Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Arestocrat virus malware/spyware [Solved]

Started by Tony_E , May 09 2013 07:07 PM

  • This topic is locked This topic is locked

#1
Tony_E
Posted 09 May 2013 - 07:07 PM

Tony_E

    Member

  • Member
  • PipPip
  • 29 posts
Hello, my name is Tony. I am having issues with a malware/spyware virus that is apparently called arestocrat. Unlike most of the post seen about this virus, mine is different. Instead of all the FBI stuff, this virus pops up with a white screen and two things toward the bottom right. One is an area to type and under it is a submit button. When you press the submit button, this is what pops up: You Have 48 hours to Pay the Fine! I looked at credmon's post and tried to do what Phel told him to do. Sadly, when I try to use OTL it works normal but stops responding usually when it gets to the Firefox settings. If anyone would like to help me with my problem, I would be greatly thankful. :thumbsup:

Edited by Tony_E, 09 May 2013 - 07:11 PM.

  • 0

Advertisements

#2
gringo_pr
Posted 09 May 2013 - 07:18 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Tony_E

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!


  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.





I need to get some reports to get a base to start from so I need you to run these programs first.



-Download DDS-

  • Please download DDS from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

Gringo
  • 0

#3
Tony_E
Posted 10 May 2013 - 04:26 PM

Tony_E

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Hello, Thank You Gringo for helping me with my situation:)!!!!! The following posts have the text (the first one is ATTACH.txt and the second one is DDS.txt):
  • 0

#4
Tony_E
Posted 10 May 2013 - 04:28 PM

Tony_E

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 7/23/2012 1:36:03 PM
System Uptime: 5/10/2013 2:57:15 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 034W60
Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz | CPU 1 | 2294/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 581 GiB total, 478.166 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
==== System Restore Points ===================
.
RP55: 3/26/2013 10:00:37 AM - Installed Microsoft XNA Framework Redistributable 4.0
RP56: 3/26/2013 10:02:44 AM - Installed Microsoft XNA Framework Redistributable 4.0
RP57: 3/26/2013 11:49:20 AM - Windows Update
RP58: 5/1/2013 5:20:00 PM - Instalado MorphVOX Pro
RP59: 5/1/2013 5:22:17 PM - Quitado MorphVOX Pro
RP61: 5/7/2013 1:37:43 PM - Windows Defender Checkpoint
RP63: 5/8/2013 3:15:59 PM - Windows Defender Checkpoint
RP64: 5/8/2013 3:24:29 PM - Windows Update
.
==== Installed Programs ======================
.
µTorrent
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS6
Adobe Reader X (10.1.6) MUI
Adobe Shockwave Player 11.6
Advanced Audio FX Engine
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atomic RAR Password Recovery 1.20
AVG Security Toolbar
Bcool
BCool Gadget
BeeMP3
Bing Bar
Bing Rewards Client Installer
Bonjour
BrouwsEe2save
Browser Manager
BrowseToSave 1.74
Cheat Engine 6.2
Coupon Printer for Windows
Cozi
Crazy Birds
D3DX10
DefaultTab
DefaultTab Chrome
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Digital Delivery
Dell Edoc Viewer
Dell Getting Started Guide
Dell Home Systems Service Agreement
Dell MusicStage
Dell Perks Webslice IE8
Dell PhotoStage
Dell Product Registration
Dell Stage
Dell Support Center
Dell Touchpad
Dell VideoStage
Dell Webcam Central
DirectX 9 Runtime
EA Download Manager
EA Download Manager UI
eBay
ffdshow [rev 3154] [2009-12-09]
Funmoods Web Search
GMail Drive Shell Extension
Google Chrome
Google Chrome Extension Updater 1.12.02
Google Earth Plug-in
Google Update Helper
Helicon Filter 4.93.2 Free
HP Deskjet 1050 J410 series Basic Device Software
HP Deskjet 1050 J410 series Help
HP Deskjet 1050 J410 series Product Improvement Study
HP Photo Creations
HP Update
IDT Audio
InfoAtoms
Intel PROSet Wireless
Intel® Control Center
Intel® Management Engine Components
Intel® Processor Graphics
Intel® PROSet/Wireless Software for Bluetooth® Technology
Intel® PROSet/Wireless WiFi Software
Intel® Rapid Storage Technology
Intel® Turbo Boost Technology Monitor 2.0
Intel® Wireless Display
Internet Explorer
iTunes
Java 7 Update 7
Java 7 Update 7 (64-bit)
Java Auto Updater
Java™ 6 Update 24 (64-bit)
JavaFX 2.1.1
Junk Mail filter update
McAfee SecurityCenter
Mesh Runtime
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft XNA Framework Redistributable 4.0
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
MixPad
Mobile Numbers Generator v3.1
Mozilla Firefox 19.0.2 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Need for Speed™ Hot Pursuit
PDF Settings CS6
PhotoShowExpress
PriceGong 2.6.8
PricePeep
Quickset64
Razer Game Booster
RBVirtualFolder64Inst
Realtek Ethernet Controller Driver
Realtek USB 2.0 Card Reader
Renesas Electronics USB 3.0 Host Controller Driver
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Creator Starter
Roxio Express Labeler 3
Roxio File Backup
San Andreas Mod Installer
Sanny Builder 3.04
ScriptVOX Studio
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Sendori
Shared C Run-time for x64
Skype Toolbars
Skype™ 6.3
Software Version Updater
Sonic CinePlayer Decoder Pack
swMSM
TeamSpeak 3 Client
TrustedID
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Vid-Saver
VideoPad Video Editor
Wajam
WavePad Sound Editor
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinISO 5.3
WinRAR 4.20 (64-bit)
Yontoo 1.10.03
.
==== Event Viewer Messages From Past Week ========
.
5/9/2013 5:26:56 PM, Error: Service Control Manager [7034] - The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).
5/9/2013 5:24:50 PM, Error: Service Control Manager [7034] - The DefaultTabSearch service terminated unexpectedly. It has done this 1 time(s).
5/9/2013 4:54:45 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaSvc with arguments "" in order to run the server: {24F616A1-B755-4053-8018-C3425DC8B68A}
5/9/2013 4:54:16 PM, Error: Service Control Manager [7034] - The sndappv2 service terminated unexpectedly. It has done this 1 time(s).
5/9/2013 4:44:16 PM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control.
5/9/2013 4:42:08 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.
5/9/2013 4:42:08 PM, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/8/2013 9:49:19 PM, Error: Service Control Manager [7022] - The Service Sendori service hung on starting.
5/8/2013 9:48:57 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
5/8/2013 7:22:09 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Application Sendori service.
5/8/2013 7:22:03 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
5/8/2013 7:03:45 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.
5/8/2013 7:03:15 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Browser service.
5/8/2013 7:03:15 PM, Error: Service Control Manager [7000] - The Computer Browser service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/8/2013 7:02:45 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IKEEXT service.
5/8/2013 7:02:15 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.
5/8/2013 6:59:10 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\SystemRoot\System32\Config\SOFTWARE' was corrupted and it has been recovered. Some data might have been lost.
5/8/2013 6:53:07 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service.
5/8/2013 6:53:07 PM, Error: Service Control Manager [7000] - The Application Information service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/8/2013 3:00:26 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Service Sendori service to connect.
5/8/2013 3:00:26 PM, Error: Service Control Manager [7000] - The Service Sendori service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/8/2013 2:58:09 PM, Error: Service Control Manager [7038] - The WdiServiceHost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
5/8/2013 2:58:09 PM, Error: Service Control Manager [7038] - The PolicyAgent service was unable to log on as NT Authority\NetworkService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
5/8/2013 2:58:09 PM, Error: Service Control Manager [7038] - The bthserv service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
5/8/2013 2:58:09 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
5/8/2013 2:58:09 PM, Error: Service Control Manager [7001] - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: The service has not been started.
5/8/2013 2:58:09 PM, Error: Service Control Manager [7001] - The Bluetooth Media Service service depends on the Bluetooth Support Service service which failed to start because of the following error: The service did not start due to a logon failure.
5/8/2013 2:58:09 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/8/2013 2:58:09 PM, Error: Service Control Manager [7000] - The Portable Device Enumerator Service service failed to start due to the following error: A system shutdown is in progress.
5/8/2013 2:58:09 PM, Error: Service Control Manager [7000] - The IPsec Policy Agent service failed to start due to the following error: The service did not start due to a logon failure.
5/8/2013 2:58:09 PM, Error: Service Control Manager [7000] - The Human Interface Device Access service failed to start due to the following error: A system shutdown is in progress.
5/8/2013 2:58:09 PM, Error: Service Control Manager [7000] - The Diagnostic Service Host service failed to start due to the following error: The service did not start due to a logon failure.
5/8/2013 2:58:09 PM, Error: Service Control Manager [7000] - The Computer Browser service failed to start due to the following error: A system shutdown is in progress.
5/8/2013 2:58:09 PM, Error: Service Control Manager [7000] - The Bluetooth Support Service service failed to start due to the following error: The service did not start due to a logon failure.
5/8/2013 2:58:09 PM, Error: Service Control Manager [7000] - The Application Information service failed to start due to the following error: A system shutdown is in progress.
5/8/2013 2:58:09 PM, Error: Service Control Manager [7000] - The Application Experience service failed to start due to the following error: A system shutdown is in progress.
5/5/2013 2:48:10 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McMPFSvc service.
5/5/2013 2:47:58 PM, Error: Service Control Manager [7043] - The McAfee McShield service did not shut down properly after receiving a preshutdown control.
5/10/2013 3:07:12 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
5/10/2013 3:06:11 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
5/10/2013 3:06:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
5/10/2013 3:06:10 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
5/10/2013 3:06:01 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/10/2013 3:05:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
5/10/2013 2:58:40 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache spldr Wanarpv6
5/10/2013 2:58:31 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\windows\System32\IWMSSvc.dll Error Code: 21
.
==== End Of File ===========================
  • 0

