[Solved] Getting rid of Delta Search

joodyanne · Sep 27, 2013

Resetting your browser settings will impact the settings below
Click to expand...

Thanks so much Starbuck. After I had done as requested, I went into my Avon Account with any trouble.

Around Message 14-15, you would have noted I sent JUNK FILE and Adw cleaner notes. Will now send OTC notes from Vista laptop which completes that test.

Many thanks for your help.

joodyanne · Sep 27, 2013

Here is the OTC logs from Vista laptop.

OTL Extras logfile created on: 28/09/2013 7:59:51 AM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Judy\Downloads

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

2.99 Gb Total Physical Memory | 1.72 Gb Available Physical Memory | 57.43% Memory free

6.18 Gb Paging File | 4.97 Gb Available in Paging File | 80.41% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 215.29 Gb Total Space | 140.64 Gb Free Space | 65.33% Space Free | Partition Type: NTFS

Drive D: | 15.00 Gb Total Space | 8.62 Gb Free Space | 57.49% Space Free | Partition Type: NTFS

Computer Name: JUDY-DELL-LAP | User Name: Judy | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [Browse with FastStone] -- "C:\Program Files\FastStone Image Viewer\FSViewer.exe" "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{05252E4F-D476-4150-803A-E04B64EBCEC2}" = rport=445 | protocol=6 | dir=out | app=system |

"{2AEFE8F0-5593-4B19-9C87-D4C410F38BE7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{34B23C64-3A51-4D14-99B0-8CD540960C8E}" = lport=138 | protocol=17 | dir=in | app=system |

"{397161FE-CC1C-40C7-8459-BEB7A8173851}" = lport=137 | protocol=17 | dir=in | app=system |

"{40FC05C8-AE99-4148-A482-ABDBA62CCBB6}" = lport=2869 | protocol=6 | dir=in | app=system |

"{566DCCCF-4E3E-40D2-9FB7-5E0C4CA4DE5A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{7DEEEB39-BA62-4804-B44D-6F50DD0156C5}" = lport=445 | protocol=6 | dir=in | app=system |

"{7F8E9E03-BD61-42F5-BACF-0F99169F200D}" = rport=138 | protocol=17 | dir=out | app=system |

"{82AA621F-F690-4E8F-8738-697CA8C7F638}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{82ED78B3-8AFF-4639-A0FC-110A7E1351C7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{B73793E2-4798-4467-A201-0D8A8D2DC687}" = rport=139 | protocol=6 | dir=out | app=system |

"{C4554830-1878-4927-B554-619A4044B4B3}" = rport=137 | protocol=17 | dir=out | app=system |

"{E5C0C47A-9B1F-403A-A87F-8BA06BA26836}" = lport=139 | protocol=6 | dir=in | app=system |

"{E972CEB2-E942-41C8-B805-2AF11880376B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0DF7A111-D63C-434B-BF64-AF3153691DB8}" = protocol=6 | dir=in | app=c:\users\judy\appdata\roaming\facebook\facebook.exe |

"{112F8689-4136-4471-82E2-D3CF2E72CC03}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |

"{1AF0ED70-C2E5-4091-8A4D-DD45A017BDFA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{219AB977-F96F-4DF6-8569-1C16A69BA13A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{23B82C5E-CB63-4EB3-BC2E-09C6C996ED48}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |

"{37BCF77D-0BD0-4115-B92A-D15A38E76A78}" = protocol=17 | dir=in | app=c:\users\judy\appdata\roaming\facebook\facebook.exe |

"{53D75742-1538-4566-876A-256C4E5B55AD}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |

"{55AAD29F-E33F-4BEB-A73B-EFE954FC1B23}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |

"{61499766-D54C-4B32-B24F-11FD3D11F68F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{71B25D05-E906-4BB6-BA0E-2F93536B5ABA}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |

"{760A369D-0639-47BB-96D8-9B994C44A399}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |

"{7B3BDD58-FE95-4B88-B69C-2BCDFA6D10A5}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |

"{7FAD79BB-F261-48F9-9485-9449CC0DD62B}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |

"{8E53FE46-4961-426D-8099-2F257FC4D5AB}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"{9470095B-7D37-4EE8-840D-E1A457918FE3}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |

"{9D77B478-2966-498B-A6AE-C8F150344982}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |

"{9D9FBA93-67CE-4C96-9AF6-55C8B2FA1116}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{A56B9AB3-7AA0-4490-9E61-47D85FA37517}" = protocol=6 | dir=in | app=c:\users\judy\appdata\roaming\dropbox\bin\dropbox.exe |

"{AD6897D2-37BB-4B14-94EB-D062D027A58C}" = protocol=17 | dir=in | app=c:\users\judy\appdata\roaming\dropbox\bin\dropbox.exe |

"{AFF44547-6D0C-4A59-B6B6-91FB9B201FB0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{BE10CD46-DEAC-4200-AE40-1DED2556BD08}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{BFBB0DFE-5CB1-409D-97FF-F79393F67176}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{CB020843-4CA3-494D-AC73-19986673E6FA}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |

"{CB8DB373-E3DF-4CAD-8DC9-0BE4926BB14C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{D96FF2EE-AC70-46AE-B4C1-C5F4468BF4E8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{DA0B50BE-0339-4363-BFEE-560DF9349162}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |

"{DBD5978D-E537-4018-AE3C-2868902AE801}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{E14F3326-9551-41ED-AB82-FACDC6F338A4}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{E27ABE2B-EFB9-4B27-A3B4-D8E7F6E60AF4}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{E8FDA296-D169-4562-A8B9-FFCA1205AF67}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |

"{EDBA679D-259C-4315-A1D6-451FDA4EDB0F}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |

"{F9F0806D-D004-4506-81FF-AB2774046A94}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |

"{FC256AB4-8396-4330-B923-5128D43A0060}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |

"TCP Query User{BB818D2A-9FD6-4465-AF9A-4639C0E980AC}C:\program files\realvnc\vnc4\vncviewer.exe" = protocol=6 | dir=in | app=c:\program files\realvnc\vnc4\vncviewer.exe |

"TCP Query User{C2DD6372-744F-4EAC-A3C1-0CEEBEC5A16C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"TCP Query User{D3EEF0D0-82A4-4FF7-849B-1AAF80C36543}C:\users\judy\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\judy\appdata\roaming\dropbox\bin\dropbox.exe |

"UDP Query User{45A8B0F0-01FA-44A6-AB42-8FAF40F843D9}C:\users\judy\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\judy\appdata\roaming\dropbox\bin\dropbox.exe |

"UDP Query User{4D3E7BA7-DEF5-4DFE-AC45-94FAB96CAAAF}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"UDP Query User{C14A1A92-8F07-44A1-B10B-43A1741C2C9D}C:\program files\realvnc\vnc4\vncviewer.exe" = protocol=17 | dir=in | app=c:\program files\realvnc\vnc4\vncviewer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data

"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{144A1586-E16C-448D-910D-E12ACD65DD98}" = Keyboard Lock Status

"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar v1.0

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{247C5DDA-FFD7-44E0-8BF7-79BC80A0BF87}" = Windows Live Family Safety

"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 24

"{294EAADF-E50F-4DD8-AD8D-19587EA10512}" = Modem Diagnostic Tool

"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger

"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety

"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager

"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting

"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4B6AD248-D3BF-426A-8D64-847288154F13}" = QuickSet

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support

"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI

"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3

"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6D1D8FB9-ED8A-48A5-8860-18E3DFFD3771}" = Family Budget Planner

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed

"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour

"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide

"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver

"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector

"{959282E3-55A9-49D8-B885-D27CF8A2FD82}" = PHOTOfunSTUDIO 5.0

"{95CEF2F2-8A48-4EEB-A26E-B41DBBBB6E4C}" = MedWatchDog MWD Manager

"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad

"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175

"{A4004E8B-6A95-4FA4-AA05-731FC6510474}" = Family Tree Maker 2005

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution

"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer

"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter

"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync

"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0

"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime

"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy

"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3

"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{C84F2DC4-9AB8-4E6A-9095-192CA4A95891}" = Samsung PC Studio 3

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}" = SAMSUNG SYMBIAN USB Download Driver

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = AusLogics Disk Defrag

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant

"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect

"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer

"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio

"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5

"{FA4C2D53-205F-4245-9717-F3761154824D}" = Safari

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)

"7-Zip" = 7-Zip 4.65

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Advanced Audio FX Engine" = Advanced Audio FX Engine

"Advanced Video FX Engine" = Advanced Video FX Engine

"Broadcom 802.11 Application" = Dell Wireless WLAN Card Utility

"CCleaner" = CCleaner

"Chameleon Clock_is1" = Chameleon Clock 5.1

"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem

"Creative OEM002" = Laptop Integrated Webcam Driver (1.04.01.1011)

"Dell Webcam Center" = Dell Webcam Center

"Dell Webcam Manager" = Dell Webcam Manager

"E24870CB6AA1C3511635FF9020A3E9471287FBE7" = Windows Driver Package - MobileTop (sshpmdm) Modem (01/26/2008 2.6.0.0)

"Everything" = Everything 1.2.1.371

"FastStone Image Viewer" = FastStone Image Viewer 4.0

"FileZilla Client" = FileZilla Client 3.3.1

"Foxit Reader" = Foxit Reader

"Google Updater" = Google Updater

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer

"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio

"IrfanView" = IrfanView (remove only)

"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.0.5

"Legacy 7.0" = Legacy 7.0

"LegacyChart7_is1" = Legacy Charting 7.0

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"NBI Viewer" = NBI Viewer

"PC-Doctor for Windows" = My Dell

"Photo Viewer" = Photo Viewer 2.3

"Picasa 3" = Picasa 3

"Qlock" = Qlock Lite

"RealVNC_is1" = VNC Free Edition 4.1.3

"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software

"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set

"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software

"SAMSUNG Mobile Modem V2" = SAMSUNG Mobile Modem V2 Software

"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software

"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software

"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software

"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software

"Totalcmd" = Total Commander (Remove or Repair)

"Weatherzone Tracker_is1" = Weatherzone Tracker v2.04

"WinLiveSuite" = Windows Live Essentials

"Yahoo! Software Update" = Yahoo! Software Update

"Yahoo!7 Messenger" = Yahoo!7 Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"bd4d3a0508d364f5" = Dell Driver Download Manager

"Dropbox" = Dropbox

"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 26/09/2013 3:55:09 AM | Computer Name = Judy-Dell-Lap | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 1435

Error - 26/09/2013 3:55:10 AM | Computer Name = Judy-Dell-Lap | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

Error - 26/09/2013 3:55:10 AM | Computer Name = Judy-Dell-Lap | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 2496

Error - 26/09/2013 3:55:10 AM | Computer Name = Judy-Dell-Lap | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 2496

Error - 26/09/2013 3:55:11 AM | Computer Name = Judy-Dell-Lap | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

Error - 26/09/2013 3:55:11 AM | Computer Name = Judy-Dell-Lap | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 3541

Error - 26/09/2013 3:55:11 AM | Computer Name = Judy-Dell-Lap | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 3541

Error - 26/09/2013 9:55:28 PM | Computer Name = Judy-Dell-Lap | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

Error - 26/09/2013 9:55:28 PM | Computer Name = Judy-Dell-Lap | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 1263

Error - 26/09/2013 9:55:28 PM | Computer Name = Judy-Dell-Lap | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 1263

[ System Events ]

Error - 26/09/2013 2:14:34 AM | Computer Name = Judy-Dell-Lap | Source = Ntfs | ID = 262199

Description = The file system structure on the disk is corrupt and unusable. Please

run the chkdsk utility on the volume OS.

Error - 26/09/2013 2:27:34 AM | Computer Name = Judy-Dell-Lap | Source = DCOM | ID = 10010

Description =

Error - 26/09/2013 2:31:28 AM | Computer Name = Judy-Dell-Lap | Source = volmgr | ID = 262190

Description = Crash dump initialization failed!

Error - 26/09/2013 2:31:37 AM | Computer Name = Judy-Dell-Lap | Source = volmgr | ID = 262190

Description = Crash dump initialization failed!

Error - 26/09/2013 2:33:04 AM | Computer Name = Judy-Dell-Lap | Source = Service Control Manager | ID = 7000

Description =

Error - 26/09/2013 2:33:04 AM | Computer Name = Judy-Dell-Lap | Source = Service Control Manager | ID = 7026

Description =

Error - 27/09/2013 5:46:54 PM | Computer Name = Judy-Dell-Lap | Source = DCOM | ID = 10010

Description =

Error - 27/09/2013 5:46:55 PM | Computer Name = Judy-Dell-Lap | Source = DCOM | ID = 10005

Description =

Error - 27/09/2013 5:46:56 PM | Computer Name = Judy-Dell-Lap | Source = Service Control Manager | ID = 7009

Description =

Error - 27/09/2013 5:46:56 PM | Computer Name = Judy-Dell-Lap | Source = Service Control Manager | ID = 7000

Description =

< End of report >

OTL logfile created on: 28/09/2013 7:59:51 AM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Judy\Downloads

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

2.99 Gb Total Physical Memory | 1.72 Gb Available Physical Memory | 57.43% Memory free

6.18 Gb Paging File | 4.97 Gb Available in Paging File | 80.41% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 215.29 Gb Total Space | 140.64 Gb Free Space | 65.33% Space Free | Partition Type: NTFS

Drive D: | 15.00 Gb Total Space | 8.62 Gb Free Space | 57.49% Space Free | Partition Type: NTFS

Computer Name: JUDY-DELL-LAP | User Name: Judy | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Windows\Temp\avnwldrtemp\setup\setup.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Windows\Temp\avnwldrtemp\setup\presetup.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Users\Judy\Downloads\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Avira\AntiVir Desktop\avira_free_antivirus.exe ()

PRC - C:\Program Files\My Dell\uaclauncher.exe (PC-Doctor, Inc.)

PRC - C:\Windows\Temp\RarSFX0\avwebloader.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)

PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)

PRC - c:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation)

PRC - C:\Windows\System32\stacsv.exe (IDT, Inc.)

PRC - C:\Windows\System32\AEstSrv.exe (Andrea Electronics Corporation)

PRC - C:\Program Files\Chameleon Clock\settime.exe ()

PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b167ef6967ad27503c6ac6aabcef1aff\System.Runtime.Remoting.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\59eba2680c01c33b2b3f5385979e32c6\System.Web.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll ()

MOD - C:\Users\Judy\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppgooglenaclpluginchrome.dll ()

MOD - C:\Users\Judy\AppData\Local\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll ()

MOD - C:\Users\Judy\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll ()

MOD - C:\Users\Judy\AppData\Local\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll ()

MOD - C:\Program Files\FileZilla FTP Client\fzshellext.dll ()

MOD - C:\Windows\System32\bcmwlrmt.dll ()

========== Services (SafeList) ==========

SRV - (AviraUpgradeService) -- C:\Windows\TEMP\AVSETUP_5245ff7f\avupgsvc.exe (Avira Operations GmbH & Co. KG)

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)

SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten)

SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)

SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (STacSV) -- C:\Windows\System32\stacsv.exe (IDT, Inc.)

SRV - (AESTFilters) -- C:\Windows\System32\AEstSrv.exe (Andrea Electronics Corporation)

SRV - (ChamClock Set Time Service for Vista) -- C:\Program Files\Chameleon Clock\settime.exe ()

SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)

========== Driver Services (SafeList) ==========

DRV - (PCD5SRVC{3F6A8B78-EC003E00-05040104}) -- C:\PROGRA~1\DELLSU~1\HWDiag\bin\PCD5SRVC.pkms File not found

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found

DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found

DRV - (Lbd) -- system32\DRIVERS\Lbd.sys File not found

DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found

DRV - (avkmgr) -- system32\DRIVERS\avkmgr.sys File not found

DRV - (avgntflt) -- File not found

DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)

DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)

DRV - (SmartDefragDriver) -- C:\Windows\System32\drivers\SmartDefragDriver.sys ()

DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()

DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys ()

DRV - (sscemdm) -- C:\Windows\System32\drivers\sscemdm.sys (MCCI Corporation)

DRV - (sscebus) -- C:\Windows\System32\drivers\sscebus.sys (MCCI Corporation)

DRV - (sscemdfl) -- C:\Windows\System32\drivers\sscemdfl.sys (MCCI Corporation)

DRV - (BCM42RLY) -- C:\Windows\System32\drivers\bcm42rly.sys (Broadcom Corporation)

DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)

DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)

DRV - (IntcHdmiAddService) -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel(R) Corporation)

DRV - (e1express) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)

DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)

DRV - (OEM02Dev) -- C:\Windows\System32\drivers\OEM02Dev.sys (Creative Technology Ltd.)

DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)

DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)

DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)

DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)

DRV - (OEM02Vfx) -- C:\Windows\System32\drivers\OEM02Vfx.sys (EyePower Games Pte. Ltd.)

DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/USCON/19

IE - HKLM\..\URLSearchHook: - No CLSID value found

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com.au/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-au

IE - HKCU\..\URLSearchHook: - No CLSID value found

IE - HKCU\..\SearchScopes,DefaultScope =

IE - HKCU\..\SearchScopes\{2ED2B7EC-9EE7-4DBC-88E2-A2CAEEE2C62E}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=DLCDF7&pc=MDDC&src=IE-SearchBox

IE - HKCU\..\SearchScopes\{76AD9AD1-EE17-44E3-A285-E4FB239180A5}: "URL" = http://www.google.com/search?q={sea...rce}&ie={inputEncoding?}&oe={outputEncoding?}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749"

FF - prefs.js..browser.search.selectedEngine: "ICQ Search"

FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..extensions.enabledAddons: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.3.8.20110620112826

FF - prefs.js..extensions.enabledAddons: {800b5000-a755-47e1-992b-48a1c1357f07}:1.2.6

FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655

FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Judy\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Judy\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

[2010/02/07 14:32:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Judy\AppData\Roaming\Mozilla\Extensions

[2009/07/15 20:03:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Judy\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com

[2013/09/26 16:26:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Judy\AppData\Roaming\Mozilla\Firefox\Profiles\e06x93ko.default\extensions

[2011/03/19 15:17:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Judy\AppData\Roaming\Mozilla\Firefox\Profiles\e06x93ko.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2011/06/20 10:45:18 | 000,000,168 | ---- | M] () -- C:\Users\Judy\AppData\Roaming\Mozilla\Firefox\Profiles\e06x93ko.default\searchplugins\icqplugin.gif

[2011/06/20 10:45:18 | 000,000,618 | ---- | M] () -- C:\Users\Judy\AppData\Roaming\Mozilla\Firefox\Profiles\e06x93ko.default\searchplugins\icqplugin.src

[2011/07/06 11:37:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2011/03/23 06:21:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

[2011/02/02 20:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{googlemniboxStartMarginParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}

CHR - homepage: http://au.news.yahoo.com/local/vic/

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Judy\AppData\Local\Google\Chrome\Application\29.0.1547.76\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll

CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Judy\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Judy\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa2\npPicasa3.dll

CHR - plugin: Windows Live\\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: YouTube = C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\

CHR - Extension: Google Search = C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\

CHR - Extension: Chrome In-App Payments service = C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\

CHR - Extension: Gmail = C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2006/09/19 07:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (no name) - SITEguard - No CLSID value found.

O4 - HKLM..\Run: [AVSetupPending] C:\Windows\Temp\AVSETUP_5245ff7f\setuppending.exe (Avira Operations GmbH & Co. KG)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{837CE165-D465-4039-BDC0-9E37530F7C06}: DhcpNameServer = 10.101.101.100 163.244.101.69 163.244.100.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E170389C-A316-4879-B34F-CF4432E18FA0}: DhcpNameServer = 192.168.2.1

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\P1010029.JPG

O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\P1010029.JPG

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/19 07:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{f0d6ccd5-db8a-11de-848a-0023ae1fbc10}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe - (Avanquest Software )

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 5.0.lnk - C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe - (Panasonic Corporation)

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickSet.lnk - C:\Program Files\Dell\QuickSet\quickset.exe - (Dell Inc.)

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk - Reg Error: Value error. - File not found

MsConfig - StartUpFolder: C:^Users^Judy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk - C:\Users\Judy\AppData\Roaming\Dropbox\bin\Dropbox.exe - (Dropbox, Inc.)

MsConfig - StartUpFolder: C:^Users^Judy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE - (Microsoft Corporation)

MsConfig - StartUpReg: Apoint - hkey= - key= - C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)

MsConfig - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

MsConfig - StartUpReg: AutoStartNPSAgent - hkey= - key= - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)

MsConfig - StartUpReg: ChristmasTree - hkey= - key= - C:\Users\Judy\Desktop\Programs\Desktop Christmas Tree\Christmas.exe ()

MsConfig - StartUpReg: ehTray.exe - hkey= - key= - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)

MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Users\Judy\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)

MsConfig - StartUpReg: HomeAlarm - hkey= - key= - C:\Program Files\Chameleon Clock\ChamClock.exe (Softshape Development)

MsConfig - StartUpReg: IAAnotif - hkey= - key= - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)

MsConfig - StartUpReg: ICQ - hkey= - key= - File not found

MsConfig - StartUpReg: IObit Security 360 - hkey= - key= - File not found

MsConfig - StartUpReg: LockStatusTray - hkey= - key= - C:\Windows\LockStatusTray.exe (Logitech, Inc.)

MsConfig - StartUpReg: Messenger (Yahoo!) - hkey= - key= - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)

MsConfig - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)

MsConfig - StartUpReg: OEM02Mon.exe - hkey= - key= - C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)

MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)

MsConfig - StartUpReg: Sidebar - hkey= - key= - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)

MsConfig - StartUpReg: SpybotSD TeaTimer - hkey= - key= - File not found

MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

MsConfig - StartUpReg: SUPERAntiSpyware - hkey= - key= - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)

MsConfig - StartUpReg: TomTomHOME.exe - hkey= - key= - Reg Error: Value error. File not found

MsConfig - StartUpReg: Uniblue RegistryBooster 2009 - hkey= - key= - Reg Error: Value error. File not found

MsConfig - StartUpReg: Weather Tracker3 - hkey= - key= - C:\Program Files\Weatherzone Tracker\weather_tracker.exe ()

MsConfig - State: "startup" - 2

MsConfig - State: "bootini" - 2

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/09/26 16:25:28 | 000,000,000 | ---D | C] -- C:\AdwCleaner

[2013/09/26 16:07:39 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT

[2013/09/26 14:01:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

[2013/09/26 03:10:58 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2013/09/26 03:10:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2013/09/26 03:10:56 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2013/09/26 03:10:55 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2013/09/26 03:10:55 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2013/09/26 03:10:54 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2013/09/26 03:10:54 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2013/09/26 03:10:52 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2013/09/26 03:02:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT

[2013/09/25 17:11:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

[2013/09/25 17:11:07 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL

[2013/09/25 17:11:04 | 003,603,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2013/09/25 17:11:04 | 003,551,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2013/09/25 17:11:01 | 002,049,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2009/07/12 16:55:58 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Program Files\freecell.exe

[2009/07/12 16:55:57 | 000,047,104 | ---- | C] (Atribune.org) -- C:\Program Files\ATF-Cleaner.exe

[2009/07/12 16:55:56 | 003,322,920 | ---- | C] (Google Inc.) -- C:\Program Files\picasa2-setup-1884.exe

[2009/07/06 18:42:47 | 002,207,280 | ---- | C] (C. Ghisler & Co.) -- C:\Program Files\tcmd704a.exe

[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/09/28 08:00:08 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2013/09/28 08:00:05 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-575506386-2380354725-1132721364-1000Core.job

[2013/09/28 07:50:18 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013/09/28 07:49:02 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-575506386-2380354725-1132721364-1000UA.job

[2013/09/28 07:48:09 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013/09/28 07:47:14 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job

[2013/09/28 07:46:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013/09/27 11:55:18 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2013/09/27 11:55:18 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2013/09/26 16:38:27 | 000,609,642 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2013/09/26 16:38:27 | 000,109,118 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2013/09/26 16:31:39 | 3210,784,768 | -HS- | M] () -- C:\hiberfil.sys

[2013/09/26 16:30:50 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat

[2013/09/26 16:24:20 | 000,000,632 | ---- | M] () -- C:\Users\Public\Desktop\Resume Reimage Repair Installation.lnk

[2013/09/26 16:24:09 | 000,000,099 | ---- | M] () -- C:\Windows\Reimage.ini

[2013/09/26 16:06:05 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2013/09/26 14:01:19 | 000,002,075 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk

[2013/09/26 03:40:44 | 000,350,320 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2013/09/25 17:50:31 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

[2013/09/25 17:50:31 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2013/09/25 17:08:39 | 000,002,041 | ---- | M] () -- C:\Users\Judy\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/09/26 16:24:20 | 000,000,632 | ---- | C] () -- C:\Users\Public\Desktop\Resume Reimage Repair Installation.lnk

[2013/09/26 16:24:09 | 000,000,099 | ---- | C] () -- C:\Windows\Reimage.ini

[2013/09/26 14:01:19 | 000,002,075 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk

[2011/02/09 06:03:30 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

[2010/04/11 08:23:48 | 000,051,888 | ---- | C] () -- C:\Users\Judy\Amelia.jpg

[2010/04/11 08:20:02 | 000,051,888 | ---- | C] () -- C:\Users\Judy\Clipboard.jpg

[2010/02/26 17:27:54 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt

[2010/02/13 20:53:03 | 000,000,880 | ---- | C] () -- C:\Users\Judy\Configure Picasa Photo Viewer.lnk

[2010/01/17 16:54:21 | 004,304,032 | ---- | C] () -- C:\Users\Judy\African_Booze_Tree.wmv

[2009/10/30 13:33:10 | 000,000,736 | ---- | C] () -- C:\Users\Judy\Sig.png

[2009/08/31 10:24:48 | 000,016,256 | ---- | C] () -- C:\Users\Judy\squeeks.jpg

[2009/08/31 10:24:29 | 000,016,256 | ---- | C] () -- C:\Users\Judy\squeek.jpg

[2009/08/30 15:32:08 | 000,000,626 | ---- | C] () -- C:\Program Files\cham3.lnk

[2009/08/15 21:22:31 | 000,000,680 | ---- | C] () -- C:\Users\Judy\AppData\Local\d3d9caps.dat

[2009/08/13 17:11:15 | 000,003,208 | ---- | C] () -- C:\Users\Judy\AppData\Roaming\wklnhst.dat

[2009/07/12 16:55:59 | 005,156,864 | ---- | C] () -- C:\Program Files\irfanview_plugins_398.exe

[2009/07/12 16:55:58 | 003,678,171 | ---- | C] () -- C:\Program Files\etax2006_1.exe

[2009/07/12 16:55:57 | 001,651,691 | ---- | C] () -- C:\Program Files\cham3.zip

[2009/07/12 16:55:57 | 000,727,139 | ---- | C] () -- C:\Program Files\qlock-install(2).zip

[2009/07/12 16:55:57 | 000,623,939 | ---- | C] () -- C:\Program Files\currencyconverter.exe

[2009/07/12 16:55:56 | 017,090,243 | ---- | C] () -- C:\Program Files\Legacy5Setup.exe

[2009/07/06 19:03:50 | 000,010,240 | ---- | C] () -- C:\Users\Judy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/07/06 18:39:51 | 013,722,952 | ---- | C] () -- C:\Program Files\winzip121.exe

========== ZeroAccess Check ==========

[2006/11/02 22:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 03:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 16:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 16:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

========== LOP Check ==========

[2011/02/05 15:16:40 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\Auslogics

[2013/06/07 15:45:29 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\Dropbox

[2009/11/11 19:49:30 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\Facebook

[2012/12/09 21:11:37 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\FileZilla

[2009/07/13 08:56:44 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\Foxit

[2009/07/10 07:26:56 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\FTW

[2011/03/22 20:13:18 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\GetRightToGo

[2009/11/15 15:16:30 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\GHISLER

[2011/10/28 09:43:59 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\ICQ

[2011/02/06 21:06:08 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\IObit

[2010/01/08 13:01:50 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\MSD_Soft

[2009/12/18 22:19:14 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\PC Suite

[2011/07/28 09:23:55 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\PCDr

[2010/02/26 17:29:00 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\Samsung

[2009/08/13 17:11:16 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\Template

[2009/07/09 07:44:13 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\tmp

[2009/07/15 20:03:20 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\TomTom

[2009/08/10 07:13:47 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\uniblue

[2011/02/06 05:50:22 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\Windows Live Writer

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >

[2009/12/27 12:31:59 | 000,012,316 | ---- | M] () -- C:\aaw7boot.log

[2006/09/19 07:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat

[2009/04/11 16:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr

[2010/02/26 17:48:30 | 000,000,074 | ---- | M] () -- C:\CMLoader.log

[2006/09/19 07:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys

[2009/04/25 07:16:04 | 000,005,064 | RH-- | M] () -- C:\dell.sdr

[2013/09/26 16:31:39 | 3210,784,768 | -HS- | M] () -- C:\hiberfil.sys

[2009/08/24 17:30:45 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2009/08/24 17:30:45 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2006/06/30 13:24:40 | 000,001,649 | ---- | M] () -- C:\mwd.inf

[2004/08/16 04:35:00 | 000,016,640 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\mwd.sys

[2013/09/26 16:31:37 | 3524,587,520 | -HS- | M] () -- C:\pagefile.sys

[2007/04/02 14:23:44 | 000,002,153 | ---- | M] () -- C:\PensorUSB.inf

[2004/10/19 15:41:38 | 000,039,168 | ---- | M] (Silicon Laboratories) -- C:\PensorUSB.sys

[2012/11/24 11:21:46 | 000,000,026 | ---- | M] () -- C:\SAD.BAT

[2011/03/17 07:56:08 | 000,064,588 | ---- | M] () -- C:\TDSSKiller.2.4.21.0_17.03.2011_08.54.49_log.txt

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

[2006/11/02 22:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\jnwppr.dll

[2007/04/09 13:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\mdippr.dll

[2006/10/26 21:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\msonpppr.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\System32\config\*.sav >

[2008/01/21 13:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV

[2008/01/21 13:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV

[2008/01/21 13:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV

[2006/11/02 20:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV

[2006/11/02 20:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %PROGRAMFILES%\* >

[2006/11/17 19:26:48 | 000,047,104 | ---- | M] (Atribune.org) -- C:\Program Files\ATF-Cleaner.exe

[2009/08/30 15:32:08 | 000,000,626 | ---- | M] () -- C:\Program Files\cham3.lnk

[2005/09/21 15:21:40 | 001,651,691 | ---- | M] () -- C:\Program Files\cham3.zip

[2007/03/01 19:22:44 | 000,623,939 | ---- | M] () -- C:\Program Files\currencyconverter.exe

[2008/01/21 12:43:21 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

[2006/10/05 15:51:02 | 003,678,171 | ---- | M] () -- C:\Program Files\etax2006_1.exe

[2003/03/31 22:00:00 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Program Files\freecell.exe

[2006/06/27 07:54:12 | 005,156,864 | ---- | M] () -- C:\Program Files\irfanview_plugins_398.exe

[2006/06/23 17:40:16 | 017,090,243 | ---- | M] () -- C:\Program Files\Legacy5Setup.exe

[2005/08/03 07:11:24 | 003,322,920 | ---- | M] (Google Inc.) -- C:\Program Files\picasa2-setup-1884.exe

[2009/07/07 21:17:40 | 000,727,139 | ---- | M] () -- C:\Program Files\qlock-install(2).zip

[2008/11/09 08:53:42 | 002,207,280 | ---- | M] (C. Ghisler & Co.) -- C:\Program Files\tcmd704a.exe

[2009/06/18 06:33:30 | 013,722,952 | ---- | M] () -- C:\Program Files\winzip121.exe

[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

< %USERPROFILE%\..|smtmp;true;true;true /FP >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< hklm\software\clients\startmenuinternet|command /rs >

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Judy\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2013/09/17 13:21:30 | 000,829,392 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Judy\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2013/09/17 13:21:30 | 000,829,392 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Judy\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/09/17 13:21:30 | 000,829,392 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Judy\AppData\Local\Google\Chrome\Application\chrome.exe" [2013/09/17 13:21:30 | 000,829,392 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/07/06 13:05:33 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/07/06 13:05:33 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/07/06 13:05:33 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2013/07/31 20:39:59 | 000,757,400 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2013/07/31 20:39:59 | 000,757,400 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2012/07/20 02:48:16 | 002,388,376 | ---- | M] (Apple Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2012/07/20 02:48:16 | 002,388,376 | ---- | M] (Apple Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2012/07/20 02:48:16 | 002,388,376 | ---- | M] (Apple Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2012/07/20 02:48:16 | 002,388,376 | ---- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Judy\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2013/09/17 13:21:30 | 000,829,392 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Judy\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2013/09/17 13:21:30 | 000,829,392 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Judy\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/09/17 13:21:30 | 000,829,392 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Judy\AppData\Local\Google\Chrome\Application\chrome.exe" [2013/09/17 13:21:30 | 000,829,392 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/07/06 13:05:33 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/07/06 13:05:33 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/07/06 13:05:33 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2013/07/31 20:39:59 | 000,757,400 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2013/07/31 20:39:59 | 000,757,400 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2012/07/20 02:48:16 | 002,388,376 | ---- | M] (Apple Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2012/07/20 02:48:16 | 002,388,376 | ---- | M] (Apple Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2012/07/20 02:48:16 | 002,388,376 | ---- | M] (Apple Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2012/07/20 02:48:16 | 002,388,376 | ---- | M] (Apple Inc.)

