Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

explorer.exe


  • Please log in to reply
27 replies to this topic

#1 FRISC0

FRISC0

  • Members
  • 175 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:00 AM

Posted 23 June 2016 - 09:56 AM

Mod Edit: Moved to Am I Infected forum from Win7 ~~boopme

I'm fixing a friend's laptop. It's Windows 7. They've told me that they tried to upgrade it to Windows 10 but think they may have used a corrupted version and not from the Microsoft site (assumingly they didn't realise how stupid this is!)
 
Anyways, when loading the computer I get a blackscreen and have to use Taskmanager > New Task > explorer with Run as Administrator which seemly works fine.
 
I've run MalwareBytes and removed lots of rubbish that it detected. I need help making explorer load, the error code I'm getting is 0xC0000022, and I'm also having another issue that comes up stating that "there was a problem started werconcpl.dll, module could not be found" that pops up shortly after. I thought possibly updating to Windows 10 may fix the explorer issue but I can't seem to update it as it gets stuck at 99%. Lots of issues! :dance:
 
If I could fix these two issues, and update to Windows 10 before the free update expires in July, that'd be great. Any help is much appreciated :)
 
Thanks
Jamie
 
p.s. I'd also like to just say that it's currently updating to Windows 10 again (sorry, it automatically started doing it again) but I'm unsure if it will fail again. I will update soon as I'm aware.

Edited by boopme, 23 June 2016 - 10:06 AM.


BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,474 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:00 AM

Posted 23 June 2016 - 09:57 AM

Hi FRISC0 :)

My name is Aura and I'll be assisting you with your issue. Follow the instructions below please.

3Al62Pm.pngMiniToolBox
  • Download MiniToolBox and move the file to your Desktop;
  • Right-click on MiniToolBox.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Check the following options:
    • Flush DNS;
    • Report IE Proxy Settings;
    • Reset IE Proxy Settings;
    • Report FF Proxy Settings;
    • Reset FF Proxy Settings;
    • List content of Hosts;
    • List IP Configuration;
    • List Winsock Entries;
    • List Last 10 Event Viewer Errors;
    • List Installed Programs;
    • List Devices - Only Problems;
    • List Users, Partitions and Memory size;
      OQmAcqS.png
  • Once this is done, click on Go and wait for the scan to complete;
  • Once the scan is complete, a log will open. Please copy/paste the content of the output log in your next reply;
sUc2qjf.pngAutoruns - Start-up Entries
Follow the instructions below to give me an Autoruns log containing your start-up entries:
  • Download Autoruns.zip from the Sysinternals Suite webpage;
  • Extract the content of the Autoruns.zip folder where you want, then go in the folder, right-click on Autoruns.exe and select Run as Administrator;
  • Accept the EULA on opening, then wait for all the entries to load;
  • Click on File then Save and save the file to a location easily accessible as a .arn (Autoruns) file;
  • Upload the file on Dropbox, Google Drive, OneDrive or SendSpace (doesn't require an account) and post the download URL for it here;
Since you already ran Malwarebytes, I would like to see your previous Scan log. Open Malwarebytes and go under the History tab. From there, click on Application logs in the left pane.
ySPxAut.png
Click on the most recent (usually at the top) Scan log to open it. From there, click on the Export button and select the first option, Copy to Clipboard
gK0lXt3.png
Paste the content of your clipboard in your next reply.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 FRISC0

FRISC0
  • Topic Starter

  • Members
  • 175 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:00 AM

Posted 24 June 2016 - 02:42 AM

Hi there, sorry, my system updated to Windows 10 afterall (can't believe it actually worked!) Seems to of fixed the problems. I'd still like to check I'm not infected or anything, thanks!

 

EDIT: I'll do what you said above on the new system :)


Edited by FRISC0, 24 June 2016 - 02:53 AM.


#4 FRISC0

FRISC0
  • Topic Starter

  • Members
  • 175 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:00 AM

Posted 24 June 2016 - 03:26 AM

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Rebecca (administrator) on 24-06-2016 at 09:24:51
Running from "C:\Users\Rebecca\Desktop"
Microsoft Windows 10 Home  (X64)
Model: K53E Manufacturer: ASUSTeK Computer Inc.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
========================= IP Configuration: ================================
 
Intel® Centrino® Wireless-N 100 Driver = Wireless Network Connection (Connected)
Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.30) = Local Area Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global
set interface interface="Local Area Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wireless Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wireless Network Connection 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wireless Network Connection 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
add address name="Wireless Network Connection 3" address=192.168.16.2 mask=255.255.255.0
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Rebecca-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : home
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.30)
   Physical Address. . . . . . . . . : C8-60-00-03-08-7D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Local Area Connection* 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
   Physical Address. . . . . . . . . : 78-92-9C-7B-1C-3D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 100
   Physical Address. . . . . . . . . : 78-92-9C-7B-1C-3C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::9c43:792b:6237:4623%2(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.121(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 24 June 2016 09:05:20
   Lease Expires . . . . . . . . . . : 25 June 2016 09:05:19
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 309891740
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-7C-73-98-C8-60-00-03-08-7D
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.home:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:38fd:48b:2a85:9ecc(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::38fd:48b:2a85:9ecc%3(Preferred) 
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 402653184
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-7C-73-98-C8-60-00-03-08-7D
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  BThomehub.home
Address:  192.168.1.254
 
Name:    google.com
Addresses:  2a00:1450:4009:804::200e
 216.58.214.14
 
 
Pinging google.com [216.58.214.14] with 32 bytes of data:
Reply from 216.58.214.14: bytes=32 time=20ms TTL=54
Reply from 216.58.214.14: bytes=32 time=21ms TTL=54
 
Ping statistics for 216.58.214.14:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 20ms, Maximum = 21ms, Average = 20ms
Server:  BThomehub.home
Address:  192.168.1.254
 
Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
 2001:4998:c:a06::2:4008
 2001:4998:44:204::a7
 206.190.36.45
 98.139.183.24
 98.138.253.109
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=173ms TTL=49
Reply from 206.190.36.45: bytes=32 time=172ms TTL=49
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 172ms, Maximum = 173ms, Average = 172ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  6...c8 60 00 03 08 7d ......Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.30)
  7...78 92 9c 7b 1c 3d ......Microsoft Hosted Network Virtual Adapter
  2...78 92 9c 7b 1c 3c ......Intel® Centrino® Wireless-N 100
  1...........................Software Loopback Interface 1
  4...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
  3...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254    192.168.1.121     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.121    281
    192.168.1.121  255.255.255.255         On-link     192.168.1.121    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.121    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.121    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.121    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  3    306 ::/0                     On-link
  1    306 ::1/128                  On-link
  3    306 2001::/32                On-link
  3    306 2001:0:9d38:6abd:38fd:48b:2a85:9ecc/128
                                    On-link
  2    281 fe80::/64                On-link
  3    306 fe80::/64                On-link
  3    306 fe80::38fd:48b:2a85:9ecc/128
                                    On-link
  2    281 fe80::9c43:792b:6237:4623/128
                                    On-link
  1    306 ff00::/8                 On-link
  2    281 ff00::/8                 On-link
  3    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\NLAapi.dll [65024] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\napinsp.dll [55808] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23552] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (06/24/2016 09:24:06 AM) (Source: MsiInstaller) (User: Rebecca-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG -- Error 27054. CA_Error27054: SetupAction(0xE0010058): Installation failed.
 