#5
Tony_E
Posted 10 May 2013 - 04:29 PM

Tony_E

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 9.0.8112.16450 BrowserJavaVersion: 10.7.2
Run by Tony E at 15:20:44 on 2013-05-10
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4003.2638 [GMT -7:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\Sendori\sndappv2.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\Explorer.EXE
C:\windows\system32\ctfmon.exe
C:\Users\Tony E\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tony E\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tony E\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tony E\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tony E\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tony E\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tony E\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tony E\AppData\Local\Google\Chrome\Application\chrome.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://start.funmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0B0CyByBtAyB0AtA0F0AtC0F0AyEtD0EtN0D0Tzu0StByDtCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1790868538
uProxyServer = 127.0.0.1:9666
uProxyOverride = 127.0.0.1
mWinlogon: Userinit = userinit.exe
BHO: InfoAtoms: {103089DA-0F31-4A8B-843F-7D24A7FE8345} - C:\Program Files (x86)\InfoAtoms\IE32\InfoAtomsClientIE.dll
BHO: Vid-Saver: {11111111-1111-1111-1111-110011341191} - C:\Program Files (x86)\Vid-Saver\Vid-Saver.dll
BHO: Shopping Assistant Plugin: {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.6.8\PriceGongIE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: BeeMP3: {214430B8-91FA-742B-1908-DD52E720D64E} - C:\ProgramData\BeeMP3\515f5d750e51c.dll
BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\msk\mskapbho.dll
BHO: {2EECD738-5844-4a99-B4B6-146BF802613B} - <orphaned>
BHO: BrouwsEe2save: {382328D2-6214-8815-74BA-05BC07974B5C} - C:\ProgramData\BrouwsEe2save\515f6b6ff0b00.dll
BHO: BrouwsEe2save: {552FB7AF-FC40-ECEE-5B64-FE94B39E93C3} - C:\ProgramData\BrouwsEe2save\515f6af707771.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Funmoods Helper Object: {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files (x86)\Funmoods\1.5.23.22\bh\escort.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120908233558.dll
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Tony E\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
BHO: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll
BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bcool Class: {BE1CA19F-41F6-0DC4-0958-751ADC1606A0} -
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: BrouwsEe2save: {EBA69084-88FD-C6AE-0DCB-72D3716BD936} - C:\ProgramData\BrouwsEe2save\515f5d2adf060.dll
BHO: PricePeep: {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files (x86)\PricePeep\pricepeep.dll
BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
TB: Funmoods Toolbar: {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files (x86)\Funmoods\1.5.23.22\escorTlbr.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
uRun: [Google Update] "C:\Users\Tony E\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [Media Finder] "C:\Program Files (x86)\Media Finder\Media Finder.exe" /opentotray
uRun: [Yontoo Desktop] "C:\Users\Tony E\AppData\Roaming\Yontoo\YontooDesktop.exe"
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [AdobeBridge] <no file>
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [RoxWatchTray] "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Sendori Tray] "C:\Program Files (x86)\Sendori\SendoriTray.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: C:\windows\System32\Sendori.dll
TCP: NameServer = 68.190.192.35 71.9.127.107 24.205.224.36
TCP: Interfaces\{28C0559E-2AE1-468E-A0FC-3251AA645D32} : NameServer = 10.177.0.34,10.180.12.172
TCP: Interfaces\{28C0559E-2AE1-468E-A0FC-3251AA645D32} : DHCPNameServer = 10.177.0.34 10.180.12.172
TCP: Interfaces\{CBAED5A1-579B-4D05-B124-E77060AD4DAE} : DHCPNameServer = 68.190.192.35 71.9.127.107 24.205.224.36
TCP: Interfaces\{CBAED5A1-579B-4D05-B124-E77060AD4DAE}\155796564764C616D696E676F6D27657563747 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{CBAED5A1-579B-4D05-B124-E77060AD4DAE}\960586F6E656 : DHCPNameServer = 10.177.0.34 10.176.83.140
TCP: Interfaces\{F1240FCD-90DF-426F-9DB3-021E9D53FD2A} : NameServer = 192.168.1.1
TCP: Interfaces\{F1240FCD-90DF-426F-9DB3-021E9D53FD2A} : DHCPNameServer = 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~3\browse~1\261125~1.80\{16cdf~1\browse~1.dll c:\progra~2\browse~1\sprote~1.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-mStart Page = hxxp://start.funmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0B0CyByBtAyB0AtA0F0AtC0F0AyEtD0EtN0D0Tzu0StByDtCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1790868538
x64-BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} -
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\SystemCore\ScriptSn.20120727184558.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Plugin for Media Finder: {AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} - C:\Users\Tony E\AppData\Roaming\Media Finder\Extensions\IEPlugin64.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: m Playfin.com Search.us.com Toolbar: {F7A94651-A65A-451C-8BBB-E7C0D802F8C9} - C:\Users\Tony E\AppData\Local\TNT2\Profiles\10287\passport64.dll
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll
x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Tony E\AppData\Roaming\Mozilla\Firefox\Profiles\hh34npvi.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Search
FF - prefs.js: browser.startup.homepage - hxxp://www.masswerk.at/googleBBS/
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid={799ADB10-66A2-451B-8283-A3A5B26E8C6C}&mid=a22b406b629747d0a5566d3e714713ec-42b486084410285d371529739d81b466e6d6adeb&lang=en&ds=ft011&pr=sa&d=2012-11-11 21:48:04&pid=avg&sg=&v=14.0.2.14&sap=ku&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Tony E\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll
FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\windows\SysWOW64\npmproxy.dll
FF - ExtSQL: !HIDDEN! 2012-07-26 21:07; [email protected]; C:\Users\Tony E\AppData\Roaming\Mozilla\Firefox\Profiles\hh34npvi.default\extensions\[email protected]
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=c08ba40e000000000000bc7737a3fa1c&q=
FF - user.js: extensions.BabylonToolbar.id - c08ba40e000000000000bc7737a3fa1c
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15591
FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.9.12
FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.9.12
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.9.1215:29:07
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=44444&tt=3612_2
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.funmoods.hmpg - true
FF - user.js: extensions.funmoods.hmpgUrl - hxxp://start.funmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0B0CyByBtAyB0AtA0F0AtC0F0AyEtD0EtN0D0Tzu0StByDtCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1790868538
FF - user.js: extensions.funmoods.dfltSrch - true
FF - user.js: extensions.funmoods.srchPrvdr - Search
FF - user.js: extensions.funmoods.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - true
FF - user.js: extensions.funmoods.newTabUrl - hxxp://start.funmoods.com/?f=2&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0B0CyByBtAyB0AtA0F0AtC0F0AyEtD0EtN0D0Tzu0StByDtCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1790868538
FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://start.funmoods.com/?f=3&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0B0CyByBtAyB0AtA0F0AtC0F0AyEtD0EtN0D0Tzu0StByDtCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1790868538&q=