========== Alternate Data Streams ==========

@Alternate Data Stream - 162 bytes -> C:\ProgramData\TEMP:679ABA25

@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:0D786AE3

< End of report >

starbuck · Sep 28, 2013

Hi Judy,

Sounds like resetting Chrome has done the trick.

There are a few things that we need to address:

PRC - C:\Windows\Temp\avnwldrtemp\setup\setup.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Windows\Temp\avnwldrtemp\setup\presetup.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [AVSetupPending] C:\Windows\Temp\AVSETUP_5245ff7f\setuppending.exe (Avira Operations GmbH & Co. KG)
Click to expand...

Have you completed the Avira install yet?
You should complete this as soon as possible.

Step 1
Double click on OTL to run it.
Copy the lines in the codebox below. (make sure that :Otl is on the first line and that you include all of the Commands section )
Code:
:otl
DRV - (PCD5SRVC{3F6A8B78-EC003E00-05040104}) -- C:\PROGRA~1\DELLSU~1\HWDiag\bin\PCD5SRVC.pkms File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (Lbd) -- system32\DRIVERS\Lbd.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (avkmgr) -- system32\DRIVERS\avkmgr.sys File not found
DRV - (avgntflt) -- File not found
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope =
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
O3 - HKLM\..\Toolbar: (no name) - SITEguard - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk - Reg Error: Value error. - File not found
MsConfig - StartUpReg: ICQ - hkey= - key= - File not found
MsConfig - StartUpReg: IObit Security 360 - hkey= - key= - File not found
MsConfig - StartUpReg: SpybotSD TeaTimer - hkey= - key= - File not found
MsConfig - StartUpReg: TomTomHOME.exe - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: Uniblue RegistryBooster 2009 - hkey= - key= - Reg Error: Value error. File not found
[2011/10/28 09:43:59 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\ICQ
[2011/02/06 21:06:08 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\IObit
[2009/08/10 07:13:47 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\uniblue
@Alternate Data Stream - 162 bytes -> C:\ProgramData\TEMP:679ABA25
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:0D786AE3

:Files
ipconfig /flushdns /c

:commands
[emptytemp]
[purity]
[RESETHOSTS]
Return to OTL,

right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste.

Click the red Run Fix button.

OTL will reboot your system once the fix has completed.

After the reboot, you may need to double click OTL to launch the program and retrieve the log.

Copy and paste the contents of the OTL log that comes up after the fix in your next reply.

if you lose the report, there will be a copy here:
C:\_OTL\MovedFiles

Step 2
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. A malicious site could render Java content under older, vulnerable versions of Sun's software if the user has not removed them. Please follow these steps to remove older version Java components and update:

Download the latest version of Java Runtime Environment (JRE) 7 Update 40 and save it to your desktop.

Scroll down to where it says "Java SE 7 Update 40".

Click the "Download JRE" button.

Accept the license agreement.

select 'Windows x86'offline from the list.

Save the file to your desktop.

Close any programs you may have running - especially your web browser.

Then from your desktop double-click on downloaded icon to install the newest version.

In your next reply, please submit:
Otl fix report
and let me know how the system is running now.

Thanks.

joodyanne · Sep 28, 2013

OTL for Vista laptop below, and Avira is installed. I'll do the Java tomorrow as its very late now. PC seems very slow at the moment, but will advise

All processes killed
========== OTL ==========
Service PCD5SRVC{3F6A8B78-EC003E00-05040104} stopped successfully!
Service PCD5SRVC{3F6A8B78-EC003E00-05040104} deleted successfully!
File C:\PROGRA~1\DELLSU~1\HWDiag\bin\PCD5SRVC.pkms File not found not found.
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File system32\DRIVERS\nwlnkfwd.sys File not found not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File system32\DRIVERS\nwlnkflt.sys File not found not found.
Service Lbd stopped successfully!
Service Lbd deleted successfully!
File system32\DRIVERS\Lbd.sys File not found not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File system32\DRIVERS\ipinip.sys File not found not found.
Error: Unable to stop service avkmgr!
Unable to delete service\driver key avkmgr.
File move failed. C:\Windows\System32\DRIVERS\avkmgr.sys scheduled to be moved on reboot.
Error: Unable to stop service avgntflt!
Unable to delete service\driver key avgntflt.
File File not found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\SITEguard deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\control panel\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\restrictions\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpFolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk\ deleted successfully.
C:\Windows\pss\WinZip Quick Pick.lnk.CommonStartup moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\ICQ\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\IObit Security 360\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\SpybotSD TeaTimer\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\TomTomHOME.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Uniblue RegistryBooster 2009\ deleted successfully.
C:\Users\Judy\AppData\Roaming\ICQ\TempStorageKey folder moved successfully.
C:\Users\Judy\AppData\Roaming\ICQ\Locate folder moved successfully.
C:\Users\Judy\AppData\Roaming\ICQ\just_jude folder moved successfully.
C:\Users\Judy\AppData\Roaming\ICQ\judy folder moved successfully.
C:\Users\Judy\AppData\Roaming\ICQ\joody_anne folder moved successfully.
C:\Users\Judy\AppData\Roaming\ICQ\jood folder moved successfully.
C:\Users\Judy\AppData\Roaming\ICQ\bart folder moved successfully.
C:\Users\Judy\AppData\Roaming\ICQ\22040894\bart folder moved successfully.
C:\Users\Judy\AppData\Roaming\ICQ\22040894 folder moved successfully.
C:\Users\Judy\AppData\Roaming\ICQ\22040298 folder moved successfully.
C:\Users\Judy\AppData\Roaming\ICQ folder moved successfully.
C:\Users\Judy\AppData\Roaming\IObit\SmartRAM folder moved successfully.
C:\Users\Judy\AppData\Roaming\IObit\Smart Defrag 2 folder moved successfully.
C:\Users\Judy\AppData\Roaming\IObit\IObit SmartDefrag folder moved successfully.
C:\Users\Judy\AppData\Roaming\IObit\InternetBooster folder moved successfully.
C:\Users\Judy\AppData\Roaming\IObit\Common folder moved successfully.
C:\Users\Judy\AppData\Roaming\IObit\Advanced SystemCare\Backup\Registry folder moved successfully.
C:\Users\Judy\AppData\Roaming\IObit\Advanced SystemCare\Backup folder moved successfully.
C:\Users\Judy\AppData\Roaming\IObit\Advanced SystemCare folder moved successfully.
C:\Users\Judy\AppData\Roaming\IObit folder moved successfully.
C:\Users\Judy\AppData\Roaming\uniblue\speed up my pc 4 folder moved successfully.
C:\Users\Judy\AppData\Roaming\uniblue folder moved successfully.
ADS C:\ProgramData\TEMP:679ABA25 deleted successfully.
ADS C:\ProgramData\TEMP:0D786AE3 deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Judy\Downloads\cmd.bat deleted successfully.
C:\Users\Judy\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Judy
->Temp folder emptied: 8575641 bytes
->Temporary Internet Files folder emptied: 8349377 bytes
->Java cache emptied: 994418 bytes
->FireFox cache emptied: 44491207 bytes
->Google Chrome cache emptied: 24697543 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 547 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 576088831 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 1204224 bytes

Total Files Cleaned = 634.00 mb

File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
Error: Unble to create default HOSTS file!

OTL by OldTimer - Version 3.2.69.0 log created on 09282013_225901

Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\DRIVERS\avkmgr.sys scheduled to be moved on reboot.
File\Folder C:\Users\Judy\AppData\Local\Temp\~DF138.tmp not found!
File\Folder C:\Users\Judy\AppData\Local\Temp\~DF81E.tmp not found!
File\Folder C:\Users\Judy\AppData\Local\Temp\~DF829.tmp not found!
File\Folder C:\Users\Judy\AppData\Local\Temp\~DFA59.tmp not found!
File\Folder C:\Users\Judy\AppData\Local\Temp\~DFA68.tmp not found!
File\Folder C:\Users\Judy\AppData\Local\Temp\~DFB5F.tmp not found!
File\Folder C:\Users\Judy\AppData\Local\Temp\~DFB7B.tmp not found!
File\Folder C:\Users\Judy\AppData\Local\Temp\~DFDD.tmp not found!
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

starbuck · Sep 28, 2013

Hi Judy,

Because of the earlier problem with Avira being in the temp files..... it's caused possibly more problems.
I suggest you remove Avira and reinstall it again.
Follow this tutorial: Here
and make sure that you click on 'Save' and not Run when downloading Avira.
Only click to run it after it has been downloaded to the Desktop.

joodyanne · Sep 28, 2013

Starbuck, that tutorial won't open

joodyanne · Sep 29, 2013

I eventually got it open this afternoon. I was not given the option to save to desktop 0nly to run it. I hope that is ok. Do I have to do any more tests on the Vista laptop?

starbuck · Sep 29, 2013

Do I have to do any more tests on the Vista laptop?
Click to expand...

We can run more tools if the system is giving you problems, but if it's running fine then there's no need.

joodyanne · Sep 29, 2013

just remembered I have to update Java. I'll give it a few days and get back to you, as I'd now like to send the Notebook (win 7) details to be checked.

starbuck · Sep 29, 2013

I'll give it a few days and get back to you
Click to expand...

Sounds a good idea.

joodyanne · Sep 29, 2013

Starbuck, here is my Notebook Win7 jrt results
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.3 (09.27.2013:1)
OS: Windows 7 Home Premium x64
Ran by Judy on Mon 30/09/2013 at 10:12:08.08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

Successfully stopped: [Service] yontoo desktop updater
Successfully deleted: [Service] yontoo desktop updater