Error: (06/24/2016 08:52:46 AM) (Source: Windows Search Service) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <30, 0x80040d07, "iehistory://{S-1-5-21-3618588334-3982874236-1658643227-1001}/">.
 
Error: (06/24/2016 08:10:56 AM) (Source: MsiInstaller) (User: Rebecca-PC)
Description: Product: Trend Micro Titanium -- Run the Setup program (setup.exe).
 
Error: (06/24/2016 08:04:44 AM) (Source: MsiInstaller) (User: Rebecca-PC)
Description: Product: Trend Micro Titanium -- Run the Setup program (setup.exe).
 
Error: (06/24/2016 08:00:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: Rebecca-PC)
Description: Activation of app Microsoft.WindowsStore_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (06/24/2016 07:55:50 AM) (Source: MsiInstaller) (User: Rebecca-PC)
Description: Product: Trend Micro Titanium -- Run the Setup program (setup.exe).
 
Error: (06/23/2016 08:25:03 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
Error: (06/23/2016 08:25:02 PM) (Source: Perflib) (User: )
Description: ASP.NET_2.0.50727
 
Error: (06/23/2016 08:25:02 PM) (Source: Perflib) (User: )
Description: ASP.NET_2.0.507278
 
Error: (06/23/2016 07:38:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Rebecca-PC)
Description: Activation of app Microsoft.WindowsMaps_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
 
System errors:
=============
Error: (06/24/2016 09:05:16 AM) (Source: Service Control Manager) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: 
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
 
Error: (06/24/2016 09:03:38 AM) (Source: DCOM) (User: Rebecca-PC)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (06/24/2016 09:03:38 AM) (Source: Service Control Manager) (User: )
Description: The Sync Host_7739d service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (06/24/2016 08:41:37 AM) (Source: Service Control Manager) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: 
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
 
Error: (06/24/2016 08:33:39 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: {7006698D-2974-4091-A424-85DD0B909E23}
 
Error: (06/24/2016 08:33:36 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800706be: English (United Kingdom) Language Pack - Windows 10 Version 1511 for x64-based Systems - (KB3109596) [en-GB_LP].
 
Error: (06/24/2016 08:33:32 AM) (Source: Service Control Manager) (User: )
Description: The User Data Access_33690f service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (06/24/2016 08:33:32 AM) (Source: Service Control Manager) (User: )
Description: The User Data Storage_33690f service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (06/24/2016 08:33:32 AM) (Source: Service Control Manager) (User: )
Description: The Contact Data_33690f service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (06/24/2016 08:33:32 AM) (Source: Service Control Manager) (User: )
Description: The Sync Host_33690f service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
 
Microsoft Office Sessions:
=========================
Error: (06/24/2016 09:24:06 AM) (Source: MsiInstaller)(User: Rebecca-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG -- Error 27054. CA_Error27054: SetupAction(0xE0010058): Installation failed.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (06/24/2016 08:52:46 AM) (Source: Windows Search Service)(User: )
Description: 300x80040d07iehistory://{S-1-5-21-3618588334-3982874236-1658643227-1001}/
 
Error: (06/24/2016 08:10:56 AM) (Source: MsiInstaller)(User: Rebecca-PC)
Description: Product: Trend Micro Titanium -- Run the Setup program (setup.exe).(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (06/24/2016 08:04:44 AM) (Source: MsiInstaller)(User: Rebecca-PC)
Description: Product: Trend Micro Titanium -- Run the Setup program (setup.exe).(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (06/24/2016 08:00:24 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: Rebecca-PC)
Description: Microsoft.WindowsStore_8wekyb3d8bbwe!App-2147023170
 
Error: (06/24/2016 07:55:50 AM) (Source: MsiInstaller)(User: Rebecca-PC)
Description: Product: Trend Micro Titanium -- Run the Setup program (setup.exe).(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (06/23/2016 08:25:03 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
Error: (06/23/2016 08:25:02 PM) (Source: Perflib)(User: )
Description: ASP.NET_2.0.50727
 
Error: (06/23/2016 08:25:02 PM) (Source: Perflib)(User: )
Description: ASP.NET_2.0.507278
 
Error: (06/23/2016 07:38:07 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: Rebecca-PC)
Description: Microsoft.WindowsMaps_8wekyb3d8bbwe!App-2144927148
 
 
CodeIntegrity Errors:
===================================
  Date: 2016-06-24 09:10:27.789
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-06-24 09:10:27.738
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-06-24 09:10:27.606
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-06-24 08:47:06.901
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-06-24 08:22:21.730
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-06-24 08:22:21.666
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-06-24 08:20:00.842
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-06-24 08:18:30.670
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-06-24 08:18:30.581
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-06-24 08:14:47.969
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
=========================== Installed Programs ============================
 