FF - user.js: extensions.funmoods.id - BC7737A3FA1FA40E
FF - user.js: extensions.funmoods.instlDay - 15591
FF - user.js: extensions.funmoods.vrsn - 1.5.23.22
FF - user.js: extensions.funmoods.vrsni - 1.5.23.22
FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2215:38:1
FF - user.js: extensions.funmoods.prtnrId - funmoods
FF - user.js: extensions.funmoods.prdct - funmoods
FF - user.js: extensions.funmoods.aflt - ironpub
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods.tlbrId - base
FF - user.js: extensions.funmoods.instlRef - ironpub
FF - user.js: extensions.funmoods.dfltLng -
FF - user.js: extensions.funmoods.excTlbr - false
FF - user.js: extensions.funmoods.autoRvrt - false
FF - user.js: extensions.funmoods.envrmnt - production
FF - user.js: extensions.funmoods.isdcmntcmplt - true
FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: extentions.y2layers.installId - 71cac2c1-b64d-43ca-8372-a63020828419
FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,buzzdock,YontooNewOffers
.
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(browser.newtab.url,
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\windows\System32\drivers\mfehidk.sys [2010-10-13 752672]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\windows\System32\drivers\mfewfpk.sys [2010-10-13 335784]
R0 PxHlpa64;PxHlpa64;C:\windows\System32\drivers\PxHlpa64.sys [2011-6-5 55856]
R1 avgtp;avgtp;C:\windows\System32\drivers\avgtpx64.sys [2012-11-11 39768]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-26 201304]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2011-6-5 218320]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\windows\System32\mfevtps.exe [2011-6-5 177144]
R2 sndappv2;sndappv2;C:\Program Files (x86)\Sendori\sndappv2.exe [2013-4-23 3623200]
R3 cfwids;McAfee Inc. cfwids;C:\windows\System32\drivers\cfwids.sys [2010-10-13 69672]
R3 mfefirek;McAfee Inc. mfefirek;C:\windows\System32\drivers\mfefirek.sys [2010-10-13 513456]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-6-5 406632]
S2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-6-5 89600]
S2 Application Sendori;Application Sendori;C:\Program Files (x86)\Sendori\SendoriSvc.exe [2013-4-23 119072]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-3 897088]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2010-11-3 983104]
S2 Browser Manager;Browser Manager;C:\ProgramData\Browser Manager\2.6.1125.80\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2013-3-9 2569168]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 DefaultTabSearch;DefaultTabSearch;C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [2012-7-17 562688]
S2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\Tony E\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2012-11-20 107520]
S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2011-3-24 148360]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-6-5 13336]
S2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-26 201304]
S2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2011-6-5 237920]
S2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S2 Service Sendori;Service Sendori;C:\Program Files (x86)\Sendori\Sendori.Service.exe [2013-4-23 19744]
S2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-6-5 1692480]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-3-1 161384]
S2 TurboB;Turbo Boost UI Monitor driver;C:\windows\System32\drivers\TurboB.sys [2010-11-29 16120]
S2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-6-5 2655768]
S2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-2-20 968880]
S2 WajamUpdater;WajamUpdater;C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [2012-6-14 109064]
S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]
S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-3 1298496]
S3 btmaudio;Intel Bluetooth Audio Service;C:\windows\System32\drivers\btmaud.sys [2010-11-4 53008]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\System32\drivers\btmaux.sys [2010-11-4 58128]
S3 btmhsf;btmhsf;C:\windows\System32\drivers\btmhsf.sys [2010-10-19 274432]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\windows\System32\drivers\CtClsFlt.sys [2011-6-5 175168]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\windows\System32\drivers\HipShieldK.sys [2012-10-26 196440]
S3 iBtFltCoex;iBtFltCoex;C:\windows\System32\drivers\iBtFltCoex.sys [2010-11-4 59904]
S3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-6-5 317440]
S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2011-6-5 220528]
S3 mfeavfk;McAfee Inc. mfeavfk;C:\windows\System32\drivers\mfeavfk.sys [2010-10-13 300392]
S3 mferkdet;McAfee Inc. mferkdet;C:\windows\System32\drivers\mferkdet.sys [2010-10-13 106112]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\windows\System32\drivers\netaapl64.sys [2011-5-10 22528]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-6-5 250984]
S3 ScreamBAudioSvc;ScreamBee Audio;C:\windows\System32\drivers\ScreamingBAudio64.sys [2010-7-1 38992]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2012-7-25 59392]
S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-7-24 1255736]
S3 wdkmd;Intel WiDi KMD;C:\windows\System32\drivers\WDKMD.sys [2010-12-1 42392]
S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [2012-11-13 14544]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-26 201304]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2013-05-10 00:47:57 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BD9044EC-FD56-4F62-9C91-7FB49823A7CD}\offreg.dll
2013-05-09 04:43:46 -------- d-----w- C:\windows\SysWow64\searchplugins
2013-05-09 04:43:46 -------- d-----w- C:\windows\SysWow64\Extensions
2013-05-09 01:38:09 128512 ----a-w- C:\ProgramData\DisplaySwitch.exe
2013-05-08 22:24:48 9317456 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BD9044EC-FD56-4F62-9C91-7FB49823A7CD}\mpengine.dll
2013-05-07 20:19:29 830976 ----a-w- C:\Users\Tony E\AppData\Roaming\42E9.tmp
2013-05-07 20:19:29 830976 ----a-w- C:\Users\Tony E\AppData\Roaming\427C.tmp
2013-05-07 20:19:29 12399 ----a-w- C:\Users\Tony E\winlogon.exe
2013-05-06 01:34:12 -------- d-----w- C:\Users\Tony E\AppData\Local\ArcSoft
2013-05-02 00:21:36 -------- d-----w- C:\Program Files (x86)\Common Files\Screaming Bee
2013-04-28 21:34:25 -------- d-----w- C:\Users\Tony E\AppData\Roaming\TS3Client
2013-04-28 21:33:42 -------- d-----w- C:\Users\Tony E\AppData\Local\TeamSpeak 3 Client
2013-04-28 21:25:40 -------- d-----w- C:\ProgramData\boost_interprocess
2013-04-13 04:28:15 -------- d-----w- C:\ProgramData\HP Photo Creations
2013-04-13 04:28:15 -------- d-----w- C:\Program Files (x86)\HP Photo Creations
2013-04-13 04:28:08 -------- d-----w- C:\Program Files (x86)\Coupons
2013-04-13 04:27:57 -------- d-----w- C:\Users\Tony E\AppData\Roaming\HpUpdate
2013-04-13 04:26:53 -------- d-----w- C:\Program Files (x86)\HP
2013-04-13 04:25:38 -------- d-----w- C:\Program Files\HP
2013-04-13 04:24:53 -------- d-----w- C:\Users\Tony E\AppData\Local\HP
.
==================== Find3M ====================
.
2013-05-02 09:06:08 278800 ------w- C:\windows\System32\MpSigStub.exe
2013-04-23 22:13:32 325920 ----a-w- C:\windows\SysWow64\Sendori.dll
2013-03-14 07:55:10 73432 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-14 07:55:10 693976 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-03-14 07:55:04 16486616 ----a-w- C:\windows\SysWow64\FlashPlayerInstaller.exe
2013-02-21 00:30:03 39768 ----a-w- C:\windows\System32\drivers\avgtpx64.sys
.
============= FINISH: 15:22:34.28 ===============
  • 0

