Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Browser Hijacker - Possibly Aartemis [Solved]

Started by kepayne228 , Jan 17 2014 03:52 PM

This topic is locked

#1
kepayne228

Posted 17 January 2014 - 03:52 PM

Member

Member
79 posts

Hello. The internet browsers have been hijacked by Aartemis I believe. There are many extra toolbars and websites are being redirected. One toolbar says "VAF" and another is "MixiDJ" and another is "WS" Sorry I don't know how exactly the virus was acquired because this is my stepmother's computer and I am trying to help her out. I tried to clean the computer using Microsoft Security Essentials but it did not work. I tried removing unfamiliar programs from the Software Uninstall list but that did not solve the problem. Most likely the virus was acquired because she clicks on things while internet surfing that she shouldn't. Maybe you could also recommend a good antivirus for her as well. Below is the OTL log. Thank you.

OTL logfile created on: 1/17/2014 1:34:40 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tonis\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16750)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.80 Gb Total Physical Memory | 1.11 Gb Available Physical Memory | 29.29% Memory free
7.61 Gb Paging File | 4.38 Gb Available in Paging File | 57.60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284.60 Gb Total Space | 224.22 Gb Free Space | 78.79% Space Free | Partition Type: NTFS
Drive D: | 13.20 Gb Total Space | 1.88 Gb Free Space | 14.26% Space Free | Partition Type: NTFS
Drive E: | 99.34 Mb Total Space | 95.41 Mb Free Space | 96.05% Space Free | Partition Type: FAT32

Computer Name: TONIS-PC | User Name: Tonis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/17 13:34:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tonis\Downloads\OTL.exe
PRC - [2013/12/14 10:28:27 | 000,368,448 | ---- | M] () -- C:\ProgramData\MediaDev\1387045706\mediadev.exe
PRC - [2013/12/13 07:58:00 | 000,368,424 | ---- | M] () -- C:\Users\Tonis\AppData\Roaming\UpdateServ\UpdaterService.exe
PRC - [2013/12/03 18:48:06 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/09/01 19:49:01 | 000,051,992 | ---- | M] (cake bake) -- C:\Program Files (x86)\WBDesktop.Updater.1.0.0.16.exe
PRC - [2013/03/31 13:57:08 | 001,646,216 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2010/09/02 22:45:02 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
PRC - [2009/09/30 20:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 20:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

========== Modules (No Company Name) ==========

MOD - [2013/12/03 18:48:04 | 000,399,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppgooglenaclpluginchrome.dll
MOD - [2013/12/03 18:48:03 | 013,586,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
MOD - [2013/12/03 18:48:02 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
MOD - [2013/12/03 18:47:11 | 000,702,416 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
MOD - [2013/12/03 18:47:11 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
MOD - [2013/12/03 18:47:08 | 001,619,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013/10/23 17:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/10/23 17:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/26 21:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/15 22:19:54 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/06/15 22:19:53 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2009/09/04 13:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/08 13:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV - [2013/12/14 10:28:27 | 000,368,448 | ---- | M] () [Auto | Running] -- C:\ProgramData\MediaDev\1387045706\mediadev.exe -- (MediaDevSrv)
SRV - [2013/12/14 09:51:31 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/13 07:58:00 | 000,368,424 | ---- | M] () [Auto | Running] -- C:\Users\Tonis\AppData\Roaming\UpdateServ\UpdaterService.exe -- (WinDevSrv)
SRV - [2013/09/01 19:49:01 | 000,051,992 | ---- | M] (cake bake) [Auto | Running] -- C:\Program Files (x86)\WBDesktop.Updater.1.0.0.16.exe -- (WebCake Desktop Updater)
SRV - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2010/10/22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/09/02 22:45:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/06/15 22:19:54 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe -- (STacSV)
SRV - [2010/06/15 22:19:53 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe -- (AESTFilters)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/30 20:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/09/30 20:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/05 16:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/09/27 09:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 05:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 03:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 01:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/06/15 22:19:55 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/06/15 22:18:09 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/01/18 15:40:26 | 000,004,608 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rcmirror.sys -- (rcmirror)
DRV:64bit: - [2009/10/08 08:37:50 | 007,749,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/09/26 07:42:58 | 000,233,984 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009/09/17 12:56:24 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/09/17 12:56:16 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/09/17 12:56:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/09/17 12:56:10 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/09/17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/08/14 22:54:54 | 000,286,768 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/08/07 20:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/07/30 19:58:42 | 000,236,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/08 13:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009/07/08 13:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009/06/29 10:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2009/06/10 13:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 13:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 13:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 12:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 12:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/04/29 08:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2009/09/02 09:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://aartemis.com/...90AB9J8259J8259
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis....q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis....q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://aartemis.com/...90AB9J8259J8259
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0CA3A9A0-2929-46AE-8E77-E6DD9E87D65F}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.aartemis....q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{7B414D43-4D41-4E63-BEE6-0004AEC01DEE}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://aartemis.com/...90AB9J8259J8259
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis....q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis....q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://aartemis.com/...90AB9J8259J8259
IE - HKLM\..\SearchScopes,DefaultScope = {8D821589-6F10-4639-ADC6-8E0FB0F895B2}
IE - HKLM\..\SearchScopes\{0CA3A9A0-2929-46AE-8E77-E6DD9E87D65F}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.aartemis....q={searchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{7B414D43-4D41-4E63-BEE6-0004AEC01DEE}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://aartemis.com/...90AB9J8259J8259
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
IE - HKCU\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No CLSID value found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {8D821589-6F10-4639-ADC6-8E0FB0F895B2}
IE - HKCU\..\SearchScopes\{0CA3A9A0-2929-46AE-8E77-E6DD9E87D65F}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.aartemis....q={searchTerms}
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekkosearch....q={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7MXGB_enUS510
IE - HKCU\..\SearchScopes\{7B414D43-4D41-4E63-BEE6-0004AEC01DEE}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{8D821589-6F10-4639-ADC6-8E0FB0F895B2}: "URL" = http://search.condui...7163082272&UM=2
IE - HKCU\..\SearchScopes\{95974D95-CB55-4667-811E-874636F04388}: "URL" = http://websearch.ask...8A-FA4FC4AD44AF
IE - HKCU\..\SearchScopes\{A26C36F3-9D6C-4551-86A4-B3E9C4B7B3CD}: "URL" = http://www.crawler.c...id=10004&lng=en
IE - HKCU\..\SearchScopes\{A531D99C-5A22-449b-83DA-872725C6D0ED}: "URL" = http://search.alot.c...on=1.3.2000.1(B)
IE - HKCU\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKCU\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://www2.inbox.co...id=80887&lng=en
IE - HKCU\..\SearchScopes\{CB84244C-7101-4C30-AD37-E0C73B182836}: "URL" = http://search.condui...q={searchTerms}
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.7.1\npHDPlg.dll ()
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Tonis\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/31 15:32:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/31 15:32:19 | 000,000,000 | ---D | M]

[2013/12/27 21:07:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.6.10_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Windows Live? Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Users\Tonis\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - plugin: Hulu Desktop (Enabled) = C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.7.1\npHDPlg.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vafmusic2 = C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbjibcbpmbcabnfnohhgjjmkgkimajko\10.24.3.503_0\
CHR - Extension: Vafmusic2 = C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbjibcbpmbcabnfnohhgjjmkgkimajko\10.24.3.503_0\nativeMessaging\nmHost
CHR - Extension: Vafmusic2 = C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbjibcbpmbcabnfnohhgjjmkgkimajko\10.26.0.540_0\
CHR - Extension: Vafmusic2 = C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbjibcbpmbcabnfnohhgjjmkgkimajko\10.26.0.540_0\nativeMessaging\nmHost
CHR - Extension: No name found = C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\
CHR - Extension: Google Search = C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Lightning Newtab = C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\1.1.8.4_0\
CHR - Extension: MixiDJ V34 = C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kldbiondcoemmofebkcgcnbigliglcnl\10.24.3.503_0\
CHR - Extension: MixiDJ V34 = C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kldbiondcoemmofebkcgcnbigliglcnl\10.24.3.503_0\nativeMessaging\nmHost
CHR - Extension: MixiDJ V34 = C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kldbiondcoemmofebkcgcnbigliglcnl\10.26.0.540_0\
CHR - Extension: MixiDJ V34 = C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kldbiondcoemmofebkcgcnbigliglcnl\10.26.0.540_0\nativeMessaging\nmHost
CHR - Extension: WhiteSmoke New = C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi\10.24.3.503_0\
CHR - Extension: WhiteSmoke New = C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi\10.24.3.503_0\nativeMessaging\nmHost
CHR - Extension: WhiteSmoke New = C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi\10.26.0.540_0\
CHR - Extension: WhiteSmoke New = C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi\10.26.0.540_0\nativeMessaging\nmHost
CHR - Extension: Google Wallet = C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: ScorpionSaver = C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg\5.0_0\
CHR - Extension: Gmail = C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (no name) - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - No CLSID value found.
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (DownloadTerms) - {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - C:\Users\Tonis\AppData\Local\DownloadTerms\temp.dat File not found
O2 - BHO: (AppGraffiti) - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\Program Files (x86)\AppGraffiti\AppGraffiti.dll (Omega Partners Ltd)
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C4D78C72-08DB-4A3F-9175-B265157283F3} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe File not found
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe File not found
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_D30B0C0B46E32DAAAF8F6F8216DB5A4D] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [NextLive] C:\Users\Tonis\AppData\Roaming\newnext.me\nengine.dll (NewNextDotMe)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - HKLM..\RunOnce: [SpUninstallCleanUp] REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f File not found
O4 - HKCU..\RunOnce: [gah uninstall task] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} http://h20364.www2.h...DataManager.CAB (Reg Error: Key error.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_45)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BDD67482-F7E7-48A3-B228-CE774FFAA23D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/05 21:15:01 | 000,439,296 | ---- | C] (Adpeak, Inc.) -- C:\Windows\SysNative\AdpeakProxy64.dll
[2014/01/02 23:47:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Nikon
[2013/12/27 21:07:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/12/27 21:07:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IminentToolbar
[2013/12/27 21:07:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/12/27 21:06:59 | 000,000,000 | ---D | C] -- C:\Users\Tonis\AppData\Roaming\IminentToolbar
[2013/12/27 21:04:16 | 000,000,000 | ---D | C] -- C:\Users\Tonis\AppData\Roaming\QuickScan
[2013/12/27 21:02:36 | 000,000,000 | ---D | C] -- C:\temp
[2013/12/27 21:02:33 | 000,000,000 | ---D | C] -- C:\Program Files\Level Quality Watcher
[2013/12/27 20:58:54 | 000,000,000 | ---D | C] -- C:\Users\Tonis\AppData\Roaming\Nikon
[2013/12/27 20:58:54 | 000,000,000 | ---D | C] -- C:\Users\Tonis\AppData\Local\Nikon
[2013/12/27 20:57:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nikon
[2013/12/27 20:56:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nikon
[2013/12/27 20:56:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nikon
[2013/12/27 20:56:26 | 000,000,000 | ---D | C] -- C:\Program Files\Nikon
[2013/12/27 20:56:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Ultima_T15
[2013/12/27 20:56:20 | 000,000,000 | ---D | C] -- C:\ProgramData\EnterNHelp
[2013/12/27 20:56:10 | 000,000,000 | ---D | C] -- C:\Users\Tonis\AppData\Local\Downloaded Installations
[2013/12/27 20:54:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link to Nikon
[2013/09/01 19:49:01 | 000,051,992 | ---- | C] (cake bake) -- C:\Program Files (x86)\WBDesktop.Updater.1.0.0.16.exe