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.16) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.16 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\{4555BB9E-E715-4260-A178-E8EFD2B653E3}) (Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.2.0 - Asmedia Technology)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.24 - ASUS)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0013 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.28 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.2 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.50 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0037 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)
AsusScr_K3 Series_ENG (HKLM-x32\...\AsusScr_K3 Series_ENG) (Version: 1.0.0001 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0010 - ASUS)
AVG (HKLM\...\AvgZen) (Version: 1.61.2.12974 - AVG Technologies)
AVG 2012 (HKLM\...\{5E1AD7F6-922A-41F5-BC7E-2CD06243E3A2}) (Version: 12.0.3697 - AVG Technologies) Hidden
AVG 2012 (HKLM\...\{6B9CE44B-52D0-4B2F-BDFA-56FF4977A790}) (Version: 12.0.2195 - AVG Technologies) Hidden
AVG 2016 (HKLM\...\{35AB4656-4A73-4565-95AB-67AF597D768A}) (Version: 16.0.4604 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.81.7640 - AVG Technologies)
AVG Zen (HKLM\...\{96CBF71D-C368-4B02-88E3-BB5DD34E6873}) (Version: 1.61.9 - AVG Technologies) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bubbletown (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115065740}) (Version:  - Oberon Media)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
Deadtime Stories (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118716773}) (Version:  - Oberon Media)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
Dream Vacation Solitaire (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111249233}) (Version:  - Oberon Media)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farm Frenzy 3 - Madagascar (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119205603}) (Version:  - Oberon Media)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
FMW 1 (HKLM\...\{69851B81-35BF-4B1B-AE90-3B1D67DD8857}) (Version: 1.102.4 - AVG Technologies) Hidden
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Game Park Console (HKLM-x32\...\Game Park Console) (Version: 1.2.4.431 - Oberon Media Inc.)
Go Go Gourmet Chef of the Year (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115290153}) (Version:  - Oberon Media)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.30.3 - Google Inc.) Hidden
Intel PROSet Wireless (HKLM-x32\...\ProInst) (Version:  - ) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Mahjong Memoirs (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117948443}) (Version:  - Oberon Media)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.)
Plants vs Zombies (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}) (Version:  - Oberon Media)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6304 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.103 - Skype Technologies S.A.)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.00.0000 - Virage Logic, Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.6.0 - Synaptics Incorporated)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.42.130 - Electronic Arts)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
Turbo Fiesta (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}) (Version:  - Oberon Media)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Phone app for desktop (HKLM-x32\...\{E786AE85-8A30-4CF2-BF70-57404A5CD684}) (Version: 1.0.1720.1 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.32.3 - ASUS)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.25 - ASUS)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 59%
Total physical RAM: 3873.14 MB
Available physical RAM: 1580.4 MB
Total Virtual: 7841.14 MB
Available Virtual: 5579.03 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:185.87 GB) (Free:80.56 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:254.46 GB) (Free:254.25 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\REBECCA-PC
 
Administrator            DefaultAccount           Guest                    
Rebecca                  
 
 
**** End of log ****
 
 
 
 
 
and sorry again, I removed Malwarebytes previously :(
I know it kept coming up with Conduit search (which I removed) and something called RegCurePro and produtools which Malwarebytes killed.
 
Hope this helps, thanks again!

Edited by FRISC0, 24 June 2016 - 03:34 AM.


#5 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,474 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:00 AM

Posted 24 June 2016 - 12:14 PM

Uninstall the following programs please:
  • Adobe Flash Player 10 Plugin - Outdated;
  • AVG - There's some 2012 packages for it installed, I want to see if uninstalling it will get rid of them, and you can reinstall it after when I tell you to;
  • Visual Studio 2008 x64 Redistributables - From AVG
  • Visual Studio 2012 x64 Redistributables - From AVG
  • Visual Studio 2012 x86 Redistributables - From AVG
It seems like the Autoruns file is corrupt, can you follow the instructions for it again? :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#6 FRISC0

FRISC0
  • Topic Starter

  • Members
  • 175 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:00 AM

Posted 25 June 2016 - 05:10 AM

Uninstalled everything as requested :)

 

AVG broke in the process unfortunately saying a .dll is missing "MSVCR110.dll"

 

 

https://www.sendspace.com/file/7u0vqj


Edited by FRISC0, 25 June 2016 - 05:13 AM.


#7 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,474 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:00 AM

Posted 25 June 2016 - 08:31 AM

Alright, now open Autoruns again and delete the entries listed below in the screenshots (to delete an entry, simply right-click on it and select Delete).

l6CR5qP.png

JiiM0dm.png

lT2UXDJ.png

You can download and run the AVG Remover tool to clean up the remnants AVG left behind. Once done, follow the instructions below please.

Follow the instructions below please.

iT103hr.pngJunkware Removal Tool (JRT)
  • Download Junkware Removal Tool (JRT) and move it to your Desktop;
  • Right-click on JRT.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Press on any key to launch the scan and let it complete;
    tLsXbWy.png
    Credits : BleepingComputer.com
  • Once the scan is complete, a log will open. Please copy/paste the content of the output log in your next reply;
zcMPezJ.pngAdwCleaner - Fix Mode
  • Download AdwCleaner and move it to your Desktop;
  • Right-click on AdwCleaner.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Accept the EULA (I accept), let the database update, then click on Scan;
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Cleaning button. This will kill all the active processes;
    CfdTLN1.png
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it;
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#8 RolandJS

RolandJS

  • Members
  • 4,478 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:03:00 AM

Posted 25 June 2016 - 08:58 AM

  • "...Visual Studio 2008 x64 Redistributables, Visual Studio 2012 x64 Redistributables, Visual Studio 2012 x86 Redistributables - From AVG"  -- Aura.   Thanks Aura!  I'm removing same from my three computers this week!

"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)

"I heard Spock finally got colander!"  "I believe the word is Kolinahr."  "Oh."


#9 FRISC0

FRISC0
  • Topic Starter

  • Members
  • 175 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:00 AM

Posted 26 June 2016 - 06:12 AM

Autoruns - Done!

AVG - Done!

JRT:

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 10 Home x64 
Ran by Rebecca (Administrator) on 26/06/2016 at 12:01:56.98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 352 
 