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\yontooieclient.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\igearsettings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-810056064-2480331435-476379365-1001\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibar_install_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibar_install_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_atf-cleaner_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_atf-cleaner_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_windows-live-messenger (1)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_windows-live-messenger (1)_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_windows-live-messenger_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_windows-live-messenger_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_atf-cleaner_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_atf-cleaner_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_windows-live-messenger (1)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_windows-live-messenger (1)_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_windows-live-messenger_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_windows-live-messenger_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{F4ED0519-C584-4DDA-BE93-FA0B93D040F6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

~~~ Files

Successfully deleted: [File] "C:\Users\Judy\appdata\local\mysearchdial_speedial_v9.0.2.crx"

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Judy\AppData\Roaming\drivercure"
Successfully deleted: [Folder] "C:\Users\Judy\AppData\Roaming\file scout"
Successfully deleted: [Folder] "C:\Users\Judy\AppData\Roaming\performersoft"
Successfully deleted: [Folder] "C:\Users\Judy\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\Judy\AppData\Roaming\yontoo"
Successfully deleted: [Folder] "C:\Users\Judy\appdata\local\dealplylive"
Successfully deleted: [Folder] "C:\Users\Judy\appdata\locallow\mixidj"
Successfully deleted: [Folder] "C:\Program Files (x86)\chatzum toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
Successfully deleted: [Folder] "C:\Program Files (x86)\yontoo"
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{001192A1-E895-49E4-8C69-74318D7A6444}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{0133FF76-933B-4D1B-B87F-1D2B31104639}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{013EF6FD-970B-41E9-B69A-99D369D49047}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{015B52D1-6B7D-41E0-BD90-0ABF61551020}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{02043B68-9A56-4772-AABA-B14148223E96}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{02B922DD-D1F9-445E-BDE0-A0126DFBC52B}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{041EA3C1-060F-4844-8EA9-2EFFC8085F78}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{0424A30B-8C57-436D-A061-8F29412186D7}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{043D0263-5982-4A5D-89B4-2379BAAED3D1}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{045CE4E0-EB1C-4AEA-A7F5-90840FAD6AD7}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{053AB00D-BBAC-450C-80F5-E3F6EF68B8CB}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{0573494E-0FE6-420E-BE34-D8DDFCC2E232}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{0658F43A-2705-464B-A8BC-D46CCCA03EF0}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{06A0A048-20F4-43C3-8F87-6AE6638B8667}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{06A453C0-BC56-433F-B8F4-6CFCFE4C50A0}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{071A9D26-7DB3-4E84-9BE9-E2C93E53B48F}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{0758A272-A98E-44FA-9891-D6557B72F008}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{07D5A51E-94B0-4CB1-AF17-A7E977A53056}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{08F58860-44C8-4348-BBDD-2B65F187C8EE}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{0948AD0B-561E-4B72-88FC-8ED08C235A9A}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{0B5058A3-582C-4870-97F1-DAABBF868F29}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{0BA7E475-49F5-4655-9A14-AF0455663AF4}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{0BFC46E7-6FE0-409E-B3A9-4D583033BF3F}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{0C068E38-DEED-4596-BA88-AAE99745AD9B}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{0CC11732-4A68-4945-9D12-F9C3C5406C69}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{0D3F02F2-E23C-4D7E-8E68-C52C6B747FA9}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{0E9C9A13-4D88-471E-AFE5-892C4F31CEA0}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{10BFB88E-0DE8-4642-900B-6C001D0993BF}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{114A5635-8A9C-4AD0-B7B6-721AA77AA32E}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{12136F73-A2A1-47A8-A2C3-5D5A3DB47793}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{12FC406E-7B37-488C-BAE6-B6D8B183D62E}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{1339DE5E-295A-4A1C-8203-37D7FA9E4305}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{13F3A9B0-D7EE-4864-89EF-9730439CD61A}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{15CFE7AE-4C39-45E5-BEFE-FF1AF3826EB8}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{15D692C2-1AB3-4987-A494-5F5D4F7C6BB4}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{1687E761-9A8B-495B-A7CF-2C102DB0F8D5}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{180D19D6-4E45-4BC5-B68E-F0C80B53D1F2}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{18C1762E-4581-48CA-B5D3-097DDD66E653}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{1B25DFC1-524D-4BCA-A1F4-F5107F9E7079}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{1CC3234E-3740-4DBE-A956-76CF44324974}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{1CD39C02-22BD-4123-882E-60CEA7F5E9BC}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{1D237BE7-FE96-4362-9A0E-CDBF558AE292}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{1D8958FD-9E56-42C7-AE22-52DF1446D54B}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{1E0A132A-4FE7-4206-BDC2-711AEDD1F5CD}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{1F38AA35-FAC3-4E65-BE72-CF90F5BC120E}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{1F7E053E-C7D1-4353-BC39-1F42355B6E06}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{201DD8CF-CCFB-4E7A-88A9-CBC5D7A58DED}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{2043BD9F-5583-46A9-81BB-52C2203BC1DF}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{218F8F36-B8B4-4350-B656-05A838DB361E}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{22A3F5B0-ED65-4649-AAAA-1AB31435861C}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{22BE7FEB-EA49-4804-A022-021D65CF5B21}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{235E3E1D-FD26-41DD-A761-429774942C55}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{255EAAD2-86D4-41A7-AB72-FC85406492F5}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{256305AF-7FDA-499C-9068-FC476B435FE6}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{257CB4C4-FF26-49AC-8F7E-2392CA8D0B71}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{2622E3F4-3BDA-465D-B807-0082E989F671}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{26E0B548-68A8-4F89-928B-C2D250E4CC73}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{2719E403-3717-4C6C-8058-1FE3E830A018}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{281FA561-25CD-497E-BC54-E00CF8766A6E}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{2869208D-A3FC-4CE3-AB8F-19202D5A2029}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{29915F08-7A1E-47FD-B0A4-CEC682AB52F3}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{2A7D94D6-8256-437C-86F5-EDB55A712E00}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{2B2828AC-068A-4DA1-A5CB-5809C7331028}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{2C2EA004-4C7A-4255-827F-FDA111C2C816}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{2CA8855A-34B9-41E8-AD91-C8901BEC0EAB}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{2CAD1656-B6FB-427F-AAB1-AC2048445B87}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{2E131346-B43C-4254-9793-48447A7D8012}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{2E465CF1-3696-4007-A886-0F14A30B36C1}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{3042E9D9-381E-4B19-8BE3-F1C3C469074F}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{3152A2A2-AE76-4381-BC27-45C1F0FAAB48}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{315EEA32-2C47-47C8-9DD5-DB5736B21806}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{31F03F3B-F600-4A8C-ACA9-C4F394EA7ECA}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{32B8C2C9-0EAC-4DB5-A9BD-FB9BB3894F28}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{3333C432-DE4E-47EE-822C-42A4313992C7}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{33FEE501-8172-4F40-BABF-F1052A9CE955}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{363C36C4-E9B7-41B8-BF28-BB14CC6F46F7}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{366FF403-8306-48A0-A151-0649EB7D34FB}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{396F35A8-6F74-42E0-86DE-0C85AD8C6A72}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{39FB7D10-9998-4506-ADC1-D01899301C98}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{3A76AF49-728C-4DA4-B9DE-2E1901DCB1EE}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{3A77C97E-470B-46A6-8DE1-3114EEA249D8}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{3B20CC06-CFBF-4A4A-8C89-9C9010E78755}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{3CD9D25A-8289-4E2F-AF5A-950F9EA0700D}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{3E5D1BDF-8AC3-4CEF-A231-C1F5512C9527}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{3EA3FB83-BC2F-42CF-86C0-930D00CAC8C4}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{3EEBF75B-AC40-4BB0-B157-E15E76978AB3}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{3F72526E-D952-425F-9289-0E39851CDC57}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{4045FA7F-9752-4D6E-97D4-2937C9598496}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{41291935-9DB6-447E-9356-82327D834C9C}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{4161E72F-AB76-4215-9DEB-3D693F35C084}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{4290C498-0AD9-4319-B7AE-ABA0F7647887}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{442C4C86-9E0A-4689-97A1-62E4DD54D639}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{44E53199-61AB-4AC7-8C66-1162474B2E15}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{46227E5F-C85E-4BBC-B407-9811CC8B079B}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{463361F8-7DE6-42DC-9658-D47C1180BE54}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{4642BA47-F1F7-4B28-BA1F-753E22F475D9}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{475F166F-3DAB-44F1-A2BF-593D7ABE91BC}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{4790A77D-5CFA-4FE8-A51E-5EAF7EE8FD87}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{481A9473-DB51-442D-A7AD-10B7DAF73A5D}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{497C188D-AA4E-485A-A64C-33DAFB843BF5}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{4A2F1FB3-7E92-4F4F-ACFB-BE11E114D746}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{4ACFC4AA-40E2-4246-AD05-1ED46803EDCA}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{4B259778-E96C-4A4B-BFF8-655260B7595F}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{4B8636A4-96A6-43AC-A592-360EB71760C5}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{4C16D2EB-AF73-44EB-A76C-0924B50ED312}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{4C55BE4E-C9A5-452C-828F-FAF1DAB3E08E}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{4CB175EB-2659-4E4F-A1FC-1B4097ABCB7C}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{4CDDF8E9-E877-4DC6-B1C7-4CC76C3BDE08}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{4DAAD617-77FD-4691-A364-D5805533F571}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{4DFAB820-4525-4542-BD37-74E826366CC5}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{4E30808D-353C-4D6B-A183-0A1B8F6DB1DC}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{4FC919B2-141C-4DFE-8090-9C31800202D5}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{502BE7AE-3BF0-4BA0-91D7-A282A96BCD46}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{517AE591-0207-4C4A-9B88-58CEA7BE1288}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{51D1485F-1C35-4B18-B4A2-FC7A638BA56C}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{5211BF82-332D-4776-AC66-919B3D73A100}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{523A307E-0F77-4A96-90FA-D71F8914FAC1}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{52960BF8-4DBA-4C6F-ACF6-C637820CCAFF}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{549F4405-CBB9-45BB-8FC6-93150365FDF6}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{54D19804-C9E4-416B-AEAB-0F5E702A57F7}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{55343CE7-6C40-4125-A9BD-05B41E7B6138}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{55DDB456-114E-4354-A021-0C296FDE01F4}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{57168884-09DA-4DF1-BAAF-D4CCA08636DF}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{57231F5B-75AC-4C06-8704-7D3404964E34}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{591DD7B1-1189-4909-B4E9-2DE7C361317A}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{5929142E-D458-44AE-BB32-F5E5494FA583}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{59782E2E-3B4D-436C-BBD2-0415A6194191}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{5983B22C-66D1-431A-A58A-83C5374C1892}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{59B1F4AF-FD4B-4413-BDFA-8AAAED9E7565}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{5A08507A-E0A3-460C-9F8D-95F3C4EABD9C}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{5B363F3D-3BC7-4AC0-9471-63F54021A356}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{5B5878F6-F10A-4350-93F7-A85F59C91CE7}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{5BA8F038-17CD-4E47-81FB-E28DAF1ED332}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{5BCA0B42-88FB-414B-998C-309EC1746450}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{5BE0F88B-BF6B-4C9D-8B8D-D08C2C4BF665}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{5C447C7D-A393-4F20-808A-D8C43BB92BB8}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{5C5E3710-0A32-4297-A5FE-8311A2808045}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{5C7FF467-EABB-4A45-B3BD-920230F62276}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{5D30DDF2-D98C-4B67-9B0D-1DFC30C2031F}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{5E0F8B47-2FCF-4904-AF90-CC6FFF032855}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{5E43330C-573F-4119-A858-BBF658E0F2CD}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{5E77A32D-B3F2-40D2-91C2-AFA04FDE559A}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{5F522AA9-D4E7-4004-9EFC-385A48C1A48F}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{5F8CAF31-36F9-48DA-9A8F-07DAE2AA5B83}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{6085428A-A8F4-4D4D-BE08-AD0172052677}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{62300985-3C25-4EEE-A376-BBCDF1571AE0}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{624A0011-1391-4FDE-B232-7777A06AEE00}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{627B4B50-663A-4D3E-8857-091397795618}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{62AB2B07-E11B-4AC7-97C2-397E65E2A5CA}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{635340CA-614F-469F-9AF5-EE235D30424E}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{63DFB476-AF54-4BD6-AD04-3E619D6DF638}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{641DD892-E12C-4503-9E8D-0EAA852331B8}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{64A03330-C4AC-418A-965A-F0650830533D}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{64C212D1-2E8E-42A2-B42E-ACD527E06E6D}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{64FD67BC-C882-4150-8FE4-CB8370CA11CF}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{651ABE93-06C5-4CD8-8B95-E3C5B7F356DC}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{65922F58-4B25-43F3-A409-98F01839347D}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{65FF598B-6FED-4B27-9285-0074AC4B4B60}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{6604595A-091B-462C-AFEE-9DBC5018084D}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{66CB7617-3FF8-4166-B4F7-AFB27733ECEA}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{66FFA4B3-0965-4504-B7C8-5A137D41CDD6}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{692FB1B0-9966-4E3E-92A4-45D04A7D3046}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{69528767-5D93-4395-B74F-1358E577DC7E}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{6959136B-DC38-4CBD-B146-F3578472EE82}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{6AC28874-9E30-4111-9A32-5C8F735FA7EF}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{6AC823E1-4B23-4832-ABC0-8560EDA0A32B}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{6B1840C2-7B13-45AB-94B9-BF05ADD8F734}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{6B56C12E-38C5-4302-9768-58A08952B8C2}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{6C7C13BA-DD67-44EE-B3ED-B3011B9558CB}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{6CB6F2E9-40DF-4A59-898F-DA4A0D9819FB}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{6D470DFB-1CDF-4F26-A6A9-5F354579F464}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{6E1230CA-7B4B-48D7-A8AC-80D89891DDB4}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{6E19D3B5-3FB4-4647-9C44-74290F47A4D3}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{6E32542A-A096-4ECB-9724-C40526C0DD75}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{6F667F94-4410-43C1-9BD6-6CF39D8A2E1A}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{6FF5EFDB-07D7-469D-A64C-E05CC70D5915}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{71B085B2-A250-41BA-B97B-85EACFAB8867}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{71F87852-5D82-4832-ADEF-326E50B3AD52}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{7285EAFF-4F1D-418B-BAB6-8F886CE2394D}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{757C435E-59FA-4ECB-8911-D9DD78B4A2CB}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{763AFABE-87EF-4EC2-94F1-99E187A0824B}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{78101D1A-426F-4CC3-A32C-E1C6705957B3}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{78DEFFBC-979A-46C3-98A2-67B359206980}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{790CC2D8-0EC5-4CFF-A281-C62819E14E82}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{7A5D0B88-37B0-4F22-9CE9-A49B0750AC68}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{7B99BADF-C1F0-4872-A43E-55ADCB7DE722}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{7BBDA216-3135-4855-9328-2B96597EFBC5}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{7C8E84EB-33A1-4778-ACFD-5C45C38C7BFE}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{7C982EEE-00DB-43F5-9DA8-775752456123}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{7CD0ED4E-0E0D-4317-876B-C208DFE934EB}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{7CD48738-AD1E-411E-B17D-09453E194378}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{7CF89959-3DC7-4AAC-AF8D-1A01B0B7C52D}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{7DA2D41C-711F-45E7-BC42-998D0FC1A053}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{7E9A12E9-A199-4A81-ACC6-31F5EB4F764F}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{7F09B508-5953-4926-A990-975A99472B1F}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{7F5F9E3B-7F45-42DA-9833-0D8D281B9204}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{7F6B93A2-CD4F-40FB-8875-3930B62E032F}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{803304F1-18D9-41E1-9B45-440F9EB4ABEF}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{810F7454-C02C-4D4F-8638-405A7B718A40}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{817CD238-B3C7-4E5E-951E-3B80E0A6DEE6}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{8197E236-8AB8-40D2-8A77-B01C89C29A6D}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{83ACA32C-D268-4995-8BE2-1BEB8A90F884}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{85CAD37D-138E-4D01-A168-0FEB2FB380ED}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{86C9E461-9B37-4551-862B-FC2A4AB13A4C}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{876422AF-DEFD-401F-B51E-2BC68F2F9EFE}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{876C3D4B-96A0-42C3-8CD4-9B0CE9E9BD4B}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{877A3474-F698-4818-9C26-4D0FA2071FC0}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{893EEDAD-37EE-4901-963A-1657852C3843}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{89D853CC-CF4F-4F76-9949-8D36B9074ADE}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{8A073E44-6A27-4445-8BFB-ABAFAD0CF3E9}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{8BC3F9C7-793A-458A-8381-75BAACFF9864}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{8C4607F2-4811-4778-AADD-B4FFD9FF164B}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{8D617F4B-0F7D-4BC5-9B81-182064F915A9}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{8D6C316C-B139-49B2-95D3-17093AC5F680}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{8D8CD0A0-72AD-4656-805C-5FAA1DF03361}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{8E72BEAF-E253-4137-B727-FEDB3A5B1CF0}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{8F199D7F-DF75-4C02-9938-0CFEF6299477}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{8F8BC869-DEA6-4D7E-AF5C-FA6E659FAE8A}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{9002153E-B919-490B-A660-7F0219A926B1}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{9114C82D-4FE4-4097-84ED-A2B27CA5DEF1}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{916A25FC-8558-43A3-85C1-EB9E1AD87F1D}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{91B40260-BAEB-4689-8F2C-16C3E9C48460}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{91D802EB-713C-4B5A-95BE-8195C896E75E}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{91D8B1AC-388A-42B3-B874-F8ED86AEF93A}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{91D99A30-3703-444D-A2D9-BBE3EF056C1A}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{92B52D29-C386-416C-B242-2CE382EBF91D}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{93ED4C14-A281-4FF8-BFFD-C4F4EC765656}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{942BB702-D6D0-4706-AA72-EFB18D18919B}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{943A7CEB-3A6F-4B9B-8828-93ED6BF1C2C1}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{94C1606E-2A6E-4A96-A348-B6782D0D319A}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{94DCA2C4-5696-46E3-81C3-7A5DB622A37A}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{97220A56-226E-46E1-AF41-39C6771F040B}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{97F5E9FC-3986-4302-B504-80EA9EBCDFDD}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{988ACB9F-3248-476D-9378-3CFE2E322837}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{99CAB455-A0F0-47BE-A17C-D6DCE6B8E40B}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{99DA476D-B5BF-4A41-A304-93D8671FBCB4}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{99F55C0D-63F2-4458-86EB-3FFF81523F51}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{9A55E317-CEB0-4BE1-B493-DED1F4D7B901}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{9A73AEC2-CE09-4678-A054-F11DE8BE8C14}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{9B8E564D-0832-4256-B7BF-CDEB19B6A8E7}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{9E4DEF6B-606F-4D4E-8CA7-39DA7EE27A6A}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{9EB96B97-FA29-45DE-A6B4-3F0D42E2D879}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{9FEBDDDD-00A9-4434-96A1-6596FFE81859}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{A078455F-A844-40ED-B3D8-DD589BF2994F}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{A0D3BB63-CECA-4254-A51B-52B90E0AD2FB}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{A1FC31E5-0FBD-4F4E-A523-A0037934990B}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{A30D50AD-B98A-4237-8CBE-67DACE3BE668}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{A323D0A8-3C66-41D7-8A79-ADF951A1C7DC}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{A3948497-5A64-4561-81A1-3088650AE6F4}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{A4B5DF8F-D3C9-4716-AE53-52672757DBDF}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{A7BC6E07-1C74-4B6B-9743-0B199F4D9FC2}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{A7CA96B8-B977-49BE-AF2F-9DEB97780B2A}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{A7F412AD-04CD-4E89-B636-3827E79D7F1B}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{A88742A7-9BC9-4299-A7F0-1B7718489687}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{AAAFEDD1-FA7D-4EC0-9956-995566B255B7}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{AB022905-0497-4C50-8D10-8B7B87B785F8}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{AB1DA32F-CDB8-4D8F-9ABF-F8BBCA33677D}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{AD0057F7-1C6D-4071-B8B6-3ABF123EB817}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{AE0B0648-D13C-4F16-8556-20F722BE3E11}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{AEA3E79A-1D60-4282-A8E2-42CF03EC1A24}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{AFA6192A-7AFD-477C-A756-593DDEEDB341}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{B07D27D3-DC67-4B8D-B646-3C1F23329EE6}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{B0ABD153-5691-4F84-BE41-96D13340155E}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{B0C0F430-2AFE-40FB-9B09-C14EBD8EDF3C}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{B0FB2319-2099-4793-A7C6-397708B4C8CE}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{B26B27AF-2D65-45C8-82FF-CCD5BE5EEBE2}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{B30371B1-17C4-4197-8AC4-0C4B4EDCBAFB}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{B341C7FF-2148-451E-86EC-F6FE26CE4D74}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{B367377C-2083-4DBE-B64F-460BC649C7B2}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{B4FE6746-2988-4BC1-B433-F0B21BC86FBF}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{B50B53AC-0CA2-433C-BB22-045CEF836892}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{B72576C6-6717-4C30-BD6D-688CD2E2E811}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{B754FB3F-AA8E-4415-AAB8-97DE6C4BA1DF}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{B982CD16-B57F-4A55-A407-4A1A661F53E6}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{B9A04D20-30F5-4ADB-ADEA-A82673A7584E}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{B9BA1D1A-E8FA-4974-B468-076DF6D0D763}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{B9DB8CB6-8BC6-4F26-94C1-B29543751076}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{BAB84A71-A4F2-4B07-8172-243C0038A482}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{BABB7C61-8C39-42A3-BAAC-65218D825FDB}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{BC443521-3239-4411-A3AF-A91181E4258C}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{BCD263FF-3ED4-48F7-8DF2-D1B5F573947D}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{BD9D7475-01E8-40E6-89E7-8B93DAA72D90}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{BDA8F1AB-2577-4C33-9FAF-95E599034D6B}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{BEDFCAA2-5081-4664-9E2F-65E9DFF22C4E}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{C0AD290D-0F67-4DBA-84BD-50BB3D203C86}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{C0C0EE91-3804-40EB-BDF8-16FAC7974A00}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{C1DEA829-2046-4EC6-B2B0-EC7BCC8856F0}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{C30D4028-87D3-4E6C-818D-FF97DB37137C}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{C3639CEB-219F-43C1-82C2-29334CF74992}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{C3969FAF-48C4-42E4-AE3D-1F070E5FA690}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{C3F0A124-C680-4C08-BEED-C990ABD4FA24}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{C4830D43-98C5-4503-83D7-6B11332FAE9B}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{C7431755-3ACA-4947-8DEF-E36A501E71B4}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{C7740125-F88E-4082-B0FB-00E201268C82}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{C7F85A61-0604-4B6B-B42C-018B56F7424E}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{C83D0BE6-12CB-4CE8-A4BF-3CB16576ADD9}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{C8D39015-9F68-4159-8D4E-F5C1DACF6337}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{C9962830-28ED-4DAE-A59D-6B377358F6DB}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{C9D1C58D-86A8-4B8B-9E7E-8AA9A7C24878}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{C9F9E6D5-9D5F-436E-8E6D-8923E0AF50C6}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{CA87ED05-A14E-428F-89B8-43401B26CB09}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{CB41601E-FA15-4426-AED4-9C9C2FF2E4A5}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{CC65F5E3-E45F-472B-9D6C-4B12D2D3F56F}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{CD4B0A5A-F36A-483D-A0BF-1B1D7A575C19}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{CD57CE70-F60B-4CBA-8FFB-95F82F83EBDD}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{CDDF7AB1-07BC-4090-88B4-5B1C407ECF4E}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{CF6B2A86-649D-4809-BBB7-8537C2BAEF02}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{CF74CC44-E1EE-40EF-A29C-B222F351CCA6}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{D0873FCF-C1AB-4375-A2FA-9E370E363D32}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{D0EF8A5D-6595-4472-9C4B-750C77061DD7}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{D14D72A8-AB5B-4E8D-8063-45C1AD01881C}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{D3A5A784-BE73-4EE5-AA03-CCE463D60230}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{D3FDCD27-CC6A-4522-BF93-CEDBA2A41CAB}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{D48D0233-BEBD-41FD-ACB0-566D3DC7C858}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{D4C22DBF-8904-4F4F-B6A6-9EE62905CAE4}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{D4FD911D-D8A9-4857-BD4A-F0E99BF7F21E}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{D7FFC99A-2091-4703-92B3-55DA3F81FD59}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{D832175B-4CC9-4989-9DBE-56DFCF83398D}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{D84E4636-065E-4938-A10D-69EEA6A77830}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{D851B5FA-8B19-46E3-9E7E-2018DA9AA053}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{D85EE17D-1F54-461B-B7AE-4A15710ED49F}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{DABF6668-19FD-427D-AB5E-4BE691C9C5AA}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{DB0C3989-CDE7-4B34-A66D-173CB6414D3B}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{DBFB8D34-8E11-4E14-B591-2E8A7FB853BE}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{DC6A3A9D-5467-4346-BADA-E602392CD882}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{DEA5429F-9333-4465-A039-65C755ACC0D3}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{DEA88560-DF15-43CB-AE31-95CE55688A44}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{DEC11448-F2DB-4BE6-8B9E-45E56D252CC2}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{E17315B4-8466-4309-B667-4BF0267CCBAC}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{E20B6C9C-E4C7-4349-BB03-9F0460F2B426}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{E23ED51B-B3A1-4F2E-97DD-1C91260607F3}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{E2D86AEF-A965-4700-B2A4-9F382DD0AA3F}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{E3102ACA-1473-4310-8F29-183714E68447}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{E422ED39-9B5E-48F5-A690-50DB21E1960A}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{E4276032-D1E5-45C2-80F0-0E0309B4ABB6}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{E54E4540-B677-4EF0-BC5C-085E3F292EEB}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{E58948AB-11EA-42AA-A2F4-8346362A5FB0}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{E71AD2E7-12E9-4249-B48D-3B6762118581}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{E7389529-6901-4DD0-8CCC-4E9052B1B4FF}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{E739C521-15FD-4B2B-9A5D-CC46580A253C}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{E782740B-2E4B-4F0D-9349-9F82C4954855}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{E9E3010F-C837-40B1-99C3-EB1151534FEC}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{E9FADE46-88AB-4FCC-A380-56B7C9FF099B}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{EA5D2034-8743-4045-8D30-7325AD603661}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{EA63A0DF-E1A9-4A2F-8573-A6F31A08224D}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{EAB492AA-C4EE-481F-883D-E72E8AD13DEA}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{EBC9F340-CE73-4FA2-94DC-51FDAA7BE190}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{EBED7A30-16DC-4E6C-AEB1-3208D135F2C4}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{EC43E863-A4BA-4C16-93F0-3584BA6A547F}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{EC86B371-0384-4FC5-A165-0E4B465BC6E2}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{ED8901C5-80A1-4F00-BA6F-09823B2F9FB1}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{EDA299E1-08E6-4235-9955-9134596EE4EC}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{EDAF5EA0-D0BC-49F2-B5C8-4EA14082870C}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{EDC07F4B-7CEE-4BED-88E8-F54F2DD8E7DF}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{EDDF3ADA-5A1D-45D6-87AB-B7D2108B8213}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{EE2F860A-AAFC-45E9-A402-C94376CC7C27}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{EEBDA3DB-9AA8-4B4E-AAC0-578804609220}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{EECDD875-740A-45B8-B8BA-9A19A125A9EB}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{EF6FF5C8-5FA2-4B90-83C4-664FB58E0BFA}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{F0C3467B-1198-41A8-A252-3AA3A375AD2D}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{F1350C6A-FB6B-496E-A729-F1F9DF31AAAF}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{F158C459-8996-40D8-B103-7144F6D46572}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{F28480B4-B9E0-46C5-A366-30E6BC37C218}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{F29FA2EF-7E98-4450-939F-6549263380F5}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{F2C69397-AD40-4F20-9098-5E8B50809F12}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{F37CB072-1AEE-4B44-ACC2-2969574FC9E9}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{F54D31D0-30EA-4A02-863A-7350C6CE1E8C}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{F551B123-6F44-4255-95D9-F6A9A22816F1}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{F55D6438-635C-41CA-8CA5-72F2689644EA}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{F56A5AC1-D51D-4F2C-A26D-1D984B2CF29B}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{F65CE747-8987-468D-A842-07FB6C62E157}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{F6BB6D5F-D7E8-4F41-8DE7-454B33DB6134}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{F77BB5BD-7F65-45D5-9251-1973E5B20459}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{F7A75E43-5A90-4B47-8F68-3FB0159302B3}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{F8037816-CEB3-40E5-8478-F5C8BA6C0DE1}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{F8351273-9C63-4D8E-9F09-CA198BD1528F}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{F839B143-E7B1-4159-8A0D-5210261D439A}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{F85AC500-2184-4321-A861-6296F79C07ED}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{F96100A4-E0B5-4A8B-A184-0F1B8478A5EC}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{F9A3932B-615E-408C-851D-FB562CCDEE47}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{FAF46A9B-E789-4AD6-A7A4-3387D07C0729}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{FB72BE13-0DF5-4474-8C19-5BCC9BA04651}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{FB7AD9D0-1B68-4F90-AE01-3306A56BC5E3}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{FB807CC4-A74B-4B4C-8CC9-48B243F3943E}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{FC571DDE-40B9-470B-8BF7-10550474DCBD}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{FD91F030-A6A8-4EB8-A1F3-9AEA4267A020}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{FE06221A-3ABC-4006-A8CD-DCB95122B340}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{FE7A7D0B-4F80-4B7C-869B-59764F3802E0}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{FF0FE2AC-8FFC-4EA2-B371-3FB28838937F}
Successfully deleted: [Empty Folder] C:\Users\Judy\appdata\local\{FF81B954-DC77-40EF-ACCE-C4435C6963C3}