========== Files - Modified Within 30 Days ==========

[2014/01/17 13:08:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/17 13:07:00 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForTonis.job
[2014/01/17 12:59:37 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/17 12:59:37 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/17 12:58:01 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/17 12:57:59 | 000,002,381 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/17 12:54:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/05 22:20:13 | 000,779,306 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/05 22:20:13 | 000,660,546 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/05 22:20:13 | 000,121,442 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/05 22:16:22 | 000,000,410 | ---- | M] () -- C:\Windows\tasks\isharpsoft Task.job
[2014/01/05 22:15:27 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/05 22:14:51 | 3063,046,144 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/05 21:52:46 | 000,000,000 | -H-- | M] () -- C:\ProgramData\PKP_DLes.DAT
[2014/01/05 21:52:04 | 000,000,000 | -H-- | M] () -- C:\ProgramData\PKP_DLev.DAT
[2014/01/05 21:52:03 | 000,000,000 | -H-- | M] () -- C:\ProgramData\PKP_DLet.DAT
[2014/01/05 21:52:03 | 000,000,000 | ---- | M] () -- C:\Users\Tonis\AppData\Roaming\Dialogs
[2014/01/05 21:52:03 | 000,000,000 | ---- | M] () -- C:\ProgramData\Devices
[2014/01/05 21:52:03 | 000,000,000 | ---- | M] () -- C:\ProgramData\Conditionals

========== Files Created - No Company Name ==========

[2014/01/17 13:07:00 | 000,000,332 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForTonis.job
[2014/01/05 21:52:03 | 000,000,000 | ---- | C] () -- C:\ProgramData\Devices
[2014/01/05 21:52:03 | 000,000,000 | ---- | C] () -- C:\ProgramData\Conditionals
[2013/12/27 20:57:06 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2013/12/27 20:56:20 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2013/12/27 20:56:20 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2013/12/27 20:56:20 | 000,000,000 | ---- | C] () -- C:\Users\Tonis\AppData\Roaming\Dialogs
[2013/05/26 20:17:05 | 000,773,522 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/05/26 20:13:00 | 000,000,258 | RHS- | C] () -- C:\Users\Tonis\ntuser.pol
[2011/05/18 20:10:45 | 000,001,940 | ---- | C] () -- C:\Users\Tonis\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini

========== ZeroAccess Check ==========

[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 18:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 17:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/12/27 21:06:59 | 000,000,000 | ---D | M] -- C:\Users\Tonis\AppData\Roaming\IminentToolbar
[2013/12/14 10:17:49 | 000,000,000 | ---D | M] -- C:\Users\Tonis\AppData\Roaming\iSharpsoft
[2014/01/17 12:54:40 | 000,000,000 | ---D | M] -- C:\Users\Tonis\AppData\Roaming\newnext.me
[2013/12/27 20:58:54 | 000,000,000 | ---D | M] -- C:\Users\Tonis\AppData\Roaming\Nikon
[2013/09/01 19:50:13 | 000,000,000 | ---D | M] -- C:\Users\Tonis\AppData\Roaming\player
[2013/12/27 21:04:16 | 000,000,000 | ---D | M] -- C:\Users\Tonis\AppData\Roaming\QuickScan
[2013/12/14 10:18:00 | 000,000,000 | ---D | M] -- C:\Users\Tonis\AppData\Roaming\SearchProtect
[2013/09/01 20:19:10 | 000,000,000 | ---D | M] -- C:\Users\Tonis\AppData\Roaming\Strongvault
[2013/12/14 10:15:27 | 000,000,000 | ---D | M] -- C:\Users\Tonis\AppData\Roaming\UpdateServ
[2011/09/02 01:32:59 | 000,000,000 | ---D | M] -- C:\Users\Tonis\AppData\Roaming\Windows Live Writer

========== Purity Check ==========

< End of report >

#2
Essexboy

Posted 17 January 2014 - 04:26 PM

GeekU Moderator

Retired Staff
69,964 posts

Hi there, it is a bit dirty

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

:Commands
[CREATERESTOREPOINT]

:OTL
SRV - [2013/12/14 10:28:27 | 000,368,448 | ---- | M] () [Auto | Running] -- C:\ProgramData\MediaDev\1387045706\mediadev.exe -- (MediaDevSrv)
SRV - [2013/12/13 07:58:00 | 000,368,424 | ---- | M] () [Auto | Running] -- C:\Users\Tonis\AppData\Roaming\UpdateServ\UpdaterService.exe -- (WinDevSrv)
SRV - [2013/09/01 19:49:01 | 000,051,992 | ---- | M] (cake bake) [Auto | Running] -- C:\Program Files (x86)\WBDesktop.Updater.1.0.0.16.exe -- (WebCake Desktop Updater)
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://aartemis.com/...90AB9J8259J8259
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis....q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis....q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://aartemis.com/...90AB9J8259J8259
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0CA3A9A0-2929-46AE-8E77-E6DD9E87D65F}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.aartemis....q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://aartemis.com/...90AB9J8259J8259
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis....q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis....q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://aartemis.com/...90AB9J8259J8259
IE - HKLM\..\SearchScopes,DefaultScope = {8D821589-6F10-4639-ADC6-8E0FB0F895B2}
IE - HKLM\..\SearchScopes\{0CA3A9A0-2929-46AE-8E77-E6DD9E87D65F}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.aartemis....q={searchTerms}
IE - HKLM\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://aartemis.com/...90AB9J8259J8259
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
IE - HKCU\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No CLSID value found
IE - HKCU\..\SearchScopes\{0CA3A9A0-2929-46AE-8E77-E6DD9E87D65F}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.aartemis....q={searchTerms}
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekkosearch....q={searchTerms}
IE - HKCU\..\SearchScopes\{8D821589-6F10-4639-ADC6-8E0FB0F895B2}: "URL" = http://search.condui...7163082272&UM=2
IE - HKCU\..\SearchScopes\{95974D95-CB55-4667-811E-874636F04388}: "URL" = http://websearch.ask...8A-FA4FC4AD44AF
IE - HKCU\..\SearchScopes\{A26C36F3-9D6C-4551-86A4-B3E9C4B7B3CD}: "URL" = http://www.crawler.c...id=10004&lng=en
IE - HKCU\..\SearchScopes\{A531D99C-5A22-449b-83DA-872725C6D0ED}: "URL" = http://search.alot.c...on=1.3.2000.1(B)
IE - HKCU\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKCU\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://www2.inbox.co...id=80887&lng=en
IE - HKCU\..\SearchScopes\{CB84244C-7101-4C30-AD37-E0C73B182836}: "URL" = http://search.condui...q={searchTerms}
O2:64bit: - BHO: (no name) - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - No CLSID value found.
O2 - BHO: (DownloadTerms) - {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - C:\Users\Tonis\AppData\Local\DownloadTerms\temp.dat File not found
O2 - BHO: (AppGraffiti) - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\Program Files (x86)\AppGraffiti\AppGraffiti.dll (Omega Partners Ltd)
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C4D78C72-08DB-4A3F-9175-B265157283F3} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe File not found
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe File not found
O4 - HKCU..\Run: [NextLive] C:\Users\Tonis\AppData\Roaming\newnext.me\nengine.dll (NewNextDotMe)
O4 - HKLM..\RunOnce: [SpUninstallCleanUp] REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f File not found
O4 - HKCU..\RunOnce: [gah uninstall task] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[2014/01/05 21:15:01 | 000,439,296 | ---- | C] (Adpeak, Inc.) -- C:\Windows\SysNative\AdpeakProxy64.dll
[2013/12/27 21:07:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IminentToolbar
[2013/12/27 21:06:59 | 000,000,000 | ---D | C] -- C:\Users\Tonis\AppData\Roaming\IminentToolbar
[2013/12/27 21:04:16 | 000,000,000 | ---D | C] -- C:\Users\Tonis\AppData\Roaming\QuickScan
[2013/12/27 21:02:36 | 000,000,000 | ---D | C] -- C:\temp
[2013/12/27 21:02:33 | 000,000,000 | ---D | C] -- C:\Program Files\Level Quality Watcher
[2013/12/27 20:56:20 | 000,000,000 | ---D | C] -- C:\ProgramData\EnterNHelp
[2013/09/01 19:49:01 | 000,051,992 | ---- | C] (cake bake) -- C:\Program Files (x86)\WBDesktop.Updater.1.0.0.16.exe
[2013/12/27 21:06:59 | 000,000,000 | ---D | M] -- C:\Users\Tonis\AppData\Roaming\IminentToolbar
[2013/12/14 10:17:49 | 000,000,000 | ---D | M] -- C:\Users\Tonis\AppData\Roaming\iSharpsoft
[2014/01/17 12:54:40 | 000,000,000 | ---D | M] -- C:\Users\Tonis\AppData\Roaming\newnext.me
[2013/12/27 21:04:16 | 000,000,000 | ---D | M] -- C:\Users\Tonis\AppData\Roaming\QuickScan
[2013/12/14 10:18:00 | 000,000,000 | ---D | M] -- C:\Users\Tonis\AppData\Roaming\SearchProtect
[2013/09/01 20:19:10 | 000,000,000 | ---D | M] -- C:\Users\Tonis\AppData\Roaming\Strongvault
[2013/12/14 10:15:27 | 000,000,000 | ---D | M] -- C:\Users\Tonis\AppData\Roaming\UpdateServ

:Files
C:\ProgramData\MediaDev
C:\Users\Tonis\AppData\Roaming\UpdateServ
C:\Program Files (x86)\WBDesktop.Updater.1.0.0.16.exe
C:\Program Files (x86)\Ask.com
C:\Program Files (x86)\Iminent
C:\Program Files (x86)\Mobogenie
C:\Users\Tonis\AppData\Roaming\newnext.me
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kldbiondcoemmofebkcgcnbigliglcnl
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbjibcbpmbcabnfnohhgjjmkgkimajko

:Commands
[resethosts]
[emptytemp]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click on Scan.
After the scan is complete click on "Clean"
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the content of that logfile with your next answer.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

FINALLY

Please download Junkware Removal Tool to your desktop.

Right-mouse click JRT.exe and select "Run as Administrator" the tool will open and start scanning your system
please be patient as this can take a while to complete depending on your system's specifications
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
post the contents of JRT.txt into your next message.

#3
kepayne228

Posted 17 January 2014 - 05:32 PM

Member

Topic Starter
Member
79 posts

I tried to download that ADW Cleaner and a BUNCH of other stuff downloaded instead.

#4
kepayne228

Posted 17 January 2014 - 06:16 PM

Member

Topic Starter
Member
79 posts

Thanks so much for your quick reply.

Okay I ran the ADW and JRT and some of the things that downloaded seem gone. There are a few things hanging around though. I ran the OTL last. Still need to get rid of "Jump Flip" "Zip Opener" and "Mobogenie"

# AdwCleaner v3.017 - Report created 17/01/2014 at 15:49:05
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Tonis - TONIS-PC
# Running from : C:\Users\Tonis\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : BackupStack

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\Systweak
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\WPM
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppGraffiti
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\open it!
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Folder Deleted : C:\Program Files (x86)\Advanced System Protector
Folder Deleted : C:\Program Files (x86)\AppGraffiti
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Crawler Toolbar
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Mysearchdial
Folder Deleted : C:\Program Files (x86)\openit
Folder Deleted : C:\Program Files (x86)\RegClean Pro
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Windows\SysWOW64\Searchprotect
Folder Deleted : C:\Users\Tonis\AppData\Local\apn
Folder Deleted : C:\Users\Tonis\AppData\Local\Conduit
Folder Deleted : C:\Users\Tonis\AppData\Local\DownloadTerms
Folder Deleted : C:\Users\Tonis\AppData\Local\genienext
Folder Deleted : C:\Users\Tonis\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Tonis\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Tonis\AppData\LocalLow\AppGraffiti
Folder Deleted : C:\Users\Tonis\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Tonis\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Tonis\AppData\LocalLow\IminentToolbar
Folder Deleted : C:\Users\Tonis\AppData\LocalLow\Mysearchdial
Folder Deleted : C:\Users\Tonis\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Tonis\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
Folder Deleted : C:\Users\Tonis\AppData\Roaming\Mysearchdial
Folder Deleted : C:\Users\Tonis\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Tonis\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Tonis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Folder Deleted : C:\Users\Tonis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Folder Deleted : C:\Users\Tonis\Documents\Mobogenie
Folder Deleted : C:\Users\Tonis\Documents\ShopToWin
Folder Deleted : C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Folder Deleted : C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
File Deleted : C:\alotserviceruntime.log
File Deleted : C:\END
File Deleted : C:\Users\Public\Desktop\Advanced System Protector.lnk
File Deleted : C:\Users\Public\Desktop\Open It!.lnk
File Deleted : C:\Users\Public\Desktop\RegClean Pro.lnk
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Tonis\AppData\Local\mysearchdial-speeddial.crx
File Deleted : C:\Users\Tonis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
File Deleted : C:\Users\Tonis\Desktop\Mobogenie.lnk
File Deleted : C:\Users\Tonis\Desktop\MyPC Backup.lnk
File Deleted : C:\Users\Tonis\Desktop\MySearchDial.url
File Deleted : C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
File Deleted : C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage
File Deleted : C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
File Deleted : C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage
File Deleted : C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
File Deleted : C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fastcontent.conduit.com_0.localstorage
File Deleted : C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fastcontent.conduit.com_0.localstorage-journal
File Deleted : C:\Users\Tonis\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage
File Deleted : C:\Users\Tonis\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage-journal
File Deleted : C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage
File Deleted : C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal
File Deleted : C:\Windows\System32\Tasks\Advanced System Protector
File Deleted : C:\Windows\System32\Tasks\Advanced System Protector_startup
File Deleted : C:\Windows\System32\Tasks\BackgroundContainer Startup Task
File Deleted : C:\Windows\Tasks\MySearchDial.job
File Deleted : C:\Windows\System32\Tasks\MySearchDial
File Deleted : C:\Windows\System32\Tasks\RegClean Pro
File Deleted : C:\Windows\Tasks\RegClean Pro_DEFAULT.job
File Deleted : C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
File Deleted : C:\Windows\Tasks\RegClean Pro_UPDATES.job
File Deleted : C:\Windows\System32\Tasks\RegClean Pro_UPDATES
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Tonis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Tonis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Tonis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Tonis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Tonis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Tonis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Key Deleted : HKLM\SOFTWARE\Classes\AppGraffiti.AppGraffitiJS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\AdpeakProxy.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Iminent
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\alotservice_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\alotservice_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289847
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3294791
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3298570
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3318601
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7CD74AFF-3433-4E34-92E2-D98DFDB30754}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{022C9F90-2E96-47D6-A971-107650154563}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB02BC6B-B0F0-4074-99E6-884B70FCB6AE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{04D2B915-19FF-41E9-994D-95DC898BEA43}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F9E44926-2497-46F3-8A25-928136AC079E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{022C9F90-2E96-47D6-A971-107650154563}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppGraffiti
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\InstalledThirdPartyPrograms
Key Deleted : HKCU\Software\mysearchdial
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\Scorpion Saver
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\aartemisSoftware
Key Deleted : HKLM\Software\Adpeak, Inc.
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AppGraffiti
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\InstallCore
Key Deleted : HKLM\Software\mysearchdial
Key Deleted : HKLM\Software\supWPM
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Opener Packages
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OpenIt Open It!
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
Key Deleted : [x64] HKLM\SOFTWARE\DomaIQ
Key Deleted : [x64] HKLM\SOFTWARE\Iminent
Key Deleted : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
Key Deleted : [x64] HKLM\SOFTWARE\Scorpion Saver
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16750

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v32.0.1700.76

[ File : C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [24561 octets] - [17/01/2014 15:48:28]
AdwCleaner[S0].txt - [22645 octets] - [17/01/2014 15:49:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22706 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Tonis on Fri 01/17/2014 at 15:54:27.18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

Failed to stop: [Service] update jump flip

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1BB8B3AE-757D-443F-B3A4-0629E709B0D9}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\strongvaultapp_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\strongvaultapp_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6db9fdfe-b718-4962-be0c-0a5fce7f7f7b}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{6db9fdfe-b718-4962-be0c-0a5fce7f7f7b}
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\strongvault online backup"
Successfully deleted: [Folder] "C:\Users\Tonis\appdata\local\cre"
Failed to delete: [Folder] "C:\Program Files (x86)\jump flip"
Successfully deleted: [Folder] "C:\ai_recyclebin"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{011B5137-B725-40F4-8BCB-F3DBBA58D10C}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{019E46E1-4224-4CBB-B585-3635EC651877}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{0243214E-A64B-41D8-8A79-89497DF36CCA}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{0288A34B-CB46-4AF8-BBBC-A1FAE4EAC272}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{03F348EF-2832-4E09-934A-79E287BB2ADB}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{045884A4-77C8-4AD9-A62C-B7B4491CA7D0}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{0464AB5B-0641-462A-9936-175738786490}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{050CDC5E-9301-43ED-9BEB-C570AD4F0848}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{059637B1-5A2D-4EA3-ADA8-71C1363701EE}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{05A8C246-152C-4444-BD2F-3B4D003298E8}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{05CFA470-3788-4EA0-8C0F-A3A8B11F6A55}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{07BBB1A7-8D6F-4DE3-B94F-B4BA651CB2ED}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{07BBCA12-0046-4094-A051-9197ED319C84}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{08EC0DDD-1C93-4CBA-AF8D-4A4E95CFC4D6}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{09A36855-884F-48B0-9ABE-0D8C5F077BE8}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{09B619E5-D4A3-47D9-A6F5-CD48795AFFA4}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{09E73B9F-C1B5-4227-9EAF-87E78F1549A3}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{09F56333-44CF-485E-B06B-66D99FD0A893}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{0ACF4619-A607-4ABB-B953-96578B11ACE2}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{0B57F602-EBA8-45BA-8407-F08CDE6BB3F6}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{0C0CA863-404A-40F6-8243-EC11D36EFB48}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{0CB47A44-7AB7-4DF8-8987-DA2110010F84}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{0D8A9820-42B8-4C05-B4AB-22970C7E6210}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{0DEBC024-10BC-4011-BC6F-8ED0C6E2BE45}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{0E37CB0A-92B5-4C65-A9CB-63B2A310167C}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{0E625A86-5F93-4AAF-9470-7450CFE1AD99}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{0FB65BDF-5453-4D07-AD7E-99DB8D56BC2B}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{0FC058AE-7585-4C51-899D-8BBA44F218C7}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{11233DB1-6437-4DCB-B67B-F1CE8C6282BD}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{11419B15-1279-47B8-BD08-B9917F57E7AB}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{115A1D89-AE8B-49AB-B0F8-E36C4135DF9B}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{121DA6ED-32FE-4A42-B2B9-3D57DBA75FB3}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{130EF7F9-1E69-4C2D-9669-FCA85F1F9138}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{1354695E-8DC6-42E8-B4C9-8D1AFFDF3F12}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{14047291-EBC8-41EB-B473-687C67921DAA}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{14F78BA2-4A7F-4E2B-870B-6283426CC757}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{153E1DCA-F671-4E2D-8866-2E3B8272AC4D}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{154A6496-BB06-4228-B77F-7F0C2E26FDFA}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{15E5AF46-E2BD-4856-8EEF-18683B65D63B}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{1700A0EA-1CE0-4D9E-9B5F-CA0134B4399C}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{1892373B-BA10-4AE3-8357-06D13DC4BE9C}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{189C5899-F0B4-4FBA-BE43-9DDC6CA95111}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{18A9A000-BB2D-41FE-A5B7-032DF23582F4}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{18D4EFAD-9B1E-4ECE-B7F7-A684A16EBB5A}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{19DDDB5A-BBD6-47DC-AC3B-9312810B6886}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{1B4321DA-5756-42C5-8EE2-BA2BB7E34C14}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{1B886100-08A2-40E4-B562-3BB3BDAED5BA}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{1BBDEB9C-109C-492E-9C89-1B269458D6CA}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{1BE55F44-EBCF-42AC-955B-50266224BBCF}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{1BEEE306-0D2B-4DE6-BBD1-6937DBC1D80E}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{1CA74C3B-ACA5-47CD-9D24-67F5D77F8C75}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{1CF0C276-9C61-4B8C-8FEB-9DC25BDA6456}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{1D1D09D8-C556-4278-8FE4-88EE7E3B0C83}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{1E382991-CBFE-431C-9AF6-5EB1B207B149}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{1E3A0DDE-DD0C-492F-A0FC-871CFCE4C844}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{1FEB2747-E2E7-4008-B1EF-8BB92567D75A}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{226EFF10-E2B3-4E0F-8FF9-1143013C340D}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{23F6B931-E586-4751-9A66-767955455D34}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{257A3C54-0A3F-4707-8DA8-AAA714D1CAA9}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{2661A332-AA57-4AF7-9EB6-975AD510B47E}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{281DFB49-5132-46A0-BECF-AE4B51B23074}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{282B30A4-A15C-4905-B037-5FB4613F58F4}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{29F8C38D-8EEE-47D8-97E8-1572E6B5FEF0}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{29FB72C3-7F67-43F7-9E8F-A1233310A6F5}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{2A0E697E-3D5E-4679-95EE-E362E7EBF5DA}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{2A543D93-24F1-45B6-83E9-6542368C3879}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{2B50405E-F907-46A7-9C36-EC92FFF93B6F}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{2C747354-1F9A-4BBE-BD3E-ACA55CBD5BF7}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{2CB78935-6FBB-449C-B480-6E5C0EF97DF6}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{2D4E0836-0749-4915-A522-8ACCBB2A2395}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{2D6F1B9F-A4FA-4590-AB47-BD257B99DF20}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{2DB4992F-F685-466B-ADF9-1E376475212D}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{2E0E822A-9611-44EB-9AC6-75C9D53C5F6D}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{2F5E7BBD-B981-4E08-8E64-6E1EFC6A48BE}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{3036988D-9895-4EE0-9C5F-0D3DBA4A9D37}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{30DD4C6F-4F18-4E8E-92EA-A784053046DA}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{31E6D896-CD30-4356-9913-A8CFD4A4CF9B}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{326CEF48-2870-4332-8420-6B280EC6FC83}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{32A03016-B006-4437-9204-2D566B8F95DC}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{33798603-D79A-4992-AD4E-AD5000FF8506}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{33FC1437-0DE5-4F15-A9DC-04ABC67F7130}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{34FE54EE-ED04-4E17-825F-731C5436DD36}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{3504AC6F-90BE-491D-A300-39F6B2248EA6}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{3593DB97-4CCA-469A-89F4-FBADF5DD03FD}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{35BC4D23-041A-4E6B-8491-F38BF17A3A63}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{36667AC2-9911-4E02-A0E4-A3B34E21DD06}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{3742CAAA-6E20-47EC-8041-CE4EE23C2794}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{37B11702-44B6-4BC7-BAE6-CB3B69EB2469}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{37B53E51-7B37-4D68-B35F-F771F2EB8E34}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{382EB793-0489-44FA-80CE-9284372A5EEC}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{383AF692-89C5-4781-9061-235DC05C1B69}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{38F869D4-24AB-4B24-8A08-9D2AAB053DD3}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{39A94189-E8C5-4D2F-A271-26A8D35E0778}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{3A400F60-BDDB-410D-B875-70C7D7D9AA7D}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{3AD72A14-82FB-46C7-BB6F-5597454A9A83}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{3B704880-2C6D-4904-AC01-3CB676B6941D}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{3BA989C4-C5CA-4007-BEEA-98035B75E7D5}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{3BCD6853-75E3-4545-BE98-EA0C7C22CA5B}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{3BF01998-8B24-40F9-972E-8A2CEABB72E2}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{3C09AA81-82FD-441A-A942-F2DB6BA998CD}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{3D01FF8D-7CDE-40C0-85F9-567373E66FCE}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{3D122A92-2A74-4E64-AB79-B995F673C079}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{3D5AAD7E-5766-4EC7-B4A3-7B33C653AC8E}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{3D8AAD0D-B0A6-4282-89EC-DF2B59A1650D}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{3E255429-CC60-4E14-AD03-80641A4C7059}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{3F6E5062-D142-4AE8-B99A-7412A20C3615}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{3F9A99C9-9631-4474-A46E-E7CBFF27E6AA}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{40DB4C0A-E6A1-4E55-9509-F812A16AB80D}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{435E9985-CD0A-4FA7-8B4A-AF5F127CD800}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{44F101A0-CE4F-4B0B-8DAB-DD97B3C0EF60}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{452B3BED-08BB-495D-951C-83412CF5D297}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{463CC061-9516-4954-BB27-F98658E87283}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{471AFFAE-2A80-4368-A480-CC5821F2EFAB}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{47E694AE-134C-4EBF-869A-BD1ACB07B615}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{48C2967D-4CA2-4B7C-A875-B5626C4FE8E9}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{48C8A8A3-CC9D-4A16-B6D1-3953355BEBBD}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{496D2EEF-C8BD-435F-9614-FAF35223D72D}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{4A1744FD-1926-4532-B374-36AE78495E88}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{4A464AD1-D6FB-416F-86F7-FD8046CB8CAE}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{4AD3D24A-6302-4E3A-8AA1-BFC8386B3FE7}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{4AF17102-CECA-48B6-A968-08D86E396CD9}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{4B85F2D0-0FEE-4372-AC41-757E63A14866}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{4BCE1FF6-7DEB-48A6-9553-86A277110C8C}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{4DA1226D-384F-418F-87A4-A9F60B5B89D0}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{4DD1D54B-A5C1-4595-AD70-4D8CB13D4F95}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{50DA6312-9237-4DFF-8D6C-C4533BEAACF8}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{5159EB8C-56F8-40B1-9CC8-23D9C52A0764}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{521DE278-2524-4019-AD39-28669538C238}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{5230E20D-883A-4436-BF29-F31E8E5244FC}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{52941306-800D-4748-8F1B-D8F2FE44E411}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{549F9381-1479-4FD5-AD83-E776733C654F}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{57094CC0-013B-49C2-B2B2-E294FA317E9E}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{5862E1AC-4A27-45B4-9441-18A3A9CB2EAD}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{59F19F40-6384-4A63-B6F2-02B951FEBBEF}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{5A18D5C1-BF85-4431-890E-E729FF2703F5}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{5A4FB141-701A-4837-8E6F-2405C21A371D}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{5A8F6DDF-6DBC-4701-88DC-BD5A2672E2AC}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{5B591696-644F-4D58-AC7F-38018D557A72}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{5B5C0A49-5DE5-4B3B-B279-AB880E388F90}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{5B6A4125-5416-4290-8D25-2768F5B11A3C}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{5D144AA8-186E-4437-9D44-F688C8ECEA5D}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{5D3649BF-4582-4A63-B81F-C111908EEA79}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{5D6A5143-8E77-4FCF-BFF5-479ACDA69290}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{5D6AEA53-9A9E-4700-81EF-E71C9843C17C}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{5E7D52E1-04F5-478B-910E-414E302343CD}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{5FAD5722-5DF3-4358-8756-AB6E71D3AF18}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{5FF76782-5BBA-4703-8E62-02272CDEA54E}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{62AFA702-5DBB-4A7A-8FA9-D0DB2521D918}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{637C8C28-8641-4CEB-88F3-003A81385EBF}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{64262C45-2FD9-4DBB-A001-DDA475916BE2}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{64F710CC-CB54-4FFC-83FA-FB458E135E3A}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{658440A9-1735-42A3-B6E4-0F563B3F51EA}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{659E08C4-BE44-4B56-8509-0FFC24A38E96}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{6662F2D8-0DB5-4CD5-B870-DDF064EAF78A}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{6824F160-0B54-4F70-B4B5-083E417454F5}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{68415349-5D6B-4DAB-A626-353110F3415F}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{684436EB-EE1A-431E-95CB-582A2EC64701}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{69305F15-2383-412B-B754-EA3B4B8AD241}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{69593AE0-93F5-4323-BB29-6E29D8ED11F0}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{6A9439B4-A11A-43E4-B42B-5CCFA6AE39E7}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{6BA0F47B-5453-4310-AC9F-15C46AFFA568}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{6C20F7D9-1D7B-4885-BB5A-4F9A2D71237B}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{6C6525BF-B429-4373-8325-B226A8DAD99F}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{6D1FD7E8-6043-4CA3-ADFF-0542D2593872}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{6D49E3DB-5EB0-4899-80A5-1F834F906622}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{6D97F4C4-49CD-4A96-8D22-0D0255DF2E62}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{6DED1F2A-B3E1-4E48-95FD-65EB31ADA564}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{6E6A723F-3145-43D0-A773-3F4E1CA22DE7}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{6E8AD2E6-2EEA-46FB-84BB-333C2AFAFD65}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{6EA17811-D9BF-41B6-9B61-7E3469787516}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{6F2C507C-5053-49F7-ABA6-A4991ADF0B74}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{6F465250-7034-455D-8557-DE32198BB1FC}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{6F9ED39B-22C1-472D-AC55-0A102D16435D}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{70437139-4E8A-4566-AF5F-5E08548342E0}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{72A6DDA0-FF33-4E1F-92AB-C6F5BA0AC688}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{75D14E86-EA5B-4678-9F2E-7716CB92A668}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{76BD612D-2645-4CE5-9B46-4BDF4C1CB915}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{77A4944A-9D05-4DF9-AC51-0F7DFFAA4A7C}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{77ADBA50-C95C-41E7-A284-26911AB465DD}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{7836F306-CAB8-4C89-98FF-34F6D3A89233}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{78584A74-7FD0-4479-A197-81D7A60CFB64}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{78882373-B811-4141-AEE5-8C5CCF01AE4E}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{7B1696F8-8F45-415B-8A1C-B0CC37A2FAB6}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{7B2CB776-8B2A-4E90-B682-524F1D925A26}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{7BA421AF-B20E-444F-8E57-495B1465332A}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{7BD3BE96-7680-4378-B19F-F2EE4C2BB9CE}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{7C3FDB9D-3F48-4088-8A08-9026656E30DF}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{7C48E4FA-B36E-47DE-AC6A-B317D578B391}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{7C9942BB-93FD-4E3E-8BB0-A8920DE65316}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{7DB5F85B-64CD-4C43-8442-00AB3AA94934}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{7F487111-DBA9-4C6E-8FF9-7625F1C9B2EC}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{7F56FBDA-154E-4457-AA58-D1DB34C65A03}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{807F1B84-489F-4AE7-BBDE-8CE96141D6CB}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{80B4BE80-936E-42EE-9069-632B8160CD56}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{814CC835-7AE9-4B64-B37C-E308BA4F0A9B}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{821E721C-17D6-4C61-9BE8-979B9E47908C}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{821E9F86-4E0F-440A-9438-3594DAA59D39}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{827B421A-18FC-45C9-BF6C-01AB4BB85BC4}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{8385DEAD-BDD0-4E59-B1B8-2773F87ED8B6}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{83D45EFE-A996-4FFF-ABA2-DBE7F47C9658}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{8461BB3E-DDDF-46FD-8B45-1737339C85E8}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{85D1BDDB-8584-44E8-87C3-14BE134512BD}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{879EE4B4-9CF0-4703-90EF-7AAA6292FAF7}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{87BBFBF2-935D-429E-95B4-72F62F65859B}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{88C91193-0C22-4904-BE11-CE880AFB0AB6}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{8A341C6F-3013-4670-88F6-9168E1613F6F}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{8AFC7F8A-CDA0-4E7D-B981-E96BCCB772B9}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{8D96A2DD-1C7B-4083-9AFE-9747FEE44A93}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{8EA69078-F74E-4577-BF38-AF4F8DCB1D70}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{8F486FCF-693F-42F2-95A4-3967A8292501}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{8F6516F2-AC6A-46E3-A65E-F90EB3720268}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{8FF1A0C8-C1EB-42F5-BAFB-FB5C396C8E01}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{90606B17-13A6-48C2-AB0D-AB0059876CA2}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{9108D15B-3A96-4472-B8E6-CDEA199A9DA0}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{9287EAB0-F645-4F3C-8AF9-3A15C93B0F26}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{92A5E3DD-1314-4AA4-96C7-6B39AD6F760A}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{92EC204B-ED6D-4057-A81F-12225F2438D1}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{9389CCD1-2087-4391-8BE7-DFB90BDDB7D0}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{939D7BCA-D833-4B4F-9678-F24F726860C9}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{94694198-62CD-43DA-9A3E-84CAC07C0B39}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{94EC66FC-EB8F-4491-9D8D-74C3DD071E9C}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{950AF71F-DEE3-4B9D-ACC1-F4A0627F3793}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{95EBCBCA-F6FE-412E-BD93-2E19E43F4D87}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{96444548-545D-41BE-A413-60096B460BE8}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{9672DB79-A438-41BF-9C39-DC6E563D08CE}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{96B5C03C-0488-4A9A-8D45-2DB856F1615E}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{96C29764-CD07-4EBE-B9F6-CC2B22812A6D}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{974D2F96-8EE3-48E5-BB1E-5E4005DFECDE}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{984DC061-A56B-429B-AEAF-65D63565979C}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{98AF8911-F3CA-410A-9F1B-96B60850061E}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{990B65FD-DBCE-4FF9-B907-86B5A65A1F5F}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{9955F77D-FF27-4473-8E3B-728281F0A8B2}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{99F4F87A-F5F6-4247-8D80-D3FB132E3A6E}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{9CF4238A-00F7-40A0-A360-F5823F908A7A}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{9D02E60C-14A9-4DA4-9B74-E3E89E928184}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{9D7EBE1B-840E-44BE-92DC-74D020410447}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{9DE9880B-CB9C-4368-8854-12DD890812D9}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{9E0AC63A-E27F-4EAF-AED5-CA3B330E9F53}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{9E57BC4D-74DA-4042-A6E6-9BD905113608}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{9F7F61C9-0D5F-4BBD-A23F-BDEA2A60E18B}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{9FDE9C40-90E1-4B83-83A6-C28DCC5AB1F5}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{A0DE4160-D47A-45CE-ABA3-C44DCAF3B6C7}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{A11D2482-BC56-4436-B8D5-973FF01971EC}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{A1D78F31-0E51-43E5-9549-444F24FA35BD}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{A2B68E68-F771-4301-A162-E8722FBC5CC8}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{A34352EE-0066-48B5-BD72-FF544E188349}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{A34741AF-4698-4F5B-B7B4-1626DB6F9F70}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{A419152E-3508-4E2D-ABCC-92FC5DE47A31}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{A6AA27C4-D0CE-4BCE-849E-049920BCE0C9}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{A6AF51C5-D8E9-43DB-8CA7-53F5BBEDE73F}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{A6B262CA-C5C1-4FBD-BCDC-C92072B9DC3D}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{A6C4744B-068C-41A0-873D-DD2F7154F211}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{A6D4A006-F455-4675-93F4-574F478AC893}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{A7CE5C37-C779-48D0-8519-D9856F6379DC}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{A85F70C0-6259-4CF2-B9DF-23B1BB70125F}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{A8FC17A2-187D-4308-A4C3-167714DEA3FA}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{A939B755-7725-4100-9645-1DE6360F37F9}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{A9ADFA26-99CB-4790-ADC7-C6934DF32E11}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{AAC7A660-5879-4D24-92F9-7F0E2C856109}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{AB2D7A2D-F594-4B23-9289-21ECC024ACAF}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{AB31A49D-8F01-4F60-B4FA-FC7105740C5E}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{ABD65428-435A-4E8D-BE97-4F5208266F24}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{ABD8FCE1-FE36-4D99-8662-283344790A54}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{ACD53D1D-0A33-453A-9A19-A0485121A430}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{ACED6017-3784-4104-8425-7C3D94B8BDD8}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{AD0B0305-0192-4E34-AE06-57FECD2F380D}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{AE10329A-6EED-43EA-A7FD-9A68650A6024}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{AE11095E-C1E4-4D67-8C01-187F4D626988}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{AE7B089C-C819-4198-B975-6AEF2A7642E7}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{AF6A0727-E96F-4FF4-A7DE-4AC9E20025E3}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{AFB334FC-BA23-475C-A69E-FE49C13615BF}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{B01E6241-5D20-4C7C-B350-2A808F5CDE63}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{B129CBE9-2E5B-49D7-A45A-A0A1FDD53ED3}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{B15DA641-72E1-4347-A789-8BC1DDA7DDBD}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{B1F5CC74-AB59-475D-A28F-198C1A6BBCF4}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{B235DE14-5932-4C5B-86C9-8BEC67C82110}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{B2C29293-06EE-46BB-B5A1-E518D377B172}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{B2E7A8B4-85EC-407D-B3F0-CE83FFAA2C92}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{B2FB8984-7681-4832-AEBE-47A85C735517}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{B34147DE-65B9-4611-8648-B65BF46CA4DA}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{B3AC34AA-4497-4C24-9F96-1A7C6BFEAF35}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{B3C40364-F262-4BD5-A0F0-874E8D9E7C68}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{B418F26C-687C-4C7B-ACA4-4966D6D60D01}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{B436BB43-CB40-445F-AC2E-7BC83E963ECE}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{B48F60DC-93A0-46A0-A47D-1DE576ACBBA0}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{B53C4CF0-0B46-4044-A697-0174606BDCC6}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{B692D5A3-502B-483F-B444-393A0D18182A}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{B95F6C90-571C-4196-ADE9-435ECC97AF37}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{B98B4569-7303-4DE2-AE38-6B9F343D1D57}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{B9B3B260-6CF0-47F7-A26A-CDD9AC1CAD96}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{BA764F1B-F7A7-4CBB-B36B-AC4D2302B142}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{BAE17216-626F-495A-A704-DBCC73C0FDD0}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{BAF318C2-9AA7-4D02-B7ED-BDE84643BE40}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{BB7EE8EB-CD8F-42BE-8268-7EE0DE808268}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{BBAE3062-D00D-4328-AF85-F72B3C9FB4BB}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{BC17ED4B-39D4-4B40-B93E-B2EDBBE82A72}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{BD947C34-5C32-44A7-A3F1-23E18EC1E75B}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{BE5DBBA6-B9BA-46C5-A267-9126E4962622}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{BFB0B282-2735-4526-9331-CBCE43077D90}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{BFFC1137-B2EB-4B00-A3A7-1623A2903482}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C03CE73E-7819-4093-9303-0DE881040E8B}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C097B229-F431-4C86-963F-270F8A6FB7DE}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C0CFABCA-76DD-46DE-B028-EEFBC50029F5}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C0D47A04-5903-4CA0-8C44-9080A48FD3B1}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C0E26F7A-F728-4030-824E-B11F52B463A7}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C129FC70-984A-4154-837B-26EA81E43686}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C12E0641-5CB4-4CCF-9317-B9058F47C06A}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C1409883-AA7F-407A-9089-F2C0C7E7A87E}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C14451D7-06FA-4748-BBBA-90EE2DEF1E5E}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C161618E-1C38-440A-8223-7D50A0F2DBDF}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C1AF9009-C188-416A-945D-3C001A49E049}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C22FBB05-1BF0-4D57-BF5C-3A2A9DBC7DC0}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C2412811-A595-474E-83B6-88AC3EC21CC4}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C24F5137-8C36-4839-B1EA-4755CD63254A}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C4D6C6A3-3847-434A-9173-ED8155AEDBE2}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C54C6F0A-39BB-437D-9A9F-452C73BB9A7C}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C5A73AFB-20BD-450A-B9A7-85C2D16CA6B8}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C5C148F3-07C3-4CAD-8E3B-77398F66A868}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C6259E5A-A1A3-4A30-B632-C192C64C7E49}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C67F9BF6-3ED7-4FF6-93EB-E78AC48C7C86}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C70045B1-7D94-4001-B863-2F9F76558DC7}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C740EB72-2079-49F3-8856-08B8498D811E}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C75BB8F1-33BF-4D04-AEB4-42F69BCAC0C2}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C76DD5BD-362A-4A79-9531-1915B48CA8D2}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C784E48E-98EE-43EE-9C75-481F4C0DE7C2}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C7A20729-25BA-4928-AC7A-DBB477C721C4}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C8699748-D4D3-49BB-8B5B-171AD3489F17}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{C93B00D7-3A0D-4660-884E-53A75369CCB7}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{CA77D423-871F-446E-A093-FB9FDB16CD25}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{CA874832-E01C-40B1-820F-43B5C8A1A0F8}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{CB5EE752-A1C0-411A-9438-FBAB41AE18E0}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{CBBC93B4-E1BE-4C34-815D-CB6EE2A103A5}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{CC0CB7D6-B6ED-4F70-854F-73942BC0A5C7}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{CDD0D3EF-BE88-4B96-A9B8-7D9294AEF78B}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{CE0D6682-F204-4F7F-A082-EC88A1B762D7}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{CE31971C-FFDC-470B-ADB3-E5ADB5AEB3B3}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{CE85AF5C-8FBD-4C1E-A33F-EE12F58C2AFE}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{CEA05B68-2216-4077-AE00-E0817F8FDCF9}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{D02B67BD-9255-45EF-8FAB-CD10DBB2940F}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{D23F5001-2038-450E-97AA-C6B2DB51462B}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{D2C84650-2DF8-47BF-A31B-0A28876997A5}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{D4A08DE5-E56E-45FD-AFB0-4BC9F57B48FF}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{D4A5AEBA-FA1B-43D1-901D-84AE2F522D8A}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{D5CEAA89-FDB9-4CD4-A8CB-9E9E2F2F5FE5}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{D61DFBAB-1E97-427D-B510-2B06AF6C00E7}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{D6F0D2A1-9DE8-43DF-8F04-D400C7335217}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{D7DB0CDC-B968-4A5E-B84E-E3FBBDABF889}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{D7FEA4FB-EF86-400E-A5EE-1D79A276FAA5}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{D80B3F05-631C-4145-A630-33EA5C3E3C74}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{DB83392E-1476-48C2-AD7A-A9BBEEE09133}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{DBF022A3-AC79-4BFE-BCB9-3AE6E4FDCA1B}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{DC1793F8-6BEE-4EE8-ACFA-4E2B7EB1E0D7}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{DC1BC873-E684-41FD-9E02-FC69C174F7A1}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{DCB1C9D0-E981-4AA5-9F83-D7099B2A09A5}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{DCCF4911-BC1B-40D5-8243-05DC587F8BCB}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{DDCA0C15-1B07-44F3-90F8-21B2EE5820AB}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{DDCC6519-310C-4E99-A45C-BE8FECB9BFEA}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{DEEDD193-7AA9-47CE-BECF-8F7BBC46C60E}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{E1879324-F217-48A2-B23D-790E51678727}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{E216068F-C53A-41F0-8BAB-4D7DA81F4394}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{E23D8B64-FE2B-418B-A636-A4E287F0522D}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{E24DF93F-45F4-4F6D-A958-FEFC7B2DC0EC}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{E25ED1F2-8A37-4372-8C46-8C9D0A4A66B3}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{E2FB786D-98DD-4593-B0CD-1580E901D115}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{E32F28B0-CDB4-43C4-A348-C9AA4123CEB7}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{E45D4CC4-303A-4692-A74C-CED63FD8D8BA}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{E47551F8-C971-49BF-B0CD-C8362B59D6A0}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{E4BCED55-01A5-41A6-BE3B-6FE8F959560D}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{E5574F81-FB38-41C7-9454-3EF36C6224DD}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{E5D81BF3-7D15-41A2-8500-04BD62EB0254}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{E60E77FD-8442-4489-AD0A-3EF98705E18E}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{E73F1D6B-769C-4CE1-8C1D-5AA5781EC6AE}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{E7A4FB9B-50D5-4491-AD64-5F787FE339BE}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{E7C1D7BA-CDBA-41A3-9D5D-CD7912B316F1}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{E8A6BAC8-5E7D-43E4-AA0D-EC3BB208037B}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{EB6EEC8B-2C15-429F-9B30-76B818EB9DCE}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{EBBF2B17-543E-4987-A4DE-620FB61412D8}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{EBD5D9EC-2421-4086-96E9-399F0E113EB1}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{EBE5CEC1-6CA0-4A68-A70B-A1B74ED5C3CB}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{ED5D767A-AF6F-4812-BBE4-A361B9874F84}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{EDB2096A-DF5E-41E3-9C01-6C4048B2344E}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{EF0EC390-86AB-4130-82A3-2E272EEEC0F2}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{EFA76E0B-C8A1-4167-B124-894617DE809A}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{F132FEF9-FAF3-49D2-A158-4AB65CB0F179}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{F20F9BB8-0E1E-4E8D-B812-76F35D129812}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{F258E6EB-DFEC-42F6-A195-CE99249A8172}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{F3FF80E7-6F89-4865-B8EF-D9AACF5F7890}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{F6EE010D-5961-4BA2-94AA-03F0197B7929}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{F72578DA-CA10-45EC-8D92-7E4D3715EADB}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{F84006F9-09E8-4B44-8390-06E4C2D2244B}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{F95D0A26-A7F3-4700-8665-A5088BC7B516}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{FAC6B0AF-E65C-4231-861D-7AF9BF26298B}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{FB2D8768-7877-41EE-8ADD-EE8EFFC3B0D5}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{FB81C6C7-2DFB-4A52-9F1D-CCF4785D241F}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{FD59F470-F2F7-4ACE-82CE-497F21E9C98B}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{FDD88B60-14FE-4726-BEA2-14BBDB2138C0}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{FE7572B9-F47C-4BD5-80F8-F999D871E766}
Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{FEDFFD73-5780-4C0C-B985-996E54DDEC26}

