931E13DECBE8}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{8DE9D6B9-CE43-4858-B95B-49E344702A62}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{8E5FE9E7-72B7-46FC-BFFF-4A20037673DE}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{8F685BB1-6FCE-46BD-B9CB-F631E1E7D953}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{8FE5C790-72A2-4E82-9BC6-3A2D13484D0B}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{9096B267-7C63-43BE-A1D5-8ADD9DDD9B25}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{91962828-9DBE-4AB3-BEB1-2A276D38FF8D}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{9233108B-0388-4A3F-B866-5BC7BAEA0C23}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{9317E7B3-7B39-4E85-A3DD-A3FBB6FB5778}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{9339D4FF-5F7C-43F8-8247-882170DA35C3}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{93983640-F4B9-4F9C-86F1-BEB3D4D48462}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{93ADCAC3-5C80-420A-97FF-95771528274B}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{93D10C9C-91E6-421E-A361-C0D90E75B0CD}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{94003ADD-6B4A-41D1-8E32-EDD6E4C25752}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{9444E6D1-3B92-4DF2-851A-2410E9254344}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{9454AC03-7DF5-4F7A-8135-2F4590AE1A40}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{9516796B-825F-4B62-8D41-46704CE42517}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{95433345-961E-4A0F-A26A-39089B92BB9C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{957BCBA9-5EA4-450D-A9E7-848151796F7E}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{95E46655-1782-4B37-A1C4-5BF9869D2339}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{96397E6B-5B89-41BC-A863-804B5A0D5928}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{9778B0EE-3045-4C7A-8A8B-82868268E755}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{97DF5EBE-304C-4E78-BCA8-42F9F92A049A}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{993972E0-9E61-4D2B-BBF5-9264DCDC21CA}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{999851BD-2A8D-43EA-959C-86448682262C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{99D75B9E-C458-4818-94DA-BC025D0BD68A}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{9A135F78-BCDA-4643-B8A9-693A54FCAEC8}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{9A3CA4E3-A903-4F58-8114-D51A20A4D500}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{9AEC89EB-0BC2-443C-98E1-DAEF384F6210}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{9B6F5BEF-27D2-438F-9986-3D05E86104CA}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{9BC30CBC-2E50-40F4-B402-757251F1ADD7}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{9C56B622-7D5E-4629-B89D-D8C76B5D92A3}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{9E183F5B-B38E-4445-96A3-1A4B5E0F5806}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{9EBBF58F-6000-4FD5-AC91-2DBD29180D3B}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{9F45FE13-3349-4F1C-BE99-0B9B644BA63F}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{A08C764F-C98C-4F22-A7A6-E9060D5452DE}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{A0D91EEF-82EE-4D9F-8E5B-09E4222D3F63}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{A10DBFA3-DBEC-41D2-B300-7707A4FF8DDE}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{A1702505-4672-41C9-BDE1-6A0FDB728DA1}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{A1AACAF6-BF09-4F42-A24A-D7A879EB1F0D}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{A2920B72-A4BE-4CE9-B811-CD17FE4FBE14}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{A34842E9-885B-4AC1-A266-CB2A7EB40FC1}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{A4C322F6-4A4F-4584-980F-0C30CFEBF438}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{A59B23A1-DA70-4121-BA73-C644151E47D9}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{A59BF108-F745-40A6-B78A-EA40B51B3511}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{A6BA189F-B131-472B-A555-898B78A04B46}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{A728B41C-40B3-4602-9BCA-28ABDC665B00}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{A7374616-42BA-4304-945D-815EDE13585C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{A80A37F7-FBDE-47E7-A0BF-B449FD1581BE}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{A8CB9E28-A157-461F-A3F1-58663A193C88}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{A98D8E04-235B-4ABC-ACBB-9A539FBEAECA}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{AA0A8DB5-70BC-457E-8257-72E90FE5A517}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{AA3FA3A3-AA2C-40B1-B2AC-7692301652CA}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{AA425A2A-E172-40E8-AFDA-718BBE318D17}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{AA4D0BE4-AB48-439A-87F3-F29485249B15}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{AA52D386-5C7A-4BE2-8C34-75F02814BED4}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{AAACBC11-3335-454A-8B32-418A38478FD0}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{AAD86037-005A-4B90-92E9-13A365C14B81}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{AB4E598A-8D0A-4E4D-A890-6973B08AEE21}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{ABEC0D00-0492-4FD4-A481-1217739C2A98}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{AD0649B8-A45F-489A-8177-A36DE7BD005D}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{ADD17BD5-8E94-4DE1-AF73-5D317F15E085}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{AE11482A-9621-4B35-A060-C6BB79591F0C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{AE306A68-8531-4103-A88F-741F9AEAACE2}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{AE631C56-B8EE-4A4F-8194-E08310FF09BF}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{AE865305-DA29-40BE-8517-63D8AD58E4E9}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{AF047184-E279-423D-A700-86FD29285232}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{AFE9FB65-E84F-4CE8-860F-C3B39BB57CC3}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{B0C2F867-7F65-4712-AA7E-036E7C4A69EE}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{B0F4176F-349D-4A8D-97B4-6AE5F0E65684}