Successfully deleted: C:\ProgramData\avg security toolbar (Folder) 
Successfully deleted: C:\ProgramData\paretologic\regcure pro (Folder) 
Successfully deleted: C:\Users\Rebecca\AppData\Local\{003A2448-F7B5-4759-B6B5-5AE80E14F091} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{012FCC5A-35C8-41DB-A361-EBDA402F4B4F} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{01F7E4EF-B7FA-44C5-8373-8FA0DE6C9A93} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{0434E447-0634-4C65-AD82-99952DFE8A99} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{048BDC45-0B73-4E20-9D75-4F98FEBF6C55} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{04B9D723-83BB-4D0C-AB30-E119E04DA6B7} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{05CBA320-BD60-4F34-9448-591234F465AD} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{05F0DE0D-AF97-4998-8D4B-A47068395F19} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{061129A9-5843-41DB-8F36-A6258DD96248} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{06BDC889-3E85-4E71-915D-F7C5A3A29924} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{077C7684-9FFC-40D2-B6C4-4C208217217B} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{0839DC24-BA97-41B7-BFEE-64E9582EAC15} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{091D6138-6053-433E-9EF9-6B361B25F2E6} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{099E5030-5D0C-473D-9439-F2D7818DF914} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{09EF2CB9-6AEB-40FE-932F-3D03CCEF5213} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{0A8F49C2-D600-458C-BE4F-8FADA866F586} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{0B0E06D9-0C56-4022-8496-168BC21D976D} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{0D4452D8-5609-45F7-8679-A5D8832EA410} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{0D6358E6-3232-4D8D-9755-8FA6EF184660} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{0E1B0F04-E61D-412A-BBC9-A511DC9FD54B} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{0E764D06-956D-4DE0-8D27-C319BCB659B1} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{0E9688BF-B50E-4425-B9FA-55091D779E6C} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{0F59B0C0-8201-4C96-80F9-CD851B434D3A} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{109D4403-90E8-4516-8BF6-38F571B30C9F} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{112A48E6-3D3F-44BD-8E96-A0549378F024} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{11572043-383D-456F-90DA-78CBB2106F73} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{1181E74B-5413-412C-950B-B54A52141D0E} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{12798E1F-9BD6-47DB-A51A-A38136C047C7} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{1290FA0B-9661-44FA-867B-8DA49357CEAE} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{129261AD-05D1-4576-8DA7-CEF4CFEC96CA} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{133C2BD0-6F71-4032-979D-E41954A0509E} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{13C98655-F9A6-4B2C-AAAD-E8DA0444D29E} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{14BFDCBD-5CB3-4EBA-9584-E81DDB64CDC6} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{152EDFBD-0CF3-4CBE-9D03-CD2517848E74} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{15374EB5-0627-481B-A6BC-159EFF124799} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{15AE8F66-BC7E-4EB1-BE99-5554FAACB181} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{1716A20F-23E7-457B-9CC5-2CA8F193CCE3} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{18D977D3-BF65-4DDE-8E48-0217060DC128} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{1B4564B3-5DA6-46A9-A68D-E2B5346A7AD5} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{1C4A2485-8A7A-420C-956C-AF26D686E439} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{1D8A595F-458E-4672-9B4E-8C3915138EEC} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{1E1F2FD3-1074-42F5-A042-4A2C0C1239CF} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{1E2FE1A6-1C2F-46CB-B230-994506CFE16F} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{1E321BCB-C263-4671-B9A3-939F78001418} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{1EC4318F-E89D-46A7-8A92-F2D0C3DF6884} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{1FF646EB-5053-4609-9570-5A237D577E87} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{202B2E51-4077-4B1E-9444-D85D0F2D9398} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{203D091F-2B36-4310-86A0-D0F258926A90} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{205DB480-95D5-4181-9C09-3E1406C2206F} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{20B61826-FDE3-4EF0-B092-5C1CB4F91D23} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{20FA3BB4-E3C4-4DCF-B669-60FDCA0871B9} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{229B5F9E-6F00-41DC-A1AE-B6F9FF6E3DD0} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{22F05FEF-259D-47E2-BDA4-CEBC9A4DFDFA} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{23D3E041-E535-47F9-9F5D-52534DFF1FFF} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{2462A2E1-4E7A-41A4-BC10-3DA3C62395E3} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{247C6C01-D075-4261-ADF5-F793A0F81003} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{25EF5E85-95BE-42E3-80CF-658B411F813F} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{26A1C31F-5E07-4378-B04F-DD6218259772} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{27849FFC-865B-4E66-8320-FD0C5884126C} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{2788A48A-70D3-42AC-822D-9A084B641D57} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{28589BB4-6B75-4CAA-9177-713050C141BF} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{28C97339-A252-4F1E-8587-8EEF4BFC0E3D} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{2A7D1D19-1AAA-417B-B297-33B6BDBF3D14} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{2B136292-FC59-41F5-82A4-3DDD96AD95DF} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{2B8CF8AB-1ABA-4D0A-A7CC-47EB7F4ECF85} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{2B8DFC1F-6469-465B-96B4-56205AA74F39} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{2C74FADB-6960-4769-8425-DD684DE95B40} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{2CB281EF-E048-409D-9EA3-64C6F1392246} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{2CEA0A39-B1D3-4FCF-BE67-2C02412CD8EA} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{2CEFBD26-5F2F-4580-95C2-A17ABBF30D58} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{2EA463C0-D0A5-4EE6-8DFF-2A33C96731F0} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{2EC0F753-9E9B-4851-A1B4-ED58E0BE0DBC} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{2F52AC55-E9D2-40D8-8DE8-A646C5981B54} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{2FABE698-5793-4BA9-8BBA-E9DE452E31E8} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{2FF3532D-E5BB-401B-B028-F89B414E0AB2} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{30913824-D9C9-4D91-8839-DB0F86078F2A} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{30FA00B8-0898-4F0B-BB7A-0CC3F870E95B} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{316089ED-2F5C-4602-8428-D2ECD2524E74} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{31674038-8492-4243-85C9-53FBCE56A225} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{317BBBEA-403F-4B0F-8A20-9D5901126FD9} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{31E22AB7-754B-4F68-804A-B30F3D226E93} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{3281FA00-5A42-4BC9-87B6-F7DD3E673AAD} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{32F7B4E7-E1E6-4198-9E62-5211096E4F75} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{34A9B392-26F5-4B9A-B67D-FEC8E0FBD00C} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{35462806-6809-476A-B8B0-F983319B2925} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{370C4F46-B56C-4651-8081-08AAA08B6776} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{3768879E-CC92-4668-B3D3-7D8064FA2AAD} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{37E73A2E-3EB1-4A5A-BFE9-0E46447620F7} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{3AED0343-6BF2-4868-8722-BDC67BC6FACF} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{3B43DEFA-9D14-48DD-A501-CD69F52334F4} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{3B7880DA-9E09-4B3D-8ECD-82A81323C5B6} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{3C17F8E3-DF43-4685-A493-7E2AFF37E411} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{3C4DD8DF-D382-421A-995C-959F25D68402} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{3D091DD3-3903-4E95-9EB2-2A1F1C3BA393} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{3E95F166-59F4-454B-9C68-4035EA190511} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{3F263EA7-ECD2-478A-ABD7-F5C9CBFC201B} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{41810C04-6097-4296-836F-C4D8C50F7B41} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{421F1EDA-2C96-4773-819F-C8C673F62718} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{42310383-547A-4502-8A06-E3118908701E} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{43925D1A-A5DB-4BD7-A192-36C3BA9C0585} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{46ADC49B-9DC8-47E2-8AD5-6B9D95E6AD51} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{473F8E10-FB34-4772-8DA3-19C00733FDB2} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{495A1018-B6A5-4C59-BDBC-F36A39BD1297} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{4A272C71-8E3E-409D-82E4-23FFFDC6DDFC} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{4A5B6B2A-D307-40C0-83A1-51778FF33BB2} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{4B19F37C-12E5-4576-88EC-84016C091C05} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{4C168A56-202B-4426-B6D6-380708047B66} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{4CE089C0-4B9C-4072-8E02-800E1F2905E8} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{4CE6FE0B-5E00-44B6-B154-FF13D39FE20C} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{4D0AF922-CC66-4DA7-BBA2-156AECC731D6} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{4D4CD1B3-4CF3-401E-8417-28C7B3392AB0} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{4E5759C7-CB76-47C0-8600-8F06095AFC2D} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{4EABDDD8-0B5C-4C4C-9268-124C2F667564} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{4F13474B-E5F8-498F-B96E-C2DCF4702012} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{4F27C061-F73A-41BE-97B0-22158EC3CD93} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{51293876-271B-4083-9B01-8CD690A36FD1} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{52A056F6-201C-44BC-98FB-DB0026317FD4} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{5523E9C3-652E-4537-BDB6-A5F64FDBA0DB} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{5723FB0D-F4A4-4126-A36C-E5971EC7918B} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{5BF8EDF2-0860-4591-B2C3-B2D6BD2B1597} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{5DE0EC22-4470-43D9-B30F-03C627052CB7} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{5FA89FD7-9A9D-408E-9E55-0D6CE6EDC2D5} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{6037346F-028C-4B54-A6F7-057E11477003} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{60D6CFB3-0321-42B4-AE8D-B3C50D685B8D} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{61DCD7AB-79F8-4B75-AEBA-60935D4B4CA0} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{628588BE-12C2-45FF-AF29-3CE8DE4A0C61} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{62D2483F-6F9D-4747-B074-8D8F5298EA58} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{62D4AE2A-813D-4962-AE20-A9004B07F0C6} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{63098D03-7EDF-4A90-9CF4-34BE7FE023B6} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{642A4ED3-9392-4453-A8D6-3C5960BC9D6E} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{6507F0BB-265D-4E5F-AA44-3EA01ED4255F} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{6631DCEA-9DB8-4A52-855B-EE9A4D336B11} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{6833FAB8-CF53-4C79-A12D-429053236F67} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{68FF83C6-2041-4F0E-85F0-7B6A3AD570D8} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{6AD3C847-526E-49A9-8131-392514C29E5A} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{6B747310-0AB8-435D-BD68-8B2A91AFAC7A} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{6BC5D7F0-F655-470D-9449-A630F03558B5} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{6BD5020B-1FD2-40E3-9D37-F72889F35869} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{6D332D8B-8CB0-4CF3-AA40-C2B124700555} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{6D508B1E-404B-42D1-B567-510DDAC47E27} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{6D518E5C-7029-40A8-93A2-37B290F07E84} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{6D5F5F06-A6B1-450F-BD78-8F11B200FE1D} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{6DEB1DAF-48A0-4906-B413-E017080DD55B} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{6E2E9E66-B925-462D-9CCB-CE81A3AFD2DA} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{6F4253F6-821A-497C-A5F0-4CCB89F99167} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{6F48DB33-2EB1-4A4A-94FE-229D66568324} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{7058FDF7-CEB2-4936-8F7A-7AA85B1CC188} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{7112290D-BB33-4408-A541-E788D8CD8CE1} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{725E29F7-4A12-4A0C-B15F-1D6AA854FA2E} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{72EC6F82-DDDA-4805-A633-BF7E45324ABF} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{72F8708E-90B8-447C-B046-188CD0B3F527} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{7395C505-04A5-4D2B-B1B9-669EA6DC6B3F} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{76478D2D-C35A-4382-A6F2-79179FA449F7} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{76778F4F-FB87-4607-A223-D4559EC301F2} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{76E0BDCD-7F95-4381-8F3B-AC1F0148ACD2} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{777B0C1C-315B-463D-8016-49EF02F47E5E} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{778205AF-7738-441D-BD35-C0C30A370428} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{778831A6-1541-46C3-B168-5A1DD85992B1} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{7A9099A9-7D59-4CF6-B929-99F112F7E2A9} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{7B964CBD-C4FA-49E1-B1F8-0436B7A46534} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{7C68A822-6927-47FF-A15B-93240C8BFE4E} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{7CF225C4-3583-4A26-B5DF-7DF27499A969} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{7F5C5564-CAF1-4C03-AC1D-1DC0E9D3E751} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{826E2C7A-4EBE-4075-B7C5-891129201D84} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{835187D3-6DE5-4821-BF20-D72704659F6B} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{83C5744D-CBF7-4978-B7FB-FD7D77721304} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{84E7258C-9E95-4E65-8230-7C9A052B5A52} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{858634AE-C1CC-4570-8308-7ED0BF31536D} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{859C9BD8-39DE-4316-BAE4-ACE2B24990EC} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{85A376E7-3F2A-48F6-9D06-C565E7A83379} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{85B92EF7-6914-48CB-A97A-2E728DDD5614} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{85EB1581-94BC-4DCD-BEDB-87EB6D4477B5} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{87696353-822F-4546-907D-B55B203312B4} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{87983A64-6C66-4E52-9CE2-1147D6AA19E6} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{87A1AF55-3834-4A7D-9082-77B925650D97} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{87D58E22-8DD0-4D23-AC56-DC5577C2CFF6} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{87D61878-E71C-4AC2-A414-A560ACE101F1} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{87E6459C-A95C-4D77-A21F-EBE74D2C5B76} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{88038906-FCF9-4014-B972-BF3637F0919B} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{89DCB8FA-785B-4935-B5AE-3A81D2CA53A6} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{8A21060C-98EF-4F09-828C-99D08BEAAB16} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{8AADFF1F-0C84-449C-887D-CB19FADC839D} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{8B7A3EE8-0EB9-4C33-A1F3-BB94E90330B5} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{8BE76735-6D34-40A9-B51C-1628686B79DB} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{8C6463DC-F542-4520-B54E-D53DF1B9D0CF} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{8CAE98C6-1151-45AD-A46F-E1D5F2EB1C8D} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{8E743A33-3598-4FF3-BED1-0A0A099E369B} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{8FD1AC3B-7AF5-459F-B517-8CD0BA71AE5C} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{904E5BB2-E94D-45CE-8877-04704E529952} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{90D9321D-8DD4-4544-9285-C4EDDD6920AC} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{925D4AA5-7660-4237-B9DB-36661887C5BB} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{9495CE94-785F-42F8-8977-EB83C4D28E27} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{94DD7F67-7101-494C-8EBC-96838314A30F} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{951B717E-A101-450F-836D-F0CFBE269721} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{963BCA70-5EBE-43BE-B694-B1DD5C61AC10} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{97FD221E-DF8F-4F68-99A6-355D75BDD43A} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{992C05CC-8C4D-42C4-9166-ED429A590E27} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{9A005C80-3F77-4571-BF56-7F0EB0F3CC9B} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{9A3D213B-E3A1-41DE-A95D-FF441DFEEEF6} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{9C588DCF-3887-4244-BDC9-A465E8C8CA52} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{9D2AE85C-B5EC-45CA-91F2-9CC6FF5DE4BE} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{9DD87FC0-9A41-4553-9612-A965F33FDED2} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{9F471BFC-8843-40A4-8CA3-34BA13F6920E} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{A0BE52EA-78E3-454E-B25A-243131B308B1} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{A106ACB5-AD13-44D3-9427-7BDBDC8892A9} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{A12F7614-A6AD-4E20-8DAD-FEFC9C9412CF} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{A13FACCC-FEDE-4058-AB2F-5AC29558D940} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{A1B2C1B2-5C17-4758-9389-812C58C7CA15} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{A347148D-B216-4124-B620-35EA3AAA5B31} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{A3D9E7A2-7212-4269-85FB-0706CE05DEFF} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{A51D33B0-8198-4544-AEAC-57B337AB05D0} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{A699703D-4911-4967-BDF3-11D0470C9B4E} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{A69C2063-4EF8-4479-A4DC-52C2BDA3E36A} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{A69D954E-58E4-4580-B1D0-41B49945BD5E} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{A6BC0671-2769-45AC-9A5F-2D2C5F44694B} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{A8239948-72D6-4963-9FC3-9F5A41562AA6} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{A88387CA-D6E8-4A21-9E45-265FDD30F63F} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{A97890CD-9DC7-45C6-8C12-5C0855CE59D9} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{AAEACC7D-2B60-4A81-AE8F-536066B92AB4} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{AAF62ACD-4B96-488F-9311-6DAFF01A9500} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{AB5AA04F-8C06-49C9-8A48-A9222FFF32F7} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{AB7DA7CE-FA79-4D77-9E65-A6D3F1B9BC64} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{AE447352-FB17-4EB9-B4A2-16B1EC74244A} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{AFDA4505-7D90-4CC2-8210-8B8D9C282BA9} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{B021B0BA-3FCE-4ABC-A846-FDC33D538701} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{B27748E3-8AD9-4B29-9782-4AD6CC206E76} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{B2A96C6D-29C9-459F-9438-D3E9D48B812C} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{B2DC661E-57AB-4A47-88E0-354F54C4B94B} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{B31E4C18-5979-4727-AC6B-6097E0A3C528} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{B3221526-6CCC-4C63-80B2-EB66A8B687F1} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{B3AD95C5-EC23-45C8-B5FC-60B449944D2F} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{B43B6210-EB37-4685-9462-18198E9C9E1A} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{B472E88D-0F13-41B3-827C-8E28ABC9D445} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{B567B9A3-111E-4FC5-89C3-FFAEDECF3486} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{B59AB29A-A551-4B7B-B709-4CEE9A6638B1} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{B6A4ECB7-386D-4C90-86DF-19E87E43C616} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{B6ED74DE-9A58-47FA-BAAF-8A4E976B94A0} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{B7671EC8-0908-4089-9B2D-F1951104C7CD} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{B7DBE8A8-F5AD-438C-98C3-E763D29D53A1} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{B81DC40F-B05C-4B77-8EBB-FDA501968A71} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{B892843D-ACBB-46C1-B2DD-881C3140BD2B} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{B90F7F48-DE13-4B90-AB36-79592E0CAAA8} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{B9AAA19E-9B0B-4D36-B131-F7D9B6DA4756} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{B9C53A6F-60A6-46EC-A782-A82FC1332B6E} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{B9D5BAE8-2B44-4065-8919-2BCAB604DC30} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{BA053E26-F279-4611-AD13-484ABCAFB695} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{BA16E30B-A83D-4C85-AF8B-2695AB8C843A} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{BA4395D8-B6D0-4EBA-9348-6C4EA6512867} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{BC764423-F5DB-47F7-B090-27B841E6E994} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{BD43BA27-B948-491F-B8DE-31D9D6115A64} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{BD83B06B-B481-4BFD-9AC4-6AF76C865965} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{BFFCB469-0FA7-4B76-BB00-124BAE2842EA} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{C1CB8230-4704-4CC2-A0A6-1A9E0C8BD9B8} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{C1F34BAE-B552-4537-AB7F-874191442E72} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{C25AD9A1-4790-4DE8-8A3C-1C5ADEC469FE} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{C26CD575-837D-44F9-B2D8-2C49903B15D7} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{C34F2A09-E423-41AE-AC2E-5D33C9F1FC8E} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{C3723F63-1BA7-476A-877E-A43E66636ABF} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{C3E75A94-C371-4FB9-B20A-791D4B8D9724} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{C4F197E4-EAD7-46F3-B81C-1095F4952172} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{C57727B3-CA14-4054-983F-691D9FFD82C2} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{C63AD215-A585-4D31-96EF-AB393588D19D} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{C6779325-7D42-416B-B514-D7EA9B0DD66B} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{C77A0FB3-4964-42A9-9CAA-E1AB178965A1} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{C77DE44A-EF0D-4FCE-971E-E92F67AA7F87} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{C7EC247A-9E93-4444-AE79-7E0DF8065488} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{C835FA7B-ABA7-4130-A051-7B8029EAC6C0} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{C88CC523-3380-4A48-BE37-4E56A6E0A6AE} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{CB1BFE5E-A6A1-413B-B845-A7185E250EEC} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{CB352EF6-C6A4-4BEC-9CFF-C138AF8875B7} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{CC8407DC-B461-46CD-ACCB-D4F81C9FD339} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{CD7BA42D-D760-4CA5-A185-3CA7EC8AEC24} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{CDC80CBC-48F7-4577-9B8D-0B7CAD95C5C0} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{CDDAC5F7-39D8-4092-8488-F9EAAB78D3A5} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{CEA89FC1-514E-44DB-8039-4AB630FA0FA6} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{CECEA6A0-53E4-46F5-97A5-0DA79B5B0BDB} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{CF2EE0F1-0ADF-4D8E-A5B7-1D6FED785CD0} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{CF345049-47FC-4F05-BD7F-ECEF16F1259B} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{D1BECE09-0536-4E29-B284-5F57EDBC9047} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{D2F70E15-A392-48E4-BBD9-143B8CDD9484} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{D3CAFD3D-5657-4855-9D0E-377F369EB139} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{D503ACA4-478D-4DCD-8F3F-7709DAC9EE2D} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{D546E0B1-3D34-4793-BB49-3AF3F4FF0B23} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{D5C75CF3-0432-4314-A456-16FAF73DF701} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{D98FCB79-CFC3-453A-9DFA-C66F2EE11CF4} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{DA282BDE-5C00-4924-82A5-5E28333946AF} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{DA4C65BD-B671-4453-9081-5FE084CE1386} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{DA9109C3-98D1-4469-ADB6-DBDF000AA4CA} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{DB528FFF-C52C-49B5-B7E9-93012917B8D4} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{DBEE9575-3283-4CB6-ABDE-04CC56276948} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{DD7EDC85-9848-491F-9DAB-2F533CECECFB} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{DE5EAEC2-37C0-4F71-8948-3B65B6FB8F17} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{DF9C0BBB-0E70-41BB-B059-66812EF1A8DD} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{E04D5D6F-EC1C-4919-8CEA-52945CF6F19A} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{E0937C25-FCD9-4119-9247-83BC9B182A75} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{E0AAB92C-29E5-476F-B1F3-029D95A7128D} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{E16F44A0-BCA7-49D9-9EF9-8EF324981C84} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{E1CFBAA7-3F5D-48DA-86FF-068DA36A577C} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{E26E1E1E-1FC3-4758-96D2-D6DC24BBF8F2} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{E2A1541B-83E5-4301-988D-1D705729B651} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{E2F47390-BBD0-4DA6-96DF-1036C32ABC9B} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{E3966F3B-9DE0-498D-9A6E-54CFCA8535C9} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{E45CCA7C-39FA-4799-82FD-39FBF5075C06} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{E47797EF-86AF-45FE-ABB3-50FD60F55D92} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{E4CF8A52-2AA7-41B0-9B2E-28067EBF30D2} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{E53F629D-E8E1-4F12-8928-0FDFD8B9B8F4} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{E5FFACF9-C5AD-4F05-A6B0-D03081B0C2D4} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{E623F6D7-E000-44F8-8DCA-A849F28DD2E5} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{E76DCC3A-8092-4132-9372-0221E6589362} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{E7B2A486-23CE-41B5-ABB9-56E2CB6BC235} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{EA5CE466-3D2F-4EEF-A90B-F632DCDA5940} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{EA662B88-11AF-431B-A51C-ECC5320CCA1A} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{EA88458C-FB7E-42A6-BCDC-1EC9793637D1} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{EB904DE9-FB04-4234-A230-D583DC343317} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{ECE969C9-6514-4E12-8DAB-84CD43E28C97} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{ED8135AA-FF2C-4831-99DC-3D0FFB9FE2B4} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{EDCE93B3-1F22-4C4F-9B80-C8BA7A10C5A0} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{EEFE0B41-B917-4D72-B74C-714DF38790B9} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{EF18BF22-E901-46B5-8B05-CD1DF9CF20C1} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{EFF512DA-9225-4CD7-ADF3-228E472418F8} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{EFFAB1F2-2D8A-451E-B88D-8507864F342C} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{F045E723-157C-4392-973E-B9643E0C8E61} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{F09392F6-31CF-473F-AA34-FAF0BA5ABE67} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{F11C0CD1-F9CB-41AE-B7DF-D24E05A9FF7E} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{F1365577-0385-4F66-84ED-7B74C78CB33A} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{F270804B-5DA6-4E95-88B4-FF6A3490D0A7} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{F4617BBE-AF51-4898-9C75-257558781578} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{F517449C-87DC-43A1-97A0-C0B11D6D97F8} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{F53582C0-3B3A-4B05-8B1D-00B45110AE0A} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{F56E490C-E722-496C-8417-F14FDDD9A92E} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{F5849B96-2BC2-46B6-BC21-BFAE8FB2FC38} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{F6DECD87-653E-468D-8C28-79659741F6F7} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{F74FB3D0-1CEF-4B57-99EA-547E21BE74D7} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{F7E15ECD-2B5A-4472-9589-17DED538504B} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{F8606A36-53CC-4D22-AA54-6029429E2098} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{F86DD16B-9CAF-4407-A3A9-1D66D963244F} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{F8789003-BD57-4B7C-8BC3-ECDC65A544E3} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{F9D5EE62-8A18-4148-8682-A9D3788F2A8D} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{FA880C79-6CE9-48C7-95E0-A7F95C177557} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{FA880F32-71DD-4C52-801B-AA092E6389D9} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{FAEF2D26-FE16-4C97-846E-4392DB54A23A} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{FBBDA559-1041-4577-8A2E-582117C28A02} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{FD1B0EAB-5A4A-4E92-84DC-84BFBDABC676} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{FDF0CE03-2FFF-4BDB-9CD3-1F2CE0864D95} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{FEAE5C5F-30B7-4578-AEF3-9F5F92CC32F7} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{FEDF7FA0-2015-4B2B-A1D7-1523036C591E} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{FF6D0980-8145-46ED-9A45-FA7D046FE1FC} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Local\{FF8C7F89-B85E-4A06-A5E1-2C91A3C1851B} (Empty Folder)
Successfully deleted: C:\Users\Rebecca\AppData\Roaming\paretologic\regcure pro (Folder) 
Successfully deleted: C:\WINDOWS\SysWOW64\sho3D02.tmp (File) 
 
 
 
Registry: 3 
 
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla (Registry Key) 
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof (Registry Key) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26/06/2016 at 12:06:45.25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#10 FRISC0

FRISC0
  • Topic Starter

  • Members
  • 175 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:00 AM

Posted 26 June 2016 - 06:19 AM

 

  • "...Visual Studio 2008 x64 Redistributables, Visual Studio 2012 x64 Redistributables, Visual Studio 2012 x86 Redistributables - From AVG"  -- Aura.   Thanks Aura!  I'm removing same from my three computers this week!

 

 

Glad this thread is helping others too! :)

 

Here's my AdwCleaner logs too:

 

 

 

# AdwCleaner v5.200 - Logfile created 26/06/2016 at 12:13:14
# Updated 14/06/2016 by ToolsLib
# Database : 2016-06-25.3 [Server]
# Operating system : Windows 10 Home  (X64)
# Username : Rebecca - REBECCA-PC
# Running from : C:\Users\Rebecca\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\ProgramData\ParetoLogic
[-] Folder Deleted : C:\ProgramData\Avg_Update_0215tb
[-] Folder Deleted : C:\ProgramData\Avg_Update_0616tb
[#] Folder Deleted : C:\ProgramData\Application Data\ParetoLogic
[#] Folder Deleted : C:\ProgramData\Application Data\Avg_Update_0215tb
[#] Folder Deleted : C:\ProgramData\Application Data\Avg_Update_0616tb
[-] Folder Deleted : C:\Program Files (x86)\Common Files\ParetoLogic
[-] Folder Deleted : C:\Users\Rebecca\AppData\Roaming\ParetoLogic
 
***** [ Files ] *****
 
 
***** [ DLLs ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\AVG Secure Search
[-] Key Deleted : HKCU\Software\IGearSettings
[-] Key Deleted : HKCU\Software\ParetoLogic
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
[-] Key Deleted : HKLM\SOFTWARE\AVG Secure Search
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\ParetoLogic
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\vProt
[-] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [vProt]
 
***** [ Web browsers ] *****
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [2725 bytes] - [26/06/2016 12:13:14]
C:\AdwCleaner\AdwCleaner[S2].txt - [3004 bytes] - [26/06/2016 12:05:12]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2871 bytes] ##########


#11 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,474 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:00 AM

Posted 26 June 2016 - 11:45 AM

Good :) Let's see if Emsisoft Emergency Kit can catch any remnants.