~~~ Chrome

Successfully deleted: [Folder] C:\Users\Judy\appdata\local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 30/09/2013 at 10:20:50.67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

joodyanne · Sep 29, 2013

# AdwCleaner v3.005 - Report created 30/09/2013 at 10:30:02
# Updated 22/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Judy - JUDY-PC
# Running from : C:\Users\Judy\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Users\Judy\AppData\Roaming\SpeedanAlysis
Folder Deleted : C:\Users\Judy\AppData\Roaming\Mozilla\Firefox\Profiles\yz3focvj.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}
Folder Deleted : C:\Users\Judy\AppData\Roaming\Mozilla\Firefox\Profiles\yz3focvj.default\Extensions\speedtestanalysis@SpeedAnalysis.com
Folder Deleted : C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon
File Deleted : C:\Users\Public\Desktop\MySearchDial.url
File Deleted : C:\Users\Judy\AppData\Roaming\speedanalysis.ico
File Deleted : C:\Users\Judy\Desktop\SpeedAnalysis.lnk
File Deleted : C:\Users\Judy\AppData\Roaming\Mozilla\Firefox\Profiles\yz3focvj.default\searchplugins\delta.xml
File Deleted : C:\Users\Judy\AppData\Roaming\Mozilla\Firefox\Profiles\yz3focvj.default\searchplugins\mixidj.xml
File Deleted : C:\Users\Judy\AppData\Roaming\Mozilla\Firefox\Profiles\yz3focvj.default\searchplugins\Mysearchdial.xml
File Deleted : C:\Users\Judy\AppData\Roaming\Mozilla\Firefox\Profiles\yz3focvj.default\user.js
File Deleted : C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_dnpmlnedpdikbgdghljdepnljfpkhccn_0
File Deleted : C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dnpmlnedpdikbgdghljdepnljfpkhccn_0.localstorage

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [speedanalysis@SpeedAnalysis.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [speedanalysis@SpeedAnalysis.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon
Key Deleted : HKCU\Software\5f538c8ab56fe846
Key Deleted : HKLM\SOFTWARE\5f538c8ab56fe846
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKCU\Software\ChatZum Toolbar
Key Deleted : HKLM\Software\ChatZum Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686

-\\ Mozilla Firefox v

[ File : C:\Users\Judy\AppData\Roaming\Mozilla\Firefox\Profiles\yz3focvj.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [3539 octets] - [30/09/2013 10:25:05]
AdwCleaner[S0].txt - [3465 octets] - [30/09/2013 10:30:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3525 octets] ##########

joodyanne · Sep 29, 2013

OTL logfile created on: 30/09/2013 10:35:04 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Judy\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

3.90 Gb Total Physical Memory | 2.30 Gb Available Physical Memory | 59.00% Memory free
7.80 Gb Paging File | 6.02 Gb Available in Paging File | 77.18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 98.60 Gb Total Space | 52.39 Gb Free Space | 53.13% Space Free | Partition Type: NTFS

Computer Name: JUDY-PC | User Name: Judy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Judy\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe (IObit)
PRC - C:\Users\Judy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe (IObit)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (Intel Corporation)
PRC - C:\Windows\SysWOW64\irstrtsv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe (TOSHIBA CORPORATION.)

========== Modules (No Company Name) ==========

MOD - C:\Users\Judy\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\Judy\AppData\Local\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll ()
MOD - C:\Users\Judy\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll ()
MOD - C:\Users\Judy\AppData\Local\Google\Chrome\Application\29.0.1547.76\libglesv2.dll ()
MOD - C:\Users\Judy\AppData\Local\Google\Chrome\Application\29.0.1547.76\libegl.dll ()
MOD - C:\Users\Judy\AppData\Local\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\IObit\Smart Defrag 2\NtfsData.dll ()
MOD - C:\Users\Judy\AppData\Roaming\Dropbox\bin\libcef.dll ()
MOD - C:\Users\Judy\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ()

========== Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SRV:64bit: - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (TOSHIBA eco Utility Service) -- C:\Program Files\TOSHIBA\TECO\TecoService.exe (TOSHIBA Corporation)
SRV:64bit: - (TPCHSrv) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (TOSHIBA HDD SSD Alert Service) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (Intel Corporation)
SRV - (TMachInfo) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
SRV - (irstrtsv) -- C:\Windows\SysWOW64\irstrtsv.exe (Intel Corporation)
SRV - (cfWiMAXService) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe (TOSHIBA CORPORATION)
SRV - (ConfigFree Service) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV:64bit: - (aswSnx) -- C:\windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswTdi) -- C:\windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (SmartDefragDriver) -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys ()
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (aswKbd) -- C:\windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (tosrfbd) -- C:\Windows\SysNative\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV:64bit: - (e1cexpress) -- C:\Windows\SysNative\drivers\e1c62x64.sys (Intel Corporation)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (tosrfec) -- C:\Windows\SysNative\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (risdxc) -- C:\Windows\SysNative\drivers\risdxc64.sys (REDC)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (PGEffect) -- C:\Windows\SysNative\drivers\PGEffect.sys (TOSHIBA Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (Tosrfusb) -- C:\Windows\SysNative\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (Tosrfcom) -- C:\Windows\SysNative\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (tosrfbnp) -- C:\Windows\SysNative\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (Tosrfhid) -- C:\Windows\SysNative\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV:64bit: - (TosRfSnd) -- C:\Windows\SysNative\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV:64bit: - (tdcmdpst) -- C:\Windows\SysNative\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV:64bit: - (tosrfnds) -- C:\Windows\SysNative\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\drivers\TVALZ.SYS (TOSHIBA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (tos_sps64) -- C:\Windows\SysNative\drivers\tos_sps64.sys (TOSHIBA Corporation)
DRV:64bit: - (TVALZFL) -- C:\Windows\SysNative\drivers\TVALZFL.sys (TOSHIBA Corporation)
DRV:64bit: - (tosporte) -- C:\Windows\SysNative\drivers\tosporte.sys (TOSHIBA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {F4ED0519-C584-4DDA-BE93-FA0B93D040F6}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{F4ED0519-C584-4DDA-BE93-FA0B93D040F6}: "URL" = http://www.bing.com/search?q={searchTerms}&form=TSHPDF&pc=MATP&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://au.news.yahoo.com/vic/home/
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Judy\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Judy\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/09/24 21:25:58 | 000,000,000 | ---D | M]

[2013/03/29 16:39:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Judy\AppData\Roaming\Mozilla\Extensions
[2013/03/29 16:39:51 | 000,000,000 | ---D | M] (SpeedAnalysis.com) -- C:\Users\Judy\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
[2013/09/30 10:30:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Judy\AppData\Roaming\Mozilla\Firefox\Profiles\yz3focvj.default\extensions
[2013/01/19 17:17:00 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Judy\AppData\Roaming\Mozilla\Firefox\Profiles\yz3focvj.default\extensions\support@lastpass.com

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{googlemniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://news.ninemsn.com.au/melbourne
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Judy\AppData\Local\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Judy\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Judy\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Judy\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: WOT = C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.0.17_0\
CHR - Extension: YouTube = C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0\
CHR - Extension: LastPass = C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.5.5_0\
CHR - Extension: Speed Test Analysis = C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.4_0\
CHR - Extension: Google Maps = C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Gmail = C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/11 07:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
O2:64bit: - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - Startup: C:\Users\Judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Judy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to TOSHIBA Bulletin Board - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O8:64bit: - Extra context menu item: LastPass - file://C:\Users\Judy\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8:64bit: - Extra context menu item: LastPass Fill Forms - file://C:\Users\Judy\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O8 - Extra context menu item: Add to TOSHIBA Bulletin Board - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O8 - Extra context menu item: LastPass - file://C:\Users\Judy\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Users\Judy\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O9:64bit: - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
O9:64bit: - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
O9:64bit: - Extra Button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll (TODO: <会社名>)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll (TODO: <会社名>)
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
O9 - Extra Button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O9 - Extra 'Tools' menuitem : @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 10.25.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D6EC8405-B933-42DA-BCE1-6D5655FA2B5A}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass FF RunOnce.lnk - C:\Program Files (x86)\Common Files\lpuninstall.exe - (LastPass)
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass IE RunOnce.lnk - C:\Program Files (x86)\Common Files\lpuninstall.exe - (LastPass)
MsConfig:64bit - StartUpFolder: C:^Users^Judy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk - C:\Users\Judy\AppData\Roaming\Dropbox\bin\Dropbox.exe - (Dropbox, Inc.)
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: BatteryManager - hkey= - key= - C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayicon.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: Google Update - hkey= - key= - C:\Users\Judy\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig:64bit - StartUpReg: HotKeysCmds - hkey= - key= - C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
MsConfig:64bit - StartUpReg: IgfxTray - hkey= - key= - C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
MsConfig:64bit - StartUpReg: ITSecMng - hkey= - key= - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
MsConfig:64bit - StartUpReg: KiesAirMessage - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: KiesPreload - hkey= - key= - C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
MsConfig:64bit - StartUpReg: KiesTrayAgent - hkey= - key= - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig:64bit - StartUpReg: Messenger (Yahoo!) - hkey= - key= - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
MsConfig:64bit - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: NortonOnlineBackup - hkey= - key= - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
MsConfig:64bit - StartUpReg: Persistence - hkey= - key= - C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
MsConfig:64bit - StartUpReg: RTHDVCPL - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
MsConfig:64bit - StartUpReg: Skype - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
MsConfig:64bit - StartUpReg: SUPERAntiSpyware - hkey= - key= - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
MsConfig:64bit - StartUpReg: SynTPEnh - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
MsConfig:64bit - StartUpReg: TCrdMain - hkey= - key= - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: Teco - hkey= - key= - C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: TOSDCR - hkey= - key= - C:\Program Files (x86)\TOSHIBA\PasswordUtility\TOSDCR.exe ()
MsConfig:64bit - StartUpReg: ToshibaServiceStation - hkey= - key= - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: TosNC - hkey= - key= - C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: TosReelTimeMonitor - hkey= - key= - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: TosSENotify - hkey= - key= - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: TosVolRegulator - hkey= - key= - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: TosWaitSrv - hkey= - key= - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: TPwrMain - hkey= - key= - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: WRSVC - hkey= - key= - File not found
MsConfig:64bit - State: "startup" - Reg Error: Key error.

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/09/30 10:33:09 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2013/09/30 10:25:03 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/09/30 10:12:04 | 000,000,000 | ---D | C] -- C:\windows\ERUNT
[2013/09/23 19:19:33 | 000,000,000 | ---D | C] -- C:\Users\Judy\AppData\Local\Adobe
[2013/09/12 22:15:00 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/09/12 22:15:00 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/09/12 22:14:59 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013/09/12 22:14:58 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013/09/12 22:14:58 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013/09/12 22:14:58 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2013/09/12 22:14:58 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2013/09/12 22:14:58 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013/09/12 22:14:58 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013/09/12 22:14:58 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013/09/12 22:14:58 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013/09/12 22:14:55 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/09/12 22:14:55 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/09/12 22:14:55 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/09/12 22:14:54 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/09/12 17:40:22 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ataport.sys
[2013/09/12 17:40:20 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2013/09/12 17:40:19 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2013/09/12 17:40:19 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2013/09/12 17:40:19 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2013/09/12 17:40:19 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2013/09/12 17:40:18 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2013/09/12 17:40:18 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2013/09/12 17:40:18 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2013/09/12 17:40:18 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2013/09/12 17:40:18 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2013/09/12 17:40:18 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\smss.exe
[2013/09/12 17:40:18 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll
[2013/09/12 17:40:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll
[2013/09/12 17:40:18 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2013/09/12 17:40:18 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
[2013/09/12 17:40:18 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/09/12 17:40:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/09/12 17:40:17 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/09/12 17:40:17 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/09/12 17:40:17 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2013/09/12 17:40:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/09/12 17:40:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/09/12 17:40:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/09/12 17:40:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/09/12 17:40:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/09/12 17:40:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/09/12 17:40:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/09/12 17:40:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/09/12 17:40:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/09/12 17:40:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/09/12 17:40:16 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2013/09/12 17:40:16 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2013/09/12 17:40:16 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\apisetschema.dll
[2013/09/12 17:40:16 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apisetschema.dll
[2013/09/12 17:40:16 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/09/12 17:40:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/09/12 17:40:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/09/12 17:40:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/09/12 17:40:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2013/09/12 17:39:53 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shdocvw.dll
[2012/11/11 15:04:30 | 014,794,312 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/09/30 10:38:12 | 000,025,120 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/30 10:38:12 | 000,025,120 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/30 10:36:53 | 000,779,226 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/09/30 10:36:53 | 000,664,974 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/09/30 10:36:53 | 000,125,678 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/09/30 10:31:29 | 000,000,322 | ---- | M] () -- C:\windows\tasks\GlaryInitialize.job
[2013/09/30 10:31:05 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/09/30 10:31:01 | 3143,012,352 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/30 10:15:01 | 000,000,904 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-810056064-2480331435-476379365-1001UA.job
[2013/09/29 20:55:00 | 000,000,372 | ---- | M] () -- C:\windows\tasks\WpsUpdateTask_Judy.job
[2013/09/29 20:50:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/09/29 20:15:00 | 000,000,852 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-810056064-2480331435-476379365-1001Core.job
[2013/09/26 21:32:23 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/09/26 17:52:30 | 000,005,632 | ---- | M] () -- C:\Users\Judy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/09/24 21:25:59 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt
[2013/09/22 18:18:49 | 000,002,372 | ---- | M] () -- C:\Users\Judy\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/09/22 18:18:49 | 000,002,370 | ---- | M] () -- C:\Users\Judy\Desktop\Google Chrome.lnk
[2013/09/20 20:50:17 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013/09/20 20:50:17 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/09/15 19:33:42 | 000,416,688 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/09/09 18:02:22 | 000,001,059 | ---- | M] () -- C:\Users\Judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/09/09 18:02:22 | 000,001,059 | ---- | C] () -- C:\Users\Judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/07/28 22:11:40 | 000,849,368 | ---- | C] () -- C:\Users\Judy\AppData\Local\census.cache
[2013/07/28 22:11:26 | 000,118,056 | ---- | C] () -- C:\Users\Judy\AppData\Local\ars.cache
[2013/07/28 21:58:29 | 000,000,036 | ---- | C] () -- C:\Users\Judy\AppData\Local\housecall.guid.cache
[2013/04/18 19:07:00 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
[2013/04/18 19:06:46 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll
[2013/04/18 19:06:46 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll
[2013/04/18 19:06:46 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll
[2013/04/18 19:06:46 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll
[2013/01/05 18:20:32 | 000,765,138 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/07/24 19:48:06 | 000,005,632 | ---- | C] () -- C:\Users\Judy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/10 15:50:35 | 000,000,074 | ---- | C] () -- C:\windows\MPLAYER.INI
[2012/05/10 15:49:38 | 000,338,944 | ---- | C] () -- C:\windows\SysWow64\lffpx7.dll
[2012/05/10 15:49:38 | 000,122,880 | ---- | C] () -- C:\windows\SysWow64\LFKODAK.DLL

========== ZeroAccess Check ==========

[2009/07/14 14:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 12:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 11:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 11:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 13:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 11:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/04/11 18:25:39 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\Amazon
[2013/09/30 10:31:39 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\Dropbox
[2013/07/18 20:55:46 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\Foresight Software
[2012/12/29 14:52:36 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\GlarySoft
[2013/07/18 18:26:59 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\IObit
[2013/07/18 18:26:59 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\IrfanView
[2012/06/02 18:15:47 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\Kingsoft
[2012/09/03 17:52:55 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\RootsMagic
[2013/05/02 11:34:09 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\Samsung
[2013/03/07 17:13:00 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\SpeedTestAnalysis
[2012/04/11 14:25:40 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\Tific
[2013/03/22 13:44:18 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\Toshiba
[2012/08/08 18:44:44 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\WildTangent
[2012/04/11 19:46:44 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\Windows Live Writer

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2010/11/21 13:23:51 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2011/09/14 13:03:07 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2013/09/30 10:31:01 | 3143,012,352 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/30 10:31:02 | 4190,683,136 | -HS- | M] () -- C:\pagefile.sys
[2 C:\*.tmp files -> C:\*.tmp -> ]

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\* >
[2009/07/14 14:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %USERPROFILE%\..|smtmp;true;true;true /FP >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome.JUHXA3SZPXGUPIC64Z5WZUVBTU\InstallInfo\\ReinstallCommand: "C:\Users\Judy\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/09/17 13:21:30 | 000,829,392 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome.JUHXA3SZPXGUPIC64Z5WZUVBTU\InstallInfo\\HideIconsCommand: "C:\Users\Judy\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2013/09/17 13:21:30 | 000,829,392 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome.JUHXA3SZPXGUPIC64Z5WZUVBTU\InstallInfo\\ShowIconsCommand: "C:\Users\Judy\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2013/09/17 13:21:30 | 000,829,392 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome.JUHXA3SZPXGUPIC64Z5WZUVBTU\shell\open\command\\: "C:\Users\Judy\AppData\Local\Google\Chrome\Application\chrome.exe" [2013/09/17 13:21:30 | 000,829,392 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2013/08/10 16:10:22 | 000,775,256 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2013/08/10 16:10:22 | 000,775,256 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Safari\Safari.exe" /reinstall [2012/04/25 09:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /hideicons [2012/04/25 09:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /showicons [2012/04/25 09:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files (x86)\Safari\Safari.exe" [2012/04/25 09:36:36 | 002,388,336 | ---- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome.JUHXA3SZPXGUPIC64Z5WZUVBTU\InstallInfo\\ReinstallCommand: "C:\USERS\JUDY\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2013/09/17 13:21:30 | 000,829,392 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome.JUHXA3SZPXGUPIC64Z5WZUVBTU\InstallInfo\\HideIconsCommand: "C:\USERS\JUDY\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2013/09/17 13:21:30 | 000,829,392 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome.JUHXA3SZPXGUPIC64Z5WZUVBTU\InstallInfo\\ShowIconsCommand: "C:\USERS\JUDY\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2013/09/17 13:21:30 | 000,829,392 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome.JUHXA3SZPXGUPIC64Z5WZUVBTU\shell\open\command\\: "C:\USERS\JUDY\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2013/09/17 13:21:30 | 000,829,392 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2013/08/10 15:22:38 | 000,051,712 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2013/08/10 15:22:38 | 000,051,712 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2013/08/10 15:22:38 | 000,051,712 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2013/08/10 16:10:22 | 000,775,256 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE [2013/08/10 16:10:22 | 000,775,256 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /REINSTALL [2012/04/25 09:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /HIDEICONS [2012/04/25 09:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /SHOWICONS [2012/04/25 09:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" [2012/04/25 09:36:36 | 002,388,336 | ---- | M] (Apple Inc.)

< End of report >

joodyanne · Sep 29, 2013

OTL logfile created on: 30/09/2013 10:35:04 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Judy\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

3.90 Gb Total Physical Memory | 2.30 Gb Available Physical Memory | 59.00% Memory free
7.80 Gb Paging File | 6.02 Gb Available in Paging File | 77.18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 98.60 Gb Total Space | 52.39 Gb Free Space | 53.13% Space Free | Partition Type: NTFS

Computer Name: JUDY-PC | User Name: Judy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Judy\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe (IObit)
PRC - C:\Users\Judy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe (IObit)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (Intel Corporation)
PRC - C:\Windows\SysWOW64\irstrtsv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe (TOSHIBA CORPORATION.)

========== Modules (No Company Name) ==========

MOD - C:\Users\Judy\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\Judy\AppData\Local\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll ()
MOD - C:\Users\Judy\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll ()
MOD - C:\Users\Judy\AppData\Local\Google\Chrome\Application\29.0.1547.76\libglesv2.dll ()
MOD - C:\Users\Judy\AppData\Local\Google\Chrome\Application\29.0.1547.76\libegl.dll ()
MOD - C:\Users\Judy\AppData\Local\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\IObit\Smart Defrag 2\NtfsData.dll ()
MOD - C:\Users\Judy\AppData\Roaming\Dropbox\bin\libcef.dll ()
MOD - C:\Users\Judy\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ()

========== Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SRV:64bit: - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (TOSHIBA eco Utility Service) -- C:\Program Files\TOSHIBA\TECO\TecoService.exe (TOSHIBA Corporation)
SRV:64bit: - (TPCHSrv) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (TOSHIBA HDD SSD Alert Service) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (Intel Corporation)
SRV - (TMachInfo) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
SRV - (irstrtsv) -- C:\Windows\SysWOW64\irstrtsv.exe (Intel Corporation)
SRV - (cfWiMAXService) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe (TOSHIBA CORPORATION)
SRV - (ConfigFree Service) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV:64bit: - (aswSnx) -- C:\windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswTdi) -- C:\windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (SmartDefragDriver) -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys ()
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (aswKbd) -- C:\windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (tosrfbd) -- C:\Windows\SysNative\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV:64bit: - (e1cexpress) -- C:\Windows\SysNative\drivers\e1c62x64.sys (Intel Corporation)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (tosrfec) -- C:\Windows\SysNative\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (risdxc) -- C:\Windows\SysNative\drivers\risdxc64.sys (REDC)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (PGEffect) -- C:\Windows\SysNative\drivers\PGEffect.sys (TOSHIBA Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (Tosrfusb) -- C:\Windows\SysNative\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (Tosrfcom) -- C:\Windows\SysNative\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (tosrfbnp) -- C:\Windows\SysNative\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (Tosrfhid) -- C:\Windows\SysNative\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV:64bit: - (TosRfSnd) -- C:\Windows\SysNative\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV:64bit: - (tdcmdpst) -- C:\Windows\SysNative\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV:64bit: - (tosrfnds) -- C:\Windows\SysNative\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\drivers\TVALZ.SYS (TOSHIBA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (tos_sps64) -- C:\Windows\SysNative\drivers\tos_sps64.sys (TOSHIBA Corporation)
DRV:64bit: - (TVALZFL) -- C:\Windows\SysNative\drivers\TVALZFL.sys (TOSHIBA Corporation)
DRV:64bit: - (tosporte) -- C:\Windows\SysNative\drivers\tosporte.sys (TOSHIBA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {F4ED0519-C584-4DDA-BE93-FA0B93D040F6}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{F4ED0519-C584-4DDA-BE93-FA0B93D040F6}: "URL" = http://www.bing.com/search?q={searchTerms}&form=TSHPDF&pc=MATP&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://au.news.yahoo.com/vic/home/
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Judy\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Judy\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/09/24 21:25:58 | 000,000,000 | ---D | M]