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{B0F5C26F-DB1B-442B-B0B1-769319520E8E}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{B1395156-8D5C-4090-AEB5-A7FA49ABAAC7}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{B1C4964D-DFE9-4DC0-8C58-F794471B6ABB}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{B21BE75C-E3E8-4F5B-92C6-39FAE61A7926}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{B23AEEB6-CAAC-4E74-AF55-1A3AB68BB146}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{B310AEF9-6734-404D-AF20-EAD95DF211C8}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{B33AA0BD-E2C0-4541-99FC-9C47EE7C52F5}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{B39EAD0B-DC86-4B32-A3FE-6B3B413382C4}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{B3FB1D8A-D827-401D-8993-8558189437D2}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{B4E4DCFD-4CA8-4F1E-A3E1-F4E4AED5CE92}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{B51F5B76-F980-4ED0-A2B2-C2E59D4DB5AA}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{B790FADB-CA96-4001-B925-816E8CDAC35C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{B81FE472-A545-40BF-845B-0154FB53621B}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{B89BFC6D-9873-426D-A8AD-1D458A3F36B6}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{B8D972D2-D9E5-46EF-9F0D-E609E2FA233C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{B8F01604-6F46-48DF-AB23-4A5D99769600}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{B90DA753-9A30-4E40-9B80-B15745AC5D56}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{B9546982-A1C9-4932-8A2C-E89AD96757E7}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{B971E25C-6978-4927-B18F-8A1117EE5041}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{BA1B21C2-68A4-4001-86E5-07F52E8B0454}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{BA1B71E5-3BB2-47B5-85D6-9A604563261E}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{BA7AA112-1F48-4F63-8983-9EE16C005C1A}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{BB8D005A-52EB-4DF8-A17E-EFAE54921F40}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{BBE11989-1CE2-498E-8B9C-A36876B36C0A}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{BC9DC556-7588-439C-9D52-223B7DF34D33}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{BD091910-5C2D-4D7D-BEF1-0F927DD48051}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{BDF6DCBA-9CBE-49EC-B660-35CE728A5566}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{BEDDEB7E-0021-46B2-8356-6074F394B4DA}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{BF13371D-91C6-4DC2-93D4-E6CA727F9D81}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{C0A61175-1094-4FD2-B8C2-2C27BA15ACAC}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{C0C7808F-08AA-4D45-9D09-75D2915E1494}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{C0FF307B-F755-4496-9FCA-114B477B7FB5}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{C1A84737-A441-4A0E-A4B3-227CC6943C46}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{C44AA366-B3EE-4F62-A636-89D2E77294EB}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{C454A7AA-85CB-45A2-9DFB-BC1A6DFE1FE7}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{C4883CD2-9FC5-4CF2-8FAD-A08F07134C9F}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{C530C057-19FF-4C29-8887-82113B899C01}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{C5369691-7EC0-4820-B915-7EB31124F8E1}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{C683F68B-C3C4-4E94-850E-9186396FE66C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{C7787104-830E-431E-B18D-67B92088D056}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{C7B9AC82-597A-463A-A470-A48525350E01}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{C7F71665-1EDF-439F-9780-7AF9E6BD0C67}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{C9A849AC-9E83-4D75-AD39-65B72153E127}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{C9BF4564-084F-47CB-86A8-B60DCF772B01}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{C9C2DE5D-50F9-40A2-8BB1-E0A30149223D}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{CA19FE93-DB13-43EA-B8E8-D594FEB0737C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{CAD9E571-28B7-45B5-A367-2591F54B1A3D}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{CB281877-85AE-4A2C-A33C-B88592E74074}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{CC11595E-E183-4712-BCF6-A5800200C52D}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{CCF9D138-83A6-4CBC-87F1-FCB1A617F272}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{CD750E94-8EA9-45D0-A6CB-3EACBE58C3F5}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{CD7BE336-0BCB-40FA-9EB4-05880A679BAE}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{CDCCB880-2E66-4558-A572-3C054A1CEE2C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{CE24A9A2-56CC-4E1C-8182-6BE1889B8765}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{CE25F10A-DA19-47E5-A7F8-0C4169D1647C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{CEADD57C-7172-41A3-9ED3-BD2A702452AB}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{CED50F49-95C3-4008-8285-CC22F152A197}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{CEE47D8B-1E52-44CA-964F-B45A1070FEDE}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{CF2E4663-B9BA-43C1-A57B-03348D6E56C7}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{CFA1C578-9BDF-46B3-984B-DCF3474BAE50}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{CFC15C3F-2438-4A79-9572-CB2EB2C4B13B}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{CFDCEC67-2E50-4271-836F-3E93E17950DA}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{D00237AD-B21B-4F18-9E48-6F8588D537DE}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{D05C079D-8CBB-46E0-AD9A-29911C8E6365}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{D27EC60F-5FDE-4E59-98D5-A3BF1E36EC1E}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{D2B9FF5D-D0E4-40BE-BA8B-9B16B0965267}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{D2CA003B-4C84-44F7-BCA6-8635F166C9D6}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{D342AACE-0A32-4D03-83E6-ECC08757FB46}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{D4012F5A-CD8F-4AA4-8132-031F54E4CE03}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{D462C43B-FD2