G0tu5D9.pngEmsisoft Emergency Kit
Follow the instructions below to run a scan using the Emsisoft Emergency Kit.
  • Download the Emsisoft Emergency Kit and execute it. From there, click on the Extract button to extract the program in the EEK folder;
  • Once the extraction is complete, Emsisoft Emergency Kit will open, and suggest you to run an online update before using the program. Click on Yes to launch it.
  • After the update, click on Malware Scan under 2. Scan and accept to let Emsisoft Emergency Kit detect PUPs (click on Yes).
  • Once the scan is complete, make sure that every item in the list is checked, and click on Quarantine selected;
    Egla2gt.png
  • If it asks you for a reboot to delete some items, click on Ok to reboot automatically;
  • After the restart, click on the Start Emsisoft Emergency Kit icon again on your desktop to open it;
  • This time, click on Logs;
  • From there, go under the Quarantine Log tab, and click on the Export button;
    IgfWDr3.png
  • Save the log on your desktop, then open it, and copy/paste its content in your next reply;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#12 FRISC0

FRISC0
  • Topic Starter

  • Members
  • 175 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:00 AM

Posted 27 June 2016 - 04:19 AM

All scanned, nothing found :)!

 

I'm guessing I can reinstall AVG Free now?



#13 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,474 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:00 AM

Posted 27 June 2016 - 05:21 AM

Before you reinstall it, I would just like to confirm that AVG has indeed been fully removed from your system :) Follow the instructions below please.

3Al62Pm.pngMiniToolBox
  • Download MiniToolBox and move the file to your Desktop;
  • Right-click on MiniToolBox.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Check the following options:
    • List Installed Programs;
  • Once this is done, click on Go and wait for the scan to complete;
  • Once the scan is complete, a log will open. Please copy/paste the content of the output log in your next reply;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#14 FRISC0

FRISC0
  • Topic Starter

  • Members
  • 175 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:00 AM

Posted 27 June 2016 - 09:56 AM

Also just a note, if I wanted you/someone to check to see if anything like this is present on my other laptop, should I continue in this post with you or must I create a new one? :) you've been very helpful!
 
Heres the scan:
MiniToolBox by Farbar  Version: 17-06-2016
Ran by Rebecca (administrator) on 27-06-2016 at 15:54:51
Running from "C:\Users\Rebecca\Desktop"
Microsoft Windows 10 Home  (X64)
Model: K53E Manufacturer: ASUSTeK Computer Inc.
Boot Mode: Normal
***************************************************************************
 
=========================== Installed Programs ============================
 
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.16) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.16 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\{4555BB9E-E715-4260-A178-E8EFD2B653E3}) (Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.2.0 - Asmedia Technology)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.24 - ASUS)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0013 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.28 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.2 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.50 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0037 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)
AsusScr_K3 Series_ENG (HKLM-x32\...\AsusScr_K3 Series_ENG) (Version: 1.0.0001 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0010 - ASUS)
AVG 2012 (HKLM\...\{5E1AD7F6-922A-41F5-BC7E-2CD06243E3A2}) (Version: 12.0.3697 - AVG Technologies) Hidden
AVG 2012 (HKLM\...\{6B9CE44B-52D0-4B2F-BDFA-56FF4977A790}) (Version: 12.0.2195 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.81.7640 - AVG Technologies)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bubbletown (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115065740}) (Version:  - Oberon Media)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
Deadtime Stories (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118716773}) (Version:  - Oberon Media)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
Dream Vacation Solitaire (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111249233}) (Version:  - Oberon Media)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farm Frenzy 3 - Madagascar (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119205603}) (Version:  - Oberon Media)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Game Park Console (HKLM-x32\...\Game Park Console) (Version: 1.2.4.431 - Oberon Media Inc.)
Go Go Gourmet Chef of the Year (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115290153}) (Version:  - Oberon Media)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.30.3 - Google Inc.) Hidden
Intel PROSet Wireless (HKLM-x32\...\ProInst) (Version:  - ) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Mahjong Memoirs (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117948443}) (Version:  - Oberon Media)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.)
Plants vs Zombies (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}) (Version:  - Oberon Media)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6304 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.103 - Skype Technologies S.A.)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.00.0000 - Virage Logic, Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.6.0 - Synaptics Incorporated)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.42.130 - Electronic Arts)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
Turbo Fiesta (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}) (Version:  - Oberon Media)
Windows Phone app for desktop (HKLM-x32\...\{E786AE85-8A30-4CF2-BF70-57404A5CD684}) (Version: 1.0.1720.1 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.32.3 - ASUS)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.25 - ASUS)
 
**** End of log ****


#15 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,474 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:00 AM

Posted 27 June 2016 - 09:57 AM

That's what I was thinking.
AVG 2012 (HKLM\...\{5E1AD7F6-922A-41F5-BC7E-2CD06243E3A2}) (Version: 12.0.3697 - AVG Technologies) Hidden
AVG 2012 (HKLM\...\{6B9CE44B-52D0-4B2F-BDFA-56FF4977A790}) (Version: 12.0.2195 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.81.7640 - AVG Technologies)
Please uninstall AVG Protection, and follow the instructions below please.

EndqYRa.pngRegistry - Export Uninstall Keys
  • On Windows Vista & 7, click on the Windows Start Menu, then enter cmd in the search box, right-click on the cmd icon and select Run as Administrator
  • On Windows 8, drag your cursor in the bottom-left corner, and right-click on the metro menu preview, then select Command Prompt (Admin);
  • On Windows 8.1, right click on the Windows logo in the bottom-left corner and select Command Prompt (Admin);
  • Enter the following commands, one after the other. You'll know when you're ready to input the next command when a new line with a blinking cursor will appear under the precedent one:
    Note: You can copy and paste these commands instead of typing them. To copy a command inside the command prompt, move your mouse over the blinking cursor, right-click and select Paste. You must have copied the command prior to that (via Ctrl + C or left-click and Copy).
    reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall /s > "%userprofile%\Desktop\hklm_uninstall64.txt"
    reg query HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall /s > "%userprofile%\Desktop\hklm_uninstall32.txt"
    
  • Once you're done running the commands, two files will have appeared on your desktop:
    • hklm_uninstall32.txt
    • hklm_uninstall64.txt
  • Create a new folder on your Desktop and move both files inside it. Once done, archive (.zip) the folder (right-click on it, select Send to... and select Compressed archive (.zip));
  • Upload the file on Dropbox, Google Drive or OneDrive and post the download URL for it here;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users