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 01/17/2014 at 16:01:49.05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

OTL logfile created on: 1/17/2014 4:06:00 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tonis\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16750)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.80 Gb Total Physical Memory | 2.25 Gb Available Physical Memory | 59.17% Memory free
7.61 Gb Paging File | 5.85 Gb Available in Paging File | 76.89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284.60 Gb Total Space | 225.05 Gb Free Space | 79.08% Space Free | Partition Type: NTFS
Drive D: | 13.20 Gb Total Space | 1.88 Gb Free Space | 14.26% Space Free | Partition Type: NTFS
Drive E: | 99.34 Mb Total Space | 95.41 Mb Free Space | 96.05% Space Free | Partition Type: FAT32

Computer Name: TONIS-PC | User Name: Tonis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/17 16:05:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tonis\Downloads\OTL (1).exe
PRC - [2014/01/15 16:23:20 | 000,097,056 | ---- | M] () -- C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe
PRC - [2010/09/02 22:45:02 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
PRC - [2009/10/05 23:08:42 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/09/30 20:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 20:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

========== Modules (No Company Name) ==========

MOD - [2009/10/05 23:08:38 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013/10/23 17:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/10/23 17:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/26 21:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/15 22:19:54 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/06/15 22:19:53 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2009/09/04 13:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/08 13:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV - [2014/01/15 16:23:20 | 000,097,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe -- (Update Jump Flip)
SRV - [2013/12/14 09:51:31 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2010/10/22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/09/02 22:45:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/06/15 22:19:54 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe -- (STacSV)
SRV - [2010/06/15 22:19:53 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe -- (AESTFilters)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/30 20:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/09/30 20:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/05 16:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/09/27 09:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 05:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 03:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 01:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/06/15 22:19:55 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/06/15 22:18:09 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/01/18 15:40:26 | 000,004,608 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rcmirror.sys -- (rcmirror)
DRV:64bit: - [2009/10/08 08:37:50 | 007,749,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/09/26 07:42:58 | 000,233,984 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009/09/17 12:56:24 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/09/17 12:56:16 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/09/17 12:56:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/09/17 12:56:10 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/09/17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/08/14 22:54:54 | 000,286,768 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/08/07 20:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/07/30 19:58:42 | 000,236,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/08 13:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009/07/08 13:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009/06/29 10:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2009/06/10 13:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 13:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 13:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 12:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 12:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/04/29 08:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2009/09/02 09:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{7B414D43-4D41-4E63-BEE6-0004AEC01DEE}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{8D821589-6F10-4639-ADC6-8E0FB0F895B2}: "URL" = http://start.mysearc...=1890211539&ir=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{7B414D43-4D41-4E63-BEE6-0004AEC01DEE}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {8D821589-6F10-4639-ADC6-8E0FB0F895B2}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7MXGB_enUS510
IE - HKCU\..\SearchScopes\{7B414D43-4D41-4E63-BEE6-0004AEC01DEE}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.7.1\npHDPlg.dll ()
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Tonis\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/31 15:32:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/31 15:32:19 | 000,000,000 | ---D | M]

[2013/12/27 21:07:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Mysearchdial ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - Extension: YouTube = C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: No name found = C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/01/17 15:07:04 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_D30B0C0B46E32DAAAF8F6F8216DB5A4D] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window File not found
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} http://h20364.www2.h...DataManager.CAB (Reg Error: Key error.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_45)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BDD67482-F7E7-48A3-B228-CE774FFAA23D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/17 15:54:24 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/01/17 15:47:58 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/17 15:24:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Jump Flip
[2014/01/17 15:24:32 | 000,000,000 | ---D | C] -- C:\Users\Tonis\AppData\Roaming\DigitalSites
[2014/01/17 15:21:12 | 001,037,068 | ---- | C] (Thisisu) -- C:\Users\Tonis\Desktop\JRT.exe
[2014/01/17 15:04:26 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/01/02 23:47:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Nikon
[2013/12/27 21:07:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/12/27 21:07:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/12/27 20:58:54 | 000,000,000 | ---D | C] -- C:\Users\Tonis\AppData\Roaming\Nikon
[2013/12/27 20:58:54 | 000,000,000 | ---D | C] -- C:\Users\Tonis\AppData\Local\Nikon
[2013/12/27 20:57:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nikon
[2013/12/27 20:56:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nikon
[2013/12/27 20:56:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nikon
[2013/12/27 20:56:26 | 000,000,000 | ---D | C] -- C:\Program Files\Nikon
[2013/12/27 20:56:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Ultima_T15
[2013/12/27 20:56:10 | 000,000,000 | ---D | C] -- C:\Users\Tonis\AppData\Local\Downloaded Installations
[2013/12/27 20:54:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link to Nikon

========== Files - Modified Within 30 Days ==========

[2014/01/17 16:08:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/17 15:58:13 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/17 15:58:13 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/17 15:55:46 | 000,779,306 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/17 15:55:46 | 000,660,546 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/17 15:55:46 | 000,121,442 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/17 15:52:36 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/17 15:52:27 | 000,000,410 | ---- | M] () -- C:\Windows\tasks\isharpsoft Task.job
[2014/01/17 15:52:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/17 15:50:42 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\Digital Sites.job
[2014/01/17 15:50:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/17 15:50:29 | 3063,046,144 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/17 15:49:25 | 000,001,166 | ---- | M] () -- C:\Users\Tonis\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/01/17 15:49:25 | 000,001,080 | ---- | M] () -- C:\Users\Tonis\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/01/17 15:49:25 | 000,001,056 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/17 15:29:04 | 001,236,282 | ---- | M] () -- C:\Users\Tonis\Desktop\AdwCleaner.exe
[2014/01/17 15:24:40 | 000,000,389 | ---- | M] () -- C:\Users\Tonis\Desktop\FREE Games.url
[2014/01/17 15:24:36 | 000,000,110 | ---- | M] () -- C:\Users\Tonis\AppData\Roaming\WB.CFG
[2014/01/17 15:24:36 | 000,000,005 | ---- | M] () -- C:\Users\Tonis\AppData\Roaming\WBPU-TTL.DAT
[2014/01/17 15:21:13 | 001,037,068 | ---- | M] (Thisisu) -- C:\Users\Tonis\Desktop\JRT.exe
[2014/01/17 15:21:03 | 000,027,771 | ---- | M] () -- C:\Users\Tonis\Desktop\adwcleaner.htm
[2014/01/17 15:11:03 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForTonis.job
[2014/01/17 15:07:04 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2014/01/05 21:52:46 | 000,000,000 | -H-- | M] () -- C:\ProgramData\PKP_DLes.DAT
[2014/01/05 21:52:04 | 000,000,000 | -H-- | M] () -- C:\ProgramData\PKP_DLev.DAT
[2014/01/05 21:52:03 | 000,000,000 | -H-- | M] () -- C:\ProgramData\PKP_DLet.DAT
[2014/01/05 21:52:03 | 000,000,000 | ---- | M] () -- C:\Users\Tonis\AppData\Roaming\Dialogs
[2014/01/05 21:52:03 | 000,000,000 | ---- | M] () -- C:\ProgramData\Devices
[2014/01/05 21:52:03 | 000,000,000 | ---- | M] () -- C:\ProgramData\Conditionals

========== Files Created - No Company Name ==========

[2014/01/17 15:29:04 | 001,236,282 | ---- | C] () -- C:\Users\Tonis\Desktop\AdwCleaner.exe
[2014/01/17 15:25:27 | 000,016,896 | ---- | C] () -- C:\Windows\SysNative\sasnative64.exe
[2014/01/17 15:24:40 | 000,000,389 | ---- | C] () -- C:\Users\Tonis\Desktop\FREE Games.url
[2014/01/17 15:24:36 | 000,000,110 | ---- | C] () -- C:\Users\Tonis\AppData\Roaming\WB.CFG
[2014/01/17 15:24:36 | 000,000,005 | ---- | C] () -- C:\Users\Tonis\AppData\Roaming\WBPU-TTL.DAT
[2014/01/17 15:24:32 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\Digital Sites.job
[2014/01/17 15:21:03 | 000,027,771 | ---- | C] () -- C:\Users\Tonis\Desktop\adwcleaner.htm
[2014/01/17 13:07:00 | 000,000,332 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForTonis.job
[2014/01/05 21:52:03 | 000,000,000 | ---- | C] () -- C:\ProgramData\Devices
[2014/01/05 21:52:03 | 000,000,000 | ---- | C] () -- C:\ProgramData\Conditionals
[2013/12/27 20:57:06 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2013/12/27 20:56:20 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2013/12/27 20:56:20 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2013/12/27 20:56:20 | 000,000,000 | ---- | C] () -- C:\Users\Tonis\AppData\Roaming\Dialogs
[2013/05/26 20:17:05 | 000,773,522 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/05/26 20:13:00 | 000,000,258 | RHS- | C] () -- C:\Users\Tonis\ntuser.pol
[2011/05/18 20:10:45 | 000,001,940 | ---- | C] () -- C:\Users\Tonis\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini

========== ZeroAccess Check ==========

[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 18:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 17:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/01/17 15:24:32 | 000,000,000 | ---D | M] -- C:\Users\Tonis\AppData\Roaming\DigitalSites
[2013/12/27 20:58:54 | 000,000,000 | ---D | M] -- C:\Users\Tonis\AppData\Roaming\Nikon
[2013/09/01 19:50:13 | 000,000,000 | ---D | M] -- C:\Users\Tonis\AppData\Roaming\player
[2011/09/02 01:32:59 | 000,000,000 | ---D | M] -- C:\Users\Tonis\AppData\Roaming\Windows Live Writer

========== Purity Check ==========

< End of report >

#5
kepayne228

Posted 17 January 2014 - 06:42 PM

Member

Topic Starter
Member
79 posts

Also there is something called "IReg Cleaner" that seems like it is suspicious. Should this be removed too?

#6
Essexboy

Posted 18 January 2014 - 04:22 AM

GeekU Moderator

Retired Staff
69,964 posts

I can see no sign of that in the log .. so uninstall it if possible

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

:Commands
[CREATERESTOREPOINT]

:OTL
SRV - [2014/01/15 16:23:20 | 000,097,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe -- (Update Jump Flip)
IE:64bit: - HKLM\..\SearchScopes\{8D821589-6F10-4639-ADC6-8E0FB0F895B2}: "URL" = http://start.mysearc...=1890211539&ir=
[2014/01/17 15:24:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Jump Flip
[2014/01/17 15:24:32 | 000,000,000 | ---D | C] -- C:\Users\Tonis\AppData\Roaming\DigitalSites
[2014/01/17 15:21:12 | 001,037,068 | ---- | C] (Thisisu) -- C:\Users\Tonis\Desktop\JRT.exe
[2014/01/17 15:52:27 | 000,000,410 | ---- | M] () -- C:\Windows\tasks\isharpsoft Task.job
[2014/01/17 15:50:42 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\Digital Sites.job

:Files
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

:Commands
[resethosts]
[emptytemp]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware from here

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Attach the entire report in your next reply.

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

#7
kepayne228

Posted 18 January 2014 - 01:14 PM

Member

Topic Starter
Member
79 posts

Thank you for all of your help. Here are the new OTL and MBAM logs.

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Error: Unable to stop service Update Jump Flip!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update Jump Flip deleted successfully.
C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8D821589-6F10-4639-ADC6-8E0FB0F895B2}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8D821589-6F10-4639-ADC6-8E0FB0F895B2}\ not found.
C:\Program Files (x86)\Jump Flip\bin folder moved successfully.
C:\Program Files (x86)\Jump Flip folder moved successfully.
C:\Users\Tonis\AppData\Roaming\DigitalSites\UpdateProc folder moved successfully.
C:\Users\Tonis\AppData\Roaming\DigitalSites folder moved successfully.
C:\Users\Tonis\Desktop\JRT.exe moved successfully.
C:\Windows\Tasks\isharpsoft Task.job moved successfully.
File C:\Windows\tasks\Digital Sites.job not found.
========== FILES ==========
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\zh_TW folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\zh_CN folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\vi folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\uk folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\tr folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\th folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sv folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sr folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sl folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sk folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ru folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ro folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\pt_PT folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\pt_BR folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\pl folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\no folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\nl folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\lv folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\lt folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ko folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ja folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\it folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\id folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\hu folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\hr folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\hi folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\he folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\fr folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\fil folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\fi folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\et folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\es_419 folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\es folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\en_US folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\en_GB folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\en folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\el folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\de folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\da folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\cs folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ca folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\bg folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ar folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\zh_TW folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\zh_CN folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\vi folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\uk folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\tr folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\th folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\sv folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\sr folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\sl folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\sk folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\ru folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\ro folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\pt_PT folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\pt_BR folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\pl folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\nl folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\nb folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\lv folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\lt folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\ko folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\ja folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\it folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\id folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\hu folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\hr folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\hi folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\fr folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\fil folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\fi folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\et folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\es_419 folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\es folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\en_GB folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\en folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\el folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\de folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\da folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\cs folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\ca folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\bg folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\images folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\html folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\css folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1 folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\zh_TW folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\zh_CN folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\vi folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\uk folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\tr folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\th folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\sv folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\sr folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\sl folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\sk folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\ru folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\ro folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\pt_PT folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\pt_BR folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\pl folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\nl folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\nb folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\lv folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\lt folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\ko folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\ja folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\it folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\id folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\hu folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\hr folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\hi folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\fr folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\fil folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\fi folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\et folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\es_419 folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\es folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\en_GB folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\en folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\el folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\de folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\da folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\cs folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\ca folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\bg folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\images folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\html folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\css folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0 folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\__MACOSX\_locales folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\__MACOSX folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\zh_TW folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\zh_CN folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\vi folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\uk folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\tr folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\th folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\sr folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\sl folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\sk folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\se folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ru folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ro folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\pt_PT folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\pt_BR folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\pl folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\no folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\nl folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\lv folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\lt folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ko folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ja folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\it folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\id folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\hu folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\hr folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\hi folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\fr folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\fil folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\fi folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\es folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\en folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\el folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\de folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\da folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\cs folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ca folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\bg folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ar folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 folder moved successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia folder moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Tonis
->Temp folder emptied: 190369258 bytes
->Temporary Internet Files folder emptied: 44409439 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 20186344 bytes
->Google Chrome cache emptied: 7007785 bytes
->Flash cache emptied: 1191 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1940204 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 252.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 01182014_103913

Files\Folders moved on Reboot...
C:\Users\Tonis\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Tonis\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.18.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Tonis :: TONIS-PC [administrator]

Protection: Enabled

1/18/2014 10:52:12 AM
mbam-log-2014-01-18 (10-52-12).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 205397
Time elapsed: 5 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 5
HKCR\Typelib\{FBC322D5-407E-4854-8C0B-555B951FD8E3} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\Software\Jump Flip (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Wow6432Node\Adpeak, Inc. (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
HKLM\Software\Jump Flip (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#8
Essexboy

Posted 18 January 2014 - 01:18 PM

GeekU Moderator

Retired Staff
69,964 posts

Looks good, how is the computer behaving now ?

#9
kepayne228

Posted 18 January 2014 - 01:49 PM

Member

Topic Starter
Member
79 posts

The computer seems to be back to normal. We got back the correct browser homepages. No more search hijacks. Computer is running at normal speed. No weird pop ups.

Thanks for saving the day again!

#10
Essexboy

Posted 18 January 2014 - 03:55 PM

GeekU Moderator

Retired Staff
69,964 posts

In that case methinks I will send you on your merry way

Subject to no further problems

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run AdwCleaner and select uninstall

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

Clear Restore Points

Go Start > All Programmes > Accessories > System tools
Right click Disc Cleanup and select run as administrator
When it pops up at the first prompt select OK after it has done some calculations the tabs will appear
Select More Options tab
Press Sytem Restore and Shadow Copies Cleanup button

: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article and this article.
I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

Posted Image

Malwarebytes.

Update and run weekly to keep your system clean

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe :wave:

#11
Essexboy

Posted 21 January 2014 - 12:07 PM

GeekU Moderator

Retired Staff
69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.