#6
gringo_pr
Posted 10 May 2013 - 07:15 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Tony_E

These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.





-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

When they are complete let me have the two reports and let me know how things are running.

Gringo
  • 0

#7
Tony_E
Posted 10 May 2013 - 11:32 PM

Tony_E

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Hello, the following posts are the JRT.txt and AdwCleaner[S1].txt files(first is jrt and second post is adwcleaner):
  • 0

#8
Tony_E
Posted 10 May 2013 - 11:34 PM

Tony_E

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Tony E on Fri 05/10/2013 at 22:19:22.86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] browser manager
Successfully deleted: [Service] browser manager
Successfully stopped: [Service] defaulttabsearch
Successfully deleted: [Service] defaulttabsearch
Successfully stopped: [Service] defaulttabupdate
Successfully deleted: [Service] defaulttabupdate
Successfully stopped: [Service] wajamupdater
Successfully deleted: [Service] wajamupdater



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.funmoodsesrvc
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.funmoodsesrvc.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\f
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\funmoods.dskbnd
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\funmoods.dskbnd.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\funmoods.funmoodshlpr
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\funmoods.funmoodshlpr.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\funmoodsapp.appcore
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\funmoodsapp.appcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\browsermngr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\browsermngr
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\cr_installer
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr_toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\default tab
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\default tab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\defaulttab
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\defaulttab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\incredibar.com
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\mediafinder
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\wajam
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\defaulttab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\menuext\download with &media finder
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\bprotectsettings
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\ieplugin.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\priam_bho.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\pricegongie.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\pricepeep.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\scripthelper.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\viprotocol.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\yontooieclient.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bhoclass.bho.bhoclass.bho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bhoclass.bho.bhoclass.bho.1.0
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\ieplugin.iewebhook
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\ieplugin.iewebhook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mf
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\pricefactorie.pricegongbho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\pricefactorie.pricegongbho.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\pricegongie.pricegongctrl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\pricegongie.pricegongctrl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\pricepeep.pricepeepbho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\pricepeep.pricepeepbho.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\s
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajambho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajambho.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\conduitinstaller_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\conduitinstaller_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\funmoodslatest_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\funmoodslatest_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\incredibar_install_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\incredibar_install_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\vid-saver-internalinstaller_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\vid-saver-internalinstaller_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\vid-saver_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\vid-saver_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\wajamupdater_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\wajamupdater_rasmancs
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\datamngr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sp global
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sprotector
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0003491.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0003491.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0003491.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0003491.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\CrossriderApp0003491.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\CrossriderApp0003491.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\CrossriderApp0003491.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\CrossriderApp0003491.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{11111111-1111-1111-1111-110011341191}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{22222222-2222-2222-2222-220022342291}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011341191}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\wow6432node\clsid\{11111111-1111-1111-1111-110011341191}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\wow6432node\clsid\{22222222-2222-2222-2222-220022342291}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6AA935AF-04F9-9ABB-2910-12593EFD9051}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{103089DA-0F31-4A8B-843F-7D24A7FE8345}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}



~~~ Files

Successfully deleted: [File] "C:\Users\Tony E\appdata\local\funmoods-speeddial.crx"
Successfully deleted: [File] "C:\Users\Tony E\appdata\local\funmoods.crx"
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npcouponprinter.dll"
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npmozcouponprinter.dll"
Successfully deleted: [File] "C:\windows\couponprinter.ocx"
Successfully deleted: [File] C:\windows\prefetch\BABYLONTOOLBARSRV.EXE-E9388F9C.pf



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\bcool"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\browser manager"
Successfully deleted: [Folder] "C:\ProgramData\installmate"
Successfully deleted: [Folder] "C:\ProgramData\optimizerpro"
Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\ProgramData\softsafe"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\Tony E\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Tony E\AppData\Roaming\defaulttab"
Successfully deleted: [Folder] "C:\Users\Tony E\AppData\Roaming\goforfiles"
Successfully deleted: [Folder] "C:\Users\Tony E\AppData\Roaming\media finder"
Successfully deleted: [Folder] "C:\Users\Tony E\AppData\Roaming\strongvault"
Successfully deleted: [Folder] "C:\Users\Tony E\AppData\Roaming\yontoo"
Successfully deleted: [Folder] "C:\Users\Tony E\appdata\local\swvupdater"
Successfully deleted: [Folder] "C:\Users\Tony E\appdata\local\vid-saver"
Successfully deleted: [Folder] "C:\Users\Tony E\appdata\local\wajam"
Successfully deleted: [Folder] "C:\Users\Tony E\appdata\locallow\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\Tony E\appdata\locallow\bcool"
Successfully deleted: [Folder] "C:\Users\Tony E\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Folder] "C:\Program Files (x86)\defaulttab"
Successfully deleted: [Folder] "C:\Program Files (x86)\funmoods"
Successfully deleted: [Folder] "C:\Program Files (x86)\infoatoms"
Successfully deleted: [Folder] "C:\Program Files (x86)\pricegong"
Successfully deleted: [Folder] "C:\Program Files (x86)\pricepeep"
Successfully deleted: [Folder] "C:\Program Files (x86)\vid-saver"
Successfully deleted: [Folder] "C:\Program Files (x86)\wajam"
Successfully deleted: [Folder] "C:\Program Files (x86)\yontoo"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bcool"
Successfully deleted: [Folder] "C:\Users\Tony E\AppData\Roaming\microsoft\windows\start menu\programs\browser manager"
Successfully deleted: [Folder] "C:\Users\Tony E\AppData\Roaming\microsoft\windows\start menu\programs\wajam"
Successfully deleted: [Folder] "C:\ai_recyclebin"
Successfully deleted: [Folder] "C:\windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{00221D03-F411-4A9F-9039-8474E52D43EF}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{0026D1AF-A8BA-4844-B09D-C63C3493BE4C}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{00F65998-5127-4D86-B628-EF6B10E94AD4}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{01D4D33F-112B-4008-95BF-53C017310154}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{03B1E855-CE30-475C-9712-354652BB0ED1}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{03EA292B-1F9C-4ED6-AB21-DA8902AC3974}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{045A06A0-E786-4796-AAD8-CC2214E2D320}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{049632F8-B4BF-4B1B-8E6E-CA3B71B83D12}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{050B4FF3-96F0-400C-841C-E41E83C3B265}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{056D3A25-A2AF-46AB-B1B3-772F57BBC256}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{05C48C40-A91E-4089-9E79-F889987F6E19}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{06C6611B-EC07-4348-8CC6-CB16AAD83C40}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{075C20CB-40EF-4490-8B66-A6E8CABBF684}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{07775E65-02FC-41B2-B7FB-576B10101B28}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{078D5456-2006-4BDD-97A9-14D4A2A39A08}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{083168E7-9C20-4BA7-A0B4-773AA2D41ED8}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{08318188-FE5B-4DB3-99EB-23C83317DF4F}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{0852BB14-19D8-46D7-957F-22322A7EFF63}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{08A060D7-9F9F-4EC0-98E3-64448B06DBEC}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{092E984B-56B8-4346-AD80-6658EF0353C4}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{0943CFF2-6887-4884-A5C7-64655D5B7F82}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{0AC37ADC-71E6-41E3-9A68-AF4D1EBA3D88}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{0B9BAE30-A02B-4B53-B219-90EE95EBAE47}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{0C32E096-395E-4555-B96D-F603917E2116}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{0C4D085D-E794-4720-96E0-A686A1427036}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{0C69424E-7158-4ED6-815F-9643E143E0B9}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{0CE2C7C4-A636