E-4722-8955-55BCABCAE328}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{D4659767-7CB9-4E2B-8A39-31FB24B7D2D1}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{D5D4700B-97DF-4BEA-81BC-6899C69DB223}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{D6077981-A5E8-442D-B300-25DC20398DB8}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{D74B8D96-8D93-4DE2-A3FD-8F50FCDE5AC9}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{D87591BA-9409-4DC5-9E13-4BAB052F759F}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{D8970ABF-0F87-448C-B7D0-360D5DB01EB5}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{D8A728EF-B241-45F3-B86A-614D40F0D0F7}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{D8D2E343-CA25-4661-91D6-2D5943027F5B}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{D8DDB4B1-8CA4-48AC-A614-555F5F679ACB}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{D9A89349-C42A-46AD-90A4-C4BE430E95C2}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{D9F00A2E-8EB9-48C4-932E-7DB6810968AD}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{DB5D7249-E720-4430-B46C-DB8C8FD9C3AD}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{DBD75D39-5CD3-44C4-AE2B-144D8E3ACBF5}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{DD246146-FB2A-42DA-9180-340DC5441A24}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{DE970363-E800-40B3-94C7-DA3C3608966C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{DF87B423-EB6F-4CE9-91DE-6D9156C7E3B3}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{E07BFBF5-DFC6-4ABA-AE47-6695977A3300}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{E1553D60-CC0F-479C-93A6-47D2A3D4967B}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{E200C052-A781-4F45-AADC-5A4C150AB66E}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{E2066F07-8B77-472E-BE7F-1C699CC9406C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{E21F3898-482E-4F4C-8123-ECE08DAC5695}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{E26C57D2-2480-4714-8CF2-C51344739492}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{E28E985A-58B0-4FFB-AE7B-750884BDFC9A}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{E3C2C0D4-539C-4854-AE64-97BAE85AE7A9}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{E3C90DB5-3877-4D8A-A73D-CF82520D1F61}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{E4FE398A-4E3B-4820-9D34-E8A994F1CA1C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{E5017ADF-A167-40FD-802B-EAB99E09DB68}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{E50C5F76-8A4C-4CB6-A504-331C949B86D2}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{E54FFB43-9F1F-4B87-A4BC-8673F015955B}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{E5F2B546-02E6-4781-A75F-208027DF5B42}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{E62B892C-B983-474A-964B-A6930648DAC2}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{E69228E6-7E05-4638-9620-D3E301740938}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{E71DBA99-31AA-4FDB-86CC-40F5E58D31D7}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{E7285F59-3C29-4DBF-8A6A-BBFC34EFD021}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{E801C998-33C4-4292-BD32-E0EFC95793CC}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{E88F5FD4-F542-4AFB-BBED-98E591A34E6D}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{E8E02BD6-177C-4E45-B938-DE3C9F9761A2}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{E9D14A1C-3D4F-4F4A-BA15-E5484BC4A8C8}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{EAC91E6F-5A9A-478B-8E6E-1FD505110F70}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{EAF9B8C4-6029-48E5-A927-02D09BAF9C7B}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{EB3FF10D-A236-4AD5-B133-43EF84ABCD56}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{EBD1D512-D018-4F5D-8B66-155DE2DA3A8C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{EC945F48-C6DE-4624-A164-9FDC634523CE}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{EF9271B5-6C80-4D0D-B75D-EE5CDFA0CFEC}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{F05F12BE-56A2-4A50-BCD5-F5451A5A013A}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{F1BAEB58-B83F-4FCD-9F41-46EFB28D8347}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{F1BC20C3-B5CC-4AF7-AB35-4034082BE3E5}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{F2DE7D87-E164-4B3C-8B91-465916B1DD25}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{F3A8F0F8-D010-4667-9A31-76027F42622C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{F8FC2413-ED0E-478B-BD4A-69F063C906BB}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{F988C4C4-76FE-4C6D-A5DA-D13FD9CA54AF}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{F9F1B5C0-9DA7-4B30-A4A3-7A17230BCA8D}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{FA30C38E-1E81-44D6-B4E7-3E56470B7BB9}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{FAD241C1-132D-4188-8432-F1FE790C91F6}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{FADD11AB-887E-4E39-B246-8A4313A95E28}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{FADF2675-A4E3-4C47-9192-AEA3A98EC3E8}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{FB9D2F4E-7F64-4602-902F-0B30F005A0F1}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{FBC4393A-CE02-4402-8387-EB4062C00AC4}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{FC2A5312-4C3B-411A-8406-B5C90575B046}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{FCCE66B7-9A05-4DA6-A0FE-7B2692CFD89F}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{FD08661C-A40C-473C-B53B-333FD676EE36}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{FD679283-8F25-4B9A-9200-309C466950F0}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{FD7C3D9A-C0C1-47EC-A8F8-18F11A3D523C}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{FD98585B-7CA0-4077-BE83-5874FC3D96E3}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{FDE59D49-41B2-41C7-ABFF-880729B0CDD8}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{FE085F7B-CC40-4EA8-A8F1-2F769109F7F2}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{FE412443-79D8-43E1-9621-4DE6D52B64BF}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{FF143FBA-AC40-4AAC-BAB9-604D8C0FB622}
Successfully deleted: [Empty Folder] C:\Users\oly\appdata\local\{FFC832DA-00D0-42D4-82EE-4E226FC0F62D}
 