[2013/03/29 16:39:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Judy\AppData\Roaming\Mozilla\Extensions
[2013/03/29 16:39:51 | 000,000,000 | ---D | M] (SpeedAnalysis.com) -- C:\Users\Judy\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
[2013/09/30 10:30:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Judy\AppData\Roaming\Mozilla\Firefox\Profiles\yz3focvj.default\extensions
[2013/01/19 17:17:00 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Judy\AppData\Roaming\Mozilla\Firefox\Profiles\yz3focvj.default\extensions\support@lastpass.com

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{googlemniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://news.ninemsn.com.au/melbourne
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Judy\AppData\Local\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Judy\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Judy\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Judy\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: WOT = C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.0.17_0\
CHR - Extension: YouTube = C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0\
CHR - Extension: LastPass = C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.5.5_0\
CHR - Extension: Speed Test Analysis = C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.4_0\
CHR - Extension: Google Maps = C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Gmail = C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/11 07:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
O2:64bit: - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - Startup: C:\Users\Judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Judy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to TOSHIBA Bulletin Board - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O8:64bit: - Extra context menu item: LastPass - file://C:\Users\Judy\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8:64bit: - Extra context menu item: LastPass Fill Forms - file://C:\Users\Judy\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O8 - Extra context menu item: Add to TOSHIBA Bulletin Board - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O8 - Extra context menu item: LastPass - file://C:\Users\Judy\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Users\Judy\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O9:64bit: - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
O9:64bit: - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
O9:64bit: - Extra Button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll (TODO: <会社名>)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll (TODO: <会社名>)
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
O9 - Extra Button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O9 - Extra 'Tools' menuitem : @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 10.25.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D6EC8405-B933-42DA-BCE1-6D5655FA2B5A}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass FF RunOnce.lnk - C:\Program Files (x86)\Common Files\lpuninstall.exe - (LastPass)
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass IE RunOnce.lnk - C:\Program Files (x86)\Common Files\lpuninstall.exe - (LastPass)
MsConfig:64bit - StartUpFolder: C:^Users^Judy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk - C:\Users\Judy\AppData\Roaming\Dropbox\bin\Dropbox.exe - (Dropbox, Inc.)
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: BatteryManager - hkey= - key= - C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayicon.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: Google Update - hkey= - key= - C:\Users\Judy\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig:64bit - StartUpReg: HotKeysCmds - hkey= - key= - C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
MsConfig:64bit - StartUpReg: IgfxTray - hkey= - key= - C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
MsConfig:64bit - StartUpReg: ITSecMng - hkey= - key= - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
MsConfig:64bit - StartUpReg: KiesAirMessage - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: KiesPreload - hkey= - key= - C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
MsConfig:64bit - StartUpReg: KiesTrayAgent - hkey= - key= - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig:64bit - StartUpReg: Messenger (Yahoo!) - hkey= - key= - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
MsConfig:64bit - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: NortonOnlineBackup - hkey= - key= - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
MsConfig:64bit - StartUpReg: Persistence - hkey= - key= - C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
MsConfig:64bit - StartUpReg: RTHDVCPL - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
MsConfig:64bit - StartUpReg: Skype - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
MsConfig:64bit - StartUpReg: SUPERAntiSpyware - hkey= - key= - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
MsConfig:64bit - StartUpReg: SynTPEnh - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
MsConfig:64bit - StartUpReg: TCrdMain - hkey= - key= - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: Teco - hkey= - key= - C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: TOSDCR - hkey= - key= - C:\Program Files (x86)\TOSHIBA\PasswordUtility\TOSDCR.exe ()
MsConfig:64bit - StartUpReg: ToshibaServiceStation - hkey= - key= - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: TosNC - hkey= - key= - C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: TosReelTimeMonitor - hkey= - key= - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: TosSENotify - hkey= - key= - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: TosVolRegulator - hkey= - key= - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: TosWaitSrv - hkey= - key= - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: TPwrMain - hkey= - key= - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: WRSVC - hkey= - key= - File not found
MsConfig:64bit - State: "startup" - Reg Error: Key error.

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/09/30 10:33:09 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2013/09/30 10:25:03 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/09/30 10:12:04 | 000,000,000 | ---D | C] -- C:\windows\ERUNT
[2013/09/23 19:19:33 | 000,000,000 | ---D | C] -- C:\Users\Judy\AppData\Local\Adobe
[2013/09/12 22:15:00 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/09/12 22:15:00 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/09/12 22:14:59 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013/09/12 22:14:58 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013/09/12 22:14:58 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013/09/12 22:14:58 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2013/09/12 22:14:58 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2013/09/12 22:14:58 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013/09/12 22:14:58 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013/09/12 22:14:58 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013/09/12 22:14:58 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013/09/12 22:14:55 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/09/12 22:14:55 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/09/12 22:14:55 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/09/12 22:14:54 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/09/12 17:40:22 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ataport.sys
[2013/09/12 17:40:20 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2013/09/12 17:40:19 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2013/09/12 17:40:19 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2013/09/12 17:40:19 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2013/09/12 17:40:19 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2013/09/12 17:40:18 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2013/09/12 17:40:18 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2013/09/12 17:40:18 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2013/09/12 17:40:18 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2013/09/12 17:40:18 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2013/09/12 17:40:18 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\smss.exe
[2013/09/12 17:40:18 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll
[2013/09/12 17:40:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll
[2013/09/12 17:40:18 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2013/09/12 17:40:18 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
[2013/09/12 17:40:18 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/09/12 17:40:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/09/12 17:40:17 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/09/12 17:40:17 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/09/12 17:40:17 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2013/09/12 17:40:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/09/12 17:40:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/09/12 17:40:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/09/12 17:40:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/09/12 17:40:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/09/12 17:40:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/09/12 17:40:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/09/12 17:40:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/09/12 17:40:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/09/12 17:40:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/09/12 17:40:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/09/12 17:40:16 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2013/09/12 17:40:16 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2013/09/12 17:40:16 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\apisetschema.dll
[2013/09/12 17:40:16 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apisetschema.dll
[2013/09/12 17:40:16 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/09/12 17:40:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/09/12 17:40:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/09/12 17:40:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/09/12 17:40:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/09/12 17:40:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2013/09/12 17:39:53 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shdocvw.dll
[2012/11/11 15:04:30 | 014,794,312 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/09/30 10:38:12 | 000,025,120 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/30 10:38:12 | 000,025,120 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/30 10:36:53 | 000,779,226 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/09/30 10:36:53 | 000,664,974 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/09/30 10:36:53 | 000,125,678 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/09/30 10:31:29 | 000,000,322 | ---- | M] () -- C:\windows\tasks\GlaryInitialize.job
[2013/09/30 10:31:05 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/09/30 10:31:01 | 3143,012,352 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/30 10:15:01 | 000,000,904 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-810056064-2480331435-476379365-1001UA.job
[2013/09/29 20:55:00 | 000,000,372 | ---- | M] () -- C:\windows\tasks\WpsUpdateTask_Judy.job
[2013/09/29 20:50:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/09/29 20:15:00 | 000,000,852 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-810056064-2480331435-476379365-1001Core.job
[2013/09/26 21:32:23 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/09/26 17:52:30 | 000,005,632 | ---- | M] () -- C:\Users\Judy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/09/24 21:25:59 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt
[2013/09/22 18:18:49 | 000,002,372 | ---- | M] () -- C:\Users\Judy\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/09/22 18:18:49 | 000,002,370 | ---- | M] () -- C:\Users\Judy\Desktop\Google Chrome.lnk
[2013/09/20 20:50:17 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013/09/20 20:50:17 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/09/15 19:33:42 | 000,416,688 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/09/09 18:02:22 | 000,001,059 | ---- | M] () -- C:\Users\Judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/09/09 18:02:22 | 000,001,059 | ---- | C] () -- C:\Users\Judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/07/28 22:11:40 | 000,849,368 | ---- | C] () -- C:\Users\Judy\AppData\Local\census.cache
[2013/07/28 22:11:26 | 000,118,056 | ---- | C] () -- C:\Users\Judy\AppData\Local\ars.cache
[2013/07/28 21:58:29 | 000,000,036 | ---- | C] () -- C:\Users\Judy\AppData\Local\housecall.guid.cache
[2013/04/18 19:07:00 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
[2013/04/18 19:06:46 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll
[2013/04/18 19:06:46 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll
[2013/04/18 19:06:46 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll
[2013/04/18 19:06:46 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll
[2013/01/05 18:20:32 | 000,765,138 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/07/24 19:48:06 | 000,005,632 | ---- | C] () -- C:\Users\Judy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/10 15:50:35 | 000,000,074 | ---- | C] () -- C:\windows\MPLAYER.INI
[2012/05/10 15:49:38 | 000,338,944 | ---- | C] () -- C:\windows\SysWow64\lffpx7.dll
[2012/05/10 15:49:38 | 000,122,880 | ---- | C] () -- C:\windows\SysWow64\LFKODAK.DLL

========== ZeroAccess Check ==========

[2009/07/14 14:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 12:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 11:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 11:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 13:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 11:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/04/11 18:25:39 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\Amazon
[2013/09/30 10:31:39 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\Dropbox
[2013/07/18 20:55:46 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\Foresight Software
[2012/12/29 14:52:36 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\GlarySoft
[2013/07/18 18:26:59 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\IObit
[2013/07/18 18:26:59 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\IrfanView
[2012/06/02 18:15:47 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\Kingsoft
[2012/09/03 17:52:55 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\RootsMagic
[2013/05/02 11:34:09 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\Samsung
[2013/03/07 17:13:00 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\SpeedTestAnalysis
[2012/04/11 14:25:40 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\Tific
[2013/03/22 13:44:18 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\Toshiba
[2012/08/08 18:44:44 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\WildTangent
[2012/04/11 19:46:44 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\Windows Live Writer

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2010/11/21 13:23:51 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2011/09/14 13:03:07 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2013/09/30 10:31:01 | 3143,012,352 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/30 10:31:02 | 4190,683,136 | -HS- | M] () -- C:\pagefile.sys
[2 C:\*.tmp files -> C:\*.tmp -> ]

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\* >
[2009/07/14 14:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %USERPROFILE%\..|smtmp;true;true;true /FP >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome.JUHXA3SZPXGUPIC64Z5WZUVBTU\InstallInfo\\ReinstallCommand: "C:\Users\Judy\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/09/17 13:21:30 | 000,829,392 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome.JUHXA3SZPXGUPIC64Z5WZUVBTU\InstallInfo\\HideIconsCommand: "C:\Users\Judy\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2013/09/17 13:21:30 | 000,829,392 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome.JUHXA3SZPXGUPIC64Z5WZUVBTU\InstallInfo\\ShowIconsCommand: "C:\Users\Judy\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2013/09/17 13:21:30 | 000,829,392 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome.JUHXA3SZPXGUPIC64Z5WZUVBTU\shell\open\command\\: "C:\Users\Judy\AppData\Local\Google\Chrome\Application\chrome.exe" [2013/09/17 13:21:30 | 000,829,392 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2013/08/10 16:10:22 | 000,775,256 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2013/08/10 16:10:22 | 000,775,256 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Safari\Safari.exe" /reinstall [2012/04/25 09:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /hideicons [2012/04/25 09:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /showicons [2012/04/25 09:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files (x86)\Safari\Safari.exe" [2012/04/25 09:36:36 | 002,388,336 | ---- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome.JUHXA3SZPXGUPIC64Z5WZUVBTU\InstallInfo\\ReinstallCommand: "C:\USERS\JUDY\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2013/09/17 13:21:30 | 000,829,392 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome.JUHXA3SZPXGUPIC64Z5WZUVBTU\InstallInfo\\HideIconsCommand: "C:\USERS\JUDY\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2013/09/17 13:21:30 | 000,829,392 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome.JUHXA3SZPXGUPIC64Z5WZUVBTU\InstallInfo\\ShowIconsCommand: "C:\USERS\JUDY\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2013/09/17 13:21:30 | 000,829,392 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome.JUHXA3SZPXGUPIC64Z5WZUVBTU\shell\open\command\\: "C:\USERS\JUDY\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2013/09/17 13:21:30 | 000,829,392 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2013/08/10 15:22:38 | 000,051,712 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2013/08/10 15:22:38 | 000,051,712 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2013/08/10 15:22:38 | 000,051,712 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2013/08/10 16:10:22 | 000,775,256 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE [2013/08/10 16:10:22 | 000,775,256 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /REINSTALL [2012/04/25 09:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /HIDEICONS [2012/04/25 09:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /SHOWICONS [2012/04/25 09:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" [2012/04/25 09:36:36 | 002,388,336 | ---- | M] (Apple Inc.)

< End of report >

joodyanne · Sep 29, 2013

OTL Extras logfile created on: 30/09/2013 10:35:04 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Judy\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

3.90 Gb Total Physical Memory | 2.30 Gb Available Physical Memory | 59.00% Memory free
7.80 Gb Paging File | 6.02 Gb Available in Paging File | 77.18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 98.60 Gb Total Space | 52.39 Gb Free Space | 53.13% Space Free | Partition Type: NTFS

Computer Name: JUDY-PC | User Name: Judy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Judy\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Judy\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C0F4D2C-4677-4788-AEF6-DA7C59442717}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{1F8B990F-EE87-4563-8D91-8D0D394CB6D2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{22CAA9D9-EBBA-483F-95A7-EBC43FB46EA4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{33D350BC-A22A-4512-8D84-CE71522EBB1F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{39F5CB97-ABA9-4C08-B3A0-E5991B9FF5F0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{3B3D4C17-AAAB-4E0E-9594-48D042A49B17}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3E381946-6A38-47C1-8569-BD4E0FE356B2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7FFC74CF-D1D4-4D76-ADCB-B3D3A22285B1}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{84F746FF-5951-46E9-A888-ADCE856B336F}" = rport=445 | protocol=6 | dir=out | app=system |
"{9BC9709C-A72F-4F32-BC58-AABAE6447B37}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9E0BAE40-C599-44E7-B06E-B41BD6B7FB1F}" = lport=139 | protocol=6 | dir=in | app=system |
"{A25F879E-1638-4DF7-A265-4E3058C99905}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A4A3A1D0-96BA-42E8-BC08-20FBB7826BE2}" = lport=138 | protocol=17 | dir=in | app=system |
"{A620E4A3-6355-4012-B109-1E3EC3FB88AA}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{B921C1EB-6802-4C95-97A7-44B543CA1CAC}" = rport=139 | protocol=6 | dir=out | app=system |
"{C2523F28-E1D6-4631-9DDA-63EC565AA189}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C4194273-8D21-452A-95A8-F7931AF7A310}" = rport=138 | protocol=17 | dir=out | app=system |
"{C463E104-2447-49DD-AEF6-B5B431558411}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C845AEC8-B96E-4F0E-A14A-C6ADC42E6C49}" = lport=445 | protocol=6 | dir=in | app=system |
"{EEDC60C8-A57D-4BA6-9B52-233030ED3587}" = lport=10243 | protocol=6 | dir=in | app=system |
"{EFDED1AA-0AC4-44DE-8FAC-F863DF1C7EA0}" = lport=137 | protocol=17 | dir=in | app=system |
"{F3067B28-F5E5-4166-A170-8B7687F3D905}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F9C5DE65-42AF-48DD-AD99-5AB9858C5C04}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FFD634CE-C501-4AE4-B276-936EF6A5EFFE}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05AA32E6-C308-47DB-AF84-5E8779424F10}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0FF8757C-5BA2-4532-BDFA-9BEE5CED787F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{157CA3E2-AE9B-48D9-8E03-16DB43DA4FC0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{26C46F82-3D3E-4491-BDEA-B3BCCCA8301B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{27F3DA38-D8E1-486B-B694-3476F62C2B08}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{2AE7BE60-8086-463B-8164-662B84B87177}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2B7597F9-4C36-477E-943B-B9C03F88FBAA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3B04CEBA-287F-4862-93F3-6945DB60C4F6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3E845C66-47D4-4C1D-BB40-3DACCF6CF2A8}" = protocol=17 | dir=in | app=c:\users\judy\appdata\roaming\dropbox\bin\dropbox.exe |
"{4384A934-7A3E-4D5F-B82E-A98AF1D15260}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{442399F4-2035-4817-814B-10D7B7FE170A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4DFAD7D7-DBFA-4B0C-A4F5-13CAF545FC37}" = protocol=6 | dir=out | app=system |
"{65F3B633-3CA8-43AE-BE12-3E3AD9534068}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{6AFE8E06-E83C-495C-9DD8-9070837AED59}" = protocol=6 | dir=in | app=c:\users\judy\appdata\roaming\dropbox\bin\dropbox.exe |
"{6EF60E45-BBC2-47E7-A9CE-DB15A77EA98C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7128C33A-CD57-466E-8974-7B350720B26D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{76C01890-A3AD-4DE1-BA6F-F3311F2236DF}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{7A67B911-1961-47CC-8DE4-7DB9AEA9F4DC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{88CA798F-8A2A-49F7-956B-D547BEB3B052}" = dir=in | app=c:\users\judy\appdata\local\microsoft\skydrive\skydrive.exe |
"{8B847DB9-6FB1-4FD5-B1A3-865A14674D4A}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{8E28D948-776D-418E-A01D-0E5873367E44}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{A88C8090-B43B-4C32-AFCE-14A09C15BDD9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AAE48A17-9717-44DD-8008-5A76999ECAD7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CB8A9D45-26A1-481A-B8FE-1EE84C4887DD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D362831D-59AB-4623-9BDF-5799024E3B76}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{DD444676-864D-44EB-BD98-BA634CC5B3EC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DF054BC9-029F-48FB-A4AD-A24CEFAAEFB7}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F4F226FC-FCF8-41B3-AFCF-623479B723BA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FF9B1DFF-F00A-4F0E-878A-44BF961B644D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"TCP Query User{9BF08F8A-E5EF-4B3F-8A4C-36153A99821A}C:\program files (x86)\symantec\norton online backup\nobuclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\symantec\norton online backup\nobuclient.exe |
"TCP Query User{D41F05C6-233C-4D99-8103-495FC724FCE9}C:\users\judy\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\judy\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{D94D6918-A198-464A-82C8-F83F988FFD61}C:\program files (x86)\symantec\norton online backup\nobuclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\symantec\norton online backup\nobuclient.exe |
"UDP Query User{012048B4-8675-4D96-AFBA-B4ECB7286F46}C:\program files (x86)\symantec\norton online backup\nobuclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\symantec\norton online backup\nobuclient.exe |
"UDP Query User{978744AE-BB8B-47E1-B223-99C1BB95E333}C:\program files (x86)\symantec\norton online backup\nobuclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\symantec\norton online backup\nobuclient.exe |
"UDP Query User{CA9EB574-BAC8-4A2E-8395-14D4E63A4A14}C:\users\judy\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\judy\appdata\roaming\dropbox\bin\dropbox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{1C8C049A-145F-4A6E-8290-B5C245EBE39D}" = TOSHIBA Bulletin Board
"{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"{2FD0FA0A-7A21-4C4A-B268-1142B54E035E}" = Windows Live Family Safety
"{41C2B21A-63BB-4377-9567-A97B15F21E59}" = TOSHIBA eco Utility
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EEC477F-8E9B-4420-8829-16E7426227DB}" = Windows Live MIME IFilter
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{65486209-5C54-439C-8383-8AC9BBE25932}" = Atheros Bluetooth Filter Driver Package
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F2DE0088-CF05-4DAB-AC4D-9D2C4D657456}" = TOSHIBA Audio Enhancement
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PROSet" = Intel(R) Network Connections Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1E63ACB5-D45E-4856-8FC9-78F4B0D7BB80}" = TOSHIBA Security Assist
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{2AC01935-3774-4981-98C8-14E93C14372C}" = Windows Live UX Platform Language Pack
"{2C303EE0-A595-3543-A71A-931C7AC40EDE}" = Microsoft Primary Interoperability Assemblies 2005
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.5
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{5B01BCB7-A5D3-476F-AF11-E515BA206591}" = TOSHIBA Wireless LAN Indicator
"{5E094C92-6288-4F43-AA9A-D452D0218F3F}" = Windows Live Essentials
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6389F199-1D6C-4974-9557-693F9DD48736}" = Windows Live Writer Resources
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{654F7484-88C5-46DC-AB32-C66BCB0E2102}" = TOSHIBA Sleep Utility
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}" = TOSHIBA Resolution+ Plug-in for Windows Media Player
"{6E579724-82F9-454C-A98E-39DDDAB167FF}" = Intel(R) Rapid Start Technology
"{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7C6F0282-3DCD-4A80-95AC-BB298E821C44}" = Windows Live Writer
"{89870E0D-9602-41F8-9E83-14F6849346A4}" = Windows Live Mail
"{89C7E0A7-4D9D-4DCC-8834-A9A2B92D7EBB}" = Photo Gallery
"{89EAD745-088B-4160-B964-42C4D4D273AD}" = Family Tree Maker 2010
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{9602841E-ECE2-1019-AAEE-906A4DE25D6B}" = Intel(R) Identity Protection Technology 1.2.18.0
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C6D5C94-386A-4DE7-B99F-523D3F167B9A}" = Windows Live Messenger
"{A9FD58A9-7640-4E61-B166-F5FBAD8219F6}" = TOSHIBA ConfigFree
"{AAA94EAA-40A4-458C-9D86-D1DA765B51D5}" = Windows Live Writer
"{AAF91344-2808-4D6B-9242-FBE5AF79D60A}" = Windows Live Family Safety
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.04)
"{B286BAC3-CBE6-4854-BF68-EB72A34CEA56}" = Windows Live Messenger
"{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}" = Movie Maker
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{C1689DDD-6378-4966-8865-6292D7141A6A}_is1" = RootsMagic 5.0.4.1
"{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}" = TOSHIBA Assist
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C7A4F26F-F9B0-41B2-8659-99181108CDE3}" = TOSHIBA Media Controller
"{CCF62642-ECB1-4D2B-80C0-3FD3286AEAED}" = TOSHIBA Sync Utility
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D604900F-A275-416C-AF9D-CDEDF58B72DB}" = Windows Live Mail
"{DD7C5FC1-DCA5-487A-AF23-658B1C00243F}" = Photo Common
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E625FCA0-E43E-4D3B-92FF-4851308A0366}" = Norton Online Backup
"{EDEA8AB7-7683-4ED2-AA19-E6C078064C0D}" = Microsoft WSE 3.0
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{EFBCA571-617D-484A-9ECA-E301BB6D0750}" = Windows Live Writer
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}" = Junk Mail filter update
"{FE041B02-234C-4AAA-9511-80DF6482A458}" = RICOH Media Driver v2.15.17.02
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Amazon Kindle" = Amazon Kindle
"avast" = avast! Free Antivirus
"Family Tree Maker" = Family Tree Maker 9.0
"Family Tree Maker 2010" = Family Tree Maker 2010
"Glary Utilities_is1" = Glary Utilities 2.46.0.1518
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}" = TOSHIBA Bulletin Board
"InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"IrfanView" = IrfanView (remove only)
"Kingsoft Office" = Kingsoft Office 2012 (8.1.0.3385)
"LastPass" = LastPass(uninstall only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"Smart Defrag 2_is1" = Smart Defrag 2
"Weatherzone Tracker_is1" = Weatherzone Tracker 1.01
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials
"Yahoo!7 Messenger" = Yahoo!7 Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Art Plus Download Assistant" = Art Plus Download Assistant
"Art Plus EasyNoter LITE 3.7" = Art Plus EasyNoter LITE 3.7
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"MyFreeCodec" = MyFreeCodec
"SkyDriveSetup.exe" = Microsoft SkyDrive

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 29/09/2013 8:32:55 PM | Computer Name = Judy-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 29/09/2013 8:31:08 PM | Computer Name = Judy-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
cdrom

< End of report >

starbuck · Sep 30, 2013

Hi Judy

Step 1
Double click on OTL to run it.
Copy the lines in the codebox below. (make sure that :Otl is on the first line and that you include all of the Commands section )
Code:
:otl
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\..\SearchScopes,DefaultScope = 
[2013/03/29 16:39:51 | 000,000,000 | ---D | M] (SpeedAnalysis.com) -- C:\Users\Judy\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
O8:64bit: - Extra context menu item: LastPass - file://C:\Users\Judy\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8:64bit: - Extra context menu item: LastPass Fill Forms - file://C:\Users\Judy\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O8 - Extra context menu item: LastPass - file://C:\Users\Judy\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Users\Judy\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: KiesAirMessage - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: WRSVC - hkey= - key= - File not found
MsConfig:64bit - State: "startup" - Reg Error: Key error.
[2013/03/07 17:13:00 | 000,000,000 | ---D | M] -- C:\Users\Judy\AppData\Roaming\SpeedTestAnalysis

:Files
C:\Users\Judy\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
ipconfig /flushdns /c

:commands
[emptytemp]
[purity]
[RESETHOSTS]
Return to OTL,

right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste.

Click the red Run Fix button.

OTL will reboot your system once the fix has completed.

After the reboot, you may need to double click OTL to launch the program and retrieve the log.

Copy and paste the contents of the OTL log that comes up after the fix in your next reply.

if you lose the report, there will be a copy here:
C:\_OTL\MovedFiles

Step 2
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. A malicious site could render Java content under older, vulnerable versions of Sun's software if the user has not removed them. Please follow these steps to remove older version Java components and update:

Download the latest version of Java Runtime Environment (JRE) 7 Update 40 and save it to your desktop.

Scroll down to where it says "Java SE 7 Update 40".

Click the "Download JRE" button.

Accept the license agreement.

select 'Windows x64.exe' from the list.

Save the file to your desktop.

Close any programs you may have running - especially your web browser.

Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.

Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
.
Java(TM) 6 Update 20
Java 7 Update 25
.

Click the Remove or Change/Remove button.

Repeat as many times as necessary to remove each Java versions.

Reboot your computer once all Java components are removed.

Then from your desktop double-click on downloaded icon to install the newest version.

In your next reply, please submit:
Otl fix report
also let me know if the system is running better.

I'll be away all day on Tuesday, so won't be able to reply until Wednesday morning.

Thanks.

joodyanne · Sep 30, 2013

Thanks Starbuck, will attend to that tonight (on the notebook). It was terribly terribly slow last night - very frustrating, but came good after a while. Will monitor it for a few days. See you when you get back.

joodyanne · Oct 1, 2013

Now that I defaulted the chrome browser on my maindesktop computer, some of the programs I had running are not working. (installed). What do you think of the following:

1) Ghostery
2) Last Pass
3) Wot

Are they ok to run again on this computer (desktop) - or in your personal opinion do they cause further problems.

joodyanne · Oct 1, 2013

The notebook is going along reasonably fast, but my network is dropping out every few minutes. It’s not the first time I’ve had the problem, but it is happening all the time now.

First it drops off line. I go to start-control panel- network connections and I have to click on trouble shoot. It says “you are currently not connected to any networks” I click on “connect to a network” I then click on Belkin92c which is the name of my modem and it says connect – which I do, then I get the troubleshoot problem which I click on again. It tries to solve the problem and it says “reset your wireless network adaptor” and then I’m on line again. This happens all the time.

The notebook and laptop are all connected to the desktop, but I have no problems with the laptop or desktop.

starbuck · Oct 2, 2013

Hi Judy,

Now that I defaulted the chrome browser on my maindesktop computer, some of the programs I had running are not working. (installed).
Click to expand...

Yes this would happen as everything that was installed, will be removed.
It's a way to ensure you have a fresh start.

1) Ghostery
2) Last Pass
3) Wot
Click to expand...

All are legit programs, but it's personal choice if you think they are worth it.
From the 3, i only use WOT.
Ghostery

Some sources say that Evidon, the company owning Ghostery, plays a dual role in the online advertising industry. Ghostery blocks sites from gathering personal information. But it does have an opt-in feature named GhostRank that can be checked to "support" them. GhostRank takes note of ads encountered and blocked, and sends that information, though anonymously, back to advertisers so they can better formulate their ads to avoid being blocked.

Thus, not everyone sees Evidon's business model as conflict-free. "Evidon has a financial incentive to encourage the program's adoption and discourage alternatives like Do Not Track and cookie blocking as well as to maintain positive relationships with intrusive advertising companies", says Jonathan Mayer, a Stanford grad student and privacy advocate.

Tom Simonite of Technology Review explains that with the "Ghostrank" feature enabled Ghostery sends collected user data back to the vendor, who then offers it for sale to ad firms. This is also reflected in the German branch of the magazine. Consequently, the German computer magazine Chip comes to the conclusion to not recommend installing the software and suggests NoScript as a (partial) alternative
Click to expand...

I have used NoScript in the past and it is good once you get it set up to suit you. (but it does take a bit of setting up)
I always use the 'Addon' Adblock Plus.
This stops just about all the Ads showing.
As for the 'cookies'.... these can be controlled by your browser if set correctly.

Last Pass
Yes it can be handy for some people, but i wouldn't trust a third party with my passwords.
There have been rumours that that the servers at Lass Past have been compromised in the past.
If you were a hacker, would you go after millions of separate systems to get their passwords or would you go after one big server that contained millions.

Like i say they are legit programs and will have fors and against.
It's all down to personal preference at the end of the day.

I then click on Belkin92c which is the name of my modem and it says connect
Click to expand...

I take it this is the name of your internet network connection.
Problems with Belkin are quite well known.
I used Belkin a few years back and always had problems with dropped connections.
I changed to NetGear adapters for my Wifi connections and have had little problems since.

but I have no problems with the laptop or desktop.
Click to expand...

Do either of these use an ethernet connection?
Problems when using ethernet are a lot less common than when using Wifi.
It maybe worth seeing if there's an updated driver for the Netbook wifi adapter..... this may help.

Don't forget to post the Otl fix report so that i can check that everything in the report was successful.

Log in or Sign up

[Solved] Getting rid of Delta Search

joodyanne Registered Members

joodyanne Registered Members

starbuck Rest In Peace Pete Administrator

joodyanne Registered Members

starbuck Rest In Peace Pete Administrator

joodyanne Registered Members

joodyanne Registered Members

starbuck Rest In Peace Pete Administrator

joodyanne Registered Members

starbuck Rest In Peace Pete Administrator

joodyanne Registered Members

joodyanne Registered Members

joodyanne Registered Members

joodyanne Registered Members

joodyanne Registered Members

starbuck Rest In Peace Pete Administrator

joodyanne Registered Members

joodyanne Registered Members

joodyanne Registered Members

starbuck Rest In Peace Pete Administrator

Share This Page

Log in or Sign up

[Solved] Getting rid of Delta Search

joodyanne Registered Members

joodyanne Registered Members

starbuck Rest In Peace Pete Administrator

joodyanne Registered Members

starbuck Rest In Peace Pete Administrator

joodyanne Registered Members

joodyanne Registered Members

starbuck Rest In Peace Pete Administrator

joodyanne Registered Members

starbuck Rest In Peace Pete Administrator

joodyanne Registered Members

joodyanne Registered Members

joodyanne Registered Members

joodyanne Registered Members

joodyanne Registered Members

starbuck Rest In Peace Pete Administrator

joodyanne Registered Members

joodyanne Registered Members

joodyanne Registered Members

starbuck Rest In Peace Pete Administrator

Share This Page

Useful Searches