-4CE6-AD8B-936CED710FF7}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{0D293167-E9B4-4932-A788-24E41A91F8E4}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{0DEFCA01-54E1-428D-BD24-C95D4458DC92}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{0F9A76E5-FD0B-4AF0-9EFC-6FE2F5B07482}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{10F62806-BA77-47D9-8105-B7D6483C0174}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{119EAE80-8FB1-4FC9-B068-30C6FB83541C}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{124C23A3-F425-4DDC-BE8A-4F85980C64EB}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{12B8B00F-8D50-419F-9501-9D6044EDE240}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{13E123A3-2634-4D8A-B030-046D957DF127}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{1539A6BF-3CFA-4DC3-88F6-17E7D94D9F77}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{1546D49A-D2B2-416A-B051-4D99BC62A918}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{15C4BDD1-A276-4F82-99CD-0DF50ACC8DEC}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{15CE3C42-9928-4A90-B431-18F7428A9A3D}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{15F6F5DF-F7D8-4713-90A9-FD48A36A979E}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{16A0A035-9E7E-4A9F-83DB-5030C80AA570}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{16C43B10-3EE2-467E-9AC8-06E2A92DB834}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{16FEF890-0CE9-4E03-AF56-D170E0EB9164}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{17C0C540-8173-4F0D-B669-09488D875FEB}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{18B9399B-4F5B-4EA0-B2AF-B494BD58E378}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{19972A95-366C-4CB7-B224-EB5841ACB9D9}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{19B3D45C-63F2-4200-B337-8C92964E24B7}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{1A11AD5D-C705-4348-94D4-F70785BD7CF4}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{1BCBA848-309C-4820-B4F9-84B194A1916E}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{1C7E8274-8132-427D-AA6D-4C6E44CB9B2C}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{1CFEE63B-EE55-4CC0-83B9-BAF6E177DC47}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{1D6CBBAB-4836-40C7-852A-E26AB295FC21}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{1D81F8A4-4840-4D3E-90C6-43ED3B8A6EED}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{1D978457-8341-4EDD-A218-48BA0B7AC26B}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{1DDA76D6-0F3C-4D11-973E-DD566E1A79CF}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{1DFC7CC1-9EA0-4E96-8945-09519DE3B261}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{1FA78F3A-B2C8-4596-B834-898E6570F6F7}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{204386C3-A066-4C3A-8946-C15E28C73EA9}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{20665626-A829-4585-8470-DBAA0A429351}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{21101DF3-1409-4DE4-B9FF-1D47C968843C}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{22909CA4-8D7E-414D-B9A3-05C7BB1E9E28}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{22C97D3A-809C-4053-B804-251646D78DDD}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{22FD8DCC-6BAF-43BA-A81D-93BB9BF15A80}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{23752838-226C-4B89-A70D-0FEFA264DDBA}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{23FFF1C0-967C-4436-BB10-A9D797FC451D}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{25FE7367-CBF8-45FB-B427-65E3B4770887}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{27C5F363-E006-4D5E-9A27-AED947AF2484}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{284A0628-B111-4D66-9572-5945D4B0A534}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{288E4AB7-6BB3-4506-849D-B294E5E3FD27}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{2921F56F-8644-4D75-BF87-E060FFCC3484}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{2924B28C-6958-44EC-8334-382B5A407E57}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{2ACE2107-A7DF-49DD-81AE-D3CE5C6658F4}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{2BF31612-89CD-48DE-8A0E-F64BC86CF366}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{2CCE4EF6-AEBD-4486-996D-3D7D6E19C70F}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{2D9CC203-2C7D-46FD-BB3A-8DD19159C605}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{2F02496A-3D07-4F87-96E0-13D1A810657D}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{2F0AAE71-52E8-4AE4-B431-39E17A7D831B}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{2FAA6FD2-6035-4039-A441-4718D103B702}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{304AF475-38C9-4FF5-B757-8FD5036E9302}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{31AA209F-D735-4D1D-B6CC-818900704EBE}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{32BBE329-817C-4742-B52E-72BFC9288E54}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{3368E560-218B-41A6-9707-AAB3788BD1F3}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{3550F1AE-0929-43FD-BBC0-B6E409FB503E}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{37DE2DFF-5187-4C4E-89C7-9D0E67834947}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{38E44D77-B6A7-44F9-953E-C05937DDEB12}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{3A33F0D1-D2E9-4027-B4B7-6F7ADDDFA5BC}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{3AC3A438-411E-49A0-BE65-122C197AB0EA}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{3AFFBFA3-102A-4D11-AED4-F505979E205B}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{3B43467E-41C6-4BE5-B5ED-29B7FD9344E4}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{3BC31778-C19D-4967-BECD-29CBC7CD7CB2}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{3DD57835-C8B7-4B7C-AC65-02141D95CFAC}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{3E0398D1-6D20-4272-9D59-E2387ABF77A9}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{3E861203-ADE6-4CDD-93D8-2F671D9D8765}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{3F2FA390-C124-4CC1-B8D0-CF905BF05B94}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{403FD2B9-50F2-4BE4-A820-EC95B4691E10}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{40D97E2A-893D-481F-A3DC-4B2296D7B5B9}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{41A5B60D-E317-4C8D-B8B7-BB2652806F42}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{41C8DE32-84E4-4A85-A2AD-D7595BD1948B}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{41DDC3B5-A19F-4731-928E-F66772864170}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{42A1D69D-632B-49C1-8F8A-A31FB4AF943F}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{42A63C25-8E4E-4B26-A805-C198C94ED991}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{42EAE0A9-4E36-425A-B4C5-3AFD047E3848}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{4505AEFB-A5EE-4BCB-BB36-95FB097539BD}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{45AF1BC9-0EEE-4E6E-825B-3F740BBD4023}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{45B263FC-3AD5-4CDA-9173-435221FF2928}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{45B7856C-5414-43B3-A2F6-0D468157C0D4}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{46B8AE36-7049-43EE-BC3A-2AA8386FDCBD}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{47D3C113-5C2E-49BB-9684-D7A5BAEB627A}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{48871997-20D6-467D-9963-5CE8B381A8DE}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{491831C5-B643-4BA3-9483-0E4534807E1F}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{4992F694-9BA1-4174-9650-A6CA3F88BBB3}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{499CDE55-7B23-4FDE-A4B6-31EF1453D51B}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{4B4BA3DC-94DB-4125-95EA-73D2E68A1213}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{4B7F0A07-799F-4EB3-A423-55F9ACBF5933}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{4BDBB535-8058-419D-8751-4ACFFA2FB61F}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{4CCB1127-3746-4ECB-8556-07087028AE46}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{4D04B31E-7BEA-453D-AE1C-482BC978E26E}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{4DF47D6F-425E-4ECA-BA15-8904FF6E2FFC}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{4E36E91C-6A7B-4A5A-B71F-6588F6687BE7}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{4EDA251B-9FF6-42E9-B64E-3461794A7D8A}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{4EE59387-3E88-4A33-BEDD-80DDCA2186E4}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{4F12714D-A692-4EAB-89A6-4245A5E14E55}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{4F24D29A-D84E-4899-A941-C2B824C16924}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{4F406852-30D5-4317-B17F-4977C2569513}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{4F9DD6A4-1522-47E6-8DBF-64FC4B2A911C}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{50AC1C24-0AA5-4FDD-B87D-FF25E2D526F2}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{511E16D1-D7E0-4463-9FA0-3A8189D8D5AA}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{515CA6E4-F855-4193-8B7F-211C64126A91}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{527107EB-CC86-4A76-ABCF-0EDAA1509E9C}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{55952612-B8BC-4C24-8BE2-F735D668D812}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{55A2E646-0ECD-414A-9EE6-BFC3C8410551}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{55DA4C9B-E525-4037-918C-309B71D89D00}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{56DB3EED-FB2E-4DDC-9004-BEA94A5DB7BB}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{578C6D67-183D-48AA-8ED9-28AA162E4B45}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{57A0A812-A961-4C2C-A05A-1BF5FED5B721}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{57A9B340-62B1-43D8-93AA-2BEEC0CFFB46}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{58B1AE2E-6CCC-4098-8D64-829F1E4DE135}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{591A92F9-10D6-4075-A9BD-9C9682E6386F}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{5A4F5C17-990B-4B90-ACB6-09143A976548}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{5C205E09-4563-4E00-B18A-255BA0324FA1}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{5C254D81-9CE1-44EE-8A9C-2042D6A54AD5}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{5C349215-CC89-413A-89B3-87B736E80B9D}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{5CACC1B0-4D59-4047-ACF7-C57AC31C2894}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{5D397089-6356-49C0-8B26-2E70E304E7DD}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{5D6EBFAC-0295-4130-9C67-BFC90B3AD404}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{5D7B3FF9-F9E9-403E-83B3-6FCD74D9C013}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{5DABFB35-C97A-4EAA-9E87-F366BDB5EB69}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{5E8A7AED-DD8F-404D-BC23-B11A220DD90E}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{5F021E87-19FB-4379-B2E1-438E05CC9C28}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{5F4849FC-8CF8-4DA7-A8AD-721CA092E974}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{605CB08A-FFC5-4DA9-97FF-8AB05C3AAE11}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{622F1D92-BE8A-45AD-A083-617993E04570}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