 
 
~~~ FireFox
 
Successfully deleted: [File] C:\user.js
Successfully deleted: [File] C:\Users\oly\AppData\Roaming\mozilla\firefox\profiles\2nh8bp3j.default\user.js
Successfully deleted: [File] C:\Users\oly\AppData\Roaming\mozilla\firefox\profiles\2nh8bp3j.default\searchplugins\mysearchdial.xml
Successfully deleted: [Folder] C:\Users\oly\AppData\Roaming\mozilla\firefox\profiles\2nh8bp3j.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
 
 
 
~~~ Chrome
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ’« 07/05/2014 at 22:10:18,84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
I got the error of Bad Image once more while I was doing the procedure, although it did not appear the previous days
 
Thanks again for your help,
mpias


#14 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,285 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:12:10 AM

Posted 08 May 2014 - 06:26 AM

Hello,

 

Can you please download the latest version of FRST from the link above and run a new scan then post the log?

 

Also please run the following tools for me:

 

 

STEP 1

 

 

Please download Malwarebytes Anti-Malware to your desktop.
 

  • Double-click mbam-setup-2.0.1.1004.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Settings tab > Detection and Protection subtab, Detection Options, tick the box 'Scan for rootkits'.
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • With some infections, you may see this message box.
    • 'Could not load DDA driver'
  • Click 'Yes' to this message, to allow the driver to load after a restart.
  • Allow the computer to restart. Continue with the rest of these instructions.
  • When the scan is complete, click Apply Actions.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

 

STEP 2

 

 

1.Please download HitmanPro.

  • For 32-bit Operating System - dEMD6.gif.
  • This is the mirror - dEMD6.gif
  • For 64-bit Operating System - dEMD6.gif
  • This is the mirror - dEMD6.gif

2.Launch the program by double clicking on the 5vo5F.jpg icon. (Windows Vista/7 users right click on the HitmanPro icon and select run as administrator).

Note: If the program won't run please then open the program while holding down the left CTRL key until the program is loaded.

3.Click on the next button. You must agree with the terms of EULA. (if asked)

4.Check the box beside "No, I only want to perform a one-time scan to check this computer".

5.Click on the next button.

6.The program will start to scan the computer. The scan will typically take no more than 2-3 minutes.

7.When the scan is done click on drop-down menu of the found entries (if any) and choose - Apply to all => Ignore <= IMPORTANT!!!
 
8.Click on the next button.

9.Click on the "Save Log" button.

10.Save that file to your desktop and post the content of that file in your next reply.
 
Note: if there isn't a dropdown menu when the scan is done then please don't delete anything and close HitmanPro

Navigate to C:\ProgramData\HitmanPro\Logs open the report and copy and paste it to your next reply.

 

 

 

Regards,

Georgi


cXfZ4wS.png


#15 mpias

mpias
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 08 May 2014 - 12:28 PM

Hello,

 

The new FRST : 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-05-2014 02
Ran by oly (administrator) on OLY-PC on 08-05-2014 18:58:45
Running from C:\Users\oly\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\PLFSetI.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Google Inc.) C:\Users\oly\AppData\Local\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Users\oly\AppData\Local\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Google Inc.) C:\Users\oly\AppData\Local\Google\Update\GoogleUpdate.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323072 2009-07-23] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-29] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2009-12-30] ()
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-10-01] (Acer Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-09-25] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1100368 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-29] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-11-13] (Acer Corp.)
HKLM-x32\...\Run: [PSNUpd] => C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\psnupd.exe [152896 2010-07-14] (Panda Security, S.L.)
HKLM-x32\...\Run: [Upg_to_1_3] => C:\ProgramData\Upg_1.0.x_1.3.0\PsUnSetupLauncher.exe [275776 2010-12-16] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [295072 2013-02-20] (RealNetworks, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKU\S-1-5-21-2489540118-3917051639-1185735652-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-2489540118-3917051639-1185735652-1001\...\Run: [Google Update] => C:\Users\oly\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-18] (Google Inc.)
HKU\S-1-5-21-2489540118-3917051639-1185735652-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKU\S-1-5-21-2489540118-3917051639-1185735652-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKU\S-1-5-21-2489540118-3917051639-1185735652-1001\...\Run: [com.apple.dav.bookmarks.daemon] => C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
HKU\S-1-5-21-2489540118-3917051639-1185735652-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1315144 2013-09-04] (Apple Inc.)
HKU\S-1-5-21-2489540118-3917051639-1185735652-1001\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2489540118-3917051639-1185735652-1001\...\MountPoints2: {a00e7b77-7485-11df-b7ed-00262d79aa34} - E:\LaunchU3.exe -a
HKU\S-1-5-21-2489540118-3917051639-1185735652-1001\...\MountPoints2: {be679925-d445-11e1-90be-9fc793fc0661} - F:\AutoRun.exe
HKU\S-1-5-21-2489540118-3917051639-1185735652-1001\...\MountPoints2: {fec5f097-ae30-11e2-85b1-c1c3448d5f6a} - E:\LaunchU3.exe -a
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
SearchScopes: HKCU - DefaultScope {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {C652D0FA-591D-445A-AD34-87B8F2E92BBD} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=827316&p={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
 
FireFox:
========
FF ProfilePath: C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wolfram.com/Mathematica - C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\oly\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\oly\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\oly\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\oly\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Users\oly\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\oly\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Zotero - C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\Extensions\zotero@chnm.gmu.edu [2012-04-28]
FF Extension: Zotero Word for Windows Integration - C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\Extensions\zoteroWinWordIntegration@zotero.org [2012-04-28]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-01-30]
FF Extension: Skype extension for Firefox - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-03-23]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-07-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-23]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} [2013-02-02]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-06-14]
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-02-20]
FF HKCU\...\Firefox\Extensions: [wcapturex@deskperience.com] - C:\Program Files (x86)\Dictionaries Explorer II\WCaptureMoz
 
==================== Services (Whitelisted) =================
 
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
 
==================== Drivers (Whitelisted) ====================
 
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [120832 2011-10-24] (TCT International Mobile Ltd)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-05-08 18:57 - 2014-05-08 18:58 - 00021760 _____ () C:\Users\oly\Desktop\FRST.txt
2014-05-08 18:57 - 2014-05-08 18:57 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\oly\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-08 18:56 - 2014-05-08 18:56 - 02063872 _____ (Farbar) C:\Users\oly\Desktop\FRST64.exe
2014-05-07 22:10 - 2014-05-07 22:10 - 00056318 _____ () C:\Users\oly\Desktop\JRT.txt
2014-05-07 22:02 - 2014-05-07 22:02 - 00000000 ____D () C:\Windows\ERUNT
2014-05-07 22:01 - 2014-05-07 22:01 - 01316991 _____ () C:\Users\oly\Downloads\AdwCleaner.exe
2014-05-07 21:59 - 2014-05-07 21:59 - 01016261 _____ (Thisisu) C:\Users\oly\Desktop\JRT.exe
2014-05-07 21:27 - 2014-05-07 21:28 - 00000000 ____D () C:\Users\oly\AppData\Roaming\DivX
2014-05-07 21:25 - 2014-05-07 21:50 - 00000000 ____D () C:\ProgramData\DivX
2014-05-07 21:25 - 2014-05-07 21:50 - 00000000 ____D () C:\Program Files (x86)\DSP-worx
2014-05-07 21:25 - 2014-05-07 21:25 - 00003216 _____ () C:\Windows\System32\Tasks\Digital Sites
2014-05-07 21:25 - 2014-05-07 21:25 - 00000284 _____ () C:\Windows\Tasks\Digital Sites.job
2014-05-07 21:25 - 2014-05-07 21:25 - 00000000 ____D () C:\Users\oly\AppData\Roaming\LavFilters
2014-05-07 21:25 - 2014-05-07 21:25 - 00000000 ____D () C:\Users\oly\AppData\Roaming\DigitalSites
2014-05-07 21:25 - 2014-05-07 21:25 - 00000000 ____D () C:\Users\oly\AppData\Roaming\CDXReader
2014-05-07 21:25 - 2014-05-07 21:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-05-07 21:25 - 2014-04-25 14:49 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2014-05-07 21:21 - 2014-05-07 21:21 - 00678888 _____ () C:\Users\oly\Desktop\UltimateCodec.exe
2014-05-07 21:11 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-07 21:10 - 2014-05-07 21:15 - 00000000 ____D () C:\AdwCleaner
2014-05-07 21:09 - 2014-05-07 21:09 - 01316991 _____ () C:\Users\oly\Desktop\AdwCleaner.exe
2014-05-07 17:57 - 2014-05-07 17:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 18:22 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-06 18:22 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-04 11:32 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-04 11:32 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-04 11:32 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-04 11:32 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-01 11:39 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-01 11:39 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-01 11:38 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-01 11:38 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-01 11:38 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-01 11:38 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-01 11:38 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-01 11:38 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-01 11:38 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-01 11:38 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-01 11:38 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-01 11:38 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-01 11:38 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-01 11:38 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-01 11:38 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-01 11:38 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-01 11:38 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-01 11:38 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-01 11:38 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-01 11:38 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-01 11:38 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-01 11:38 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-01 11:38 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-01 11:38 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-01 11:38 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-01 11:38 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-01 11:38 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-01 11:38 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-01 11:38 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-01 11:38 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-01 11:38 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-01 11:38 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-01 11:38 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-01 11:38 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-01 11:38 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-01 11:38 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-01 11:38 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-01 11:38 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-01 11:38 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-01 11:38 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-01 11:38 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-01 11:38 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-01 11:38 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-01 11:38 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-24 21:31 - 2014-04-24 21:31 - 00000000 ____D () C:\Users\oly\Desktop\FRST-OlderVersion
2014-04-23 19:10 - 2014-05-08 18:58 - 00000000 ____D () C:\FRST
2014-04-17 14:41 - 2014-04-17 14:41 - 00000000 ____D () C:\Windows\Options
2014-04-15 20:07 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-15 20:07 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-15 20:07 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-15 20:07 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-15 20:07 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-15 20:07 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-15 20:07 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-15 20:07 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-15 20:07 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-15 20:07 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-15 20:07 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-15 20:07 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-15 20:07 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-15 20:07 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-15 20:07 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-15 20:07 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-15 20:06 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-14 23:30 - 2014-04-15 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-04-14 17:17 - 2014-04-15 19:51 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-14 17:17 - 2014-04-14 17:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-13 14:56 - 2014-04-13 14:56 - 00000000 ____D () C:\Users\oly\AppData\Roaming\AVAST Software
2014-04-13 13:58 - 2014-04-13 13:58 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-13 13:55 - 2014-04-13 13:56 - 00000000 ____D () C:\ProgramData\AVAST Software
 