{6288B418-E32B-4FF3-BFF0-4BE98B2666E4}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{62BD1DAB-DCB8-46D0-A784-F1C259B052DD}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{631972E5-6070-432C-A71A-2B85BC8192CD}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{63A4DAC5-317D-47EE-97C4-974CCF8EF2BD}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{64B65B87-9A92-44E2-8F31-4B42BDE5E923}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{66188AD4-FABF-424E-961A-E743557E7F17}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{66190D76-AC08-4468-8B63-413AA4ADADAD}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{67862C40-F59A-4138-8BB4-FC89631BA87A}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{67D1599A-235C-4560-9DE6-A9EE3DD4688B}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{683ADFE0-270C-41FA-8E75-E65E764086D9}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{6857CA38-2259-4CE5-A337-0C80E14DAE89}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{686A10B5-E3E7-4D0D-8197-8A75ADC2CE56}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{697E37AE-81B0-4DD8-B3E7-0038C174DA2A}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{6AC36BDF-B970-466D-B148-884B04DE9712}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{6CED5FD9-E697-4EE0-BAF8-793361459337}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{6DFB3B6C-F683-494F-9063-9504337BEDE9}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{6E1621B9-A38F-4601-ADF0-CDD9FCBF4059}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{6E3BBFD7-83DA-40B3-AB79-7AC5AB96E06D}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{6E5538E0-E464-4015-85D6-CC8D2E7026BD}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{6F400D63-B331-4449-BD53-61E94F559DB1}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{6F7F3096-8936-407D-96DC-A4BCC6FA75A8}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{710891E5-69E0-4F49-A4DD-3BBE120D6D0C}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{71B3C2D8-DAD8-45AE-822B-D76959C76E91}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{71D6ED91-AA28-47C9-A3C2-2F87E8501958}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{72829C0A-5307-4790-9B42-4D4CE370B269}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{72FA5DF0-C737-49D0-B758-FCF431AEE3F7}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{762B7ED1-C752-4AE6-B117-03AA09DB2757}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{770FDB27-268B-4D42-AE9C-BA0F61C6A896}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{791F103A-E7B3-463D-879A-0240BD6CEFEC}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{79973B6E-53F3-4F87-A5D7-FDE825974DF0}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{79D76990-21A8-4169-9445-E180C287317A}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{7A18FD64-03FD-45DD-B92B-4DB3E489BED5}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{7B362809-3C7F-4575-876D-544C9518E426}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{7BD5B526-8400-48A4-A60F-9436164A7E3A}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{7BD994DC-3329-4DB8-8E85-5CA9EE82C042}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{7CEE5E33-0A69-4B0A-A0CE-19250C73E96A}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{7D3954CA-BB94-400C-8ADC-B52E55347469}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{7D575A8F-4BD4-4B01-9822-AD712211EDBC}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{7DFA07B9-7A14-4B12-9615-30CCD78E6C4F}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{7E6FAB33-D2DF-4C23-B738-1B4C7C3AFB9C}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{7E931BB8-E9BB-44D2-9A92-5E0BE7D2699E}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{7F799528-84A5-4B4F-81F3-1247AC89F744}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{812C8697-C591-4E4B-BC30-6A556B77A680}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{81AD561E-5F97-4E14-B28B-F05589C3F9F0}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{8338DA57-34A6-4928-88FB-6EAC429C9B8C}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{83BE1702-2441-480E-AB2A-9AE08ACE9BFA}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{856E1F9D-BBD5-4239-A0F2-5C88BCFA05DB}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{85E24B3F-8029-420F-AF49-A4725B228264}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{863F86FA-BD9D-4985-8463-69F85A73E0F3}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{86692008-A1CE-478F-86C4-F1F4E70BB769}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{86BDA5FE-A2AF-47FC-9F7F-50378C69CBFA}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{86E527B3-EAC2-4CF4-A62E-574F698737CF}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{87696E78-BAFC-4574-BF0C-16B46613B3EC}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{883929C4-4B61-4B8C-95C0-FA5FD39D0E39}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{88427A34-7348-4B3A-917A-51235B59937A}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{8A67C2B1-7E06-466A-949A-730558CB0CCD}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{8B653219-ECC6-4191-A1EC-C67081920558}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{8BBB1446-F1C7-4239-9189-5672A0CE01DE}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{8D18FE5E-6F2A-47AD-8B0E-3DE03E987CC2}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{8F2EC0FF-FB74-4AF4-B76A-A0308F290F65}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{8F6A2ABB-8C96-4B8C-8C69-D2BD1543AC1D}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{915798DD-6378-45FB-A023-187C282183DB}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{92119BB9-70B0-4DD6-A308-DBCCB4BA2178}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{92F0948A-3C2A-4E89-8BDE-629B88219A89}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{939D0906-3065-4E8A-A164-3FCAA120612F}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{93D3FC23-D9E6-49D1-AC4B-916940FC0834}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{93D7A66A-E399-4DD6-AE65-B12C52C8591F}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{93F103DD-C68A-4D14-AAAB-B6E77BB56201}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{94C753F0-DC32-4A84-A6EA-328F12CF33F3}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{94D1DD0D-159C-4BC5-8D95-C1D7485FA100}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{96B98F62-BCF2-4366-9421-4101B4935F64}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{98DB53D5-36BA-4E5C-9DC4-4D55CDC449DE}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{9A089478-C9A6-4877-8599-501DF7F40568}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{9C30395F-033A-4895-9A1E-242E2A297B68}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{9EFB7D94-7F60-4E40-8917-E9D1A5144997}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{9FA699DE-A6F4-44CC-8B54-967084D8FDF7}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{A1393EBA-193A-43A3-B2A6-0A3C536719DD}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{A2FB80DE-946D-46BA-AB8F-F11F85F8BAF6}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{A306EEB6-F3D6-4BEE-A81E-7D1D7E059B72}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{A375FB91-612B-425A-89A5-EBD2229916A1}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{A37DB654-1587-40E4-BE68-D3100871D8D1}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{A6B84701-43EB-4194-9708-335D40F5A51E}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{A7EDE391-356C-4A7C-B9F1-9A28D80FFC1D}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{ABA5D893-6DB1-4D16-9916-66BC8D715422}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{AC1CB09F-DFBF-4A55-B65F-5808340E9B53}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{AC66D1EB-FB6E-4B34-8A06-D476F1BAF3E2}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{ADB53DC0-2D02-44D4-8CFC-101FCA5D109E}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{ADE2EB85-5715-4D93-AA1E-B20C74C0FEEE}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{AEB1E290-E7EB-4D71-B9B4-7E2E8568CE89}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{B0A4CF3B-A9C1-4A07-8A3B-DF374AEEB9E8}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{B258C68E-1724-4EED-B0D9-E5F64200F44F}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{B2F88F7B-6F16-4F51-B76F-792ED7EA21BF}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{B3C1E2A5-2E01-4A31-A8D4-2AA66A9C370F}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{B47BA66B-292A-49D5-9E77-47D3AD51FA83}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{B4B92494-DDB1-4D91-9EC4-5F116D1A1ADB}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{B51B3C14-DDB0-4E52-816C-27E9C8A7649E}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{B54997A5-A4F6-42E9-86B4-9BF148657071}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{B55A22AC-75AD-4A72-847A-A65F68D7F045}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{BA093B4F-6384-44BE-B4BA-DDFD986B8058}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{BA74B2D1-0A65-4E26-8337-14A8AE421D8A}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{BB0088AD-80D4-4A1D-A357-EF388515F651}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{BC418E84-2A65-43DE-938F-4F6ECDC9D844}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{BE110745-B40C-4912-82E6-9D8FD4F5ABC6}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{BEE6247A-CE98-4071-9675-6F4974DF0FED}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{C00CB532-CD5F-4761-8679-5368B74D3F8A}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{C1E8E482-0DAA-4FB8-AC91-5F0C0A193ADD}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{C21A8EF7-E842-43E8-BC07-058A6C9231BF}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{C3642443-B209-4CF3-BC4A-B655CC632115}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{C406298C-3C8E-4356-A35E-23B6DB69FB80}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{C41B6A4D-70AC-422C-AD31-C3A49EC99F40}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{C44933AF-C220-47B7-87CD-00AB6CE250E5}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{C756A4AC-53BC-4FD5-957E-25B8CCF10583}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{C7BBCD77-D756-4B2A-9D42-BFD9C97BFDFF}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{C98C4E55-4161-4158-B1C5-E2C1466162DA}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{CAB99B42-E413-40CB-A460-2AF47BB94D59}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{CAD5F496-D7A1-4E88-874F-F210A5857024}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{CB08B4BA-CA58-4E5C-8983-471C98EF61C3}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{CC1E562A-EFB4-43B0-ADD5-6E9FF683F11B}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{CE5395E5-C407-4634-968F-B4904A5F2ED2}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{D16AC418-3A9C-448D-A168-45168ECBADA4}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{D1A16F35-CA10-44D4-9A8A-052BB97839BF}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{D3110EB8-F75A-48C0-8B74-0D5E15A259F2}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{D37081D7-D733-4063-8B95-0FF1B18F4CE6}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{D60E8EF3-2A49-496F-AC85-F474BDEBAE19}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{D7A1500D-57AD-4EE4-9704-45840D7B7774}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{D7E471E9-6BD3-4389-B799-7400E3DDED60}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{D8BD2077-CC20-4B53-95DA-EA3BEDB1F7DE}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{DBA490DF-0652-4A18-9E75-5BA04C679609}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{DBCDEA5B-8711-4A4C-8076-8FF51EFE1F2C}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{DC5350A1-5D7D-4B39-BB5A-474ED2AF2A07}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{DC87C012-A5DF-44F4-8E38-CF63BD7A666E}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{DD553EE5-1418-4D83-8B5C-2A5673753E9C}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{DDBE09CF-C6DB-4F8B-B877-473E255C8745}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{DF3B7223-1DB7-4A71-94A4-CB8E293638BB}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{E0897C1E-F49D-4683-8B92-2548B47433B3}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{E0F647C5-FDAE-46D9-95FA-6139096237EC}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{E23E2E3D-0BAB-43B3-9E0B-C7A6DA7EF2BD}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{E61DE06A-2175-414F-8FC3-A74D372A69C5}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{E7D8C42C-E28E-4EA9-A12C-BA7C8C619D78}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{E8828E8C-7698-4234-89FA-837246A47286}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{E888BFC3-AF3D-4632-9331-D580CED58924}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{E8AA1078-5CDA-4BA1-A36C-369FD13607FB}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{E90C99D0-2AA8-47B4-8A7E-979D67A9A3EB}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{E95FE37F-3F5F-4CD1-BA99-CAA2609835E7}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{E9C5C4AA-7BD9-4403-BCCE-195234158868}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{E9FFA78E-FC48-4F81-8C07-D665F8D4B373}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{EA87BE45-545F-4E02-A0F4-1B0279232F92}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{EC46600C-BDE5-4B17-9787-743D0D8B969C}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{ECA6A451-4ED8-4236-9BF2-16BC2C3E0EE6}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{ECF87EEF-E5F4-477C-B2B5-E46BF4126F48}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{ED95A35B-C1C3-4089-B4C1-95985F43AA27}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{EE358F1F-4D53-4398-BD86-88F5AB2512DA}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{EE404308-936C-46F5-A427-3BF707116C86}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{EF22CF65-D78C-43F0-A498-391A4AF1349E}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{F05D9D1E-0050-4812-A376-14FC899AC68E}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{F2D1AB2E-DABD-4ADF-9EF1-578C2F1F6053}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{F431AA56-D3C1-490D-932B-5649EF5728A1}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{F7A532EE-7493-46BD-9010-021F2C447F5B}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{F846B46C-545E-44A0-B627-8C4B30DD052A}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{F9BC315B-7BF1-409A-8F18-893B12A5C6BF}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{F9D3ED68-AD28-41D8-9B7F-CC2856AE2584}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{F9E96098-7254-45A2-85FA-A71F2AD164C4}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{FB4B00F0-AD14-466C-AC80-99E1EC4BED91}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{FB897C9D-504D-465C-8A33-602A5E64EEAF}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{FBB3281B-ED5E-4C32-9FEB-70261166A8E3}
Successfully deleted: [Empty Folder] C:\Users\Tony E\appdata\local\{FF2FE02F-97C8-48A6-97A3-D0F0DB1D1A24}



~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml.old"
Successfully deleted: [File] C:\Users\Tony E\AppData\Roaming\mozilla\firefox\profiles\hh34npvi.default\user.js
Successfully deleted: [File] C:\Users\Tony E\AppData\Roaming\mozilla\firefox\profiles\hh34npvi.default\bprotector_extensions.sqlite
Successfully deleted: [File] C:\Users\Tony E\AppData\Roaming\mozilla\firefox\profiles\hh34npvi.default\bprotector_prefs.js
Successfully deleted: [File] "C:\Users\Tony E\AppData\Roaming\mozilla\firefox\profiles\hh34npvi.default\extensions\[email protected]"
Successfully deleted: [File] C:\Users\Tony E\AppData\Roaming\mozilla\firefox\profiles\hh34npvi.default\searchplugins\babylon.xml
Successfully deleted: [File] C:\Users\Tony E\AppData\Roaming\mozilla\firefox\profiles\hh34npvi.default\searchplugins\babylonmngr.xml
Successfully deleted: [File] C:\Users\Tony E\AppData\Roaming\mozilla\firefox\profiles\hh34npvi.default\searchplugins\search-here.xml
Successfully deleted: [File] C:\Users\Tony E\AppData\Roaming\mozilla\firefox\profiles\hh34npvi.default\searchplugins\search.xml
Successfully deleted: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]"
Successfully deleted: [Folder] C:\Users\Tony E\AppData\Roaming\mozilla\firefox\profiles\hh34npvi.default\jetpack
Successfully deleted: [Folder] C:\Users\Tony E\AppData\Roaming\mozilla\firefox\profiles\hh34npvi.default\extensions\jid0-wAI3UNTZGz0AAPDaBGQpUBFIXtQ@jetpack
Successfully deleted: [Folder] C:\Users\Tony E\AppData\Roaming\mozilla\firefox\profiles\hh34npvi.default\extensions\staged
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\[email protected]
Successfully deleted the following from C:\Users\Tony E\AppData\Roaming\mozilla\firefox\profiles\hh34npvi.default\prefs.js

user_pref("avg.install.userHPSettings", "hxxp://search.babylon.com/?affID=110819&tt=3612_3&babsrc=HP_ss&mntrId=c08ba40e000000000000bc7737a3fa1c");
user_pref("avg.install.userSPSettings", "Search the web (Babylon)");
user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
user_pref("browser.search.order.1", "Search the web (Babylon)");
user_pref("extensions.515f6af707688.scode", "(function(){try{if('aol.com,mail.google.com,premiumreports.info,search.babylon.com,search.gboxapp.com'.indexOf(window.self.locatio
user_pref("extensions.515f6b6ff0a16.scode", "(function(){try{if('aol.com,mail.google.com,premiumreports.info,search.babylon.com,search.gboxapp.com'.indexOf(window.self.locatio
user_pref("extensions.BabylonToolbar.admin", false);
user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
user_pref("extensions.BabylonToolbar.autoRvrt", "false");
user_pref("extensions.BabylonToolbar.dfltLng", "en");
user_pref("extensions.BabylonToolbar.excTlbr", false);
user_pref("extensions.BabylonToolbar.id", "c08ba40e000000000000bc7737a3fa1c");
user_pref("extensions.BabylonToolbar.instlDay", "15591");
user_pref("extensions.BabylonToolbar.instlRef", "sst");
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.prtkDS", 0);
user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=c08ba40e000000000000bc7737a3fa1c&q=");
user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12");
user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=44444&tt=3612_2");
user_pref("extensions.BabylonToolbar_i.newTab", false);
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.1215:29:07");
user_pref("extensions.crossriderapp3491.adsOldValue", 14);
user_pref("extensions.funmoods.aflt", "ironpub");
user_pref("extensions.funmoods.autoRvrt", false);
user_pref("extensions.funmoods.cntry", "US");
user_pref("extensions.funmoods.cv", "cv5");
user_pref("extensions.funmoods.dfltLng", "");
user_pref("extensions.funmoods.dfltSrch", true);
user_pref("extensions.funmoods.dnsErr", true);
user_pref("extensions.funmoods.envrmnt", "production");
user_pref("extensions.funmoods.excTlbr", false);
user_pref("extensions.funmoods.hdrMd5", "EAF67FCF55B67B60E12FBC0882A97465");
user_pref("extensions.funmoods.hmpg", true);
user_pref("extensions.funmoods.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0B0CyByBtAyB0AtA0F0AtC0F0AyEtD0EtN0D0Tzu0StByDtCtN1L2XzutBtF
user_pref("extensions.funmoods.id", "BC7737A3FA1FA40E");
user_pref("extensions.funmoods.instlDay", "15591");
user_pref("extensions.funmoods.instlRef", "ironpub");
user_pref("extensions.funmoods.isdcmntcmplt", true);
user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2215:38:1");
user_pref("extensions.funmoods.mntrvrsn", "1.3.0");
user_pref("extensions.funmoods.newTab", true);
user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0B0CyByBtAyB0AtA0F0AtC0F0AyEtD0EtN0D0Tzu0StByDtCtN1L2XzutB
user_pref("extensions.funmoods.prdct", "funmoods");
user_pref("extensions.funmoods.prtnrId", "funmoods");
user_pref("extensions.funmoods.sg", "none");
user_pref("extensions.funmoods.smplGrp", "none");
user_pref("extensions.funmoods.srchPrvdr", "Search");
user_pref("extensions.funmoods.tlbrId", "base");
user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/?f=3&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0B0CyByBtAyB0AtA0F0AtC0F0AyEtD0EtN0D0Tzu0StByDtCtN1L2Xzu
user_pref("extensions.funmoods.vrsn", "1.5.23.22");
user_pref("extensions.funmoods.vrsnTs", "1.5.23.2215:38:1");
user_pref("extensions.funmoods.vrsni", "1.5.23.22");
user_pref("extensions.funmoods_i.newTab", true);
user_pref("extensions.funmoods_i.smplGrp", "none");
user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2215:38:1");
user_pref("extensions.wajam.affiliate_id", "3553");
user_pref("extensions.wajam.firstrun", "false");
user_pref("extensions.wajam.log_send_info", "true");
user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21086\",\"supported_sites\":{\"google\":{\"patterns\":[\"^hxxp\\\\:\\/\\/www\\\\.google\\\\..{2,3}(|\\\\\
user_pref("extensions.wajam.no_trace", "false");
user_pref("extensions.wajam.server_current_mapping_version", "0.21086");
user_pref("extensions.wajam.supported_sites.bing.wajam_yahoo_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABE
user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM
user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_L
user_pref("extensions.wajam.supported_sites.tripadvisor.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LAB
user_pref("extensions.wajam.supported_sites.wajam_settings.wajam_utils", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_
user_pref("extensions.wajam.supported_sites.wikipedia.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL
user_pref("extensions.wajam.supported_sites.yahoo.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAM
user_pref("extensions.wajam.supported_sites.youtubesearch.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_L
user_pref("extensions.wajam.trace_log", "1365203463463 - processDOMLoad - Checking: hxxps://addons.mozilla.org/en-US/firefox/complete-themes/?page=4\n1365203463463 - processDO
user_pref("extensions.wajam.unique_id", "7F3724EB00903CD3155F5D5A3EADE3A7");
user_pref("extensions.wajam.user_current_mapping_version", "0");
user_pref("extensions.wajam.version", "1.25");
user_pref("extensions.wajam.website_version", "1.00265.0");
user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid={799ADB10-66A2-451B-8283-A3A5B26E8C6C}&mid=a22b406b629747d0a5566d3e714713ec-42b486084410285d371529739d81b466e6d6ade
user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Search the web (Babylon)");
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
user_pref("sweetim.toolbar.previous.keyword.URL", "");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
user_pref("sweetim.toolbar.searchguard.enable", "");
user_pref("sweetim.toolbar.urls.homepage", "hxxp://search.babylon.com/?affID=110819&tt=3612_3&babsrc=HP_ss&mntrId=c08ba40e000000000000bc7737a3fa1c");
Emptied folder: C:\Users\Tony E\AppData\Roaming\mozilla\firefox\profiles\hh34npvi.default\minidumps [106 files]