==================== One Month Modified Files and Folders =======
 
2014-05-08 18:58 - 2014-05-08 18:57 - 00021760 _____ () C:\Users\oly\Desktop\FRST.txt
2014-05-08 18:58 - 2014-04-23 19:10 - 00000000 ____D () C:\FRST
2014-05-08 18:57 - 2014-05-08 18:57 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\oly\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-08 18:56 - 2014-05-08 18:56 - 02063872 _____ (Farbar) C:\Users\oly\Desktop\FRST64.exe
2014-05-08 18:54 - 2009-12-30 01:05 - 01186211 _____ () C:\Windows\WindowsUpdate.log
2014-05-08 18:52 - 2010-02-09 22:12 - 00001184 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-08 18:51 - 2013-02-26 06:02 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-08 18:51 - 2012-11-13 05:02 - 00001186 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2489540118-3917051639-1185735652-1001UA.job
2014-05-08 18:50 - 2012-11-13 05:02 - 00001134 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2489540118-3917051639-1185735652-1001Core.job
2014-05-07 22:10 - 2014-05-07 22:10 - 00056318 _____ () C:\Users\oly\Desktop\JRT.txt
2014-05-07 22:02 - 2014-05-07 22:02 - 00000000 ____D () C:\Windows\ERUNT
2014-05-07 22:01 - 2014-05-07 22:01 - 01316991 _____ () C:\Users\oly\Downloads\AdwCleaner.exe
2014-05-07 21:59 - 2014-05-07 21:59 - 01016261 _____ (Thisisu) C:\Users\oly\Desktop\JRT.exe
2014-05-07 21:52 - 2010-02-09 22:12 - 00001180 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-07 21:50 - 2014-05-07 21:25 - 00000000 ____D () C:\ProgramData\DivX
2014-05-07 21:50 - 2014-05-07 21:25 - 00000000 ____D () C:\Program Files (x86)\DSP-worx
2014-05-07 21:28 - 2014-05-07 21:27 - 00000000 ____D () C:\Users\oly\AppData\Roaming\DivX
2014-05-07 21:26 - 2009-07-14 06:45 - 00017600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-07 21:26 - 2009-07-14 06:45 - 00017600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-07 21:25 - 2014-05-07 21:25 - 00003216 _____ () C:\Windows\System32\Tasks\Digital Sites
2014-05-07 21:25 - 2014-05-07 21:25 - 00000284 _____ () C:\Windows\Tasks\Digital Sites.job
2014-05-07 21:25 - 2014-05-07 21:25 - 00000000 ____D () C:\Users\oly\AppData\Roaming\LavFilters
2014-05-07 21:25 - 2014-05-07 21:25 - 00000000 ____D () C:\Users\oly\AppData\Roaming\DigitalSites
2014-05-07 21:25 - 2014-05-07 21:25 - 00000000 ____D () C:\Users\oly\AppData\Roaming\CDXReader
2014-05-07 21:25 - 2014-05-07 21:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-05-07 21:21 - 2014-05-07 21:21 - 00678888 _____ () C:\Users\oly\Desktop\UltimateCodec.exe
2014-05-07 21:18 - 2009-11-05 05:19 - 00950652 _____ () C:\Windows\PFRO.log
2014-05-07 21:18 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-07 21:18 - 2009-07-14 06:51 - 00118307 _____ () C:\Windows\setupact.log
2014-05-07 21:15 - 2014-05-07 21:10 - 00000000 ____D () C:\AdwCleaner
2014-05-07 21:09 - 2014-05-07 21:09 - 01316991 _____ () C:\Users\oly\Desktop\AdwCleaner.exe
2014-05-07 20:45 - 2010-03-23 02:02 - 00000000 ____D () C:\Users\oly\AppData\Roaming\Skype
2014-05-07 18:00 - 2012-11-13 05:02 - 00004152 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2489540118-3917051639-1185735652-1001UA
2014-05-07 18:00 - 2012-11-13 05:02 - 00003756 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2489540118-3917051639-1185735652-1001Core
2014-05-07 17:57 - 2014-05-07 17:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-02 22:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-02 17:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-30 23:29 - 2013-02-26 06:02 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-30 23:29 - 2013-02-26 06:02 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-30 23:29 - 2011-09-13 00:16 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-29 19:52 - 2011-05-19 10:05 - 00000000 ____D () C:\Users\oly\AppData\Roaming\Mozilla
2014-04-29 16:01 - 2014-05-04 11:32 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 15:40 - 2014-05-04 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 14:48 - 2014-05-04 11:32 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 14:34 - 2014-05-04 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-28 19:19 - 2012-11-30 23:42 - 00000000 ____D () C:\Users\oly\Desktop\PhD
2014-04-28 02:56 - 2010-05-22 14:35 - 00002193 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-25 14:49 - 2014-05-07 21:25 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2014-04-24 21:31 - 2014-04-24 21:31 - 00000000 ____D () C:\Users\oly\Desktop\FRST-OlderVersion
2014-04-18 14:05 - 2013-06-20 19:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-04-17 14:55 - 2009-11-05 02:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2014-04-17 14:55 - 2009-11-05 02:49 - 00000000 ____D () C:\Program Files (x86)\Acer
2014-04-17 14:51 - 2009-11-05 02:40 - 00000000 ____D () C:\Program Files (x86)\NewTech Infosystems
2014-04-17 14:45 - 2013-06-21 01:15 - 21757952 ____S () C:\Windows\system32\config\SYSTEM.CBT
2014-04-17 14:45 - 2009-11-05 02:49 - 00000000 ____D () C:\Program Files\Google
2014-04-17 14:45 - 2009-11-05 02:49 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-17 14:45 - 2009-07-14 06:45 - 00471920 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-17 14:41 - 2014-04-17 14:41 - 00000000 ____D () C:\Windows\Options
2014-04-17 14:38 - 2009-11-05 02:49 - 00000000 ____D () C:\ProgramData\Google
2014-04-17 14:35 - 2013-04-05 19:17 - 00000000 ____D () C:\Perl
2014-04-17 14:27 - 2010-09-09 13:02 - 00000000 ____D () C:\Users\oly\AppData\Roaming\BSplayer
2014-04-17 14:27 - 2010-09-09 13:02 - 00000000 ____D () C:\Program Files (x86)\Webteh
2014-04-17 14:26 - 2011-03-30 14:49 - 00000000 ____D () C:\Program Files (x86)\Apago
2014-04-17 14:22 - 2010-06-01 13:36 - 00002275 _____ () C:\Users\oly\AppData\Roaming\WWB7_32.DAT
2014-04-17 14:20 - 2010-02-09 20:53 - 00000000 ___RD () C:\Users\oly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-17 14:16 - 2012-07-25 20:52 - 00000000 ____D () C:\Program Files (x86)\COSMOTE
2014-04-17 14:16 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-17 10:42 - 2009-11-05 05:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-17 10:35 - 2013-08-20 08:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-17 10:33 - 2010-02-15 23:36 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-15 19:51 - 2014-04-14 23:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-04-15 19:51 - 2014-04-14 17:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-15 19:51 - 2014-02-11 00:17 - 00000000 ____D () C:\Users\oly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-04-15 19:51 - 2012-03-07 00:22 - 00000000 ____D () C:\Users\oly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-04-15 19:51 - 2011-09-25 13:58 - 00000000 ____D () C:\Users\oly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-15 19:51 - 2010-05-22 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-15 19:51 - 2010-02-09 20:53 - 00000000 ___RD () C:\Users\oly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-15 19:51 - 2010-02-09 20:52 - 00000000 ___RD () C:\Users\oly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-15 19:51 - 2010-02-09 20:52 - 00000000 ___RD () C:\Users\oly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-15 19:51 - 2010-02-09 20:52 - 00000000 ____D () C:\Users\oly
2014-04-15 19:51 - 2009-11-05 05:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-04-15 19:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2014-04-15 19:50 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-15 19:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-15 19:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-15 19:48 - 2010-11-01 01:25 - 00000000 ____D () C:\ProgramData\Real
2014-04-15 19:45 - 2013-06-20 18:58 - 00000000 __RHD () C:\MSOCache
2014-04-14 17:17 - 2014-04-14 17:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-14 04:24 - 2014-05-06 18:22 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-05-06 18:22 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-13 14:56 - 2014-04-13 14:56 - 00000000 ____D () C:\Users\oly\AppData\Roaming\AVAST Software
2014-04-13 13:58 - 2014-04-13 13:58 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-13 13:56 - 2014-04-13 13:55 - 00000000 ____D () C:\ProgramData\AVAST Software
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-04-29 23:15
 
==================== End Of Log ============================
 
I cannot run Malwarebytes because I had used it before contacting you and now it has expired. I tried to uninstall and install again, but doesn t work.
 
As for HitMap:
 
HitmanPro 3.7.9.216
www.hitmanpro.com
 
   Computer name . . . . : OLY-PC
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : oly-PC\oly
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free
 
   Scan date . . . . . . : 2014-05-08 19:08:05
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 11m 9s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
 
   Threats . . . . . . . : 5
   Traces  . . . . . . . : 137
 
   Objects scanned . . . : 1.772.441
   Files scanned . . . . : 55.976
   Remnants scanned  . . : 431.504 files / 1.284.961 keys
 
Suspicious files ____________________________________________________________
 
   C:\Windows\Temp\nsd2B66.tmp\nsisdt.dll
      Size . . . . . . . : 5.632 bytes
      Age  . . . . . . . : 813.7 days (2012-02-15 02:06:38)
      Entropy  . . . . . : 2.8
      SHA-256  . . . . . : 2261027077F23C8DBA6B72AF28862832AAA059740D0F5634B46CABB14326DD10
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
 
   C:\Windows\Temp\nsg2FA7.tmp\nsisdt.dll
      Size . . . . . . . : 5.632 bytes
      Age  . . . . . . . : 795.5 days (2012-03-04 06:07:33)
      Entropy  . . . . . : 2.8
      SHA-256  . . . . . : 2261027077F23C8DBA6B72AF28862832AAA059740D0F5634B46CABB14326DD10
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
 
   C:\Windows\Temp\nssC645.tmp\nsisdt.dll
      Size . . . . . . . : 5.632 bytes
      Age  . . . . . . . : 774.3 days (2012-03-25 12:12:15)
      Entropy  . . . . . : 2.8
      SHA-256  . . . . . : 2261027077F23C8DBA6B72AF28862832AAA059740D0F5634B46CABB14326DD10
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
 
 
Malware remnants ____________________________________________________________
 
   session/startup_urls[2]
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
   session/startup_urls[3]
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
   session/startup_urls[4]
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
   HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff\ (MySearchDial)
   HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\Start Page (Adware.MyWebSearch)
 
Potential Unwanted Programs _________________________________________________
 
   HKU\S-1-5-21-2489540118-3917051639-1185735652-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{2EECD738-5844-4A99-B4B6-146BF802613B} (Claro)
   HKU\S-1-5-21-2489540118-3917051639-1185735652-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{9D717F81-9148-4F12-8568-69135F087DB0} (SearchQU)
   HKU\S-1-5-21-2489540118-3917051639-1185735652-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4f12-8568-69135F087DB0},\ (SearchQU)
 
Cookies _____________________________________________________________________
 
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:247realmedia.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:2o7.net
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.ad-srv.net
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.adnet.de
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.auditude.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.dyntracker.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.dyntracker.de
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.mlnadvertising.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.movad.net
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.zanox.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.adk2.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.athensvoice.gr
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.atticamediagroup.gr
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.audience2media.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.creative-serving.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.e-go.gr
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.escinteractive.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.p161.net
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.smartstream.tv
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.stickyadstv.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.trafficjunky.net
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.travelaudience.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.yahoo.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserve.postrelease.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserver.airtickets.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:ar.atwola.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:atwola.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:collective-media.net
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:eas.apm.emediate.eu
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:emjcd.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:engine.phn.doublepimp.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:germanwings.112.2o7.net
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:img.mediaplex.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:in.getclicky.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:interclick.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:kontera.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:pcworldcommunication.122.2o7.net
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:questionmarket.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:raileurope4a.122.2o7.net
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:riverisland.122.2o7.net
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:secretsexservice.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:stats.e-go.gr
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:statse.webtrendslive.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:tacoda.at.atwola.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adcocktail.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adform.net
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.effiliation.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.tnm.de
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.zalando.de
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:tradedoubler.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:uk.at.atwola.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:wileypublishing.112.2o7.net
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:ww251.smartadserver.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.etracker.de
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.youporn.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:xiti.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:yadro.ru
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:youporn.com
   C:\Users\oly\AppData\Local\Google\Chrome\User Data\Default\Cookies:zedo.com
   C:\Users\oly\AppData\Roaming\Microsoft\Windows\Cookies\0COEENT7.txt
   C:\Users\oly\AppData\Roaming\Microsoft\Windows\Cookies\0JFXDWRS.txt
   C:\Users\oly\AppData\Roaming\Microsoft\Windows\Cookies\25R9N5PV.txt
   C:\Users\oly\AppData\Roaming\Microsoft\Windows\Cookies\2XM3UZO0.txt
   C:\Users\oly\AppData\Roaming\Microsoft\Windows\Cookies\3G4KFQFK.txt
   C:\Users\oly\AppData\Roaming\Microsoft\Windows\Cookies\7QOGY5Q7.txt
   C:\Users\oly\AppData\Roaming\Microsoft\Windows\Cookies\AFCZUVV7.txt
   C:\Users\oly\AppData\Roaming\Microsoft\Windows\Cookies\BEHIY2SU.txt
   C:\Users\oly\AppData\Roaming\Microsoft\Windows\Cookies\DO85VKSO.txt
   C:\Users\oly\AppData\Roaming\Microsoft\Windows\Cookies\GMCWAUUD.txt
   C:\Users\oly\AppData\Roaming\Microsoft\Windows\Cookies\JLDEMLST.txt
   C:\Users\oly\AppData\Roaming\Microsoft\Windows\Cookies\KRSKO0BM.txt
   C:\Users\oly\AppData\Roaming\Microsoft\Windows\Cookies\LYI0W7MU.txt
   C:\Users\oly\AppData\Roaming\Microsoft\Windows\Cookies\P6QQ02SN.txt
   C:\Users\oly\AppData\Roaming\Microsoft\Windows\Cookies\P9JNBTG7.txt
   C:\Users\oly\AppData\Roaming\Microsoft\Windows\Cookies\PLTG3KJ9.txt
   C:\Users\oly\AppData\Roaming\Microsoft\Windows\Cookies\Q2HSSMNR.txt
   C:\Users\oly\AppData\Roaming\Microsoft\Windows\Cookies\TSUOCRLE.txt
   C:\Users\oly\AppData\Roaming\Microsoft\Windows\Cookies\XTMIQQLG.txt
   C:\Users\oly\AppData\Roaming\Microsoft\Windows\Cookies\Z73GIKJC.txt
   C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\cookies.sqlite:2o7.net
   C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\cookies.sqlite:ad.yieldmanager.com
   C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\cookies.sqlite:ad.zanox.com
   C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\cookies.sqlite:ads.plos.org
   C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\cookies.sqlite:ads.pubmatic.com
   C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\cookies.sqlite:ads.yahoo.com
   C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\cookies.sqlite:adserver.airtickets.com
   C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\cookies.sqlite:advertising.com
   C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\cookies.sqlite:ahs2.adhostingsolutions.com
   C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\cookies.sqlite:apmebf.com
   C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\cookies.sqlite:at.atwola.com
   C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\cookies.sqlite:atdmt.com
   C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\cookies.sqlite:casalemedia.com
   C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\cookies.sqlite:doubleclick.net
   C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\cookies.sqlite:h.atdmt.com
   C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\cookies.sqlite:invitemedia.com
   C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\cookies.sqlite:kontera.com
   C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\cookies.sqlite:media6degrees.com
   C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\cookies.sqlite:mediaplex.com
   C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\cookies.sqlite:questionmarket.com
   C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\cookies.sqlite:ru4.com
   C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\cookies.sqlite:serving-sys.com
   C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\cookies.sqlite:statse.webtrendslive.com
   C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\cookies.sqlite:survey.g.doubleclick.net
   C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\cookies.sqlite:tribalfusion.com
   C:\Users\oly\AppData\Roaming\Mozilla\Firefox\Profiles\2nh8bp3j.default\cookies.sqlite:www.googleadservices.com
 
 
 
 
Thanks again :)

 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users