~~~ Chrome

Failed to delete: [Folder] C:\Users\Tony E\appdata\local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Failed to delete: [Folder] C:\Users\Tony E\appdata\local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Failed to delete: [Folder] C:\Users\Tony E\appdata\local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Failed to delete: [Folder] C:\Users\Tony E\appdata\local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
Failed to delete: [Folder] C:\Users\Tony E\appdata\local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\licjnkifamhpbaefhdpacpmihicfbomb
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 05/10/2013 at 22:21:41.40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#9
Tony_E
Posted 10 May 2013 - 11:35 PM

Tony_E

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
# AdwCleaner v2.300 - Logfile created 05/10/2013 at 22:24:07
# Updated 28/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Tony E - TONYE-PC
# Boot Mode : Safe mode with networking
# Running from : C:\Users\Tony E\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : vToolbarUpdater14.2.0

***** [Files / Folders] *****

Deleted on reboot : C:\Users\Tony E\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Deleted on reboot : C:\Users\Tony E\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Deleted on reboot : C:\Users\Tony E\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Deleted on reboot : C:\Users\Tony E\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\Tony E\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Deleted : C:\Users\Tony E\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\windows\Tasks\AmiUpdXp.job
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\BeeMP3
Folder Deleted : C:\ProgramData\BrouwsEe2save
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BeeMP3
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrouwsEe2save
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong
Folder Deleted : C:\Users\Tony E\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Tony E\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabmambncmcomknffokgjkaoljjnmmjo
Folder Deleted : C:\Users\Tony E\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkocjokjkneggpgcpcnlejnbagkfci
Folder Deleted : C:\Users\Tony E\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Tony E\AppData\LocalLow\BrouwsEe2save
Folder Deleted : C:\Users\Tony E\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]
Folder Deleted : C:\Users\Tony E\AppData\Roaming\Mozilla\Firefox\Profiles\hh34npvi.default\extensions\[email protected]

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Vid-Saver
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011341191}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{214430B8-91FA-742B-1908-DD52E720D64E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BE1CA19F-41F6-0DC4-0958-751ADC1606A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011341191}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{214430B8-91FA-742B-1908-DD52E720D64E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{382328D2-6214-8815-74BA-05BC07974B5C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BE1CA19F-41F6-0DC4-0958-751ADC1606A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\86d68be538ec14
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3F39D17D-50C7-4AC4-A63A-CDF6CDBD0C61}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\Software\Classes\Installer\Features\90C64EA18BA25EE488BF80DCF07F2FFD
Key Deleted : HKLM\Software\Classes\Installer\Products\90C64EA18BA25EE488BF80DCF07F2FFD
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{71E3A30E-9444-49D9-ABDB-B4B531D0BBA3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011341191}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Wow6432Node\86d68be538ec14
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{214430B8-91FA-742B-1908-DD52E720D64E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{382328D2-6214-8815-74BA-05BC07974B5C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BE1CA19F-41F6-0DC4-0958-751ADC1606A0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aabmambncmcomknffokgjkaoljjnmmjo
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011341191}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011341191}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{214430B8-91FA-742B-1908-DD52E720D64E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{382328D2-6214-8815-74BA-05BC07974B5C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE1CA19F-41F6-0DC4-0958-751ADC1606A0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{20E7BC40-33F6-4A81-9D52-B58349326206}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{97D51208-27E3-4EC3-2611-BA4EB63219A1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3F3165C-74D3-6FDB-3274-14FDA8698CFA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Chrome
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Vid-Saver
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Media Finder]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16450

Deleted : [HKCU\Software\Microsoft\Internet Explorer\Main - Backup.Old.Start Page]
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.funmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0B0CyByBtAyB0AtA0F0AtC0F0AyEtD0EtN0D0Tzu0StByDtCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1790868538 --> hxxp://www.google.com

-\\ Mozilla Firefox v19.0.2 (en-US)

File : C:\Users\Tony E\AppData\Roaming\Mozilla\Firefox\Profiles\hh34npvi.default\prefs.js

Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Deleted : user_pref("aol_toolbar.default.search.check", false);
Deleted : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21086\",\"supported_sites\":{\[...]
Deleted : user_pref("extensions.wajam.supported_sites.bing.wajam_yahoo_se_js", "try {window['APP_LABEL_NAME'] [...]
Deleted : user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABE[...]
Deleted : user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME[...]
Deleted : user_pref("extensions.wajam.supported_sites.tripadvisor.wajam_se_js", "try {window['APP_LABEL_NAME'][...]
Deleted : user_pref("extensions.wajam.supported_sites.wajam_settings.wajam_utils", "try {window['APP_LABEL_NAM[...]
Deleted : user_pref("extensions.wajam.supported_sites.wikipedia.wajam_se_js", "try {window['APP_LABEL_NAME'] =[...]
Deleted : user_pref("extensions.wajam.supported_sites.yahoo.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wa[...]
Deleted : user_pref("extensions.wajam.supported_sites.youtubesearch.wajam_se_js", "try {window['APP_LABEL_NAME[...]
Deleted : user_pref("extensions.wajam.trace_log", "1365203463463 - processDOMLoad - Checking: hxxps://addons.m[...]
Deleted : user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,buzzdock,YontooNewOffers");
Deleted : user_pref("extentions.y2layers.installId", "71cac2c1-b64d-43ca-8372-a63020828419");

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Tony E\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [23050 octets] - [10/05/2013 22:24:07]

########## EOF - C:\AdwCleaner[S1].txt - [23111 octets] ##########
  • 0

#10
gringo_pr
Posted 10 May 2013 - 11:41 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Tony_E

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
  • 0

Advertisements

#11
Tony_E
Posted 10 May 2013 - 11:51 PM

Tony_E

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Hello, i just turned it on normally without safe mode with networking. It works normal and everything is good. 3 things:
1. Since I have windows 7 I don't have to install combofix, right?
2. Is that all we have to do? (As in nothing left)
3. If so, is it time to uninstall these programs and can I get help to do so?
Anyway, THANK YOU A LOT!!!!
You helped me with my situation. I give you 5 stars***** for your support and speed in helping me with my situation Gringo!
Thanks,
Tony_E
  • 0

#12
gringo_pr
Posted 10 May 2013 - 11:55 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Tony_E


Combofix will run win 7 just fine and I do want to run it just to be sure we have removed this virus


and after that we still have things to do



gringo
  • 0

#13
Tony_E
Posted 11 May 2013 - 12:24 AM

Tony_E

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Ok I will install it now
  • 0

#14
Tony_E
Posted 11 May 2013 - 01:19 AM

Tony_E

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Hello, Apparently combofix worked but when it restarted and it finished making a log I pressed on all three of my Internet browsers. When I pressed on them "illegal....." Stuff came up.
So as you instructed i restarted my computer. When i came back and pressed on Internet explorer, it came up but stopped responding. When I pressed on Mozilla Firefox and google chrome they wouldn't connect to anything (not even google). I can't access the Internet to post the log report either. If you could help me get that fixed then that would be good. Thanks, Tony_E

Edited by Tony_E, 11 May 2013 - 01:20 AM.

  • 0

#15
gringo_pr
Posted 11 May 2013 - 01:42 AM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
run it once more and let me know if the internet comes back
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP