Remove Conduit browser hijacker please!

Status
Not open for further replies.
R

RuthB

New member
I can't get rid of this hijacker. Takes over all my searches. I tried "CC Cleaner: don't know if I should have. I am a senior. couldn't figure out how to "start a new thread" so started it here. Please help. I have done the dds etc, but ERUNT doesn't work.View attachment dds.txtView attachment attach.txtView attachment aswMBR spy bot final.txt

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16520 BrowserJavaVersion: 1.6.0_39
Run by Ruth at 16:17:18 on 2013-12-09
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.3886.1502 [GMT -8:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\nvvsvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\System Control Manager\MSIService.exe
C:\windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
C:\Program Files (x86)\shaw\bin\shawsupport.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\explorer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Airmiles Toolbar BHO: {5F3927FC-290D-4C7B-8A30-694E7CA9254B} - C:\Program Files (x86)\Airmiles Toolbar\Toolbar.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Airmiles Toolbar: {CEE2D9C1-CD4C-4C74-AD58-8BC55D96F9D2} - C:\Program Files (x86)\Airmiles Toolbar\Toolbar.dll
TB: Airmiles Toolbar: {CEE2D9C1-CD4C-4C74-AD58-8BC55D96F9D2} - C:\Program Files (x86)\Airmiles Toolbar\Toolbar.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
uRun: [Google Update] "C:\Users\Ruth\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [RESTART_STICKY_NOTES] C:\windows\System32\StikyNot.exe
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
mRun: [UpdReg] C:\windows\UpdReg.EXE
mRun: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
StartupFolder: C:\Users\Ruth\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SHAWSU~1.LNK - C:\Program Files (x86)\shaw\bin\shawsupport.exe
uPolicies-Explorer: NoDriveAutorun = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
LSP: C:\Program Files (x86)\HMA! Pro VPN\bin\ForceInterfaceLSP.dll
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 64.59.160.15 64.59.161.69
TCP: Interfaces\{094C1C24-A4E5-49FB-AE10-21205BD83451} : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{1323AA37-9DD0-4CA6-B93C-0CDF56B634FF} : DHCPNameServer = 64.59.160.15 64.59.161.69
TCP: Interfaces\{C78FCB73-F14A-4B1E-B0AD-7BF0F8FA0B67} : DHCPNameServer = 64.59.160.15 64.59.161.69
TCP: Interfaces\{C78FCB73-F14A-4B1E-B0AD-7BF0F8FA0B67}\2457363616E656562794E6E6 : DHCPNameServer = 192.168.0.1 64.59.160.15 64.59.161.69
TCP: Interfaces\{C78FCB73-F14A-4B1E-B0AD-7BF0F8FA0B67}\2656C6B696E6534376 : DHCPNameServer = 192.168.2.1 64.59.160.13 64.59.160.15 64.59.161.68
Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= C:\windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [THXCfg64] C:\windows\System32\RunDLL32.exe C:\windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://qtinstall.apple.com/qtactivex/qtplugin.cab
x64-Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\windows\System32\ieudinit.exe
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2013-9-27 248240]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-8-27 1253376]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-6-17 13336]
R2 Micro Star SCM;Micro Star SCM;C:\Program Files (x86)\System Control Manager\MSIService.exe [2010-6-17 160768]
R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2010-10-24 134944]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-12-9 1042272]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-12-9 171416]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-6-17 2320920]
R3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2010-1-24 128512]
R3 HECIx64;Intel(R) Management Engine Interface;C:\windows\System32\drivers\HECIx64.sys [2010-6-17 56344]
R3 Impcd;Impcd;C:\windows\System32\drivers\Impcd.sys [2010-6-17 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2010-6-17 271872]
R3 MBfilt;MBfilt;C:\windows\System32\drivers\MBfilt64.sys [2010-6-17 32344]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\windows\System32\drivers\NETw5s64.sys [2010-2-10 7675392]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2010-6-17 346144]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
S2 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-12-9 3921880]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\windows\System32\drivers\ArcSoftKsUFilter.sys [2010-6-17 19968]
S3 EUCR;EUCR;C:\windows\System32\drivers\EUCR6SK.sys [2010-6-17 87888]
S3 ExpressAccountsService;Express Accounts;C:\Program Files (x86)\NCH Software\ExpressAccounts\expressaccounts.exe [2012-3-13 3052548]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-8-7 3276800]
S3 fssfltr;fssfltr;C:\windows\System32\drivers\fssfltr.sys [2012-6-23 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 MEMSWEEP2;MEMSWEEP2;C:\windows\System32\1CA5.tmp [2013-7-2 6144]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2011-6-8 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-1-11 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-12-09 22:56:49 21040 ----a-w- C:\windows\System32\sdnclean64.exe
2013-12-09 22:56:42 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-12-09 22:56:32 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-12-09 14:26:09 -------- d-----w- C:\Users\Ruth\AppData\Local\{4E6D4D28-EFE1-497F-8F31-ED1910FC735F}
2013-12-08 23:36:44 10285968 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{28BA6EFB-E0FB-4E44-87E6-79E3FF2D39D5}\mpengine.dll
2013-12-08 23:26:28 -------- d-----w- C:\Users\Ruth\AppData\Local\{152F66CD-FB22-4743-8C68-707AD52ACD49}
2013-12-07 23:00:05 10285968 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-07 22:36:50 -------- d-----w- C:\Users\Ruth\AppData\Local\{588D9858-E4D9-4DF7-820F-255E674CEC87}
2013-12-07 05:36:53 -------- d-----w- C:\Users\Ruth\AppData\Local\{B23F09BB-B6CF-4080-82BB-607327CC2547}
2013-12-06 22:12:32 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{438B9A41-B01E-4F09-9F42-33D480A34AAE}\gapaengine.dll
2013-12-06 14:10:54 -------- d-----w- C:\Users\Ruth\AppData\Local\{D1775932-95D5-4A01-B23E-5E558EA10E1D}
2013-12-06 00:27:36 -------- d-----w- C:\Users\Ruth\AppData\Local\{47BE39C8-980B-48BD-8CE9-E834FE5592D8}
2013-12-05 14:17:44 -------- d-----w- C:\Program Files\CCleaner
2013-12-05 12:27:11 -------- d-----w- C:\Users\Ruth\AppData\Local\{1742652A-33C2-4F49-A737-A4F9D4408FF7}
2013-12-04 05:05:39 -------- d-----w- C:\Users\Ruth\AppData\Local\{E3979BE9-06B8-4772-9ED9-2723DD35A032}
2013-12-03 16:21:26 -------- d-----w- C:\Users\Ruth\AppData\Local\{DBC1415E-290B-4299-AB50-0BBC5ED658CF}
2013-12-03 04:20:50 -------- d-----w- C:\Users\Ruth\AppData\Local\{DB8D90C4-2961-43F7-AA8C-6C425FAC54DA}
2013-12-02 16:20:27 -------- d-----w- C:\Users\Ruth\AppData\Local\{649BCA91-6DD2-490D-AB6E-777AAA8DBE39}
2013-12-02 04:20:02 -------- d-----w- C:\Users\Ruth\AppData\Local\{11AD2CB6-8316-4463-A27F-8F33D03CC530}
2013-11-30 20:43:18 -------- d-----w- C:\Users\Ruth\AppData\Local\{513554E4-DC02-4870-8B78-A86E7C3CABB9}
2013-11-29 18:04:02 -------- d-----w- C:\Users\Ruth\AppData\Local\{BDFFABD5-EEDF-4E2C-8D60-0186884E8E16}
2013-11-29 06:03:26 -------- d-----w- C:\Users\Ruth\AppData\Local\{CAA5C6D7-9E8B-437A-8FEE-87AE56E76844}
2013-11-28 18:03:01 -------- d-----w- C:\Users\Ruth\AppData\Local\{09E2D369-10AB-4028-A1CF-288512361FF7}
2013-11-28 04:31:00 -------- d-----w- C:\Users\Ruth\AppData\Local\{C73EC231-03B0-477E-8292-DE463869A2F0}
2013-11-27 15:59:13 -------- d-----w- C:\Users\Ruth\AppData\Local\{239757D9-C37A-41EB-9678-8FD4C1999598}
2013-11-27 03:58:38 -------- d-----w- C:\Users\Ruth\AppData\Local\{E35BB9F9-74C7-4367-953E-3C3813BE6C44}
2013-11-26 15:58:13 -------- d-----w- C:\Users\Ruth\AppData\Local\{1FDD5203-690F-4503-8DDD-372F32B317AC}
2013-11-25 17:34:10 -------- d-----w- C:\Users\Ruth\AppData\Local\{D5868E3F-32B4-4DFD-80B6-D26F455BAAB3}
2013-11-25 04:59:55 -------- d-----w- C:\Users\Ruth\AppData\Local\{844C056D-D81F-4AD5-9E0A-1E9B0E05A580}
2013-11-24 16:59:30 -------- d-----w- C:\Users\Ruth\AppData\Local\{113674B2-3AB4-44D8-A6CE-4866DEF52891}
2013-11-23 23:19:22 -------- d-----w- C:\Users\Ruth\AppData\Local\{5BAC05CC-85DF-4CEA-AEA9-165C1617600E}
2013-11-22 17:33:25 -------- d-----w- C:\Users\Ruth\AppData\Local\{BD40ACAE-40F4-4C1E-A6D8-5C18DB726239}
2013-11-22 00:09:15 -------- d-----w- C:\Users\Ruth\AppData\Local\{E91F42D9-7737-4BFE-8117-CB9F43FEA8DD}
2013-11-21 03:12:42 -------- d-----w- C:\Users\Ruth\AppData\Local\{6D09E3E4-65F2-4565-AB60-B983D91A04B3}
2013-11-20 15:12:15 -------- d-----w- C:\Users\Ruth\AppData\Local\{9EC2434C-653B-424F-8C04-466B15538441}
2013-11-20 02:55:01 -------- d-----w- C:\Users\Ruth\AppData\Local\{E5F4FD1A-4592-4D2D-B34A-E48BCD5DE74D}
2013-11-19 12:50:56 -------- d-----w- C:\Users\Ruth\AppData\Local\{6516BD0D-B224-47D3-B9F2-C1DB0FB887FE}
2013-11-18 23:03:11 -------- d-----w- C:\Users\Ruth\AppData\Local\{6ACCB759-C635-4B97-BEB5-BE9D4E58297C}
2013-11-17 21:19:13 -------- d-----w- C:\Users\Ruth\AppData\Local\{507856EA-75BB-4993-9782-F47CCFF1EB4C}
2013-11-17 02:34:04 -------- d-----w- C:\Users\Ruth\AppData\Local\{C1298979-85B7-4607-A867-1E016CA38EB3}
2013-11-16 14:33:40 -------- d-----w- C:\Users\Ruth\AppData\Local\{666BB103-F72A-44C1-A0BF-E63DF1341259}
2013-11-15 20:38:25 -------- d-----w- C:\Users\Ruth\AppData\Local\{F57AC5F4-53A4-40D6-ABD6-236C56F00E20}
2013-11-14 18:56:26 -------- d-----w- C:\Users\Ruth\AppData\Local\{AC630C9E-57C8-4750-8986-E8C68864CE74}
2013-11-13 19:35:26 -------- d-----w- C:\Users\Ruth\AppData\Local\{AA088C43-7555-47AB-B0A6-59221C0FDE14}
2013-11-13 05:36:45 -------- d-----w- C:\Users\Ruth\AppData\Local\{66A2661A-D343-43AA-9BAD-2C42A79D0E15}
2013-11-13 01:11:15 -------- d-----r- C:\Program Files (x86)\Skype
2013-11-12 16:04:38 -------- d-----w- C:\Users\Ruth\AppData\Local\{9F076F76-A52E-466F-BAC3-E9A9A6F7D707}
2013-11-12 02:37:09 -------- d-----w- C:\Users\Ruth\AppData\Local\{12773346-EEF4-4B1C-8E93-B9C24633D82D}
2013-11-11 14:36:40 -------- d-----w- C:\Users\Ruth\AppData\Local\{78A04112-3C06-4DFE-9593-B5F5936CC588}
2013-11-10 22:55:08 -------- d-----w- C:\Users\Ruth\AppData\Local\{246F4986-9AA8-4A17-B7C8-1766C1566F1E}
2013-11-10 10:22:46 -------- d-----w- C:\Users\Ruth\AppData\Local\{8C9D60BD-3FBD-4EA8-A541-581389EDC8B5}
.
==================== Find3M ====================
.
2013-11-19 10:21:41 267936 ------w- C:\windows\System32\MpSigStub.exe
2013-11-15 15:05:34 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-15 15:05:34 692616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-11-02 14:50:31 108968 ----a-w- C:\windows\System32\WindowsAccessBridge-64.dll
2013-10-13 14:55:42 2334720 ----a-w- C:\windows\System32\jscript9.dll
2013-10-13 14:47:43 1392128 ----a-w- C:\windows\System32\wininet.dll
2013-10-13 14:46:53 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2013-10-13 14:42:36 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2013-10-13 14:42:11 599040 ----a-w- C:\windows\System32\vbscript.dll
2013-10-13 14:35:12 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2013-10-13 09:48:06 1806848 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-10-13 09:35:52 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2013-10-13 09:35:38 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2013-10-13 09:30:14 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2013-10-13 09:29:02 420864 ----a-w- C:\windows\SysWow64\vbscript.dll
2013-10-13 09:25:39 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-10-12 02:30:42 830464 ----a-w- C:\windows\System32\nshwfp.dll
2013-10-12 02:29:21 859648 ----a-w- C:\windows\System32\IKEEXT.DLL
2013-10-12 02:29:08 324096 ----a-w- C:\windows\System32\FWPUCLNT.DLL
2013-10-12 02:03:08 656896 ----a-w- C:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25 216576 ----a-w- C:\windows\SysWow64\FWPUCLNT.DLL
2013-10-09 22:06:15 17813896 ----a-w- C:\windows\SysWow64\FlashPlayerInstaller.exe
2013-10-05 20:25:35 1474048 ----a-w- C:\windows\System32\crypt32.dll
2013-10-05 19:57:25 1168384 ----a-w- C:\windows\SysWow64\crypt32.dll
2013-10-04 02:28:31 190464 ----a-w- C:\windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17 197120 ----a-w- C:\windows\System32\credui.dll
2013-10-04 02:24:49 1930752 ----a-w- C:\windows\System32\authui.dll
2013-10-04 01:58:50 152576 ----a-w- C:\windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25 168960 ----a-w- C:\windows\SysWow64\credui.dll
2013-10-04 01:56:00 1796096 ----a-w- C:\windows\SysWow64\authui.dll
2013-10-03 02:23:48 404480 ----a-w- C:\windows\System32\gdi32.dll
2013-10-03 02:00:44 311808 ----a-w- C:\windows\SysWow64\gdi32.dll
2013-09-28 01:09:10 497152 ----a-w- C:\windows\System32\drivers\afd.sys
2013-09-27 17:53:06 248240 ----a-w- C:\windows\System32\drivers\MpFilter.sys
2013-09-27 17:53:06 134944 ----a-w- C:\windows\System32\drivers\NisDrvWFP.sys
2013-09-25 02:26:40 95680 ----a-w- C:\windows\System32\drivers\ksecdd.sys
2013-09-25 02:26:40 154560 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2013-09-25 02:23:33 28672 ----a-w- C:\windows\System32\sspisrv.dll
2013-09-25 02:23:33 135680 ----a-w- C:\windows\System32\sspicli.dll
2013-09-25 02:23:01 28160 ----a-w- C:\windows\System32\secur32.dll
2013-09-25 02:22:59 340992 ----a-w- C:\windows\System32\schannel.dll
2013-09-25 02:21:50 307200 ----a-w- C:\windows\System32\ncrypt.dll
2013-09-25 02:21:07 1447936 ----a-w- C:\windows\System32\lsasrv.dll
2013-09-25 01:58:17 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2013-09-25 01:57:26 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2013-09-25 01:57:24 247808 ----a-w- C:\windows\SysWow64\schannel.dll
2013-09-25 01:56:42 220160 ----a-w- C:\windows\SysWow64\ncrypt.dll
2013-09-25 01:03:24 30720 ----a-w- C:\windows\System32\lsass.exe
.
============= FINISH: 16:18:26.16 ===============


aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-12-09 16:23:06
-----------------------------
16:23:06.896 OS Version: Windows x64 6.1.7601 Service Pack 1
16:23:06.896 Number of processors: 4 586 0x2505
16:23:06.898 ComputerName: RUTH-MSI UserName: Ruth
16:23:08.197 Initialize success
16:24:52.079 AVAST engine defs: 13111900
16:25:03.079 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:25:03.083 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
16:25:03.233 Disk 0 MBR read successfully
16:25:03.237 Disk 0 MBR scan
16:25:03.327 Disk 0 Windows 7 default MBR code
16:25:03.343 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12288 MB offset 2048
16:25:03.388 Disk 0 Partition 2 80 (A) 27 Hidden NTFS WinRE NTFS 100 MB offset 25167872
16:25:03.428 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 279959 MB offset 25372672
16:25:03.481 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 184591 MB offset 598728704
16:25:03.788 Disk 0 scanning C:\windows\system32\drivers
16:25:22.262 Service scanning
16:26:16.317 Modules scanning
16:26:16.330 Disk 0 trace - called modules:
16:26:16.362 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
16:26:16.370 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800486b060]
16:26:16.378 3 CLASSPNP.SYS[fffff88001bce43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80045a2050]
16:26:17.527 AVAST engine scan C:\windows
16:26:20.894 AVAST engine scan C:\windows\system32
16:31:22.956 AVAST engine scan C:\windows\system32\drivers
16:31:47.394 AVAST engine scan C:\Users\Ruth
16:32:49.395 Disk 0 MBR has been saved successfully to "C:\Users\Ruth\Documents\MBR.dat"
16:32:49.403 The log file has been saved successfully to "C:\Users\Ruth\Documents\aswMBR spy bot.txt"
16:42:57.332 AVAST engine scan C:\ProgramData
16:45:35.752 Scan finished successfully
16:46:03.053 Disk 0 MBR has been saved successfully to "C:\Users\Ruth\Documents\MBR.dat"
16:46:03.118 The log file has been saved successfully to "C:\Users\Ruth\Documents\aswMBR spy bot final.txt"
 
Last edited by a moderator:
:welcome:

Sorry for the delay, if you still need help please let me know, I would be more than happy to assist you.
 
I fixed it

Yes, thanks!


I fixed it with Malware bytes, running the computer in safe mode with networking.
Thanks for the reply.
Can all my stuff be deleted from this forum??
 
My Mistake Ido need help!

I thought I had removed Conduit and now it has popped up again. I don't know what to do Help!
Ruthb
 
Good Morning Ruth,

We can get rid of it, lets do this

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
 
File Found : C:\windows\System32\Tasks\NCH Software
Folder Found : C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Folder Found : C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebgdeaohaofdhldpobdpfocdonmgki
Folder Found : C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\hvpr7g5x.default\Extensions\{6c3bc03f-d7b9-43ac-8931-c242e3cae971}
Folder Found : C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\hvpr7g5x.default\Extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}
Folder Found : C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\hvpr7g5x.default\Extensions\2pffxtbr@CouponAlert_2p.com
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\NCH Software
Folder Found C:\Program Files (x86)\otshot
Folder Found C:\Program Files (x86)\ParetoLogic
Folder Found C:\ProgramData\Conduit
Folder Found C:\ProgramData\NCH Software
Folder Found C:\ProgramData\Tarma Installer
Folder Found C:\Users\Ruth\AppData\Local\apn
Folder Found C:\Users\Ruth\AppData\Local\Conduit
Folder Found C:\Users\Ruth\AppData\Local\CouponAlert_2p
Folder Found C:\Users\Ruth\AppData\Local\SwvUpdater
Folder Found C:\Users\Ruth\AppData\LocalLow\Conduit
Folder Found C:\Users\Ruth\AppData\LocalLow\PriceGong
Folder Found C:\Users\Ruth\AppData\LocalLow\ShoppingReport2
Folder Found C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\hvpr7g5x.default\CT3287375
Folder Found C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\hvpr7g5x.default\CT3289847
Folder Found C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\hvpr7g5x.default\Smartbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\Freecause
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\ShoppingReport2
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Key Found : HKCU\Software\Google\Chrome\Extensions\neebgdeaohaofdhldpobdpfocdonmgki
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\NCH Software
Key Found : HKCU\Software\ParetoLogic
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\NCH Software
Key Found : [x64] HKCU\Software\ParetoLogic
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\FCTB000063267.FCTB000063267Pos
Key Found : HKLM\SOFTWARE\Classes\FCTB000063267.FCTB000063267Pos.1
Key Found : HKLM\SOFTWARE\Classes\FCTB000063267.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\FCTB000063267.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\FCTB000063267.JSOptionsImpl
Key Found : HKLM\SOFTWARE\Classes\FCTB000063267.JSOptionsImpl.1
Key Found : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook
Key Found : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1
Key Found : HKLM\SOFTWARE\Classes\speedupmypc
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\neebgdeaohaofdhldpobdpfocdonmgki
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ClickPotatoLiteSA_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ClickPotatoLiteSA_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\VAFMusic Conduit_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\VAFMusic Conduit_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\Software\NCH Software
Key Found : HKLM\Software\ParetoLogic
Key Found : HKLM\Software\Supreme Savings
Key Found : HKLM\Software\Uniblue
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\DomaIQ
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v

[ File : C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\hvpr7g5x.default\prefs.js ]

Line Found : user_pref("CT3287375.1000082.isPlayDisplay", "true");
Line Found : user_pref("CT3287375.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock - Rock\",\"url\":\"hxxp://www.feedlive.net/california.asx\"}");
Line Found : user_pref("CT3287375.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3287375.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3287375.FF19Solved", "true");
Line Found : user_pref("CT3287375.FirstTime", "true");
Line Found : user_pref("CT3287375.FirstTimeFF3", "true");
Line Found : user_pref("CT3287375.PG_ENABLE", "dHJ1ZQ==");
Line Found : user_pref("CT3287375.PG_ENABLE.enc", "dHJ1ZQ==");
Line Found : user_pref("CT3287375.SF_JUST_INSTALLED.enc", "RkFMU0U=");
Line Found : user_pref("CT3287375.SF_STATUS.enc", "RU5BQkxFRA==");
Line Found : user_pref("CT3287375.SF_USER_ID.enc", "Y2lkXzEzNjIwMTMxNzI4NTE4MDQ1NzQ5");
Line Found : user_pref("CT3287375.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3287375&SearchSource=2&CUI=UN12825649783333770&UM=2&q=");
Line Found : user_pref("CT3287375.UserID", "UN12825649783333770");
Line Found : user_pref("CT3287375.YTbyClickFavorites.enc", "W10=");
Line Found : user_pref("CT3287375.YTbyClickRecent.enc", "JTVCJTdCJTIyaWQlMjIlM0ElMjI1c1BoN3hsMjlkcyUyMiUyQyUyMnRpdGxlJTIyJTNBJTIyTWluZWNyYWZ0JTIwRGlub3NhdXJzJTIwLSUyMCglMjBEaW5vc2F1ciUyMG1vZCUyMCklMjAtJTIwRXBpc29k[...]
Line Found : user_pref("CT3287375.addressBarTakeOverEnabledInHidden", "true");
Line Found : user_pref("CT3287375.autoDisableScopes", 0);
Line Found : user_pref("CT3287375.browser.search.defaultthis.engineName", "true");
Line Found : user_pref("CT3287375.cbfirsttime.enc", "RnJpIE1heSAyNCAyMDEzIDExOjQ0OjAzIEdNVC0wNzAwIChQYWNpZmljIERheWxpZ2h0IFRpbWUp");
Line Found : user_pref("CT3287375.defaultSearch", "true");
Line Found : user_pref("CT3287375.embeddedsData", "[{\"appId\":\"10000002\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"instantAlert\":[...]
Line Found : user_pref("CT3287375.enableAlerts", "true");
Line Found : user_pref("CT3287375.enableFix404ByUser", "TRUE");
Line Found : user_pref("CT3287375.enableSearchFromAddressBar", "true");
Line Found : user_pref("CT3287375.firstTimeDialogOpened", "true");
Line Found : user_pref("CT3287375.fixPageNotFoundError", "true");
Line Found : user_pref("CT3287375.fixPageNotFoundErrorByUser", "true");
Line Found : user_pref("CT3287375.fixPageNotFoundErrorInHidden", "true");
Line Found : user_pref("CT3287375.fixUrls", true);
Line Found : user_pref("CT3287375.installDate", "17/5/2013 20:18:34");
Line Found : user_pref("CT3287375.installId", "stub.exe");
Line Found : user_pref("CT3287375.installSessionId", "{8AE068F8-6985-4C59-9D01-4A2A426C32D9}");
Line Found : user_pref("CT3287375.installSp", "TRUE");
Line Found : user_pref("CT3287375.installType", "conduitnsisintegration");
Line Found : user_pref("CT3287375.installUsage", "2013-05-18T07:52:13.5867738+03:00");
Line Found : user_pref("CT3287375.installUsageEarly", "2013-05-18T07:52:06.9876354+03:00");
Line Found : user_pref("CT3287375.installerVersion", "1.4.2.3");
Line Found : user_pref("CT3287375.isCheckedStartAsHidden", true);
Line Found : user_pref("CT3287375.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3287375.isFirstTimeToolbarLoading", "false");
Line Found : user_pref("CT3287375.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Found : user_pref("CT3287375.keyword", "true");
Line Found : user_pref("CT3287375.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3287375&octid=CT3287375&SearchSource=15&CUI=UN12825649783333770&SSPV=EB_SSPV&Lay=1&UM=2[...]
Line Found : user_pref("CT3287375.lastVersion", "10.16.2.509");
Line Found : user_pref("CT3287375.mam_gk_appStateReportTime.enc", "MTM3MTQ3OTQ4NTczMw==");
Line Found : user_pref("CT3287375.mam_gk_appState_CouponBuddy.enc", "b24=");
Line Found : user_pref("CT3287375.mam_gk_appState_PriceGong.enc", "b24=");
Line Found : user_pref("CT3287375.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsIm9wdGlvbnNEaWFsb2ciOnsiZGlzcGxheU5h[...]
Line Found : user_pref("CT3287375.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
Line Found : user_pref("CT3287375.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlBpY2xpY2tWMi1XZWJTZWFyY2giLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiI0Y2M0MDlmYi01YmM4LTRhYmQtOWYxMy01NDRjZTBmOGNlYzQiLCJ[...]
Line Found : user_pref("CT3287375.mam_gk_currentVersion.enc", "MS44LjAuNA==");
Line Found : user_pref("CT3287375.mam_gk_eventsCache.enc", "eyIxZjljNTIxYy0zNjcxLTRmN2ItOTBhOC01MGYzMmUwMGUzODYiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJkYXRhIjp7ImNhdGVnb3J5IjoiV2VsY29tZSIsImFjdGlvbiI6IlZpZXcifSwidW5pcXVlS[...]
Line Found : user_pref("CT3287375.mam_gk_first_time.enc", "MQ==");
Line Found : user_pref("CT3287375.mam_gk_gadgetOpen.enc", "MA==");
Line Found : user_pref("CT3287375.mam_gk_lastLoginTime.enc", "MTM3MTQ3OTQ4NjA0Mg==");
Line Found : user_pref("CT3287375.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHMgZW5yaWNoZXMgeW91ciB3ZWIg[...]
Line Found : user_pref("CT3287375.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Line Found : user_pref("CT3287375.mam_gk_settings1.5.0.3.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMTc5XzIiLCJpc1Rlc3QiOnRydWUsImlzV2VsY29tZUV4cGVyaWVuY2VFbmFibGVkQnlEZWZhdWx0I[...]
Line Found : user_pref("CT3287375.mam_gk_settings1.6.0.1.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMTc5XzAiLCJpc1Rlc3QiOnRydWUsImlzV2VsY29tZUV4cGVyaWVuY2VFbmFibGVkQnlEZWZhdWx0I[...]
Line Found : user_pref("CT3287375.mam_gk_settings1.8.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNTFfMSIsImlzVGVzdCI6dHJ1ZSwiaXNXZWxjb21lRXhwZXJpZW5jZUVuYWJsZWRCeURlZmF1bHQiO[...]
Line Found : user_pref("CT3287375.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
Line Found : user_pref("CT3287375.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Line Found : user_pref("CT3287375.mam_gk_userId.enc", "MDM2ZTgyN2QtN2ZhOS00Y2VjLTkyYWUtOGZmNDhjZGM4YjE3");
Line Found : user_pref("CT3287375.migrateAppsAndComponents", true);
Line Found : user_pref("CT3287375.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://Vafmusic.OurToolbar.com/\",\"EB_TOOLBA[...]
Line Found : user_pref("CT3287375.openThankYouPage", "false");
Line Found : user_pref("CT3287375.openUninstallPage", "true");
Line Found : user_pref("CT3287375.originalHomepage", "about:home");
Line Found : user_pref("CT3287375.originalSearchAddressUrl", "");
Line Found : user_pref("CT3287375.originalSearchEngine", "Google");
Line Found : user_pref("CT3287375.price-gong.isManagedApp", "true");
Line Found : user_pref("CT3287375.revertSettingsEnabled", "false");
Line Found : user_pref("CT3287375.search.searchAppId", "10000002");
Line Found : user_pref("CT3287375.search.searchCount", "0");
Line Found : user_pref("CT3287375.searchFromAddressBarEnabledByUser", "true");
Line Found : user_pref("CT3287375.searchInNewTabEnabledByUser", "true");
Line Found : user_pref("CT3287375.searchInNewTabEnabledInHidden", "true");
Line Found : user_pref("CT3287375.searchRevert", "false");
Line Found : user_pref("CT3287375.searchUserMode", "2");
Line Found : user_pref("CT3287375.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3287375.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Found : user_pref("CT3287375.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Found : user_pref("CT3287375.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3287375\"}");
Line Found : user_pref("CT3287375.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://Vafmusic.OurToolbar.com//xpi\"}");
Line Found : user_pref("CT3287375.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Vafmusic\"}");
Line Found : user_pref("CT3287375.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3287375.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1368852726557");
Line Found : user_pref("CT3287375.serviceLayer_services_appsMetadata_lastUpdate", "1369421017621");
Line Found : user_pref("CT3287375.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1368852727061");
Line Found : user_pref("CT3287375.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1368852721440");
Line Found : user_pref("CT3287375.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1368852730508");
Line Found : user_pref("CT3287375.serviceLayer_services_location_lastUpdate", "1369421128771");
Line Found : user_pref("CT3287375.serviceLayer_services_login_10.16.2.9_lastUpdate", "1369488231178");
Line Found : user_pref("CT3287375.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1368852727311");
Line Found : user_pref("CT3287375.serviceLayer_services_searchAPI_lastUpdate", "1369421128969");
Line Found : user_pref("CT3287375.serviceLayer_services_serviceMap_lastUpdate", "1369421128544");
Line Found : user_pref("CT3287375.serviceLayer_services_toolbarContextMenu_lastUpdate", "1368852726815");
Line Found : user_pref("CT3287375.serviceLayer_services_toolbarSettings_lastUpdate", "1369488231566");
Line Found : user_pref("CT3287375.serviceLayer_services_translation_lastUpdate", "1369421129511");
Line Found : user_pref("CT3287375.settingsINI", true);
Line Found : user_pref("CT3287375.shouldFirstTimeDialog", "false");
Line Found : user_pref("CT3287375.showToolbarPermission", "false");
Line Found : user_pref("CT3287375.smartbar.CTID", "CT3287375");
Line Found : user_pref("CT3287375.smartbar.Uninstall", "0");
Line Found : user_pref("CT3287375.smartbar.homepage", "true");
Line Found : user_pref("CT3287375.smartbar.toolbarName", "Vafmusic ");
Line Found : user_pref("CT3287375.startPage", "true");
Line Found : user_pref("CT3287375.toolbarBornServerTime", "18-5-2013");
Line Found : user_pref("CT3287375.toolbarCurrentServerTime", "25-5-2013");
Line Found : user_pref("CT3287375.toolbarLoginClientTime", "Fri May 17 2013 21:52:09 GMT-0700 (Pacific Daylight Time)");
Line Found : user_pref("CT3287375.url_history0001.enc", "aHR0cDovL3d3dy5nb29nbGUuY2EvdXJsP3NhPXQmcmN0PWomcT1pJTIwZmVlbCUyMHByZXR0eSUyMG9oJTIwc28lMjBwcmV0dHkmc291cmNlPXdlYiZjZD0zJnNxaT0yJnZlZD0wQ0RrUUZqQUMmdXJsPWh0[...]
Line Found : user_pref("CT3287375.versionFromInstaller", "10.16.2.9");
Line Found : user_pref("CT3287375_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1371479471918,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Found : user_pref("CT3289847.1000082.isPlayDisplay", "true");
Line Found : user_pref("CT3289847.1000082.state", "{\"state\":\"stopped\",\"text\":\"Ontario -...\",\"description\":\"Ontario - CJRQ - Q92\",\"url\":\"hxxp://38.99.208.186/CJRQ\"}");
Line Found : user_pref("CT3289847.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3289847.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3289847.FF19Solved", "true");
Line Found : user_pref("CT3289847.FirstTime", "true");
Line Found : user_pref("CT3289847.FirstTimeFF3", "true");
Line Found : user_pref("CT3289847.PG_ENABLE", "dHJ1ZQ==");
Line Found : user_pref("CT3289847.PG_ENABLE.enc", "dHJ1ZQ==");
Line Found : user_pref("CT3289847.SF_JUST_INSTALLED.enc", "RkFMU0U=");
Line Found : user_pref("CT3289847.SF_STATUS.enc", "RU5BQkxFRA==");
Line Found : user_pref("CT3289847.SF_USER_ID.enc", "Y2lkXzI0NTIwMTMxMTQzNDYxNDcxMA==");
Line Found : user_pref("CT3289847.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&SearchSource=2&CUI=UN50708178425552717&UM=2&q=");
Line Found : user_pref("CT3289847.UserID", "UN50708178425552717");
Line Found : user_pref("CT3289847.addressBarTakeOverEnabledInHidden", "true");
Line Found : user_pref("CT3289847.browser.search.defaultthis.engineName", "true");
Line Found : user_pref("CT3289847.cbfirsttime.enc", "RnJpIE1heSAxNyAyMDEzIDIzOjMwOjQzIEdNVC0wNzAwIChQYWNpZmljIERheWxpZ2h0IFRpbWUp");
Line Found : user_pref("CT3289847.defaultSearch", "true");
Line Found : user_pref("CT3289847.embeddedsData", "[{\"appId\":\"130068661007799818\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Found : user_pref("CT3289847.enableAlerts", "true");
Line Found : user_pref("CT3289847.enableFix404ByUser", "TRUE");
Line Found : user_pref("CT3289847.enableSearchFromAddressBar", "true");
Line Found : user_pref("CT3289847.firstTimeDialogOpened", "true");
Line Found : user_pref("CT3289847.first_time_search.enc", "MQ==");
Line Found : user_pref("CT3289847.fixPageNotFoundError", "true");
Line Found : user_pref("CT3289847.fixPageNotFoundErrorByUser", "true");
Line Found : user_pref("CT3289847.fixPageNotFoundErrorInHidden", "true");
Line Found : user_pref("CT3289847.fixUrls", true);
Line Found : user_pref("CT3289847.hxxp___api29_starwebnet_com.pid2.enc", "ODdmZmIyYzktZDRkMC01YzUxLTY3YjUtZWE3ODkzNDBkNTA2");
Line Found : user_pref("CT3289847.hxxp___api30_starwebnet_com.pid2.enc", "YmQ4Y2MwMWUtOWU2Ny04ZjBlLWFiNGYtNjgwOGYzNTZjMjk2");
Line Found : user_pref("CT3289847.hxxp___api31_starwebnet_com.pid2.enc", "NDc1ZjU3NzItZDYxNy1hMWIxLWU5YzYtOGViNjc2ZmJiY2Mz");
Line Found : user_pref("CT3289847.hxxp___api32_starwebnet_com.pid2.enc", "ZjA1NjY4ODMtNTdiNi00MGMwLTAzMTMtOTJiMmI2MDllODMw");
Line Found : user_pref("CT3289847.hxxp___toolbar_jollywallet_com_tlb_2.APP_WIN_FEATURES.enc", "cmVzaXphYmxlPXllcywgc2Nyb2xsYmFycz15ZXMsIGhzY3JvbGw9bm8gLHZzY3JvbGw9bm8sIHRpdGxlYmFyPXllcywgY2xvc2VvbmV4dGVybmFsY2xpY2[...]
Line Found : user_pref("CT3289847.hxxp___toolbar_jollywallet_com_tlb_2.Affiliate_defaultGui.enc", "eyJndWkiOltdLCJhY3Rpb25zIjpbeyJpZCI6IjEwMSIsInR5cGUiOiJiYXIiLCJ2YWxpZGl0eSI6InBlcnNpc3QiLCJkYXRhIjp7ImhlaWdodCI6Ij[...]
Line Found : user_pref("CT3289847.hxxp___toolbar_jollywallet_com_tlb_2.Affiliate_settings.enc", "eyJpbml0VXJsIjoiYXBpLmpvbGx5d2FsbGV0LmNvbS9hZmZpbGlhdGUvaW5pdCIsInF1ZXJ5VXJsIjoiYXBpLmpvbGx5d2FsbGV0LmNvbS9hZmZpbGlh[...]
Line Found : user_pref("CT3289847.hxxp___toolbar_jollywallet_com_tlb_2.jw_token.enc", "ZmIzYjBkN2YtZDc0ZC03ZmE1LTMxZWItYmVjZGI3NTMxZDZk");
Line Found : user_pref("CT3289847.hxxp___toolbar_jollywallet_com_tlb_2.key_list_id.enc", "MjAxMjA4MDItMDAw");
Line Found : user_pref("CT3289847.installDate", "17/5/2013 20:21:32");
Line Found : user_pref("CT3289847.installId", "9818");
Line Found : user_pref("CT3289847.installSessionId", "-1");
Line Found : user_pref("CT3289847.installSp", "TRUE");
Line Found : user_pref("CT3289847.installType", "conduitnsisintegration");
Line Found : user_pref("CT3289847.installUsage", "2013-05-18T07:52:16.1609058+03:00");
Line Found : user_pref("CT3289847.installUsageEarly", "2013-05-18T07:52:07.096841+03:00");
Line Found : user_pref("CT3289847.installerVersion", "1.4.2.3");
Line Found : user_pref("CT3289847.isCheckedStartAsHidden", true);
Line Found : user_pref("CT3289847.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3289847.isFirstTimeToolbarLoading", "false");
Line Found : user_pref("CT3289847.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Found : user_pref("CT3289847.keyword", "true");
Line Found : user_pref("CT3289847.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3289847&octid=CT3289847&SearchSource=15&CUI=UN50708178425552717&SSPV=EB_SSPV&Lay=1&UM=2[...]
Line Found : user_pref("CT3289847.lastVersion", "10.16.2.509");
Line Found : user_pref("CT3289847.mam_gk_appStateReportTime.enc", "MTM3MTE2OTc0NzAyMg==");
Line Found : user_pref("CT3289847.mam_gk_appState_CouponBuddy.enc", "b24=");
Line Found : user_pref("CT3289847.mam_gk_appState_PriceGong.enc", "b24=");
Line Found : user_pref("CT3289847.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsIm9wdGlvbnNEaWFsb2ciOnsiZGlzcGxheU5h[...]
Line Found : user_pref("CT3289847.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
Line Found : user_pref("CT3289847.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlBpY2xpY2tWMi1XZWJTZWFyY2giLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiI3NzZkYjZkYy01Zjc5LTQ2ZTMtOTZjMy01M2U1ZDZhZGU1OGQiLCJ[...]
Line Found : user_pref("CT3289847.mam_gk_currentVersion.enc", "MS44LjAuNA==");
Line Found : user_pref("CT3289847.mam_gk_eventsCache.enc", "eyI0NDRjOTkyMi1jZmI4LTQ5YmItOTIxMy1iN2YwMTNlNDk3YTYiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJkYXRhIjp7ImNhdGVnb3J5IjoiV2VsY29tZSIsImFjdGlvbiI6IlZpZXcifSwidW5pcXVlS[...]
Line Found : user_pref("CT3289847.mam_gk_first_time.enc", "MQ==");
Line Found : user_pref("CT3289847.mam_gk_gadgetOpen.enc", "MA==");
Line Found : user_pref("CT3289847.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Line Found : user_pref("CT3289847.mam_gk_lastLoginTime.enc", "MTM3MTE2OTczMTAzMw==");
Line Found : user_pref("CT3289847.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHMgZW5yaWNoZXMgeW91ciB3ZWIg[...]
Line Found : user_pref("CT3289847.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Line Found : user_pref("CT3289847.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMjYwXzEiLCJpc1Rlc3QiOnRydWUsImlzV2VsY29tZUV4cGVyaWVuY2VFbmFibGVkQnlEZWZhdWx0I[...]
Line Found : user_pref("CT3289847.mam_gk_settings1.6.0.1.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMjk3XzIiLCJpc1Rlc3QiOnRydWUsImlzV2VsY29tZUV4cGVyaWVuY2VFbmFibGVkQnlEZWZhdWx0I[...]
Line Found : user_pref("CT3289847.mam_gk_settings1.8.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNTFfMCIsImlzVGVzdCI6dHJ1ZSwiaXNXZWxjb21lRXhwZXJpZW5jZUVuYWJsZWRCeURlZmF1bHQiO[...]
Line Found : user_pref("CT3289847.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
Line Found : user_pref("CT3289847.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Line Found : user_pref("CT3289847.mam_gk_userId.enc", "OTU2ZDVlYzQtMjc2My00N2YwLWIxM2ItZDMwNTNlY2MzZWYx");
Line Found : user_pref("CT3289847.migrateAppsAndComponents", true);
Line Found : user_pref("CT3289847.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_SEARCH_TERM\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://WhiteSmokeNew.OurToolbar.com/\",\"EB_T[...]
Line Found : user_pref("CT3289847.openThankYouPage", "false");
Line Found : user_pref("CT3289847.openUninstallPage", "true");
Line Found : user_pref("CT3289847.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3287375&octid=CT3287375&SearchSource=61&CUI=UN12825649783333770&UM=2&UP=SPE521903B-4391-499D-BA31-D7A9297EE899");
Line Found : user_pref("CT3289847.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3287375&SearchSource=2&CUI=UN12825649783333770&UM=2&q=");
Line Found : user_pref("CT3289847.originalSearchEngine", "Vafmusic Customized Web Search");
Line Found : user_pref("CT3289847.price-gong.isManagedApp", "true");
Line Found : user_pref("CT3289847.revertSettingsEnabled", "true");
Line Found : user_pref("CT3289847.search.searchAppId", "130068661007799818");
Line Found : user_pref("CT3289847.search.searchCount", "0");
Line Found : user_pref("CT3289847.searchFromAddressBarEnabledByUser", "true");
Line Found : user_pref("CT3289847.searchInNewTabEnabledByUser", "true");
Line Found : user_pref("CT3289847.searchInNewTabEnabledInHidden", "true");
Line Found : user_pref("CT3289847.searchRevert", "true");
Line Found : user_pref("CT3289847.searchUserMode", "2");
Line Found : user_pref("CT3289847.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3289847.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Found : user_pref("CT3289847.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Found : user_pref("CT3289847.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3289847\"}");
Line Found : user_pref("CT3289847.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://WhiteSmokeNew.OurToolbar.com//xpi\"}");
Line Found : user_pref("CT3289847.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"WhiteSmoke New\"}");
Line Found : user_pref("CT3289847.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3289847.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1368852730566");
Line Found : user_pref("CT3289847.serviceLayer_services_appsMetadata_lastUpdate", "1369421017631");
Line Found : user_pref("CT3289847.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1368858511192");
Line Found : user_pref("CT3289847.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1368852722286");
Line Found : user_pref("CT3289847.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1368852730639");
Line Found : user_pref("CT3289847.serviceLayer_services_location_lastUpdate", "1369421130600");
Line Found : user_pref("CT3289847.serviceLayer_services_login_10.16.2.9_lastUpdate", "1369488231268");
Line Found : user_pref("CT3289847.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1368858511282");
Line Found : user_pref("CT3289847.serviceLayer_services_searchAPI_lastUpdate", "1369421130581");
Line Found : user_pref("CT3289847.serviceLayer_services_serviceMap_lastUpdate", "1369421130398");
Line Found : user_pref("CT3289847.serviceLayer_services_toolbarContextMenu_lastUpdate", "1368858511235");
Line Found : user_pref("CT3289847.serviceLayer_services_toolbarSettings_lastUpdate", "1369488231700");
Line Found : user_pref("CT3289847.serviceLayer_services_translation_lastUpdate", "1369421130801");
Line Found : user_pref("CT3289847.settingsINI", true);
Line Found : user_pref("CT3289847.shouldFirstTimeDialog", "false");
Line Found : user_pref("CT3289847.showToolbarPermission", "false");
Line Found : user_pref("CT3289847.smartbar.CTID", "CT3289847");
Line Found : user_pref("CT3289847.smartbar.Uninstall", "0");
Line Found : user_pref("CT3289847.smartbar.homepage", "true");
Line Found : user_pref("CT3289847.smartbar.toolbarName", "WhiteSmoke New ");
Line Found : user_pref("CT3289847.startPage", "true");
Line Found : user_pref("CT3289847.toolbarBornServerTime", "18-5-2013");
Line Found : user_pref("CT3289847.toolbarCurrentServerTime", "25-5-2013");
Line Found : user_pref("CT3289847.toolbarLoginClientTime", "Fri May 17 2013 23:28:28 GMT-0700 (Pacific Daylight Time)");
Line Found : user_pref("CT3289847.url_history0001.enc", "aHR0cDovL3d3dy5nb29nbGUuY2EvdXJsP3NhPXQmcmN0PWomcT1pJTIwZmVlbCUyMHByZXR0eSUyMG9oJTIwc28lMjBwcmV0dHkmc291cmNlPXdlYiZjZD0zJnNxaT0yJnZlZD0wQ0RrUUZqQUMmdXJsPWh0[...]
Line Found : user_pref("CT3289847.versionFromInstaller", "10.16.2.9");
Line Found : user_pref("CT3289847_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1371479472005,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Found : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3289847&CUI=UN50708178425552717&UM=2&SearchSource=13");
Line Found : user_pref("Smartbar.ConduitSearchEngineList", "");
Line Found : user_pref("Smartbar.ConduitSearchUrlList", "");
Line Found : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3287375&SearchSource=2&CUI=UN12825649783333770&UM=2&q=");
Line Found : user_pref("Smartbar.keywordURLSelectedCTID", "CT3289847");
Line Found : user_pref("browser.search.defaultengine", "Ask.com");
Line Found : user_pref("browser.search.defaultenginename", "Ask.com");
Line Found : user_pref("browser.search.defaultthis.engineName", "WhiteSmoke New Customized Web Search");
Line Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&CUI=UN50708178425552717&UM=2&SearchSource=3&q={searchTerms}");
Line Found : user_pref("browser.search.order.1", "Ask.com");
Line Found : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3289847&CUI=UN50708178425552717&UM=2&SearchSource=13");
Line Found : user_pref("extensions.asktb.ff-original-keyword-url", "");
Line Found : user_pref("extensions.crossrider.bic", "13eb5faed83ebca49c03be3d2213b35f");
Line Found : user_pref("extensions.crossriderapp19962.19962.InstallationTime", 1368852721);
Line Found : user_pref("extensions.crossriderapp19962.19962.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");
Line Found : user_pref("extensions.crossriderapp19962.19962.cookie.InstallationTime.value", "1368852721");
Line Found : user_pref("extensions.crossriderapp19962.adsOldValue", -1);
Line Found : user_pref("extensions.crossriderapp19962.bic", "13eb5faed83ebca49c03be3d2213b35f");
Line Found : user_pref("extensions.crossriderapp19962.firstrun", false);
Line Found : user_pref("extensions.crossriderapp19962.installationdate", 1368852721);
Line Found : user_pref("extensions.crossriderapp19962.lastcheck", 22857991);
Line Found : user_pref("extensions.crossriderapp19962.lastcheckitem", 22857991);
Line Found : user_pref("extensions.crossriderapp19962.reportInstall", true);
Line Found : user_pref("extensions.crossriderapp19962.statsDailyCounter", 7);
Line Found : user_pref("extensions.enabledAddons", "longurlplease%40darragh.curran:0.5.1,2pffxtbr%40CouponAlert_2p.com:2.73.0.65458,crossriderapp19962%40crossrider.com:0.91.51,%7B6c3bc03f-d7b9-43ac-8931-c242e3cae9[...]
Line Found : user_pref("extensions.toolbar.mindspark._2pMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=undefined&n=77ecfec0&ptnrS=CDxpi000");
Line Found : user_pref("extensions.toolbar.mindspark._2pMembers_.initialized", true);
Line Found : user_pref("extensions.toolbar.mindspark._2pMembers_.installation.installDate", "2012020416");
Line Found : user_pref("extensions.toolbar.mindspark._2pMembers_.installation.partnerId", "CDxpi000");
Line Found : user_pref("extensions.toolbar.mindspark._2pMembers_.installation.partnerSubId", "");
Line Found : user_pref("extensions.toolbar.mindspark._2pMembers_.installation.success", false);
Line Found : user_pref("extensions.toolbar.mindspark._2pMembers_.installation.toolbarId", "undefined");
Line Found : user_pref("extensions.toolbar.mindspark._2pMembers_.options.defaultSearch", false);
Line Found : user_pref("extensions.toolbar.mindspark._2pMembers_.options.homePageEnabled", false);
Line Found : user_pref("extensions.toolbar.mindspark._2pMembers_.options.keywordEnabled", false);
Line Found : user_pref("extensions.toolbar.mindspark._2pMembers_.options.tabEnabled", false);
Line Found : user_pref("extensions.toolbar.mindspark._2pMembers_.recentlyClosed", "{\"list\":[{\"url\":\"hxxp://www.naturalhealinghouse.com/media/Deseret_1000-calorie.pdf\",\"favIcon\":\"hxxp://www.naturalhealingh[...]
Line Found : user_pref("extensions.toolbar.mindspark._2pMembers_.searchHistory", "<iframe width=\"560\" height=\"315\" src=\"hxxp://www.youtube.com/embed/videoseries?list=PL9BDF3D28339D1316&hl=en_US\" framebor[...]
Line Found : user_pref("extensions.toolbar.mindspark._2pMembers_.weather.location", "V9P");
Line Found : user_pref("extensions.toolbar.mindspark.lastInstalled", "couponalert@mindspark.com");
Line Found : user_pref("smartbar.addressBarOwnerCTID", "CT3289847");
Line Found : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3287375&CUI=UN12825649783333770&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3287375&octid=CT3287375&SearchSource[...]
Line Found : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3287375&SearchSource=2&CUI=UN12825649783333770&UM=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?cti[...]
Line Found : user_pref("smartbar.defaultSearchOwnerCTID", "CT3289847");
Line Found : user_pref("smartbar.homePageOwnerCTID", "CT3289847");
Line Found : user_pref("smartbar.machineId", "+/IM5/J6ZATQP+/PZ4+G2YENPPGTWDJ89XUKMUHP8EPMHNYIXV7JXFDCR7HT2M13ITD2I65F4CBMPG53EXB7RG");
Line Found : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3287375&CUI=UN12825649783333770&UM=2&SearchSource=13");

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : icon_url
Found : search_url
Found : suggest_url
Found : keyword
Found : search_url
Found : icon_url
Found : search_url
Found : suggest_url
Found : keyword

[ File : C:\Users\Graham\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [36574 octets] - [19/12/2013 03:15:08]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [36635 octets] ##########
 
Good,


Double click on AdwCleaner.exe to run the tool again.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
  • This time, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.



thisisujrt.gif
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
# AdwCleaner v3.015 - Report created 19/12/2013 at 03:53:57
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Ruth - RUTH-MSI
# Running from : C:\Users\Ruth\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\NCH Software
Folder Deleted : C:\Program Files (x86)\otshot
Folder Deleted : C:\Program Files (x86)\ParetoLogic
Folder Deleted : C:\Users\Ruth\AppData\Local\apn
Folder Deleted : C:\Users\Ruth\AppData\Local\Conduit
Folder Deleted : C:\Users\Ruth\AppData\Local\CouponAlert_2p
Folder Deleted : C:\Users\Ruth\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Ruth\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Ruth\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Ruth\AppData\LocalLow\ShoppingReport2
Folder Deleted : C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\hvpr7g5x.default\Smartbar
Folder Deleted : C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\hvpr7g5x.default\CT3287375
Folder Deleted : C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\hvpr7g5x.default\CT3289847
Folder Deleted : C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\hvpr7g5x.default\Extensions\2pffxtbr@CouponAlert_2p.com
Folder Deleted : C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\hvpr7g5x.default\Extensions\{6c3bc03f-d7b9-43ac-8931-c242e3cae971}
Folder Deleted : C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\hvpr7g5x.default\Extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}
Folder Deleted : C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Folder Deleted : C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebgdeaohaofdhldpobdpfocdonmgki
File Deleted : C:\END
File Deleted : C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\hvpr7g5x.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\hvpr7g5x.default\searchplugins\whitesmoke-new-customized-web-search.xml
File Deleted : C:\windows\System32\Tasks\NCH Software

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Key Deleted : HKCU\Software\Google\Chrome\Extensions\neebgdeaohaofdhldpobdpfocdonmgki
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\neebgdeaohaofdhldpobdpfocdonmgki
Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ClickPotatoLiteSA_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ClickPotatoLiteSA_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\VAFMusic Conduit_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\VAFMusic Conduit_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000063267.FCTB000063267Pos
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000063267.FCTB000063267Pos.1
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000063267.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000063267.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000063267.JSOptionsImpl
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000063267.JSOptionsImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\NCH Software
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\ShoppingReport2
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\NCH Software
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\Supreme Savings
Key Deleted : HKLM\Software\Uniblue
Key Deleted : [x64] HKLM\SOFTWARE\DomaIQ
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v

[ File : C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\hvpr7g5x.default\prefs.js ]

Line Deleted : user_pref("CT3287375.1000082.isPlayDisplay", "true");
Line Deleted : user_pref("CT3287375.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock - Rock\",\"url\":\"hxxp://www.feedlive.net/california.asx\"}");
Line Deleted : user_pref("CT3287375.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3287375.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3287375.FF19Solved", "true");
Line Deleted : user_pref("CT3287375.FirstTime", "true");
Line Deleted : user_pref("CT3287375.FirstTimeFF3", "true");
Line Deleted : user_pref("CT3287375.PG_ENABLE", "dHJ1ZQ==");
Line Deleted : user_pref("CT3287375.PG_ENABLE.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3287375.SF_JUST_INSTALLED.enc", "RkFMU0U=");
Line Deleted : user_pref("CT3287375.SF_STATUS.enc", "RU5BQkxFRA==");
Line Deleted : user_pref("CT3287375.SF_USER_ID.enc", "Y2lkXzEzNjIwMTMxNzI4NTE4MDQ1NzQ5");
Line Deleted : user_pref("CT3287375.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3287375&SearchSource=2&CUI=UN12825649783333770&UM=2&q=");
Line Deleted : user_pref("CT3287375.UserID", "UN12825649783333770");
Line Deleted : user_pref("CT3287375.YTbyClickFavorites.enc", "W10=");
Line Deleted : user_pref("CT3287375.YTbyClickRecent.enc", "JTVCJTdCJTIyaWQlMjIlM0ElMjI1c1BoN3hsMjlkcyUyMiUyQyUyMnRpdGxlJTIyJTNBJTIyTWluZWNyYWZ0JTIwRGlub3NhdXJzJTIwLSUyMCglMjBEaW5vc2F1ciUyMG1vZCUyMCklMjAtJTIwRXBpc29k[...]
Line Deleted : user_pref("CT3287375.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT3287375.autoDisableScopes", 0);
Line Deleted : user_pref("CT3287375.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3287375.cbfirsttime.enc", "RnJpIE1heSAyNCAyMDEzIDExOjQ0OjAzIEdNVC0wNzAwIChQYWNpZmljIERheWxpZ2h0IFRpbWUp");
Line Deleted : user_pref("CT3287375.defaultSearch", "true");
Line Deleted : user_pref("CT3287375.embeddedsData", "[{\"appId\":\"10000002\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"instantAlert\":[...]
Line Deleted : user_pref("CT3287375.enableAlerts", "true");
Line Deleted : user_pref("CT3287375.enableFix404ByUser", "TRUE");
Line Deleted : user_pref("CT3287375.enableSearchFromAddressBar", "true");
Line Deleted : user_pref("CT3287375.firstTimeDialogOpened", "true");
Line Deleted : user_pref("CT3287375.fixPageNotFoundError", "true");
Line Deleted : user_pref("CT3287375.fixPageNotFoundErrorByUser", "true");
Line Deleted : user_pref("CT3287375.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT3287375.fixUrls", true);
Line Deleted : user_pref("CT3287375.installDate", "17/5/2013 20:18:34");
Line Deleted : user_pref("CT3287375.installId", "stub.exe");
Line Deleted : user_pref("CT3287375.installSessionId", "{8AE068F8-6985-4C59-9D01-4A2A426C32D9}");
Line Deleted : user_pref("CT3287375.installSp", "TRUE");
Line Deleted : user_pref("CT3287375.installType", "conduitnsisintegration");
Line Deleted : user_pref("CT3287375.installUsage", "2013-05-18T07:52:13.5867738+03:00");
Line Deleted : user_pref("CT3287375.installUsageEarly", "2013-05-18T07:52:06.9876354+03:00");
Line Deleted : user_pref("CT3287375.installerVersion", "1.4.2.3");
Line Deleted : user_pref("CT3287375.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT3287375.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3287375.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT3287375.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3287375.keyword", "true");
Line Deleted : user_pref("CT3287375.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3287375&octid=CT3287375&SearchSource=15&CUI=UN12825649783333770&SSPV=EB_SSPV&Lay=1&UM=2[...]
Line Deleted : user_pref("CT3287375.lastVersion", "10.16.2.509");
Line Deleted : user_pref("CT3287375.mam_gk_appStateReportTime.enc", "MTM3MTQ3OTQ4NTczMw==");
Line Deleted : user_pref("CT3287375.mam_gk_appState_CouponBuddy.enc", "b24=");
Line Deleted : user_pref("CT3287375.mam_gk_appState_PriceGong.enc", "b24=");
Line Deleted : user_pref("CT3287375.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsIm9wdGlvbnNEaWFsb2ciOnsiZGlzcGxheU5h[...]
Line Deleted : user_pref("CT3287375.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
Line Deleted : user_pref("CT3287375.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlBpY2xpY2tWMi1XZWJTZWFyY2giLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiI0Y2M0MDlmYi01YmM4LTRhYmQtOWYxMy01NDRjZTBmOGNlYzQiLCJ[...]
Line Deleted : user_pref("CT3287375.mam_gk_currentVersion.enc", "MS44LjAuNA==");
Line Deleted : user_pref("CT3287375.mam_gk_eventsCache.enc", "eyIxZjljNTIxYy0zNjcxLTRmN2ItOTBhOC01MGYzMmUwMGUzODYiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJkYXRhIjp7ImNhdGVnb3J5IjoiV2VsY29tZSIsImFjdGlvbiI6IlZpZXcifSwidW5pcXVlS[...]
Line Deleted : user_pref("CT3287375.mam_gk_first_time.enc", "MQ==");
Line Deleted : user_pref("CT3287375.mam_gk_gadgetOpen.enc", "MA==");
Line Deleted : user_pref("CT3287375.mam_gk_lastLoginTime.enc", "MTM3MTQ3OTQ4NjA0Mg==");
Line Deleted : user_pref("CT3287375.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHMgZW5yaWNoZXMgeW91ciB3ZWIg[...]
Line Deleted : user_pref("CT3287375.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3287375.mam_gk_settings1.5.0.3.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMTc5XzIiLCJpc1Rlc3QiOnRydWUsImlzV2VsY29tZUV4cGVyaWVuY2VFbmFibGVkQnlEZWZhdWx0I[...]
Line Deleted : user_pref("CT3287375.mam_gk_settings1.6.0.1.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMTc5XzAiLCJpc1Rlc3QiOnRydWUsImlzV2VsY29tZUV4cGVyaWVuY2VFbmFibGVkQnlEZWZhdWx0I[...]
Line Deleted : user_pref("CT3287375.mam_gk_settings1.8.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNTFfMSIsImlzVGVzdCI6dHJ1ZSwiaXNXZWxjb21lRXhwZXJpZW5jZUVuYWJsZWRCeURlZmF1bHQiO[...]
Line Deleted : user_pref("CT3287375.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3287375.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT3287375.mam_gk_userId.enc", "MDM2ZTgyN2QtN2ZhOS00Y2VjLTkyYWUtOGZmNDhjZGM4YjE3");
Line Deleted : user_pref("CT3287375.migrateAppsAndComponents", true);
Line Deleted : user_pref("CT3287375.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://Vafmusic.OurToolbar.com/\",\"EB_TOOLBA[...]
Line Deleted : user_pref("CT3287375.openThankYouPage", "false");
Line Deleted : user_pref("CT3287375.openUninstallPage", "true");
Line Deleted : user_pref("CT3287375.originalHomepage", "about:home");
Line Deleted : user_pref("CT3287375.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT3287375.originalSearchEngine", "Google");
Line Deleted : user_pref("CT3287375.price-gong.isManagedApp", "true");
Line Deleted : user_pref("CT3287375.revertSettingsEnabled", "false");
Line Deleted : user_pref("CT3287375.search.searchAppId", "10000002");
Line Deleted : user_pref("CT3287375.search.searchCount", "0");
Line Deleted : user_pref("CT3287375.searchFromAddressBarEnabledByUser", "true");
Line Deleted : user_pref("CT3287375.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT3287375.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT3287375.searchRevert", "false");
Line Deleted : user_pref("CT3287375.searchUserMode", "2");
Line Deleted : user_pref("CT3287375.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3287375.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3287375.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT3287375.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3287375\"}");
Line Deleted : user_pref("CT3287375.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://Vafmusic.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT3287375.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Vafmusic\"}");
Line Deleted : user_pref("CT3287375.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3287375.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1368852726557");
Line Deleted : user_pref("CT3287375.serviceLayer_services_appsMetadata_lastUpdate", "1369421017621");
Line Deleted : user_pref("CT3287375.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1368852727061");
Line Deleted : user_pref("CT3287375.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1368852721440");
Line Deleted : user_pref("CT3287375.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1368852730508");
Line Deleted : user_pref("CT3287375.serviceLayer_services_location_lastUpdate", "1369421128771");
Line Deleted : user_pref("CT3287375.serviceLayer_services_login_10.16.2.9_lastUpdate", "1369488231178");
Line Deleted : user_pref("CT3287375.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1368852727311");
Line Deleted : user_pref("CT3287375.serviceLayer_services_searchAPI_lastUpdate", "1369421128969");
Line Deleted : user_pref("CT3287375.serviceLayer_services_serviceMap_lastUpdate", "1369421128544");
Line Deleted : user_pref("CT3287375.serviceLayer_services_toolbarContextMenu_lastUpdate", "1368852726815");
Line Deleted : user_pref("CT3287375.serviceLayer_services_toolbarSettings_lastUpdate", "1369488231566");
Line Deleted : user_pref("CT3287375.serviceLayer_services_translation_lastUpdate", "1369421129511");
Line Deleted : user_pref("CT3287375.settingsINI", true);
Line Deleted : user_pref("CT3287375.shouldFirstTimeDialog", "false");
Line Deleted : user_pref("CT3287375.showToolbarPermission", "false");
Line Deleted : user_pref("CT3287375.smartbar.CTID", "CT3287375");
Line Deleted : user_pref("CT3287375.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT3287375.smartbar.homepage", "true");
Line Deleted : user_pref("CT3287375.smartbar.toolbarName", "Vafmusic ");
Line Deleted : user_pref("CT3287375.startPage", "true");
Line Deleted : user_pref("CT3287375.toolbarBornServerTime", "18-5-2013");
Line Deleted : user_pref("CT3287375.toolbarCurrentServerTime", "25-5-2013");
Line Deleted : user_pref("CT3287375.toolbarLoginClientTime", "Fri May 17 2013 21:52:09 GMT-0700 (Pacific Daylight Time)");
Line Deleted : user_pref("CT3287375.url_history0001.enc", "aHR0cDovL3d3dy5nb29nbGUuY2EvdXJsP3NhPXQmcmN0PWomcT1pJTIwZmVlbCUyMHByZXR0eSUyMG9oJTIwc28lMjBwcmV0dHkmc291cmNlPXdlYiZjZD0zJnNxaT0yJnZlZD0wQ0RrUUZqQUMmdXJsPWh0[...]
Line Deleted : user_pref("CT3287375.versionFromInstaller", "10.16.2.9");
Line Deleted : user_pref("CT3287375_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1371479471918,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CT3289847.1000082.isPlayDisplay", "true");
Line Deleted : user_pref("CT3289847.1000082.state", "{\"state\":\"stopped\",\"text\":\"Ontario -...\",\"description\":\"Ontario - CJRQ - Q92\",\"url\":\"hxxp://38.99.208.186/CJRQ\"}");
Line Deleted : user_pref("CT3289847.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3289847.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3289847.FF19Solved", "true");
Line Deleted : user_pref("CT3289847.FirstTime", "true");
Line Deleted : user_pref("CT3289847.FirstTimeFF3", "true");
Line Deleted : user_pref("CT3289847.PG_ENABLE", "dHJ1ZQ==");
Line Deleted : user_pref("CT3289847.PG_ENABLE.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3289847.SF_JUST_INSTALLED.enc", "RkFMU0U=");
Line Deleted : user_pref("CT3289847.SF_STATUS.enc", "RU5BQkxFRA==");
Line Deleted : user_pref("CT3289847.SF_USER_ID.enc", "Y2lkXzI0NTIwMTMxMTQzNDYxNDcxMA==");
Line Deleted : user_pref("CT3289847.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&SearchSource=2&CUI=UN50708178425552717&UM=2&q=");
Line Deleted : user_pref("CT3289847.UserID", "UN50708178425552717");
Line Deleted : user_pref("CT3289847.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT3289847.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3289847.cbfirsttime.enc", "RnJpIE1heSAxNyAyMDEzIDIzOjMwOjQzIEdNVC0wNzAwIChQYWNpZmljIERheWxpZ2h0IFRpbWUp");
Line Deleted : user_pref("CT3289847.defaultSearch", "true");
Line Deleted : user_pref("CT3289847.embeddedsData", "[{\"appId\":\"130068661007799818\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT3289847.enableAlerts", "true");
Line Deleted : user_pref("CT3289847.enableFix404ByUser", "TRUE");
Line Deleted : user_pref("CT3289847.enableSearchFromAddressBar", "true");
Line Deleted : user_pref("CT3289847.firstTimeDialogOpened", "true");
Line Deleted : user_pref("CT3289847.first_time_search.enc", "MQ==");
Line Deleted : user_pref("CT3289847.fixPageNotFoundError", "true");
Line Deleted : user_pref("CT3289847.fixPageNotFoundErrorByUser", "true");
Line Deleted : user_pref("CT3289847.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT3289847.fixUrls", true);
Line Deleted : user_pref("CT3289847.hxxp___api29_starwebnet_com.pid2.enc", "ODdmZmIyYzktZDRkMC01YzUxLTY3YjUtZWE3ODkzNDBkNTA2");
Line Deleted : user_pref("CT3289847.hxxp___api30_starwebnet_com.pid2.enc", "YmQ4Y2MwMWUtOWU2Ny04ZjBlLWFiNGYtNjgwOGYzNTZjMjk2");
Line Deleted : user_pref("CT3289847.hxxp___api31_starwebnet_com.pid2.enc", "NDc1ZjU3NzItZDYxNy1hMWIxLWU5YzYtOGViNjc2ZmJiY2Mz");
Line Deleted : user_pref("CT3289847.hxxp___api32_starwebnet_com.pid2.enc", "ZjA1NjY4ODMtNTdiNi00MGMwLTAzMTMtOTJiMmI2MDllODMw");
Line Deleted : user_pref("CT3289847.hxxp___toolbar_jollywallet_com_tlb_2.APP_WIN_FEATURES.enc", "cmVzaXphYmxlPXllcywgc2Nyb2xsYmFycz15ZXMsIGhzY3JvbGw9bm8gLHZzY3JvbGw9bm8sIHRpdGxlYmFyPXllcywgY2xvc2VvbmV4dGVybmFsY2xpY2[...]
Line Deleted : user_pref("CT3289847.hxxp___toolbar_jollywallet_com_tlb_2.Affiliate_defaultGui.enc", "eyJndWkiOltdLCJhY3Rpb25zIjpbeyJpZCI6IjEwMSIsInR5cGUiOiJiYXIiLCJ2YWxpZGl0eSI6InBlcnNpc3QiLCJkYXRhIjp7ImhlaWdodCI6Ij[...]
Line Deleted : user_pref("CT3289847.hxxp___toolbar_jollywallet_com_tlb_2.Affiliate_settings.enc", "eyJpbml0VXJsIjoiYXBpLmpvbGx5d2FsbGV0LmNvbS9hZmZpbGlhdGUvaW5pdCIsInF1ZXJ5VXJsIjoiYXBpLmpvbGx5d2FsbGV0LmNvbS9hZmZpbGlh[...]
Line Deleted : user_pref("CT3289847.hxxp___toolbar_jollywallet_com_tlb_2.jw_token.enc", "ZmIzYjBkN2YtZDc0ZC03ZmE1LTMxZWItYmVjZGI3NTMxZDZk");
Line Deleted : user_pref("CT3289847.hxxp___toolbar_jollywallet_com_tlb_2.key_list_id.enc", "MjAxMjA4MDItMDAw");
Line Deleted : user_pref("CT3289847.installDate", "17/5/2013 20:21:32");
Line Deleted : user_pref("CT3289847.installId", "9818");
Line Deleted : user_pref("CT3289847.installSessionId", "-1");
Line Deleted : user_pref("CT3289847.installSp", "TRUE");
Line Deleted : user_pref("CT3289847.installType", "conduitnsisintegration");
Line Deleted : user_pref("CT3289847.installUsage", "2013-05-18T07:52:16.1609058+03:00");
Line Deleted : user_pref("CT3289847.installUsageEarly", "2013-05-18T07:52:07.096841+03:00");
Line Deleted : user_pref("CT3289847.installerVersion", "1.4.2.3");
Line Deleted : user_pref("CT3289847.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT3289847.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3289847.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT3289847.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3289847.keyword", "true");
Line Deleted : user_pref("CT3289847.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3289847&octid=CT3289847&SearchSource=15&CUI=UN50708178425552717&SSPV=EB_SSPV&Lay=1&UM=2[...]
Line Deleted : user_pref("CT3289847.lastVersion", "10.16.2.509");
Line Deleted : user_pref("CT3289847.mam_gk_appStateReportTime.enc", "MTM3MTE2OTc0NzAyMg==");
Line Deleted : user_pref("CT3289847.mam_gk_appState_CouponBuddy.enc", "b24=");
Line Deleted : user_pref("CT3289847.mam_gk_appState_PriceGong.enc", "b24=");
Line Deleted : user_pref("CT3289847.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsIm9wdGlvbnNEaWFsb2ciOnsiZGlzcGxheU5h[...]
Line Deleted : user_pref("CT3289847.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
Line Deleted : user_pref("CT3289847.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlBpY2xpY2tWMi1XZWJTZWFyY2giLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiI3NzZkYjZkYy01Zjc5LTQ2ZTMtOTZjMy01M2U1ZDZhZGU1OGQiLCJ[...]
Line Deleted : user_pref("CT3289847.mam_gk_currentVersion.enc", "MS44LjAuNA==");
Line Deleted : user_pref("CT3289847.mam_gk_eventsCache.enc", "eyI0NDRjOTkyMi1jZmI4LTQ5YmItOTIxMy1iN2YwMTNlNDk3YTYiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJkYXRhIjp7ImNhdGVnb3J5IjoiV2VsY29tZSIsImFjdGlvbiI6IlZpZXcifSwidW5pcXVlS[...]
Line Deleted : user_pref("CT3289847.mam_gk_first_time.enc", "MQ==");
Line Deleted : user_pref("CT3289847.mam_gk_gadgetOpen.enc", "MA==");
Line Deleted : user_pref("CT3289847.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT3289847.mam_gk_lastLoginTime.enc", "MTM3MTE2OTczMTAzMw==");
Line Deleted : user_pref("CT3289847.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHMgZW5yaWNoZXMgeW91ciB3ZWIg[...]
Line Deleted : user_pref("CT3289847.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3289847.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMjYwXzEiLCJpc1Rlc3QiOnRydWUsImlzV2VsY29tZUV4cGVyaWVuY2VFbmFibGVkQnlEZWZhdWx0I[...]
Line Deleted : user_pref("CT3289847.mam_gk_settings1.6.0.1.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMjk3XzIiLCJpc1Rlc3QiOnRydWUsImlzV2VsY29tZUV4cGVyaWVuY2VFbmFibGVkQnlEZWZhdWx0I[...]
Line Deleted : user_pref("CT3289847.mam_gk_settings1.8.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNTFfMCIsImlzVGVzdCI6dHJ1ZSwiaXNXZWxjb21lRXhwZXJpZW5jZUVuYWJsZWRCeURlZmF1bHQiO[...]
Line Deleted : user_pref("CT3289847.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3289847.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT3289847.mam_gk_userId.enc", "OTU2ZDVlYzQtMjc2My00N2YwLWIxM2ItZDMwNTNlY2MzZWYx");
Line Deleted : user_pref("CT3289847.migrateAppsAndComponents", true);
Line Deleted : user_pref("CT3289847.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_SEARCH_TERM\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://WhiteSmokeNew.OurToolbar.com/\",\"EB_T[...]
Line Deleted : user_pref("CT3289847.openThankYouPage", "false");
Line Deleted : user_pref("CT3289847.openUninstallPage", "true");
Line Deleted : user_pref("CT3289847.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3287375&octid=CT3287375&SearchSource=61&CUI=UN12825649783333770&UM=2&UP=SPE521903B-4391-499D-BA31-D7A9297EE899");
Line Deleted : user_pref("CT3289847.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3287375&SearchSource=2&CUI=UN12825649783333770&UM=2&q=");
Line Deleted : user_pref("CT3289847.originalSearchEngine", "Vafmusic Customized Web Search");
Line Deleted : user_pref("CT3289847.price-gong.isManagedApp", "true");
Line Deleted : user_pref("CT3289847.revertSettingsEnabled", "true");
Line Deleted : user_pref("CT3289847.search.searchAppId", "130068661007799818");
Line Deleted : user_pref("CT3289847.search.searchCount", "0");
Line Deleted : user_pref("CT3289847.searchFromAddressBarEnabledByUser", "true");
Line Deleted : user_pref("CT3289847.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT3289847.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT3289847.searchRevert", "true");
Line Deleted : user_pref("CT3289847.searchUserMode", "2");
Line Deleted : user_pref("CT3289847.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3289847.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3289847.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT3289847.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3289847\"}");
Line Deleted : user_pref("CT3289847.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://WhiteSmokeNew.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT3289847.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"WhiteSmoke New\"}");
Line Deleted : user_pref("CT3289847.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3289847.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1368852730566");
Line Deleted : user_pref("CT3289847.serviceLayer_services_appsMetadata_lastUpdate", "1369421017631");
Line Deleted : user_pref("CT3289847.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1368858511192");
Line Deleted : user_pref("CT3289847.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1368852722286");
Line Deleted : user_pref("CT3289847.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1368852730639");
Line Deleted : user_pref("CT3289847.serviceLayer_services_location_lastUpdate", "1369421130600");
Line Deleted : user_pref("CT3289847.serviceLayer_services_login_10.16.2.9_lastUpdate", "1369488231268");
Line Deleted : user_pref("CT3289847.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1368858511282");
Line Deleted : user_pref("CT3289847.serviceLayer_services_searchAPI_lastUpdate", "1369421130581");
Line Deleted : user_pref("CT3289847.serviceLayer_services_serviceMap_lastUpdate", "1369421130398");
Line Deleted : user_pref("CT3289847.serviceLayer_services_toolbarContextMenu_lastUpdate", "1368858511235");
Line Deleted : user_pref("CT3289847.serviceLayer_services_toolbarSettings_lastUpdate", "1369488231700");
Line Deleted : user_pref("CT3289847.serviceLayer_services_translation_lastUpdate", "1369421130801");
Line Deleted : user_pref("CT3289847.settingsINI", true);
Line Deleted : user_pref("CT3289847.shouldFirstTimeDialog", "false");
Line Deleted : user_pref("CT3289847.showToolbarPermission", "false");
Line Deleted : user_pref("CT3289847.smartbar.CTID", "CT3289847");
Line Deleted : user_pref("CT3289847.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT3289847.smartbar.homepage", "true");
Line Deleted : user_pref("CT3289847.smartbar.toolbarName", "WhiteSmoke New ");
Line Deleted : user_pref("CT3289847.startPage", "true");
Line Deleted : user_pref("CT3289847.toolbarBornServerTime", "18-5-2013");
Line Deleted : user_pref("CT3289847.toolbarCurrentServerTime", "25-5-2013");
Line Deleted : user_pref("CT3289847.toolbarLoginClientTime", "Fri May 17 2013 23:28:28 GMT-0700 (Pacific Daylight Time)");
Line Deleted : user_pref("CT3289847.url_history0001.enc", "aHR0cDovL3d3dy5nb29nbGUuY2EvdXJsP3NhPXQmcmN0PWomcT1pJTIwZmVlbCUyMHByZXR0eSUyMG9oJTIwc28lMjBwcmV0dHkmc291cmNlPXdlYiZjZD0zJnNxaT0yJnZlZD0wQ0RrUUZqQUMmdXJsPWh0[...]
Line Deleted : user_pref("CT3289847.versionFromInstaller", "10.16.2.9");
Line Deleted : user_pref("CT3289847_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1371479472005,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3289847&CUI=UN50708178425552717&UM=2&SearchSource=13");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3287375&SearchSource=2&CUI=UN12825649783333770&UM=2&q=");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3289847");
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "WhiteSmoke New Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&CUI=UN50708178425552717&UM=2&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3289847&CUI=UN50708178425552717&UM=2&SearchSource=13");
Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
Line Deleted : user_pref("extensions.crossrider.bic", "13eb5faed83ebca49c03be3d2213b35f");
Line Deleted : user_pref("extensions.crossriderapp19962.19962.InstallationTime", 1368852721);
Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp19962.19962.cookie.InstallationTime.value", "1368852721");
Line Deleted : user_pref("extensions.crossriderapp19962.adsOldValue", -1);
Line Deleted : user_pref("extensions.crossriderapp19962.bic", "13eb5faed83ebca49c03be3d2213b35f");
Line Deleted : user_pref("extensions.crossriderapp19962.firstrun", false);
Line Deleted : user_pref("extensions.crossriderapp19962.installationdate", 1368852721);
Line Deleted : user_pref("extensions.crossriderapp19962.lastcheck", 22857991);
Line Deleted : user_pref("extensions.crossriderapp19962.lastcheckitem", 22857991);
Line Deleted : user_pref("extensions.crossriderapp19962.reportInstall", true);
Line Deleted : user_pref("extensions.crossriderapp19962.statsDailyCounter", 7);
Line Deleted : user_pref("extensions.enabledAddons", "longurlplease%40darragh.curran:0.5.1,2pffxtbr%40CouponAlert_2p.com:2.73.0.65458,crossriderapp19962%40crossrider.com:0.91.51,%7B6c3bc03f-d7b9-43ac-8931-c242e3cae9[...]
Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=undefined&n=77ecfec0&ptnrS=CDxpi000");
Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.initialized", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.installation.installDate", "2012020416");
Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.installation.partnerId", "CDxpi000");
Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.installation.partnerSubId", "");
Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.installation.success", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.installation.toolbarId", "undefined");
Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.options.defaultSearch", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.options.homePageEnabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.options.keywordEnabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.options.tabEnabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.recentlyClosed", "{\"list\":[{\"url\":\"hxxp://www.naturalhealinghouse.com/media/Deseret_1000-calorie.pdf\",\"favIcon\":\"hxxp://www.naturalhealingh[...]
Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.searchHistory", "<iframe width=\"560\" height=\"315\" src=\"hxxp://www.youtube.com/embed/videoseries?list=PL9BDF3D28339D1316&hl=en_US\" framebor[...]
Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.weather.location", "V9P");
Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "couponalert@mindspark.com");
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3289847");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3287375&CUI=UN12825649783333770&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3287375&octid=CT3287375&SearchSource[...]
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3287375&SearchSource=2&CUI=UN12825649783333770&UM=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?cti[...]
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3289847");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3289847");
Line Deleted : user_pref("smartbar.machineId", "+/IM5/J6ZATQP+/PZ4+G2YENPPGTWDJ89XUKMUHP8EPMHNYIXV7JXFDCR7HT2M13ITD2I65F4CBMPG53EXB7RG");
Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3287375&CUI=UN12825649783333770&UM=2&SearchSource=13");

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url
Deleted : search_url
Deleted : suggest_url
Deleted : keyword

[ File : C:\Users\Graham\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [36744 octets] - [19/12/2013 03:15:08]
AdwCleaner[S0].txt - [37198 octets] - [19/12/2013 03:53:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [37259 octets] ##########
 
Cleaned I think!!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Ruth on 19/12/2013 at 4:02:26.49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211091100}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\DealFinder_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\DealFinder_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211091100}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\DealFinder_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\DealFinder_RASMANCS



~~~ Files

Successfully deleted: [File] "C:\windows\Tasks\driver robot.job"



~~~ Folders

Successfully deleted: [Folder] C:\Users\Ruth\AppData\LocalLow\FCTB000063267
Successfully deleted: [Folder] "C:\ProgramData\big fish games"
Successfully deleted: [Folder] "C:\Users\Ruth\appdata\local\cre"
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{00003789-6924-4389-8759-EA4BE245C8F9}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{001BB755-6094-4068-9B41-3A7A3047DF96}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{001C2E51-F075-4D5B-929A-40213E8F828D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{00487334-C071-4CF9-8267-FC59233EAF25}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0060F316-8067-44B5-AF85-89B2F47013B7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{006C4DAC-492F-49B8-BA6B-381AED34D79F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{00A0552D-8CC1-49F8-9BFB-8CB0C34364F2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{011BF7E9-84B6-4846-A913-35DB59F5F233}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0121EA0C-1A71-414A-803B-06377D37E81C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{01371444-D6C3-4703-9A0C-D94932DAAA67}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{015FA0C6-2B5A-454D-B9DC-5D3BE40F28FA}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0180B4A6-83F3-441C-85C6-9EACFC3B7CFF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{01B62BB1-6AD4-4049-8404-BEAF86D8F733}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{02B6A1AE-47A4-484A-A8F2-E09C2AECCFC1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{02E748F9-BB8B-4495-8213-39FF15FC654F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{02F71911-E528-4F8F-A27C-3EA634B01348}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{02FD9732-91FC-4FDB-96DA-07A48A8FF0E1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{03593309-F8D4-4145-872E-AB5AE6F68807}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{037426BD-693F-4A43-AFDE-AD3F707C2EC4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{03E3C77D-ABF3-4A20-B3D0-D7E0676E89B4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{03E5257A-D184-4F36-AFCE-78BCBF684DB5}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{040EDADE-355A-45EF-9EA0-AABED4B4DEEB}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{04283DB4-A111-4CEA-B990-8E2A8D3BAC42}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{04442164-ABEF-4DC7-93A9-56ED811910FC}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0469D96E-90E3-4B3D-85EA-C60D89F9092B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{04E75F54-78CC-4763-B9BC-8083C3AE118D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{05263755-7241-42D0-BE91-70D2F201B31E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0598CA82-6601-4FDE-8B9D-A4243DE4E254}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0614D1EE-C53A-4CFB-A823-203999578076}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{06443B36-24DC-4DDF-BCF8-CFA15EF66A58}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{065997B9-35A0-42DF-81F0-70CCD8C1093E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0671297F-9A4C-4D67-8574-E2E2E1BD0638}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{06B713E5-B70B-4E1E-853B-1F5D19AFAF6E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{07422142-4974-4548-9E09-158C4F7B375A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{07521488-F2B8-4B24-8749-3418CF37AC1B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{07A07DDE-046E-4E1A-B788-1A6B968B1D83}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{084CE21C-9E99-44D5-99AC-7B6F9F058D11}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{08692FE6-B2FC-4591-86A0-E29ADD1A1AA5}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{086A72C3-678C-45E6-8FCC-45629AC21606}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0881A266-B0CD-46B7-9D06-C96178C71A1F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{08D916C1-8AFA-4D9A-B7D0-BBDB8E5EF03E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{08FE6300-0A8F-4B4C-AB77-E16DD7FAEA54}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{09267874-94CF-4CAA-B689-8452AEB7A0C8}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{09361FE6-5D86-4EAA-9A91-AD48764E8015}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{096605D2-2EBF-403B-8DA7-171E149B3E26}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{09E2D369-10AB-4028-A1CF-288512361FF7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0A18EC8D-E3C1-4B78-9A98-A0C0863CD818}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0A1E199A-117F-4251-A627-37083E9E8947}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0A32AA2C-A4A3-487C-9F1E-47FC60C9EBF4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0A3A250F-6E07-4EE6-880E-F2253CC195F8}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0A3DE6C9-7789-437D-A0C5-8AF8C73F58E4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0A511750-DB83-40E3-8D9A-3B850AD9458D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0AE43D1C-EFBA-475C-B2DF-B74FA68837C6}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0B7E1478-7A30-429F-888A-96CAA8A48D59}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0BAB93C3-C4EA-41FA-BD74-32CB61320E18}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0BADF43D-1CFE-4681-BADA-6E4AF3297834}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0BBB2A37-BED5-4819-81F1-C47693D19CB2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0BEAF30A-0924-4257-87EF-BF2B44A1BB9E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0C016714-3470-4F67-9ECA-18E88CEE027E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0C203D38-CBF5-4E29-BE4D-DE4B05AEF48D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0C84D4A2-9253-4F82-916B-83903EFA6121}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0C95F7E3-B667-4C2C-9B2F-1A691CE2F07C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0CA50B33-5B44-4352-ACA2-17C77EDA2C20}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0CFEA495-708A-4674-AB95-6C78E95ED400}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0DDA2CF4-591F-4827-ACE5-34CC79376FAD}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0DDEFD6B-2B06-494B-A458-EA60A31D22D4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0EBD5C78-B646-4D17-8706-44E48B7B3DEA}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0F0EA581-E3BB-4625-9E66-CDE1F2747216}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0FB9DBAA-2E44-4479-871D-9F8E7EF0A5FE}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0FBF1EC2-383D-43C4-8979-15B2A762CA0B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{0FE2A7DC-8A66-453C-8CB4-E3C73F8F5993}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{10545575-2826-466C-B002-5BCC134D01C5}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{109B9797-EF9E-4571-8BED-EF6843B05B2D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{109FCD2C-45C6-40EC-B0BC-15C0D7138DDF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{10B90D60-BA03-41FC-A321-C3645C54A85B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{10DD522F-6E57-4814-8455-BD29B6171012}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{10EC9C5C-7A36-4FFC-89A2-0F52C5F830F8}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1100FB9F-C793-4379-A353-D628B916D44F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{113674B2-3AB4-44D8-A6CE-4866DEF52891}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{113B202D-F22B-4180-943E-CE8F2A939B14}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{11AD2CB6-8316-4463-A27F-8F33D03CC530}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{12773346-EEF4-4B1C-8E93-B9C24633D82D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{127E0E58-F4B1-431E-A51C-EE7FE3AC6B95}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{13468C2B-262D-4749-8115-E1456B4C2A40}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{14010F2E-4314-4835-BD3A-FEC4C07DF9E6}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1475D5DD-4393-46A8-9EF4-9B6C6970FAAC}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{14DB3EA9-20FC-499D-80C5-654413ADE2CC}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{14F3D385-B99D-4D4D-929F-827207A58BD3}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{151935B7-21CC-4053-9AE8-50CD45FDFFDA}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{152F66CD-FB22-4743-8C68-707AD52ACD49}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1575454C-CDCE-48D7-A6A8-FF6EF5E29562}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{159ED454-F8AF-4722-9539-A25789FF19D5}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{15A07B47-E689-46F4-89D5-C47E7704291E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{15B1AFA7-2BA8-4FA8-857F-E20953195676}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{162ACD10-985F-4B41-8951-6A8C761383D7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{16426904-8AEF-4594-865B-4071AACFD30C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{166676D5-53E2-49FE-8999-B326553DA40F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{167C0420-5A6D-45ED-959A-C8A82F6DCC6B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{16BE7391-F714-4393-B2C0-EDE33D2EE178}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{16C6A2A4-72B8-4C01-9880-C93A29786888}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{16D808BC-B7ED-4617-9F1B-FC5C92F3248D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1742652A-33C2-4F49-A737-A4F9D4408FF7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{17543A3A-848D-4844-80F6-0B2B1BD0B2A4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{175975A2-75DC-4D74-8089-5E0BEDB30F73}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1774E835-9A7B-4D3C-A0ED-393E22D69A2C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1794709D-52C9-43B9-8AA9-DFB77E2E6500}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{17A39B0F-CC0E-47C9-8732-468C915AF9C6}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{17D8E7FB-FEA8-477B-99A2-144CA9B0E0CB}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{17F4BDA4-67DA-4DB1-82C6-454ED252A7AB}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{18142BA7-C463-46D5-9B6B-559A9DA9261B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1885BBB0-B023-4CCD-8C87-FF7226D79B45}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{18F7EAFF-12D7-4415-8F35-97D441FD3920}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{192880AD-CBC8-4824-A6BF-399152E32A9A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1959FC10-FA1C-43E6-9C62-928FC339292E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1971AB46-134D-4934-8770-44C7244B927F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{19A21993-EC68-4A33-9EF7-3F169541762F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1A595C49-C918-4435-8D94-9B45630367CC}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1AD612D9-86C9-4B73-8322-430DF2A38DF8}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1AF0CAFD-685D-48FB-BAD9-AA70C8E97492}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1B09DCC2-FB6A-4F98-8ABE-0904923C2752}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1B3B6E30-DD4C-4B49-A7D7-B504419833E2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1B40728A-E0DB-424B-AE8D-87662B47ABC1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1B419829-54A3-4AFA-A5EE-4D48FC621975}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1BECC6E3-7D3F-43FC-A94C-18EAE193B63C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1C2EF512-1CDE-4BFD-BD3F-8B901E8C9549}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1C8D2670-E701-4282-8560-4F0809766F38}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1CF71510-EB3D-4D18-80E1-41AD4C42CD9F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1CFEF283-C24A-4724-82C7-063D4F7BB815}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1D50D6FB-C98D-4E33-BF47-C112807361C8}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1DA5C654-1433-44D8-B2AF-A9C5982B80D4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1DF67F9B-3B37-4881-B489-D18E326BFE50}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1E4DD866-BAC4-4E0E-8C11-502459A0FEEB}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1E69E9AF-7C50-4C7D-864F-066B84A62194}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1E8B4E63-A949-4242-A24A-51CF7358E770}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1ED67245-7BCD-4D00-98D8-1FD0729283B1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1F560C54-F855-49B9-AE9B-7EC9A59F67DB}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1F8A28DB-3831-4110-A804-9858D8E829C0}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1FDD5203-690F-4503-8DDD-372F32B317AC}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{1FE38539-94C5-4A20-8844-999636BCAB99}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{205B22BA-74F9-4143-B53B-4B3905D4084B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2067642F-68EA-48E3-AF2E-8B48FEA27424}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{20D8C32C-2609-4174-ADEB-479E4BBBB927}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{20DC14E1-23FE-4C11-B389-544ADFC7DD0E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{20E98CB9-4D7C-4F1D-8E78-6470951506F2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2150C44A-355C-4200-ABC0-F15DD029139A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2169A40E-2B28-4F15-B2B8-198DDD7A486C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{21B1C131-DDAF-4B3D-A42F-2FBA5E008EF1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{21C6E993-A69F-4B51-ACE5-A49A58B3875C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{220CD4AB-F4A5-445D-949B-C4D91061E763}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2235EB75-6431-4E0A-9950-3AA2DE6D8B3B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{22AAAEAA-A24C-4067-AA39-16261F3A6F76}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2326C738-2801-452F-A5CD-86BD887F6CA7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{23530EAA-19EC-47CE-BB15-81790C38B5B7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2367E056-6D53-4A49-8F97-53E7F5B473DD}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{239757D9-C37A-41EB-9678-8FD4C1999598}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{23A07422-C42D-473E-8034-5152A09EE276}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{23FB14D4-E458-46FB-80B0-52DBECFF6696}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{24353925-D2BB-43D8-A557-BF8F58AD56D6}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{246F4986-9AA8-4A17-B7C8-1766C1566F1E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{24F730A2-D42C-4A67-AB44-A6DA6B5CFF32}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{253D6223-0EA9-42E8-A21F-9053645E249D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{253DA7F0-5DBE-471B-8C49-416B9EC0FC5E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{25A5A255-6F39-4ADA-A5DB-0A6108DA08A5}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{25F295D7-D959-4DE1-8719-2FF3E1CF914C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{265D18C9-B48A-4ED7-B24F-86E333D6DC3A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{26823EE0-9235-4B65-B384-1F5E8016F864}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{26B6A2EA-5BD4-4B6A-A9EC-A6DDD33AA3B3}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{26DA33BA-B39F-4754-B0FE-B20649FF494F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2720C5BC-82A2-4B3C-8275-4A507F9D11DA}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{272D093C-FC80-41F0-AFB9-A7047AD14A3D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{27630471-09E8-408A-8A82-D789AB6F39B7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2765D8FE-29A8-46D7-8D9A-C5D5C13620A8}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{276D97E7-FF69-47A1-8CAC-667C3B4E501A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2779189B-B8F9-4491-92DD-FB5A497C4E56}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{27A87672-18E2-478C-A8FB-E6010258BBA2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{281DBFE0-6552-4602-91C0-B28CFF5CC077}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{28708F41-C271-42AC-9294-FFD4604E62F1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{29060DC2-74DE-4932-BD9F-0BC971F30079}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{29455599-E64E-4EDB-8038-5A8828A0402D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{297A43E1-2FD3-43C6-8722-23D8502027C4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{29A6B73B-D78F-4256-ABA2-FB3C415554B7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2A5F097B-9281-40C1-9992-6CDFFEAFD68C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2A72AFFD-095D-4A75-9A06-937C1324B767}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2A760054-6E0C-4731-ADAC-83F484C5B386}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2A780FC8-3F5E-4E5D-8E00-9FB79D428FB2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2AA62437-72FC-48C6-8DE3-0912717919BA}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2AC2DDD9-29E1-4752-8CA4-06612C62BBE1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2AE2B1BE-F263-434D-817E-7B416C4ACC3B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2AE4EE0D-8570-4BC6-8A4F-D2CB896E58DD}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2B40E3E4-52FF-4742-84E5-06BB66D6D7E8}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2B64A4C8-7AF2-4B4F-9C3A-2585EFC587A2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2B6D63F2-9912-430C-820C-85C9D7256373}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2B9CA48A-4B00-4021-B841-71EC3E2B3AED}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2C1C214E-F168-4346-87D2-B1DA48823FDB}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2C250D1A-9DDD-4119-9F5A-43A89DC2332D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2C4DDFAE-C0E1-4851-9CA8-7EA429295712}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2C9CE66A-E431-49C3-90F4-C5852CDFCD5D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2C9E428F-AD73-4578-BC78-6DBCADDF1327}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2D618331-45E1-44E8-80A1-B9D5E70722DC}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2D9C5AFA-DDCB-4ED1-BA25-D9F301252F13}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2DB7E9B7-A798-4AA1-8B1E-7C52B5D6FC87}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2DCF8B17-CF3F-415D-9F63-F909D12529A0}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2DD48874-ED4F-40A7-A0D9-C3FAED0D758F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2E20D9AF-92AB-4A62-B852-43B3135F298E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2E221897-2019-49E1-B7DF-84A331FD640E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2E33E940-A203-4DB4-A251-06355E1A0578}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2E58CB7C-2727-4155-9FEA-715287D68D3E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2EAAB258-B697-4025-9908-FC3D33DFC9AE}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2EEBE978-3F4A-4491-A8A5-0290633774F3}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2F04B223-05DB-49E9-81C4-873AB8A6C0C6}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2F07EA1D-8AAA-4239-8D32-0DFAF993D8E8}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2F124F06-744F-4724-A447-89CCF7A4F53B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2F9941C9-C570-433F-A2B2-0E3D17DA710C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{2FC5789E-D6DE-4405-9BDF-2AEEC43FF80E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{307FEABB-B455-4204-9BF6-75F547AD4DD8}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{30CFCD05-581A-4DC1-88BA-2235D9CCFA96}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{31383EE3-947B-474E-864C-0CCB4EA67897}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{31642299-79D5-43E4-BC54-D8AFEF79BAD6}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{31F464D7-3A5E-47CD-BAC9-89EA6A6A9EDA}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3300DCCC-E0D5-4AA8-9963-981FA3063725}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{33989C66-641E-4985-97E3-D78DED1761F4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{339C428D-B41B-46A2-A122-F6661EEE7955}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{33A62D54-D795-4822-B046-889B15EA1788}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{34661EFF-375A-46FF-9C2A-A49814225C8A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{34D16FEB-1FC3-42EB-BD3F-678AD59DE231}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{34E8AD6C-89ED-4EE8-BC04-022586688BAF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3587BEB4-B4AF-4ECD-B41C-C5DF34ED2640}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{35965FE0-82EC-4720-A154-8C5FAE1697D1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{363636DF-3A03-4D2A-B323-F961AC8ADABE}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3636E514-C107-402D-A047-15A6BBE9C024}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{363C3B64-E072-400C-A08D-D746EE6BBBA9}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{36741782-9939-45B2-A352-46118B0C8BE9}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{367C2DB8-AAC3-49C3-9758-FB4748C2E545}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{36D3497C-26AF-4D8D-BA17-A744441141D6}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3713A6B1-D6A1-4142-B706-DD29C85F0A87}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{37270694-62FC-40E1-BD6D-DC819AE59B63}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3737373E-7F91-4409-AC36-39A3A5113403}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{37CD030D-6351-4090-A71D-1D38ECE46337}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{38081279-1AB1-4224-AA40-B652E6912B9B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{382F3F4D-692D-4607-867F-64AEA33A64D2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{386EB8DF-9162-409A-B212-EEF79380AACE}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{388A6C30-DA39-405E-B983-5B7370BEA7A4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{392079B8-0A93-4825-9B3E-B99AFD3AF301}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{392EE616-44BC-4C17-873E-59B843502EA9}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{396DA277-08ED-438B-A9C2-998BA648CB7D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3976F1D1-4FB1-4A83-B137-751C0B688508}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3979A284-F7AC-40C9-810D-A6C673DB3CC4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{397C0490-3EBE-4FAF-9CA5-6F744C911AF4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{39863C21-876D-4ABB-B6CC-36CD2951A5AF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3A589EAE-AA2B-47AC-8338-F002594B72C2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3A5A3D1D-2181-4AA6-8E30-4649D5C451CB}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3A8BF028-570B-4259-A418-B72BCFE93ABA}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3AB15C1A-8B06-4DF8-8BB2-B7E887DA69E9}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3AB88567-384C-43CF-8DD7-6CDC75CC1139}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3B20F8CA-B39F-4FB1-B751-251556DFFA58}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3B5DFFB3-75AF-4601-A14E-7333C2F0E7A4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3B929279-5A7A-4B64-9227-A8BA37312BF5}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3BD9CB76-6462-4779-8D78-8521DD180DEB}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3BE734D7-C644-4010-9384-1E92620F7955}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3C2777C0-236C-415D-9456-0F49A5889345}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3C297174-82CF-4B30-98EA-FEDC93AEBC8F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3C3FD10D-0EAA-4D1F-943C-EA1EF0A8932A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3C482D77-7CB7-4375-82E8-7DB36A5C3A36}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3C4C8C7D-C908-4E75-9D94-640B0DB6CA94}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3C711FF1-2B8E-4710-B192-A78FCDB62237}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3CC01524-153E-4FAC-AAFF-CB3181BB8ACF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3D310D00-3500-4C9F-B7A0-83317B2837E5}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3DB35DE8-9ED0-4219-8685-BBCB925B3B88}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3E197EBD-5F4F-4CF8-9FFA-939946B1C745}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3E214DAE-51DD-450A-9CB0-02C6F160B4EB}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3E61543B-D96A-4D8B-8E44-8A97553ACA6A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3E7F4FF1-40E7-4ED5-9E81-5B1FD6225894}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3F06CFD1-9F4B-432B-88B6-B8ECDB80FF42}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3F2FB151-A72A-41D1-A9D8-4B7A9BE06738}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3F85A1D9-066C-4412-87F7-2AEBB626732F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{3FC3A0AB-AC4A-4C6B-8137-29D33491CF70}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{404264DC-AEFB-41AD-97BC-F8343A9066B2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{40A577AC-E9D4-4A13-95A8-BAA308A50358}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{40D03527-D1A7-4926-9C50-DC9C75D600ED}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4130E34E-213D-4D1E-9E59-20D3408AF10F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{41518377-9AA7-45A0-8BB0-566CF9B0D548}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4165E25A-2CDF-4721-82FD-963ADE220311}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4177D7C5-E963-4216-BAA3-A82791B0EF44}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{41AF1969-E901-4F51-BA10-EC87C2B5D8E6}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{41BC919C-774A-4F07-95E9-5F34B7DD2FBF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{41D66E7F-2128-4329-BFAE-E8ACC8A4AE49}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{41D67823-5F15-4222-9DD4-CB863C9E59AD}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{41EBD966-E124-412A-81D2-5079D8FC67C5}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{42378098-AEC8-413F-A8D1-4756D9B95A4F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{425F4A8A-60FF-40C3-B4C5-A62F77C7F2AF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{42647C60-ED0D-425B-BDE5-FD4DEC641CEE}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{42CF8A16-D8A9-478A-8654-132E5B2354CB}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{43062EFC-CE61-4310-81C8-AEEF0D7D908D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4326D67C-3B9B-4C55-83FA-C52BCBBEFAB5}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{432FC170-CBE1-4E9C-9E94-40E3622968F7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{43794ED0-D415-4771-8577-A06B1E50A53E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{43DAE8B5-C9F8-4757-A982-A39ECC30B38A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{453BC6DE-E43B-4AF0-A67B-8F000A59E889}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{457E8342-DB43-4168-9BC5-56C36F4728B2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{45CDB143-BB9A-4F25-B89F-EF33511DFB51}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{460A00AF-2CC5-4312-9855-7D739AE9C56B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{461900E1-D18B-49AB-BEF4-AB7DDBEE7C1B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{46726DDC-B9C7-49B7-9A18-E1F56076FD38}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{46AB14D5-4CDA-4B86-A3DD-4A8AC2B87DD4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{46DC8F0A-FE3F-4454-9B12-C220294085A9}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{46EE1717-3842-4867-BC24-494A7120B05B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{471A07D7-838E-4748-8DB8-C9B8002018C6}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{477EE8E4-68A9-4E37-8C6B-6FDC215337E2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{47BE39C8-980B-48BD-8CE9-E834FE5592D8}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{47D7509C-F4B5-4668-AE85-A5879ED9F9AE}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{47FAED64-84F5-4B7F-BC3B-660AE022200F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{481871DF-BD75-4BA1-89BB-381EEDED66D1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{481D94CA-DA42-4F99-A7E3-1E07ED020C31}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{486F5ED8-E085-4ED5-913F-EA19E4193499}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{48F94484-8042-45C4-ADBD-034E9FB29632}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{49093CFB-507C-4EE5-80AF-85FF2443A8F7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{49181150-FCC5-4815-9B14-7FB62694BC9F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4953A396-3FBC-4B48-91F1-90DE74790806}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{499AC2D4-8CA6-4534-8319-D1AA31FE7B8B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4A274308-593F-400A-BD1D-E3C9A62D2267}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4A62D340-DACB-4164-B882-CEB223DED3A9}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4A82DD21-0E1B-4929-A0EF-8A46A7CD7C98}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4A8961F1-F92C-4569-86C5-81DE4B8106C1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4ABB2214-800C-45EB-9423-407C3F0C503D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4B42E6B6-4005-4D91-8949-2E7CAFE584DA}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4BB93A4E-6F84-4581-8639-1C16281FBD1A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4C1737C1-6B1A-463A-A7DD-C7487575B020}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4CF9BC39-AD04-4D39-A279-82B76D0421DD}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4CFAC964-1E65-41EC-9045-7C08D74ED05F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4D0E1967-7055-4A3F-81DC-389F3D5FD1AC}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4D221ED1-E024-4B99-A047-DF4812639C61}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4D3DCAF5-6689-4E6E-8BE8-9C504ECBFCAF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4D882C46-C9C3-4C5F-8CBE-CF544DBCA177}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4DAC01EB-BC8A-40EA-B787-5A8CEF58160A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4DB9E421-15BA-4EE7-8669-31C00F8385F2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4DE04765-F19E-4793-A83A-1400E02F7B01}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4E3599AD-5E9F-4967-BD75-853DF343E8EF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4E42463A-0A74-47FD-B55F-B20F4717DADD}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4E57842E-3D3F-4830-8706-66BB9E62CD4C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4E63BDF3-28EB-462D-9981-65F28574EFC6}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4E6D4D28-EFE1-497F-8F31-ED1910FC735F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4EF03A2D-E59A-41E7-BD22-1DA1FA036BA9}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4F167C3D-F835-45B1-99A6-8E4EB2987DA2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4F3924F9-3212-4950-A043-B63E2382423B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4F5EF335-1EA1-4CA6-8619-460BFE7CFFEF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4FA0CE13-EB23-4045-BFDD-47735DD70D85}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4FD8B859-D21A-4B93-938E-17B5C199F183}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{4FE353A4-8C5A-4595-83BB-0DB4A0904618}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5045B4A6-DA66-4334-A9FE-AAEFD41BE495}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{507856EA-75BB-4993-9782-F47CCFF1EB4C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{513554E4-DC02-4870-8B78-A86E7C3CABB9}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{51CE012B-22CE-456E-A35C-A7BF8E9A0E3D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{51D32E2F-8B12-4B3C-AE9B-B7241EF73BEC}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{51DC3885-0FB0-456F-B044-67045B9B69D3}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{52024A48-DC10-449A-9DB3-1B695A41C5F0}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5227DE7D-37F1-4422-B32C-4D5109C8B8C3}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{525167E5-250A-4F7E-BD40-1092A0625C63}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{528DD005-F2C9-419A-A350-3B722F2C7E8D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5390F2A3-BC0A-46C8-92B4-AC3076F0BA53}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{53B02B74-EE43-4099-A92B-A30D641108F4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5452BA32-981F-4C80-8646-775A78F22857}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{54C5FCDE-5FB5-4809-B7D5-E1BA2B93B2CD}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{54E1A99A-18C9-46D3-BE14-7A169CC65046}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{550B8DB8-5F81-4BCA-8831-083934117073}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{55E6D015-B3F3-43C4-8298-A87471171C49}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{564EB443-B61C-4462-9136-FBD007DDB223}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5681FD03-BB94-40E0-AE6A-BB4BA00171FB}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{568605A2-88DF-4D10-BEF8-2EA7745D2C12}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{56BBAB41-93B2-4DA6-ABC8-F31593A50D71}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{56F95B10-2982-48DF-BB46-D6EF5EC77AAF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{570BA0ED-991F-4EF9-A582-7F9A116A8D29}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5749CB4F-8977-41ED-8B95-0A726147D504}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{58599CFF-D619-453D-90E8-96C5639801C4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{588D9858-E4D9-4DF7-820F-255E674CEC87}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{59056EE8-45B2-4B39-97D2-90374A6B0EEA}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{593C3F11-DB5A-4E62-AEB1-9ABF6F3EB159}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{59A24BB2-D6CE-49D7-ADB6-FA6D196AC845}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5A57E5AB-EE60-41ED-A4C7-D9A52399D1E9}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5A9EB161-36E9-44C6-886C-251F18985048}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5B5EABED-5486-48C3-BB37-AA6FEBC14BD0}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5B9871F2-00FC-4DC4-A517-93D063361934}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5BA0222D-F7D9-4F03-A497-7ED25DA1E926}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5BAC05CC-85DF-4CEA-AEA9-165C1617600E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5BB620CC-2034-4855-9DC0-DC05BE465166}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5C4BC7F6-6D1B-48EE-976A-107714C4C698}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5C638063-527F-4323-8D99-1C19B74EF43D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5C912A1C-A98E-4276-BEF1-840D299C4C9E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5CB1305C-2CFE-4982-8057-711FE84D07D3}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5CFD31CA-DD48-446C-B3AD-2961890C81B2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5CFEA297-0C7E-448E-A78B-38282DE0A707}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5D3D0565-70BC-403A-A2AD-A334E28262EA}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5D4C953F-4476-414F-BBA0-B529E6018DBD}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5DBF043E-AB5B-4B7E-830E-AECCA19F4BB8}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5DCA4336-B950-4EB4-AF89-B0CB7A38D50C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5E17305C-B5A1-4CBD-BD90-A40531C19C13}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5E8FAB5C-6E91-46A5-9C4F-CA184E332CE1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5EBED1D9-39EA-4C76-89A0-DEB2389031D7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5F47FD1C-E599-4CE3-A11F-7DF59665BCA4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5F8FDF21-8178-45D9-A958-EBA08BE3107A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5FCE833F-6635-4533-A872-30E6CA4DE344}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{5FF88E39-A369-4A16-B318-73716274A779}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{60183B50-CA43-4E76-A9B8-BA4CEA69A52C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{605C8D79-6F20-4EB0-AAC9-F569CB654C7F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{60AA2027-A6F6-4ADA-A94D-5FAB6A837867}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{60D213FB-D34B-4201-B0AB-3E3AE0D09C0B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{60F660D8-C489-4F8C-BC95-B1DB69969F7C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{611583AF-9C76-4DB1-990B-448D6680D8DF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{613A0009-1F31-4626-94E0-B878AD39C4CD}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{618537B8-5227-4494-9510-F3346FA3D430}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{61B72CA5-6F13-4ACC-9C19-47648321F5E8}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{61F5C27B-F525-4F8C-A1DC-B063BD4B6123}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{620AF06E-07A4-4604-B5B1-8BB675AB42A8}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6227F1ED-CD5C-410A-8C67-0568FB5081FE}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{622EDED6-419C-4A1B-81B3-D62B7CB60633}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6313237C-987B-41EB-B4F5-DAFEB874E623}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{63239DC7-C78B-4284-B1D3-9654B7B0A124}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6366AFAD-5E3F-494A-ABF5-A6ED4E8C8B00}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{63E6A4B9-997C-46D4-96D6-1BC4B99D7C77}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{649BCA91-6DD2-490D-AB6E-777AAA8DBE39}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{649BEA0E-C1C6-4C9F-BCFA-2B0EB67CE4C9}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{64A35B62-7591-4BE5-B860-9EC18C2B7FAB}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{64DC2689-4D4A-490A-BA1F-34E09F405AFD}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{64FD919F-EDE1-43B8-B3A2-63B20ED96DA2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6516BD0D-B224-47D3-B9F2-C1DB0FB887FE}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6523A4A4-C60C-451D-B954-86AEE4ABDB85}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6558BF33-8482-42DA-9D19-D0A66CA28992}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{65B81265-EC43-4544-B862-C03AC519FFA9}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{66112470-6C54-48E8-B858-02EAAAD2C2A7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{664CE6E2-8CD2-4BC5-A39C-04AD931145CC}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6669012A-EECC-4DEA-8ED2-89B9DE908A53}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{666BB103-F72A-44C1-A0BF-E63DF1341259}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{66A2661A-D343-43AA-9BAD-2C42A79D0E15}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6720A46C-59B7-40FE-A936-AD6133FE45AE}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{67296824-9B1F-406B-AE69-7A8BABD0E335}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6753E0AD-25CF-4A78-AA54-80CCB7224419}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6783B81C-DF7A-41E5-87BD-E570DADD0DAB}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{67AAF4CE-9635-4167-A0AD-9F7BA35E78B7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{67BB3314-A3A1-4C3F-B004-24E6F49BAACB}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{67E97B08-9BD6-4FC6-AFEA-5515CC608C77}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{684C39F3-98CE-440C-BC61-F4234CC23D61}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{685BA9E2-6FC3-459E-B23C-DD9F5B033FEF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{68801AFD-668D-425A-B1FA-7E502D3061E8}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{68BB2C82-8343-492E-A613-645866A6EC8F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{68C92459-E748-452F-9017-CB95E3D0AFB7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{694553DF-D64A-42A0-9070-6702387EA121}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6950DF8E-FC7A-496E-8C89-E38A199E3326}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{695F5D0D-E111-448D-AA79-A907786E3A43}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{69D59927-E5B5-44EF-A833-29DE6973FC56}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6A10BBDB-FB72-43F5-A1F3-4ED0149DC7AD}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6A4FCE18-3C58-4918-8FD7-4074ED9B9BE1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6A880E12-1DFB-4B24-BE62-D1F79D987993}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6AB6474C-0504-4ABB-82F3-8EA5A246A8A4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6AC4C643-BFDD-4471-B2EA-ECFDCA3158F0}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6ACCB759-C635-4B97-BEB5-BE9D4E58297C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6B0C9D9B-E742-4935-8326-980AD74106BD}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6B11C7D5-A046-4CD9-9A5C-B9024AF8CE68}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6B4043B9-913C-45F6-82E9-44084506BA94}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6B452C9D-94D0-485F-BA0A-0894EE3A9254}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6B78199D-F301-4464-AD10-C71ABF0B8BFB}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6C8E66D6-7B89-4313-9379-26A51019B434}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6CF08DCC-CF5D-4937-80F6-106F6C261DE2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6D09E3E4-65F2-4565-AB60-B983D91A04B3}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6D0B4341-1A08-4D4C-A162-4052537000A2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6D3AD8D3-01EB-45F0-ABD3-942EE191CD65}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6D647E5D-E3EB-41AA-8608-37BFB2ABBDC9}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6DA1A4B8-A8B5-45E5-A399-D7B07EA034A3}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6DC5ADAD-F33F-44EB-9C90-10C5F509B4EC}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6DFD8E54-70C3-445C-B7CD-C985C51096C0}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6E2B4EC6-F62D-4601-ADF3-4A36A481FA99}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6E491208-999C-466C-A4CF-158952294A99}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6E6D4513-A1CA-4554-8A81-695EAA8960B3}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6E9E8F6A-7FD4-4F49-9A29-69422E867514}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6F23535E-5274-40ED-B154-7F215E430C4F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6F31A20A-5441-4401-A845-128B5B76E5DC}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6F768C04-EC16-4AD9-980D-B90425DCCDE1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6F7A0FA1-EDB6-4A0A-8992-EDF8A70C1C62}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6F966B8D-E201-4BC7-85B3-031E9A078EA0}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6FAC4DC7-16B0-4456-8B0C-BB57D4009A62}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6FC5EEC8-780F-4F2F-B5A2-9F240519C0F2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{6FFB2572-9887-4CDA-9F81-96701733BFC4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7051FA80-C9CD-4D98-8166-84AE860F2FC8}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{706795C7-2B17-4379-8D93-D5C5D10EABE0}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{70BD250E-6D81-4038-B57B-9F91BF2E5B5C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{70F32B1F-2F22-4C7E-B465-F17E6B7CEE52}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{713C88C8-1191-4871-9415-E68189666BAE}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{714C94E1-E952-4BAF-8ECC-C18ECBA7749C}
 
Split attachment? I think

Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{71C5A6E5-FBF9-4FC7-91EA-AEEB99245959}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7239FCB0-E704-4FC3-8CAB-352B32DC52C6}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7297D3DE-900D-423B-A219-FA6D42F13184}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{72A53BDD-D3E2-4777-A1B4-BEA935381025}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{72CA9C90-B4A2-4A70-9AC7-C1A113EF0DC9}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{73201F3C-23E1-435E-820F-E3D5E871BB89}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{73A4D8D6-BBAF-4086-B0F1-976ECCF97AA4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{73AE907E-509F-4AEF-8665-66AA84E7F222}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{73B15709-1CEB-44FA-9ACE-1C4F9F567620}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{73CCFE9F-2600-41F9-A2D2-7E65A45036F5}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7458B0D6-7CFC-471A-9643-26139C379412}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{745D7010-0BEE-4083-B52D-B6E153A8A9E5}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{747621B6-12F5-436D-A3F4-79A8CA6C9EF9}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{74D1CFD4-C04F-4EE5-A93A-308D48CCEF7E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{74EA49A7-5C21-4397-8B01-FE3299514495}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{752CBF4D-964B-40D7-9D32-52FDF5226554}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{75BC52B0-55AE-4542-9F71-9D11FFD8F4FF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{75F85F06-7173-4EFC-A8DD-7433187F5CBE}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{761E55E8-5086-4B6D-A2DA-79E81EB98668}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{76251A3D-4BAC-4562-B594-5004AD48024C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{76338E36-1201-42C2-9F04-DE4DA1EC6FC7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{76960C32-6EC6-4BE5-9E1B-0EF06701BD77}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{769F6931-0363-48D0-8CC3-29430EB16EFA}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{76AFAA05-5A9B-4B3C-B063-2D09B2CE55FF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{770231F9-E819-49D8-B9E6-E282DC817ABA}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7726D499-4E68-447D-84FF-EE1A767A8334}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7775B97D-EA0B-443B-98CF-0A0AE0D03781}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{777E2236-A613-476F-A8E8-2F78E8629F89}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{77BABC18-87DB-404C-8D7F-921C409DD644}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{77EB73D4-BDF8-4E36-AFD6-C25D13B7F930}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7806797B-1A35-4934-8444-97E383A9BDFA}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{783F6E2E-EF2F-405A-80E4-C7563AE11CF2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7841B82B-4866-4193-A73A-AFB599AF3015}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{785D6520-CCB0-4AEF-B4CB-47F1D9447B1A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{785DBECF-D930-495B-BB39-528A4B361E44}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{787A7EEE-4AC0-4EBD-A817-6321BB996BB0}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7899319E-120A-42CD-B0CD-B29DF1D211CE}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{789F6176-7D7D-426A-84E1-4010107ED102}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{78A04112-3C06-4DFE-9593-B5F5936CC588}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{78D1C82D-01CB-4800-B80F-40AA4A5D1E67}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{79020249-4E20-4847-95C9-E6F317242F0F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7981794D-1C4C-4CF5-9ED5-D2EC9D2BDC06}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7A2D3E91-E3BA-49D9-B338-2BF4B9BB8814}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7AB49135-255E-4C20-904E-34D30318FA7B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7AE2BF79-0676-49BA-845E-F57B593FD12D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7AF62398-1278-4D8D-A6FF-0D688983AB6D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7B1B2ED7-43BF-4EA2-BDF3-EAA64F21C552}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7B6E3C46-81CF-47DE-B8AD-5C550B53DB54}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7B79F222-EF3D-4E14-9BE5-F915C4C4FDDD}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7BDF3C70-9053-4959-8557-96187C39E6C3}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7C4822F4-A7E8-426E-A1B4-658DF29E8831}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7C622B64-D872-4AE2-B5FB-664CFE89A371}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7CC3C5BA-2F1C-4381-B5B3-AE428C05E50F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7D3286B1-AB64-4257-A96F-06EFFBE50CB4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7D9D3F29-90EF-4F7F-A9F1-6C5D4596319E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7DC4A3DC-A2A0-4AF2-81DC-BAED3315D3B5}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7E3C8918-7CA5-45E6-BFEE-0C76D97E14C7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7E4D2CB2-ED3D-463E-AFF1-270DDB9F2CB7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7E4E0E6A-EE2F-4CE6-B153-433999675B98}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7EAC85C1-AAE2-4E5C-BB5D-84A1519239ED}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7EC16988-35EC-47A1-9E48-7490EC400CC0}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7F7A2032-2378-4FB6-B1F8-56F3BF69724E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7FBDE711-B6EE-4DC6-82D2-5715B0D8F791}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{7FC6BE3B-5736-43CD-BB98-9431825CA7FE}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8047FF7F-F638-4580-8325-669B1DED6617}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{80AEDE17-FCC0-4A3F-B66E-7ECA8F7492C5}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{80FB07D4-CEB0-47C1-9A1F-CEA50C677070}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8109F5AC-0DE8-43B9-98E4-C953D4E69314}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{81227970-DC6E-443C-9BB2-197BDA71B239}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8141CFED-DC7A-4B77-B082-F1A8D2945619}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8173AF9B-E91D-4369-A800-06DAD4B8FA18}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{81844355-E985-4034-8728-238D6930D38C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8231B134-9F0E-4038-A10C-298211FC838A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{82610CDA-5C16-464E-8B64-CA14271E5D8D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{82C45309-6A5C-43C8-BFE7-6796D2771CC1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{82C4AD58-BF12-4756-95FB-A50AA981D0BC}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{837795AE-B4D8-42FC-8D2D-B247CBDBDC70}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{83D853A3-8E60-43F2-964F-0F6FBECB1146}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{83DB3AB6-194F-4DC4-B5F5-F404D4F6D21B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{83F0D408-054A-4F1B-ACFA-052328E0A494}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{844C056D-D81F-4AD5-9E0A-1E9B0E05A580}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{84521FF3-54A8-4B61-A047-312C6D00F933}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{846BFD47-D99D-48A6-A5CC-3D8B5C7D159F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{84727C89-0B90-4C0D-8010-F68DBC492B16}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{84E54AFF-61AF-42FB-9C04-A68BBC23CFAB}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8583E7BE-5F96-4993-BE6B-CBD9F87A5364}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{85D4E966-F65A-478C-AC1D-5377D09DA058}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{85E62A4C-86DA-434C-A25D-4A33C09F1438}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8613BA31-0658-4D08-A075-C1FEADB5D033}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{86313A7B-5499-4B27-ADC3-4205742EBEAE}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{867E1C7C-9FEB-49E4-AF01-B86061A9775E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{86C4B971-3D25-44FC-9DC0-8852769EF407}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{86CF4CC9-0DB4-4BC5-9E09-984E3B79C2CF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{86F723DA-E9C6-4362-8590-0FBD22730DA9}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{872BE069-E54D-42AA-B317-B86E06AA3108}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8762EE4F-8496-47BA-8EBF-79476163072D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{878BB430-70D1-49E5-9E2B-573A56DCAA83}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{87F1E171-FCAF-4883-8D01-C7CD54A44F52}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{88087759-57F3-45D1-95E6-865926B75D8D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8883FB35-B652-4741-8FA9-3C17C4C9A8DC}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{88841B78-E2AC-46BA-A1C4-B1DDD17DDF0A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{88987A57-7391-4312-8811-03D74700D094}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{893FA4C5-E8EE-48FA-B6DE-BE11491B7C95}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8946BD73-41CD-43BB-B9A1-40354A22958C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8993B5BD-857D-4B37-BCCD-0CA70DF724DE}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{89B92C47-1514-487F-8286-F0BCB0C4AD93}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{89EA15F4-FACC-4AA0-8DA1-FDA693FF1814}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8A03E5D0-F2DA-4BE5-8A17-977EAC39E8DC}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8A1B2628-60C0-451D-9B67-B1FDCA3C7545}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8A1E8578-0A30-4515-8BFD-5998B1CC73B9}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8A52CA5B-510A-4263-9461-132C8D329502}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8A741437-F37F-45D0-8B41-E41C98A02C9E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8A99BC1E-9A8D-45A1-9E60-5AB14F23735C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8AFC34DA-C506-4D98-A5F6-99DDC92B1A37}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8B50F171-2BB3-42AD-B0D4-319A7979EC91}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8B9010ED-E175-44CF-ACF5-C940250A605E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8B93A5C8-FCD5-49A9-B7C9-CC8E606BFC1E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8BB384C4-F822-4BE9-82F0-B79C8A634339}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8C0DB182-69FF-45E4-B171-3479B91E5B0A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8C764491-3F60-49C5-9BED-E4C343B70B6A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8C9D60BD-3FBD-4EA8-A541-581389EDC8B5}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8CE9479D-9693-487E-80DD-7EE67BF8C810}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8D390974-6414-40DC-9C6F-55F7E3AF7293}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8D6B6DF3-E4C2-4752-94BA-BE02CB98150C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8DB05DE6-C3A6-437F-90D8-8743466AE603}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8E58980D-3DE2-4A58-B8FB-4F92FD44F994}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8EB21A6D-A848-4489-A4FB-244786E4AC61}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8ED4D79C-2524-4087-9964-3266CAF31888}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8EEC29FD-7F52-4BD4-94FA-9611CC530364}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8F0C1E57-540C-4A34-9E5E-5F8912BB352E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8F2C9791-719E-4728-8A80-7C6B4F5D2D96}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8F36A3DE-4201-4874-AB77-9E37E0EB3108}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8F5B7D57-D45C-43AB-BF37-E44F6F08CA72}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8F97B68F-5F63-48F9-A7DB-612883EB62FE}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8FD74FD5-C3EF-466E-B3AA-354EBC365BCC}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{8FE48A9D-175C-4BDC-925B-860FDEF75650}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{90A35A56-7251-4F9D-BFDA-385E49556E73}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{90AAF697-37C1-4449-9FDF-304EE1A484AF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{915A12C7-6603-40FE-AC5E-9D723D431BDD}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{918192C1-5C5B-4666-AA3B-9202A1205269}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{919DCD79-86AE-4B69-8338-671474730256}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{91D62D9E-5E07-42D9-BBCE-65673CE9BE14}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9236EA7C-0F60-4A80-BB7E-9F42C9316FB2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{92544E41-1050-44B1-9D5A-102B5BB9C0CB}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{928B5286-9483-4C02-B087-BA96B614C62E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{929333B4-7811-47D3-8D9A-211AC5C32672}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{92B67B42-7107-43B0-8705-BB0E5E06522E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{92C5AC3D-27B1-4B99-892F-C94E1270DB0C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{93080FF9-6ED7-4246-9A0A-26DB07A6F350}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{931401B4-D3B1-4C37-ABD5-56F53CCC5612}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9320BD43-DCFE-4BDC-8D3D-DC77CE852B8B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9367E25C-9F90-4133-9420-549E72C341E0}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{93C98359-40A3-4AA3-B510-089202B3F400}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{93CB7106-48CF-4C59-B412-D1F0A1CA9196}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{93D4D549-7498-4654-AE71-546155BF4CB5}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{93EBEB29-A3D2-4D30-A299-06878B322EB5}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{945C0D2A-C335-4F9A-9484-2ED89D037072}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{94A648BB-CDB9-45BB-8EEA-14B2B71BB1D7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{94C8B41B-C847-4EEF-9C9E-18337A6481A1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{94DB82E4-ADB1-4A0A-AFDB-62D3DFF05DD9}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{94E9AA71-1173-4BEE-9A27-298D2CFCC834}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{94F8AF46-237D-4BEB-B7FC-B18B4E91334B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{952BDC07-346B-4886-A1E2-B2BE9B74BD75}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{95366EB1-BECE-484C-A4A2-2534C2ED6485}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{95833B9C-A9FA-43C5-B38A-44D3A9C3A151}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{95A9636C-BADB-454F-B9AE-EC22BBE2F25A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{95D1447F-70B5-4235-BEED-6709ED104C8A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{95F65FB0-3643-4EA6-B8AC-87750EE3028B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{95F8D2D8-7C60-44DB-9359-17948A1ECE51}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{962BFB06-C647-4EF9-AB10-D84D065AA66D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{967786AB-A379-4BC5-AD30-653052F8BF11}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{96DCF67E-9A3A-4BE3-9F37-4DBA1075D868}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9755F204-B445-4C10-B6DC-2EAFA7BCCEB8}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9783A1D0-0A28-46A3-9A74-5D59E694067E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{979909EF-46CE-45AF-8EAB-9EE0B764CA7F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{979B0788-1163-46F9-8CBA-CDB1E3D83BF9}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{979CFB40-7695-494F-9742-C3E8619A695A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{97D2A967-7580-4BC2-8EFD-B8EC917096E1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{980B797B-29EB-4437-A729-2BCEDB085C62}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9852EDE7-A7CD-43FE-94A7-FDE6CA8D0F9D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9868A227-F5CB-4BDC-B137-FCB5A350D7F5}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9871CDE5-0C3C-49C5-B973-226C38637B0E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{99CF698D-A89F-409C-94A9-008CE398C6ED}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9ACB3540-C70A-45E1-A509-0C4DB6F8ABFF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9B1C7CAC-21FB-4CDC-8EB8-B5912FB0F3DF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9B64A711-0B3A-4C4D-ADE3-F9E8FD230301}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9C0DD583-F65E-42F7-8C0C-02940BED1236}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9C1ADCB5-9E1D-4693-88B4-9A82ABC7DEE0}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9C75D393-104B-46A3-B544-2CF617DF959B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9CB950D5-32C5-461A-99C2-D4963CE1CD3D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9CD6ED3C-97E5-4C6A-98F5-B12AFFEFC3E4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9CEAC3F3-C965-4247-ABAA-412118B1BC53}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9CED57EF-B0ED-41BA-ABD9-FE8C7F8117E8}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9CFECBC8-A337-469F-B01B-E1FD38AC51F0}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9D46DEA3-6E39-4D1A-A60D-67EA545EFF95}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9DA6C61C-FDE5-4455-970F-8B72CAD24294}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9DBD0F94-3C7A-4488-A841-77B8B64B96CD}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9DCA5C3F-7683-4438-84C0-E259973CCCAF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9DF4AD20-DC0E-4F97-866E-A90D6DACEDF5}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9E0C7EEB-E32F-446C-BC12-242EDC0E504F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9E969E58-E836-4B9C-8CC2-C3EBD17E9636}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9EC2434C-653B-424F-8C04-466B15538441}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9EFDC039-CBC7-4611-9E7C-AE73C3137844}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9F076F76-A52E-466F-BAC3-E9A9A6F7D707}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9F2200AD-8752-4065-8866-6ECF836B4E77}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9F8ABA74-ADD9-4C1D-8CC6-D17F84358EAC}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{9FEEEA97-0280-468F-90C9-8D6A660242F6}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A00E4B80-F6F9-4A58-B78A-72F8649DAFE4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A018D0E7-53F5-4E56-B4B2-141578180E89}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A07AF838-852E-4993-B76B-64243BD7498B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A0B1C9FA-F26E-4CD5-A8AA-C22531C4A286}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A12A86CE-EEA0-4A82-9DF2-3EE4D140BB6D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A1498F06-731B-4E38-B5C6-4D7FA26181BF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A1621E5F-CE18-4AB7-BE2C-DB9487EE49E5}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A168B05A-46E4-43F6-A0DC-BAD04E6BD73C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A1924D71-3299-4401-9E52-54D46A601D53}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A1DA5545-EE40-443B-B512-0257DF2EEA6D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A21BEFC8-A653-4F5B-8FEE-60AEDA6F55B4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A21D6EAA-52E3-4E1F-8E6C-DF5467A0AFAE}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A2AF12ED-7931-4C70-9309-E9B46FCB4066}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A3144923-7A70-42C5-893F-DC1A1452B753}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A3284821-C9FD-4ACE-9180-6C646E8F6216}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A33F744E-E702-4946-B126-9079047070B4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A35354DF-942E-482A-A209-B1CBCF91360A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A35A46FE-E5C7-4C60-B85A-5F85A3A1FD75}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A373F0B3-874D-4CBF-9FFC-39B52705FC54}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A39670FF-6DE1-43BD-8A5D-5792FBE56511}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A3D3B3E8-3E02-40C6-B999-F57E6BE1CC8D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A3F0D351-4909-4B0A-A045-7A2054F64533}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A3F8BE8E-A431-4369-BBCB-6C3FA90BA95F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A4067E1F-FF70-4037-B7AE-914D993F076B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A47F78DE-60E7-444E-B1B3-D8E60BC5E739}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A4834108-DC12-4FE3-B677-5E69300EDBDE}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A52A25F4-0570-46A8-B742-5D880DB81CAD}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A59D78F4-7E68-401C-947E-F0261973A7D8}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A5A1D169-85F6-4945-8F18-6459DAAB9B82}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A5B002B2-93BC-4838-B471-F9AA327C13D6}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A5B15698-57C7-4CDE-B838-1EBA112877EA}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A5E99F56-66B5-45F3-AF16-FEC5B3DCFFD2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A5EDDBED-5C6C-40C5-B6F5-84C3C8D0329E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A6352212-B6F8-4C31-B7F1-2D150B58A8A5}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A67D76F7-C64A-40BC-B5C3-7423270E6C1F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A70F13A2-2173-4A79-A188-2A80CB8A23D6}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A814B87C-958E-450F-9722-90F247B9D84C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A87DC775-519D-47F0-8892-C7E7DED0B9A7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A89A16CD-E472-4FD3-9249-2E846CBB8C46}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A8D4251F-FA20-4BC1-B809-7C1E22A10CAF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A986EDD7-8F59-4DA0-B732-5111DC430B79}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{A9D78389-491C-4B87-91A7-21EAB056EA13}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{AA088C43-7555-47AB-B0A6-59221C0FDE14}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{AAB4C73A-96D8-4E0B-B4D5-45E57B1583BF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{AAB9F961-6504-4566-95DD-3A7A450DE0A0}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{AB3C970A-BB0D-4BE0-BB08-29C302C7D2E7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{AB6AF9C0-1E28-4AFB-BECA-D83E93C691E6}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{ABAE87DB-EB8D-4D80-BABD-49C148BDA80A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{ABC702CF-F209-4BC4-8B69-27407B231A9D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{AC10E7C6-41F1-4ADF-A058-C519968500CF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{AC2E20F7-4612-4935-8339-638FEF3ED9A9}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{AC40C9E8-78D2-4BA8-9B78-EE9108EEAE6E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{AC630C9E-57C8-4750-8986-E8C68864CE74}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{AC64864C-0E1B-45C2-8966-87063B8A85BD}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{AC69D546-5B7F-40F2-AC97-9B5402CBABB5}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{AC7E8E6D-9C25-4359-86D5-2B0F5DF0BC05}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{ACBFBBD1-776A-49C7-AC69-343C356B5F37}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{AD7DEC7F-1F62-4B8D-9E55-2685C1511F61}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{ADC8F2C5-4943-4BB1-90B1-6BD6E723E2AD}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{ADD81F27-1A06-47D3-A263-FAC4169FF6BC}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{ADD8A242-63D5-4251-911E-1BA845FA64AB}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{AE12F1CF-3A99-4C06-9FDD-6AFC758F8FC1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{AE143835-038F-4229-B025-2D8BB54A7FFA}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{AE32E330-9492-4AF7-9BA9-C685110C3675}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{AEBB1E9C-03DF-41D8-A7E8-8A5CFC88ED1D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{AEC7833C-AF41-408F-959F-CF66FE229E13}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{AF18EECF-B7F1-4B90-BB85-55F4EC870297}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{AF1A138C-E186-41F0-87F4-DF128A930C33}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{AF559764-00A7-49F1-A545-F8365B3D14AA}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{AF673B42-52C3-4C55-9CA4-0CB42EAAD7BE}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{AF9F0ACD-C94E-4063-9434-470928315665}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{AFE160CD-F420-4CB5-B4B2-0E0ABD74AEEE}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B004F817-4164-417C-9F8F-CFEA3C99D850}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B0637DF4-7CA6-448B-9F79-84EBA6BBFEC5}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B0980944-BD0B-467C-9EDC-4C0BB33909FF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B0C3D369-0965-427B-A166-4D5E70C77356}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B0EBA9BD-1511-4D96-8E32-CF60A72FD6BC}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B1636704-3B6F-421C-9372-4C48AEF2E529}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B181EA8F-2C15-4049-A288-3683D6135ADE}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B2197EEA-A796-4C3F-9522-C26558627536}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B23F09BB-B6CF-4080-82BB-607327CC2547}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B2AF4508-6C0A-456D-90CB-AFBBCD6F63AA}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B2FCA027-AA93-4DBE-9305-273D759C0BBD}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B3525434-3A5C-4C07-90DC-6162F010E316}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B360494D-6A52-49E6-9679-04B164C21967}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B3857EBF-083B-4685-93A1-53898196AB7A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B3C46A8D-CFE7-4F70-AD5F-6EC9576CCF4A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B3C9F863-C399-4C3C-9BEF-4DDF4B4E9AEA}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B3EE57A2-5088-4A85-AB89-55C25F9E57F0}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B3F0B3EA-27FB-41C7-8470-947849328EA3}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B407DCD7-F7A7-466D-84B6-3E67596119A1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B4365EAE-4ACA-4BFB-87C0-8D863D2667F8}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B43C0F2E-721C-4A5E-9F9D-44E412DA99D1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B4A57139-F844-4CAB-B068-68C6F0698076}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B4AE3003-D332-4578-9427-61D700403C71}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B4E9DCC3-415A-4461-B1A1-E90F155A9BBD}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B5173869-7CAB-49CE-8434-96FDCEF65319}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B523FA4B-F41D-4896-9709-7AFADCE30AB6}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B550D82F-6E5E-4DFF-A967-3017F729AAF3}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B5DA7C4A-C55E-4470-B7E2-D9334AF0EC99}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B5DC1463-E506-4EE7-A27D-7FE368653FDE}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B5E11A6F-3934-4EAC-AC90-02D0B332114C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B6A4BDF7-CBB7-47FB-82B2-DB807182EDE6}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B6C83E8E-62A5-41B2-BB34-957884C55B26}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B6DD3820-C472-46D0-B683-28333B6986D1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B789A544-9D7C-4A39-B7E6-4B266847B7BF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B791159E-0BD3-48A4-9743-998E5DAF3F9C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B7CE576F-7D15-4923-8D5A-47DFDC95DD6A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B8162D66-79C4-4834-99A5-5848366A4452}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B8DF09DA-ECF9-44F4-B79A-C72778D4D2AC}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B98DE429-451C-4124-8ACC-67756AF9178B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B9BC6ACC-A93A-4F9C-86A6-D0B1689353F4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B9C4C21C-A55A-4BFA-96CF-EA4E23832C15}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{B9F4C002-4AFC-4395-8730-47ED52E5DA79}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{BA41F55D-5AF2-44B5-978B-D340555C9D64}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{BA993190-40C3-424C-8090-B030A8AFC203}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{BAB4F77A-6A20-406C-A3A8-F902EF69C316}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{BB2628E3-462E-4548-86CA-A55C2132C7C9}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{BC4D4EF7-4C01-46DE-8EF2-C765D03E6467}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{BCAA63EC-1438-430F-9AED-B5003B0E973A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{BCBA9D32-13BD-46C5-9E57-F3E2481AA6A3}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{BCE9A049-CA2F-4254-BE7B-B2DA2513BA42}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{BD40ACAE-40F4-4C1E-A6D8-5C18DB726239}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{BDFFABD5-EEDF-4E2C-8D60-0186884E8E16}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{BE07C7AA-B2E7-456F-A27E-8867FEF233D8}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{BE4C3912-8407-41D7-B544-78841B6FB3AA}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{BE686C60-23B9-4848-9A16-609B9E928A2A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{BEB5564C-6EEB-46E3-A8D4-8B5AD6E480EF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{BF41F854-6D7B-4347-84E6-E12C8E7022E8}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{BF7384BD-53AF-40F0-86FE-25AC6F149F7A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{BFDAC310-3C20-479F-9057-BD3A479145AC}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{BFE6C0ED-1DE1-458D-A4B6-0B2ACBA564C7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C025D581-3728-4D14-A3E1-50B2F61B1C5C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C03E12BF-6DEE-47DB-8F79-EA7FBD18BA3C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C04AD0D8-43A2-4FCB-A4BB-0C8934E891E4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C0523542-8D00-4E6B-A6BF-CC791C590B82}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C0A73394-F392-4682-9BF7-BF7F856411FF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C1298979-85B7-4607-A867-1E016CA38EB3}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C1B74DBE-8D65-4471-8127-2C8EB68640E1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C281E33B-0879-4453-84A6-AE2C19202958}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C2B2B8D8-A38A-43AD-A6C1-3B3EEE7EF10C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C305BB95-B5A6-4C80-9726-D146B2FC4FE4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C3843C3C-6562-40DC-A4E3-1DE8363C01E2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C3BC5730-4D00-4154-B1E4-3708727288C7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C413DBBF-90B3-47A6-A445-FEF03A072BCD}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C425F0AD-CBBE-4FA6-ADFF-28598F657326}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C48317B4-3836-4965-BD0C-7D441294C082}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C49A2B5A-36F9-4AC0-B088-51EB00C53D35}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C521605F-4AC6-47BB-BF8E-191E583028E7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C54DC7B3-7D23-472C-92AB-7D5D9775956A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C5B02752-66C0-4A35-BA21-20378BDA9F60}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C5DB1E05-EB32-47C0-A77F-8273706B90AA}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C5E86BB6-AEA2-4F34-82C4-F7CE77B20815}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C627F8DF-304A-44F1-9F47-53B0135D2B4D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C62EFA4D-F9DF-4DF4-A692-1F936ECD7C1F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C65B3152-AB4C-4200-BE4C-FDFE6DF4E6D7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C688D992-B1D7-4A05-86B8-94D964987E44}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C710A8AC-0AC7-4697-AAA0-1CB0A1E3E627}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C71C115F-1CA3-4F44-91AB-B7EA8DB6B1C1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C72C2AFA-1BBB-43E8-9C10-12415E001679}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C73EC231-03B0-477E-8292-DE463869A2F0}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C7C2C770-40F4-4AE0-A013-6D4128CB2B6B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C7D102ED-F1A4-4FEE-8AD7-D754D56DA77F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C7E36104-100F-4145-825B-7423B7EFF952}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C809F0B9-179D-40E6-BF1C-96C1ED947F6C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C840DA27-ECE2-4F0F-8EE8-0DF0F0A61F71}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C8454062-C2AF-4F9D-AD21-8AB9FFB226D3}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C89A0B9E-D948-49DF-A6AE-BF7AACE2E978}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C8C0D56B-AAB5-4CC6-B293-6F4D0D061660}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C9709C15-0475-4D2C-8BFA-A056D96F3F20}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C98729E5-88AA-4249-9ECE-8B453371B9B1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{C9E6CD1A-ABA6-4108-A861-92CFE978F2B9}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CA29CD7C-B567-45B3-BFCD-C8D9708B2F92}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CA5C8B6F-0484-415A-8D91-BA45FB8B7212}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CA828C0E-F2F8-4EEA-8AB4-5F5188092F97}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CA869694-05E3-46C8-8ED4-752C3459920D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CAA1C2FC-C5FC-4266-84E0-283D58F820B1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CAA5C6D7-9E8B-437A-8FEE-87AE56E76844}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CAEDAE7A-ECBE-42C3-A00A-BC7DAF679077}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CB15A419-F069-4888-9404-1C0818284536}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CB1D501A-225E-4FFF-84EB-BCBA2EBEFADA}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CBB58B24-776C-419C-834E-04A206A34E99}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CBBDB2B1-8B41-48CC-BDDD-39BBF6EEAA45}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CBE7A562-028F-4D70-BCD4-C78FD93E91AC}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CC4BF251-19CA-469D-BCBF-6C9AD0107D6A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CC573BAA-9358-4044-B8D9-80A7700158EE}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CC5E5761-9E01-408D-9859-FB2100B3CC11}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CCC8FB31-FCE2-4DCC-AAD1-BE110759392F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CCF70FA9-40AC-4B35-B19A-62B2E1571795}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CD3A8DB2-8227-4115-A8F5-5B7B89B4A361}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CD768E04-E991-4626-B7AB-6721A70A43D9}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CD90CC43-1D56-450C-80DA-40E18B5BB53D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CE1B8F66-EC94-4380-B54E-8179DB3BE5D7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CE3AEC6A-35EE-459C-84E0-3A3D56955D7E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CE4C03EF-8F26-46D8-BCA1-0C4590D0A7F0}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CF78EA57-5AFD-43C1-BBD1-CF21E02ED53A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CF86C9C5-4526-460D-B388-DEB84A461D2D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CF8DF142-5C05-467C-83CA-BCD10DD4F64E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{CFD60B50-5404-43ED-B654-F92E147DDA4F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D0194DEE-534A-4323-A4F7-E56F51476669}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D071EB96-1CEB-46C8-AD6D-720BB5905729}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D0805BD2-DAA7-4CED-9F2E-18E2D1C05937}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D1775932-95D5-4A01-B23E-5E558EA10E1D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D187933F-6D89-49BA-8372-A26FE824FFFD}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D195C6EB-2F8A-4A2A-AFD8-95350C06DAAC}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D19D6BE6-0770-445C-9434-4D52E30939B7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D1BFB17C-F08E-4019-93EA-C5F4F34E23FC}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D1FE1A04-EF9A-4E38-B054-A49025B718E3}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D20165EF-7E58-4EC6-A754-61E75970ECC0}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D2769732-3431-4B51-8767-4B3D99FC37AF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D28A5403-BE70-4366-B64B-02DEFB2999B0}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D2A152A3-953A-4F90-8896-EB25270D50A4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D310724D-9C24-4A3F-B6F1-3ACE7D3FE9FF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D33B5EAA-9F10-4930-B9F3-EF37B20B84E1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D390B78B-C136-4F3F-A0F1-E1530AFD2789}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D45E0214-441D-472B-B961-3BFA9A8140CB}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D4690B41-D9A7-4A79-A64A-ED95CF285CAB}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D4D108D9-6559-4CF5-AE85-342C952C1ED3}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D4F0B22F-EAC9-4439-B7B2-2215547E598E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D4F366AD-418A-40E8-8F10-7900E374EA7F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D54060E6-0D10-4412-8CF4-567A00888F75}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D5423F2F-CF12-42E2-AB63-18487293A8BE}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D5753F02-B725-4655-B989-04C94F1EC8DF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D5840C6D-5FB9-4E9C-A51C-C4CB16010BE9}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D5868E3F-32B4-4DFD-80B6-D26F455BAAB3}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D594E3E9-E389-48CC-8B74-48F18C119462}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D5E2B0DC-71F6-4DD3-BFBA-E543519B1AFB}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D5E4E078-7DAB-4317-A350-5E56A769C775}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D5F6CC90-849B-4C6D-BF84-4EEF783ED2B4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D5FAF89E-4C99-4891-A48D-A002F6DFCC2C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D623A3C5-9B42-4059-9C52-A7265232C704}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D63A2283-3300-4D86-9495-25ABA063DA60}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D6B284D7-75ED-4FA6-B543-97C9C1BEC4F4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D6B597C9-9422-4083-BC2E-BB5D85652137}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D78EC368-EBFC-4411-B599-BA129B6C84DF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D7B81E92-543B-4F27-B370-4ED87CC942C0}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D7E1DD00-0924-4318-B183-009DD23D671F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D82A839A-DBE7-4CC8-9D70-FA7D41C3C0DF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D8718D37-F3B9-4B19-B7F2-B7EDAEE35E57}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D91DB370-0E58-4F86-9821-3EAAB57EA94F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D9226C4E-D150-431C-8DB3-F051A6D619D4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D9351B2F-B43E-4115-AB08-23C517D1BAD4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D964F041-917F-46F1-AC8E-0DCDA0A98DF2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D9670A74-C9AA-4DD9-9641-0DC07384C513}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D9CD3408-31C8-4332-B1C1-C667A28CF05F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{D9F4CB88-0C96-4710-8E92-26F5FA3E8BF2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{DA25DCBE-115C-4291-9271-973CF140C737}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{DA943B7C-21E0-4251-B644-2432D47536B7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{DB1A880A-3295-4126-86FE-8E2CD5388BB9}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{DB574028-CFD3-4B4D-9DD4-94686F943D4B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{DB5A9EB9-3B1B-49EB-B13F-93FDDCC55206}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{DB744592-664F-4729-971F-7BA6BFD338DB}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{DB8D90C4-2961-43F7-AA8C-6C425FAC54DA}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{DBAE60AC-05FA-4C1F-9A66-1B9FECE6344A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{DBC1415E-290B-4299-AB50-0BBC5ED658CF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{DBF6CBE3-4AB3-4B1D-A4BD-CC287F86DAF6}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{DCADE42E-9E92-4FE7-A1A5-E38CBF21C83A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{DCB192A7-DC7F-4918-BBD9-EB8F9FAE39C3}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{DCFE127B-D280-4127-8A24-54FC254823F0}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{DDF07F3C-B28F-4A86-8D9B-5A34A62EACD2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{DE9221AB-CD89-4F20-96B7-4434701899C7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{DEA1A3D8-45C0-497F-AB1C-D2426E59B5E6}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{DED0FA5C-8982-49D5-9F4E-B3A801701F0C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{DED17B34-C1DD-4AAE-B36A-80E907E8B648}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{DEDB873F-B778-4927-A9F5-A400808C4477}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{DEE02EDA-0F5A-4CFA-B7F7-AD43AD6C39FA}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{DF293977-8508-4CA0-99A2-D58C0BF0BF2E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{DF79B386-42D1-4D1D-B401-E4FE5832EE54}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{DFA34DE8-6309-469A-BEFB-390DC23272BB}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{DFB6860C-C9F7-48A9-8A1E-AB7302ECCA4A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E0423704-D3E3-4AAB-9180-F7259B5DF097}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E0483748-635A-4781-90E6-231F95052C00}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E06C2299-A6F9-4099-882F-883CE4044395}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E0A482E6-46A2-45FE-9C5B-E23F17EBDDF7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E13903F6-7BA8-42F3-AF64-5C3D77AE2491}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E173416C-8EC9-48CB-8CE0-B1C0364B37F7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E17EE7AD-7211-4AEB-BC16-5902C3399C12}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E1A6FA72-111B-4BAA-9EA7-EFE9F532A5A0}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E1D65C1F-F247-440C-916B-39D47BF98E5A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E219B9ED-7AD1-4204-B823-7DDC3FBADC55}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E249402F-4248-4D3B-8591-2896469A940E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E2CE3CF2-2964-46CC-9EEB-274DE116BE3F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E2DF0F86-C2AA-4EAE-8D20-079718B3825F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E35BB9F9-74C7-4367-953E-3C3813BE6C44}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E3979BE9-06B8-4772-9ED9-2723DD35A032}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E458493D-844A-4188-BE15-BE1AC5521FE2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E462E6AD-5DE9-4A77-95EB-F59153331325}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E47FC8F5-8CE9-4D64-A478-046367A56E02}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E496EB8C-E81E-4959-B3EE-D728634C86E1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E4B4AAA6-3202-4D84-A94C-B7B11C0150F1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E4ED01D2-EE96-4A89-80FE-FF91D00C3129}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E58F93FD-E8B4-482B-92BC-BFB53EB261FD}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E5BF4F92-AF9D-4EAF-B8FF-F56F947CE223}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E5C10A9C-7CE9-4808-8162-B4F299AD1A2A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E5C9C796-77A0-436B-892F-88CAF584797F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E5E35698-E976-4E71-B08C-3635922A09F0}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E5F4FD1A-4592-4D2D-B34A-E48BCD5DE74D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E63F2611-FEE8-4354-9EF5-9A643AAABB95}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E694F372-3F74-4475-9BBB-997375C6927C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E6EC5CFE-106A-447E-9C9E-BDFFB628DCF4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E72D7E86-6055-4598-A900-7EB681EF5F5A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E72E8E7B-20E5-43A1-9A48-CCFE5CE153CF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E7736472-82FB-431F-9628-1F2E67FCE4BE}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E7E074CB-BAEE-4E82-8C36-078FC45805C2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E7E429A1-E869-4A45-90E1-1C14F17DD47D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E7EF0819-A788-4350-8B1D-715D9579AE0C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E88735A8-FE37-4BF6-9A83-3086C41CC906}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E8B82433-4DD8-407E-AACB-EF89CE553D2B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E8E9FCC6-DEDA-495D-B2DB-38F5CB488C20}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E90759FD-AAED-462C-AE6D-D8BD2731D7C1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E91F42D9-7737-4BFE-8117-CB9F43FEA8DD}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E9865D17-1DAF-4290-9984-A9DFE47DEE81}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{E9FC06BE-61E0-44E0-ADB0-3B252F602C8A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{EA5DEE75-16C1-4738-9D65-28EDB58553B4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{EA6F9AB4-4059-4510-AA61-2364087F4B17}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{EA798720-2C94-475F-ABFB-A1723C230A0F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{EA7E5E82-3B79-4D48-A507-B9BEB9073EA2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{EADCC737-9B8A-4753-A87B-C7E54CA14010}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{EAEA4265-E367-453E-8BF2-141CE8116994}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{EB239769-5720-48FB-89DE-8366B9352A72}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{EB248173-BCD8-4045-B81D-2729F6E39E52}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{EB2643DD-166B-4141-8F28-718840820373}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{EB9CB7B1-0CAC-4029-9BA5-9B6304F12EC4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{EBB084CA-8B03-44AE-A1E1-9F4DF432746B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{EC38D5BC-88A9-4938-84E0-E9C063F73A4A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{EC425B15-57EC-4141-9175-A2E36DBB1D02}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{EC6B7C9F-2E69-42CF-A4B4-3FDF1680637E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{ECD2F609-43CA-4F3C-9957-33CA917AB3D4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{ED5D1B1D-60D7-49FF-A0C6-B67CEAB03D96}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{ED9D3A09-586A-4DFC-850F-B3B471807404}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{EDC8FDF1-3D07-4D07-A43A-D57BFFE8B1C2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{EE38E481-596C-4F51-8DC3-86A96DCF1245}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{EE9390B8-0734-4908-808F-905994137897}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{EEB3C4D3-B81E-467D-A257-B36A1D30A6E9}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{EEE22506-985A-4FEB-9419-CA530B90F513}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{EF44005F-84A2-434D-B9C0-CBC43CF7A3C8}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{EFA17090-F8D5-41BD-81AA-97AA0FE8ABCA}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F050CFE9-AE77-4760-A4E8-597419CBF2E7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F0A34CF2-6BA2-4584-A37A-B91DE36E5FFC}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F0D80505-0958-4498-A214-85423B527575}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F12F754B-BB07-4BA8-96E8-DABF9F2EA21B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F1627F42-FCEE-487E-A48A-A77D9948A171}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F1666387-70CD-4F69-AB27-24E0857B6166}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F18CE0D9-1AD8-4F44-AAA0-1732C638DF35}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F1D4042E-45DF-48D1-BEC9-13144D4D6434}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F1E32C11-47D4-474A-8598-38C99A5C5F0E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F1E45FE6-7432-4DFA-9941-F67F8BDFE211}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F2C6F43C-9CDA-4A2F-BCBC-FDD3877E5143}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F2D01486-97D9-4C7F-940E-B8EE8C6527E7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F2D1AEA2-B398-4A78-AFD4-B03FD2987815}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F2F63686-CDEC-4110-8321-287C709FC45D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F3370889-4182-4EA8-9DE1-82E8655C978A}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F3A17EFC-1850-4651-8824-EFEF47EF3ECB}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F3AB5B5A-6FEA-4FDA-A3D9-20CD8DF4FC7E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F3ABB77D-FADD-45CF-BC01-3FAF25762D0B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F3E26650-384C-46E1-ABB3-B157DA0A7AAF}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F42B73F9-89CA-48C9-AE02-72524ED8AE04}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F4583732-8D69-4249-96B3-731BE868131C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F45EC7AE-F35E-42AE-882C-4C0B6FCF1814}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F5634D74-6741-4909-A695-FE7F69AAC112}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F57AC5F4-53A4-40D6-ABD6-236C56F00E20}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F5ECEF6C-2A63-49E1-A140-D41DF7083F86}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F64182FC-B8A9-477E-A0CF-DB0ADF9349C2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F64AC6BC-245F-4622-94B4-C695F70EC3C0}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F668FF00-8ABC-41CE-AFD5-C249EAA529D5}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F684CE1A-303F-4C2D-B65C-4FF460590DD6}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F68CB5FA-608F-42A9-A00E-67CD35B98FD3}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F6D6BFC5-01E6-4402-B7C6-95CE75C75ED8}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F6F24F07-1233-4F0C-B3CB-195FBA84048B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F6FC74A6-6863-44B9-8640-45B3A49C3B3E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F73E8CCC-104B-4A48-B43D-5FCCFDC03C5C}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F7A7C2A0-BE2B-431F-BF09-0E1A1C2F432E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F870B066-3344-4B2F-8B13-0193AB2E7D9F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F871B332-AF88-4910-80FA-3746308476C2}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F880A66D-EADC-4E06-833C-B1E1E3E46081}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F8C7FE6D-89AC-4E8D-B033-FB3E1D64F70B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F929930E-F969-47C2-9839-0D0742467FDC}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{F9DA0620-D239-48A8-9DCC-C9D26D4949A4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{FA64B64A-9DC9-44B2-AB0D-5E265AC003D1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{FACD1DE2-79D1-4C3A-A269-ADBC0B3F607E}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{FADD820B-7C21-4244-90C0-4B0F35A4DEF7}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{FB218C83-9CC9-496F-B4EF-AF61E2A9E0FB}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{FB2556A8-28AA-4E1A-81C1-6F9AA004B28F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{FB69B5DC-B0B7-4E16-A0C0-449319EA580B}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{FC1B50BF-5724-404B-B166-EF69FDDF8749}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{FD6605F8-B0FC-4F13-90FD-29F2E8CEE871}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{FD9ED9DA-29B8-4D28-B2EA-BE89FAB5B0B0}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{FE9C6A33-E983-478E-B38F-BDBA9ECA806F}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{FECC5F32-D10B-4F7D-AE6A-1BAA0E2E8EBA}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{FEDE0D3B-3E50-4670-8387-87FEA4845EF4}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{FF23DB01-4190-4438-8188-59E0A9B4F9A5}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{FF248B2B-2086-43D6-A5FC-2FBE182B9D49}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{FF8AFE2A-2142-4A95-81F2-2BDF71BEF685}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{FF981D83-A989-4E10-A9AF-A1DD927EBCB1}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{FF9BB9FB-F057-4B9A-9571-97CA5BBB75BB}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{FFA0F941-2ED5-444F-A229-8CC2B34C6B5D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{FFD1828D-9DFF-4667-9B8C-F2427B90922D}
Successfully deleted: [Empty Folder] C:\Users\Ruth\appdata\local\{FFEA39CE-C47F-4E94-9116-0C0D7445A1AC}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19/12/2013 at 4:08:27.04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Great, lets use another scan , there may be more


Please download Malwarebytes from Here or Here

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
    MBAMCapture.jpg
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected .
  • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
  • Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
Post the report please
 
Thank you thank you I think it's clean!!!

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.19.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Ruth :: RUTH-MSI [administrator]

19/12/2013 4:24:11 AM
mbam-log-2013-12-19 (04-24-11).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 315241
Time elapsed: 6 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 
Ruth,

One final scanner to check for leftovers

OTL by OldTimer
  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Click the "Scan All Users" checkbox.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
      Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
 
I noticed I still have Conduit. . .

OTL logfile created on: 12/20/2013 8:32:12 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ruth\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.79 Gb Total Physical Memory | 1.95 Gb Available Physical Memory | 51.51% Memory free
7.59 Gb Paging File | 5.35 Gb Available in Paging File | 70.52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 273.40 Gb Total Space | 212.29 Gb Free Space | 77.65% Space Free | Partition Type: NTFS
Drive D: | 180.26 Gb Total Space | 180.14 Gb Free Space | 99.93% Space Free | Partition Type: NTFS

Computer Name: RUTH-MSI | User Name: Ruth | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/12/20 20:30:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ruth\Downloads\OTL (1).exe
PRC - [2013/12/19 04:42:14 | 000,302,961 | ---- | M] () -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
PRC - [2013/12/03 18:48:06 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/10/15 12:27:38 | 003,921,880 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2013/10/09 10:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/09/20 10:57:26 | 001,042,272 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2013/09/13 10:38:30 | 000,171,416 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013/07/25 11:19:26 | 005,624,784 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2013/05/09 23:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2011/11/25 06:44:50 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/09/28 09:28:38 | 001,291,624 | ---- | M] (Shaw Communications) -- C:\Program Files (x86)\shaw\bin\shawsupport.exe
PRC - [2010/06/04 16:00:28 | 002,486,272 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
PRC - [2010/05/16 13:40:00 | 001,349,632 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
PRC - [2010/05/05 06:20:00 | 001,604,200 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2010/04/13 08:57:58 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/04/13 08:57:56 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/09/30 05:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 05:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/08/27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009/07/09 14:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files (x86)\System Control Manager\MSIService.exe


========== Modules (No Company Name) ==========

MOD - [2013/12/19 04:42:14 | 000,302,961 | ---- | M] () -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
MOD - [2013/12/03 18:48:04 | 000,399,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppgooglenaclpluginchrome.dll
MOD - [2013/12/03 18:48:02 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
MOD - [2013/12/03 18:47:11 | 000,702,416 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
MOD - [2013/12/03 18:47:11 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
MOD - [2013/12/03 18:47:08 | 001,619,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
MOD - [2013/10/11 07:29:10 | 014,340,096 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll
MOD - [2013/10/11 07:28:51 | 012,435,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\065d1a77c70d2c1c13fce187ba67ae86\System.Windows.Forms.ni.dll
MOD - [2013/10/11 07:28:38 | 012,238,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll
MOD - [2013/10/11 07:28:22 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
MOD - [2013/10/11 07:28:11 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/09/12 07:57:17 | 001,670,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\f4e49f5f51d2fa5e6190464468dff4d3\Microsoft.VisualBasic.ni.dll
MOD - [2013/09/11 20:17:40 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll
MOD - [2013/08/15 09:39:20 | 000,452,608 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\a65a89dc687715adf46de23e717b842b\IAStorUtil.ni.dll
MOD - [2013/08/14 18:53:46 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/14 18:53:24 | 005,464,064 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/14 18:53:17 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/07/21 14:48:15 | 002,052,096 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2013/07/11 15:41:36 | 000,368,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2013/07/11 15:40:11 | 011,499,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/05/16 10:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2013/05/16 10:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2012/12/21 04:22:16 | 000,105,696 | ---- | M] () -- C:\Program Files (x86)\HMA! Pro VPN\bin\ForceInterfaceLSP.dll
MOD - [2010/05/04 09:59:00 | 000,182,272 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL


========== Services (SafeList) ==========

SRV:64bit: - [2013/11/26 01:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/10/23 17:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/10/23 17:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/26 21:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2013/12/19 04:42:10 | 000,285,795 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -- (HOSTS Anti-PUPs)
SRV - [2013/12/10 18:07:07 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/09 10:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013/05/09 23:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/11/19 06:50:38 | 000,036,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2011/11/25 06:44:50 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010/05/05 06:20:00 | 001,604,200 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010/04/13 08:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/09/30 05:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/09/30 05:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/08/27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009/07/23 22:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/07/09 14:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\System Control Manager\MSIService.exe -- (Micro Star SCM)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/08/07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\msi\msi Software Install\MGHwCtrl.sys -- (MGHwCtrl)
DRV:64bit: - [2013/09/27 09:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/06/26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/11/19 06:50:38 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/05/12 13:03:12 | 000,006,144 | ---- | M] (Sophos Plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\1CA5.tmp -- (MEMSWEEP2)
DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 05:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 03:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 01:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/08/25 19:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/04/13 08:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/03/04 06:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/02/26 01:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/02 15:38:30 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/01/18 04:37:56 | 000,128,512 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/01/12 16:37:18 | 007,675,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2009/12/04 17:50:22 | 000,087,888 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EUCR6SK.sys -- (EUCR)
DRV:64bit: - [2009/11/18 06:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/09/16 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 13:01:14 | 001,227,776 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SmSerl64.sys -- (smserial)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/26 13:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {A2516833-3348-406A-96A6-26AAA93BF9DE}
IE:64bit: - HKLM\..\SearchScopes\{A2516833-3348-406A-96A6-26AAA93BF9DE}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAMI&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{DF74C2BD-9885-45D2-AC3E-F2865A90DEAB}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAMI&src=IE-SearchBox


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-520651529-1785075596-1382192879-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com
IE - HKU\S-1-5-21-520651529-1785075596-1382192879-1000\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ca.msn.com/?ocid=U218DHP&pc=U218
IE - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/
IE - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-CA
IE - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E3 79 09 AD 8A F0 CE 01 [binary data]
IE - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\..\SearchScopes,DefaultScope = 204128af-0f12-4aed-b13a-211ea5cc8314
IE - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\..\SearchScopes\204128af-0f12-4aed-b13a-211ea5cc8314: "URL" = http://www.bing.com/search?q={searchTerms}&form=DMSGO1&src=IE-SearchBox
IE - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_39: C:\windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Ruth\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Ruth\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Ruth\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Ruth\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Ruth\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)


[2011/11/23 09:07:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ruth\AppData\Roaming\Mozilla\Extensions
[2013/12/19 03:54:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\hvpr7g5x.default\extensions
[2013/07/01 16:55:55 | 000,000,000 | ---D | M] ("Supreme Savings") -- C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\hvpr7g5x.default\extensions\crossriderapp19962@crossrider.com
[2013/07/01 16:55:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\hvpr7g5x.default\extensions\crossriderapp19962@crossrider.com\chrome\content\extensionCode
[2012/02/28 11:55:26 | 000,008,503 | ---- | M] () (No name found) -- C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\hvpr7g5x.default\extensions\longurlplease@darragh.curran.xpi
[2013/05/25 06:28:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/05/25 06:27:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/05/25 06:27:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
[2013/05/25 06:28:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/05/25 06:28:50 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Conduit (Enabled)
CHR - default_search_provider: search_url = http://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN40779552811866027&ctid=CT3286042&UM=2
CHR - default_search_provider: suggest_url = http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}&CUI=UN40779552811866027&UM=2,
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java(TM) Platform SE 6 U39 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RocketLife Secure Plug-In Layer (Enabled) = C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Ruth\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Ruth\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Ruth\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Ruth\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
CHR - plugin: Java Deployment Toolkit 6.0.390.4 (Enabled) = C:\windows\SysWOW64\npdeployJava1.dll
CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\windows\system32\TVUAx\npTVUAx.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: DuckDuckGo for Chrome = C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\42.5.15_0\
CHR - Extension: Google Search = C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/12/09 15:43:30 | 000,000,974 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Airmiles Toolbar BHO) - {5F3927FC-290D-4C7B-8A30-694E7CA9254B} - C:\Program Files (x86)\Airmiles Toolbar\Toolbar.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Airmiles Toolbar) - {CEE2D9C1-CD4C-4C74-AD58-8BC55D96F9D2} - C:\Program Files (x86)\Airmiles Toolbar\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\..\Toolbar\WebBrowser: (no name) - {357F39D5-81FE-4EAD-81EC-7F80A566E667} - No CLSID value found.
O3 - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\..\Toolbar\WebBrowser: (Airmiles Toolbar) - {CEE2D9C1-CD4C-4C74-AD58-8BC55D96F9D2} - C:\Program Files (x86)\Airmiles Toolbar\Toolbar.dll ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [THXCfg64] C:\windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [HOSTS Anti-Adware_PUPs] C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-520651529-1785075596-1382192879-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-520651529-1785075596-1382192879-1001..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-520651529-1785075596-1382192879-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-520651529-1785075596-1382192879-1000\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-520651529-1785075596-1382192879-1000\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-520651529-1785075596-1382192879-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\HMA! Pro VPN\bin\ForceInterfaceLSP.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\HMA! Pro VPN\bin\ForceInterfaceLSP.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\HMA! Pro VPN\bin\ForceInterfaceLSP.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\HMA! Pro VPN\bin\ForceInterfaceLSP.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\HMA! Pro VPN\bin\ForceInterfaceLSP.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files (x86)\HMA! Pro VPN\bin\ForceInterfaceLSP.dll ()
O1364bit: - gopher Prefix: missing
O16:64bit: - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://qtinstall.apple.com/qtactivex/qtplugin.cab (Reg Error: Key error.)
 
OTL Extras text

OTL Extras logfile created on: 12/20/2013 8:32:12 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ruth\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.79 Gb Total Physical Memory | 1.95 Gb Available Physical Memory | 51.51% Memory free
7.59 Gb Paging File | 5.35 Gb Available in Paging File | 70.52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 273.40 Gb Total Space | 212.29 Gb Free Space | 77.65% Space Free | Partition Type: NTFS
Drive D: | 180.26 Gb Total Space | 180.14 Gb Free Space | 99.93% Space Free | Partition Type: NTFS

Computer Name: RUTH-MSI | User Name: Ruth | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-520651529-1785075596-1382192879-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BFD9DA1-70E4-4983-AD73-170F55DFDA37}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1123D16E-7059-47FC-A56C-AAC202A4F893}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{21B13831-419B-4BA6-94BB-CA1EEA127258}" = rport=445 | protocol=6 | dir=out | app=system |
"{30F03DD0-B0AB-4B80-801A-CCA880D6394A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{3BEC21FA-2C08-475C-B42D-FA217513F04E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4ABD7685-129C-4C29-80AC-D1D6BF8C9C65}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5DEA7F22-7B88-4716-A87C-82D5985BE4A3}" = lport=138 | protocol=17 | dir=in | app=system |
"{A1F451DB-5450-4BD1-A343-B29032824CBB}" = rport=138 | protocol=17 | dir=out | app=system |
"{BB1C2E0C-DA38-4AD7-BC36-A06A9647FA6B}" = rport=137 | protocol=17 | dir=out | app=system |
"{C3F24286-BEFB-4D27-8D70-E644F7323301}" = lport=445 | protocol=6 | dir=in | app=system |
"{C51A2ED2-2763-41DA-958A-C5DB8EDF1B41}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D21602F2-F131-450B-B7B8-3C1F67A668D0}" = rport=139 | protocol=6 | dir=out | app=system |
"{D2D8719C-7795-477A-A79A-D48B83ABDFD7}" = lport=137 | protocol=17 | dir=in | app=system |
"{EE1376F2-5C0D-40B8-BC76-0315443806A7}" = lport=139 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1B594E3B-E166-45E1-8DCC-0DEC7D029D2A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{46BE01AB-4D74-47AE-9632-835E7C1E8D79}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{49F97F33-B53F-4CDC-8F06-C84A68CC8775}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{5E8218DD-C1EF-43AA-A2A1-FDD368253BA5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{793E6F28-08FA-4613-B734-3F5459DCDFF4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D03968B2-5B44-4CAF-A834-4140EDBD5B5B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E56C4325-218A-4E8A-AC5B-E49064095F40}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"TCP Query User{3D7D2F3D-61E3-4CCB-B285-B58CA6BEA369}C:\users\ruth\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\ruth\appdata\roaming\mjusbsp\magicjack.exe |
"TCP Query User{84F2DD6C-EB6B-4553-95F8-DA5EEAAF52D6}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{D171D0AF-69CA-4AC0-924D-9804C3EB0585}C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spybot - search & destroy 2\sdfiles.exe |
"UDP Query User{4802725E-4DF0-4EFA-8B85-A97A3BC24E88}C:\users\ruth\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\ruth\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{6756FFDE-D838-44FD-9484-B46B4EA462A2}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{BF79803F-7E4E-4C84-BCBC-7C6343F21B8D}C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spybot - search & destroy 2\sdfiles.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86417045FF}" = Java 7 Update 45 (64-bit)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7FCDABCC-1A1E-4D61-909D-BA9495172774}" = iTunes
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ADDF4B84-5D28-4EAE-8511-EF808C8BC81C}" = HP Officejet 6500 E710n-z Basic Device Software
"{D5510D28-D0E4-433E-A0F3-EE3FCECA60D2}" = HP Officejet 6500 E710n-z Product Improvement Study
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E102B843-786A-4F58-AF75-6504570E207B}" = Microsoft Security Client
"{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}" = iCloud
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"7F973C87231D745EBF31E772CC38BB9B185D3819" = Windows Driver Package - ENE (EUCR) USB (12/04/2009 5.89.0.64)
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-x64 7.0.5.10_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Drivers" = NVIDIA Drivers

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{01A1A019-E1D8-482A-BE17-5E118D17C0A0}" = ArcSoft Print Creations - Brochures & Flyers
"{0ADAB741-CFA4-4974-BD9C-A3C8D1E9EB69}_is1" = Ping Ball
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{130E5108-547F-4482-91EE-F45C784E08C7}" = HP Officejet 6500 E710n-z Help
"{16FCDD97-AE09-476B-88CD-261D852BD34C}" = Marketsplash Shortcuts
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2325C9EC-8142-48AE-8C29-2F38F1829733}" = QuickBooks EasyStart 2012
"{25478065-4CB1-448C-80E4-8C4529017EE3}" = ArcSoft WebCam Companion 3
"{25E202D1-D8E7-46AF-B4B0-157D9993A93E}" = QuickBooks
"{26A24AE4-039D-4CA4-87B4-2F83216037FF}" = Java(TM) 6 Update 39
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}" = BurnRecovery
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2A83AD05-56E6-3FBD-8752-B4143162EF59}" = Google Talk Plugin
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3CE47E6B-AE27-4E40-AC54-329EED96B933}" = ArcSoft Print Creations - Funhouse II
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}" = THX TruStudio Pro
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59E98F3F-48D6-42A9-8250-079671E02B2D}" = StuffIt Expander 2011
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5D1C82E7-7EC0-4404-A8AD-36C3B444BC34}" = ArcSoft Print Creations - Poster Creator
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{72E3FF67-450F-4ADD-99A7-4147780F6C7B}_is1" = Shaw Support 3.3.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E90189A-A5D4-4C0E-A908-06C4236F98EE}" = ArcSoft Magic-i Visual Effects 2
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{9262B08F-E183-4FED-A2BD-23FF1A84EB67}" = HPDiagnosticCoreDll
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{95F875CC-1B85-43E6-B3E0-13EA04F3D995}" = ArcSoft Print Creations - Photo Prints
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}" = ArcSoft Print Creations
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A840FFFB-3A80-4C24-AB34-BE9F56BEB4CE}" = msi Software Install
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CD1067C8-1AA1-4503-BCAD-EA1EE5427DC7}" = MAGIX Video easy SE
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FA4C2D53-205F-4245-9717-F3761154824D}" = Safari
"{FDAED10B-2C73-41FF-99E0-C18C786B73BA}" = Freephoneline
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ExpressAccounts" = Express Accounts
"Google Chrome" = Google Chrome
"HMA! Pro VPN" = HMA! Pro VPN 2.7.1.7
"HP Photo Creations" = HP Photo Creations
"MAGIX Music Maker 16 Download Version UK" = MAGIX Music Maker 16 Download Version
"MAGIX Photo Manager 9 UK" = MAGIX Photo Manager 9
"MAGIX Screenshare UK" = MAGIX Screenshare
"MAGIX Speed burnR UK" = MAGIX Speed burnR
"MAGIX_MSI_Video_easy_SE" = MAGIX Video easy SE
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"MP3 Rocket" = MP3 Rocket
"NVIDIA.Updatus" = NVIDIA Updatus
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Shaw Internet Update_is1" = Shaw Internet Update 3.3.1
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.20
"VLC media player" = VLC media player 1.1.9
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-520651529-1785075596-1382192879-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"magicJack" = magicJack

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12/20/2013 2:50:47 PM | Computer Name = Ruth-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3089

Error - 12/20/2013 2:50:48 PM | Computer Name = Ruth-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 12/20/2013 2:50:48 PM | Computer Name = Ruth-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4103

Error - 12/20/2013 2:50:48 PM | Computer Name = Ruth-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4103

Error - 12/20/2013 2:50:49 PM | Computer Name = Ruth-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 12/20/2013 2:50:49 PM | Computer Name = Ruth-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5132

Error - 12/20/2013 2:50:49 PM | Computer Name = Ruth-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5132

Error - 12/20/2013 2:50:50 PM | Computer Name = Ruth-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 12/20/2013 2:50:50 PM | Computer Name = Ruth-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6458

Error - 12/20/2013 2:50:50 PM | Computer Name = Ruth-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6458

[ System Events ]
Error - 12/19/2013 12:23:31 PM | Computer Name = Ruth-msi | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 12/19/2013 8:07:10 PM | Computer Name = Ruth-msi | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the HOSTS
Anti-PUPs service to connect.

Error - 12/19/2013 8:07:10 PM | Computer Name = Ruth-msi | Source = Service Control Manager | ID = 7000
Description = The HOSTS Anti-PUPs service failed to start due to the following error:
%%1053

Error - 12/20/2013 12:33:48 PM | Computer Name = Ruth-msi | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the HOSTS
Anti-PUPs service to connect.

Error - 12/20/2013 12:33:48 PM | Computer Name = Ruth-msi | Source = Service Control Manager | ID = 7000
Description = The HOSTS Anti-PUPs service failed to start due to the following error:
%%1053

Error - 12/20/2013 4:11:47 PM | Computer Name = Ruth-msi | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the MBAMService service.

Error - 12/20/2013 6:22:45 PM | Computer Name = Ruth-msi | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the HOSTS
Anti-PUPs service to connect.

Error - 12/20/2013 6:22:45 PM | Computer Name = Ruth-msi | Source = Service Control Manager | ID = 7000
Description = The HOSTS Anti-PUPs service failed to start due to the following error:
%%1053

Error - 12/20/2013 11:29:18 PM | Computer Name = Ruth-msi | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the HOSTS
Anti-PUPs service to connect.

Error - 12/20/2013 11:29:18 PM | Computer Name = Ruth-msi | Source = Service Control Manager | ID = 7000
Description = The HOSTS Anti-PUPs service failed to start due to the following error:
%%1053


< End of report >
 
Good Morning,

I see conduit plus some other bad things that need to be removed but your initial OTL log was not complete so there may be more to remove, go ahead and run a new scan with OTL and post the entire log, you wont get an extras log this time so dont knock yourself out looking for it
 
thanks again for the help

OTL logfile created on: 12/21/2013 5:10:55 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ruth\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.79 Gb Total Physical Memory | 1.56 Gb Available Physical Memory | 41.03% Memory free
7.59 Gb Paging File | 4.90 Gb Available in Paging File | 64.64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 273.40 Gb Total Space | 212.05 Gb Free Space | 77.56% Space Free | Partition Type: NTFS
Drive D: | 180.26 Gb Total Space | 180.14 Gb Free Space | 99.93% Space Free | Partition Type: NTFS

Computer Name: RUTH-MSI | User Name: Ruth | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Ruth\Downloads\OTL (3).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe ()
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
PRC - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\shaw\bin\shawsupport.exe (Shaw Communications)
PRC - C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
PRC - C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Program Files (x86)\System Control Manager\MSIService.exe (Micro-Star International Co., Ltd.)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\065d1a77c70d2c1c13fce187ba67ae86\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\f4e49f5f51d2fa5e6190464468dff4d3\Microsoft.VisualBasic.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\a65a89dc687715adf46de23e717b842b\IAStorUtil.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll ()
MOD - C:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Program Files (x86)\HMA! Pro VPN\bin\ForceInterfaceLSP.dll ()
MOD - C:\Windows\SysWOW64\APOMngr.DLL ()


========== Services (SafeList) ==========

SRV:64bit: - (IEEtwCollectorService) -- C:\windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (HOSTS Anti-PUPs) -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (OpenVPNService) -- C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe ()
SRV - (QBCFMonitorService) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (QBFCService) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
SRV - (Micro Star SCM) -- C:\Program Files (x86)\System Control Manager\MSIService.exe (Micro-Star International Co., Ltd.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)


========== Driver Services (SafeList) ==========

DRV:64bit: - (MGHwCtrl) -- C:\Program Files\msi\msi Software Install\MGHwCtrl.sys File not found
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (MEMSWEEP2) -- C:\Windows\SysNative\1CA5.tmp (Sophos Plc)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.)
DRV:64bit: - (NETw5s64) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
DRV:64bit: - (EUCR) -- C:\Windows\SysNative\drivers\EUCR6SK.sys (ENE Technology Inc.)
DRV:64bit: - (MBfilt) -- C:\Windows\SysNative\drivers\MBfilt64.sys (Creative Technology Ltd.)
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (smserial) -- C:\Windows\SysNative\drivers\SmSerl64.sys (Motorola Inc.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {A2516833-3348-406A-96A6-26AAA93BF9DE}
IE:64bit: - HKLM\..\SearchScopes\{A2516833-3348-406A-96A6-26AAA93BF9DE}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAMI&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{DF74C2BD-9885-45D2-AC3E-F2865A90DEAB}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAMI&src=IE-SearchBox


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-520651529-1785075596-1382192879-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com
IE - HKU\S-1-5-21-520651529-1785075596-1382192879-1000\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://duckduckgo.com/
IE - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/
IE - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-CA
IE - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E3 79 09 AD 8A F0 CE 01 [binary data]
IE - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\..\SearchScopes,DefaultScope = 204128af-0f12-4aed-b13a-211ea5cc8314
IE - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\..\SearchScopes\204128af-0f12-4aed-b13a-211ea5cc8314: "URL" = http://www.bing.com/search?q={searchTerms}&form=DMSGO1&src=IE-SearchBox
IE - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_39: C:\windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Ruth\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Ruth\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Ruth\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Ruth\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Ruth\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)


[2011/11/23 09:07:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ruth\AppData\Roaming\Mozilla\Extensions
[2013/12/19 03:54:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\hvpr7g5x.default\extensions
[2013/07/01 16:55:55 | 000,000,000 | ---D | M] ("Supreme Savings") -- C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\hvpr7g5x.default\extensions\crossriderapp19962@crossrider.com
[2013/07/01 16:55:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\hvpr7g5x.default\extensions\crossriderapp19962@crossrider.com\chrome\content\extensionCode
[2012/02/28 11:55:26 | 000,008,503 | ---- | M] () (No name found) -- C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\hvpr7g5x.default\extensions\longurlplease@darragh.curran.xpi
[2013/05/25 06:28:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/05/25 06:27:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/05/25 06:27:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
[2013/05/25 06:28:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/05/25 06:28:50 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Conduit (Enabled)
CHR - default_search_provider: search_url = http://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN40779552811866027&ctid=CT3286042&UM=2
CHR - default_search_provider: suggest_url = http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}&CUI=UN40779552811866027&UM=2,
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java(TM) Platform SE 6 U39 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RocketLife Secure Plug-In Layer (Enabled) = C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Ruth\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Ruth\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Ruth\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Ruth\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
CHR - plugin: Java Deployment Toolkit 6.0.390.4 (Enabled) = C:\windows\SysWOW64\npdeployJava1.dll
CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\windows\system32\TVUAx\npTVUAx.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: DuckDuckGo for Chrome = C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\42.5.15_0\
CHR - Extension: Google Search = C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/12/09 15:43:30 | 000,000,974 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Airmiles Toolbar BHO) - {5F3927FC-290D-4C7B-8A30-694E7CA9254B} - C:\Program Files (x86)\Airmiles Toolbar\Toolbar.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Airmiles Toolbar) - {CEE2D9C1-CD4C-4C74-AD58-8BC55D96F9D2} - C:\Program Files (x86)\Airmiles Toolbar\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\..\Toolbar\WebBrowser: (no name) - {357F39D5-81FE-4EAD-81EC-7F80A566E667} - No CLSID value found.
O3 - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\..\Toolbar\WebBrowser: (Airmiles Toolbar) - {CEE2D9C1-CD4C-4C74-AD58-8BC55D96F9D2} - C:\Program Files (x86)\Airmiles Toolbar\Toolbar.dll ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [THXCfg64] C:\windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [HOSTS Anti-Adware_PUPs] C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-520651529-1785075596-1382192879-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-520651529-1785075596-1382192879-1001..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-520651529-1785075596-1382192879-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-520651529-1785075596-1382192879-1000\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-520651529-1785075596-1382192879-1000\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-520651529-1785075596-1382192879-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKU\S-1-5-21-520651529-1785075596-1382192879-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\HMA! Pro VPN\bin\ForceInterfaceLSP.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\HMA! Pro VPN\bin\ForceInterfaceLSP.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\HMA! Pro VPN\bin\ForceInterfaceLSP.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\HMA! Pro VPN\bin\ForceInterfaceLSP.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\HMA! Pro VPN\bin\ForceInterfaceLSP.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files (x86)\HMA! Pro VPN\bin\ForceInterfaceLSP.dll ()
O1364bit: - gopher Prefix: missing
O16:64bit: - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://qtinstall.apple.com/qtactivex/qtplugin.cab (Reg Error: Key error.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.59.160.15 64.59.161.69
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{094C1C24-A4E5-49FB-AE10-21205BD83451}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1323AA37-9DD0-4CA6-B93C-0CDF56B634FF}: DhcpNameServer = 64.59.160.15 64.59.161.69
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C78FCB73-F14A-4B1E-B0AD-7BF0F8FA0B67}: DhcpNameServer = 64.59.160.15 64.59.161.69
O18:64bit: - Protocol\Handler\intu-help-qb5 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\intu-help-qb5 {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\livecall - No CLSID value found
O18 - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0f584b8d-6390-11e0-8ff9-406186af2c91}\Shell - "" = AutoRun
O33 - MountPoints2\{0f584b8d-6390-11e0-8ff9-406186af2c91}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/12/21 00:39:12 | 000,000,000 | ---D | C] -- C:\Users\Ruth\AppData\Local\{B873E2B5-B284-4693-8539-803D05A2893F}
[2013/12/20 12:14:04 | 000,000,000 | ---D | C] -- C:\Users\Ruth\AppData\Local\{4254E7A6-C5F6-48BA-8F87-EE7240439E0F}
[2013/12/19 04:42:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
[2013/12/19 04:02:23 | 000,000,000 | ---D | C] -- C:\windows\ERUNT
[2013/12/19 03:14:33 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/12/18 19:49:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013/12/18 19:47:22 | 000,089,304 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2013/12/18 19:46:35 | 000,000,000 | ---D | C] -- C:\Users\Ruth\Desktop\mbar
[2013/12/15 22:14:15 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2013/12/15 22:14:14 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/12/15 22:14:14 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/12/15 22:14:14 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013/12/15 22:14:14 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2013/12/15 22:14:14 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013/12/15 22:14:14 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013/12/15 22:14:13 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2013/12/15 22:14:13 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2013/12/15 22:14:13 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2013/12/15 22:14:13 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2013/12/15 22:14:13 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2013/12/15 22:14:12 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2013/12/15 22:14:11 | 001,995,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2013/12/15 22:14:11 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2013/12/15 22:14:08 | 005,769,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/12/14 06:47:50 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2013/12/14 06:47:50 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\elshyph.dll
[2013/12/14 06:47:44 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jsIntl.dll
[2013/12/14 06:47:44 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\elshyph.dll
[2013/12/14 06:47:43 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2013/12/14 06:47:43 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2013/12/14 06:47:43 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2013/12/14 06:47:43 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2013/12/14 06:47:43 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2013/12/14 06:47:43 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2013/12/14 06:47:43 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2013/12/14 06:47:43 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2013/12/14 06:47:43 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2013/12/14 06:47:43 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2013/12/14 06:47:43 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2013/12/14 06:47:43 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2013/12/14 06:47:43 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013/12/14 06:47:43 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2013/12/14 06:47:43 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013/12/14 06:47:43 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2013/12/14 06:47:42 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/12/14 06:47:42 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2013/12/14 06:47:42 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2013/12/14 06:47:42 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2013/12/14 06:47:42 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2013/12/14 06:47:42 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013/12/14 06:47:42 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2013/12/14 06:47:42 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2013/12/14 06:47:42 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2013/12/14 06:47:42 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2013/12/14 06:47:42 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2013/12/14 06:47:42 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2013/12/14 06:47:41 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jsIntl.dll
[2013/12/14 06:47:41 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2013/12/14 06:47:41 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2013/12/14 06:47:41 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2013/12/14 06:47:41 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2013/12/14 06:47:41 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2013/12/14 06:47:40 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2013/12/14 06:47:40 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/12/14 06:47:40 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2013/12/14 06:47:40 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2013/12/14 06:47:40 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2013/12/14 06:47:40 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2013/12/14 06:47:40 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2013/12/14 06:47:40 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2013/12/14 06:47:40 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2013/12/14 06:47:40 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013/12/14 06:47:40 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2013/12/14 06:47:40 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2013/12/14 06:47:40 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2013/12/14 06:47:40 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2013/12/14 06:47:40 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2013/12/14 06:47:40 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2013/12/14 06:47:40 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2013/12/14 06:47:40 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2013/12/14 06:47:39 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/12/14 06:47:39 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2013/12/14 06:47:39 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2013/12/14 06:47:39 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2013/12/14 06:47:39 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2013/12/14 06:47:39 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2013/12/14 06:47:39 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2013/12/14 06:47:39 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2013/12/11 12:54:00 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmploc.DLL
[2013/12/11 12:54:00 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmploc.DLL
[2013/12/11 12:54:00 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmp.dll
[2013/12/11 12:53:58 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmp.dll
[2013/12/11 07:06:30 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msieftp.dll
[2013/12/11 07:06:30 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msieftp.dll
[2013/12/11 07:06:28 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPhoto.dll
[2013/12/11 07:06:28 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll
[2013/12/11 07:06:27 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imagehlp.dll
[2013/12/11 07:06:17 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\portcls.sys
[2013/12/11 07:06:17 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\drmk.sys
[2013/12/11 07:06:16 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wshom.ocx
[2013/12/11 07:06:15 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scrrun.dll
[2013/12/11 07:06:15 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scrrun.dll
[2013/12/11 07:06:15 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cscript.exe
[2013/12/11 07:06:15 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cscript.exe
[2013/12/11 07:06:15 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wshom.ocx
[2013/12/09 18:50:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013/12/09 15:49:28 | 000,000,000 | ---D | C] -- C:\windows\ERDNT
[2013/12/09 14:56:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013/12/09 14:56:49 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\windows\SysNative\sdnclean64.exe
[2013/12/09 14:56:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/12/09 14:56:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013/12/05 06:17:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/12/05 06:17:44 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/12/03 15:16:09 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEUDINIT.EXE
[5 C:\windows\SysNative\*.tmp files -> C:\windows\SysNative\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/12/21 05:12:23 | 000,017,600 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/12/21 05:12:23 | 000,017,600 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/12/21 05:06:03 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/12/21 05:03:45 | 000,065,536 | ---- | M] () -- C:\windows\SysNative\Ikeext.etl
[2013/12/21 05:03:28 | 000,000,890 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/12/21 05:02:25 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/12/21 05:02:11 | 3055,681,536 | -HS- | M] () -- C:\hiberfil.sys
[2013/12/21 00:41:00 | 000,000,904 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-520651529-1785075596-1382192879-1001UA.job
[2013/12/20 22:53:00 | 000,000,336 | ---- | M] () -- C:\windows\tasks\HP Photo Creations Communicator.job
[2013/12/20 22:49:00 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/12/20 18:40:00 | 000,000,852 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-520651529-1785075596-1382192879-1001Core.job
[2013/12/20 12:24:26 | 000,786,390 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/12/20 12:24:26 | 000,669,602 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/12/20 12:24:26 | 000,127,850 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/12/19 04:42:16 | 000,001,191 | ---- | M] () -- C:\Users\Ruth\Desktop\Desinstaller_HOSTS_Anti-PUPs.lnk
[2013/12/19 04:23:43 | 000,001,119 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/12/18 19:47:22 | 000,089,304 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2013/12/14 06:47:50 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2013/12/14 06:47:50 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\elshyph.dll
[2013/12/14 06:47:44 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jsIntl.dll
[2013/12/14 06:47:44 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\elshyph.dll
[2013/12/14 06:47:44 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2013/12/14 06:47:43 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2013/12/14 06:47:43 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2013/12/14 06:47:43 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2013/12/14 06:47:43 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2013/12/14 06:47:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2013/12/14 06:47:43 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2013/12/14 06:47:43 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2013/12/14 06:47:43 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2013/12/14 06:47:43 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2013/12/14 06:47:43 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2013/12/14 06:47:43 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2013/12/14 06:47:43 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013/12/14 06:47:43 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2013/12/14 06:47:43 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013/12/14 06:47:43 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2013/12/14 06:47:43 | 000,016,284 | ---- | M] () -- C:\windows\SysWow64\ieuinit.inf
[2013/12/14 06:47:42 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/12/14 06:47:42 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2013/12/14 06:47:42 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2013/12/14 06:47:42 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2013/12/14 06:47:42 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2013/12/14 06:47:42 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013/12/14 06:47:42 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2013/12/14 06:47:42 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2013/12/14 06:47:42 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2013/12/14 06:47:42 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2013/12/14 06:47:42 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2013/12/14 06:47:42 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2013/12/14 06:47:41 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jsIntl.dll
[2013/12/14 06:47:41 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2013/12/14 06:47:41 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2013/12/14 06:47:41 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2013/12/14 06:47:41 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2013/12/14 06:47:41 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2013/12/14 06:47:40 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2013/12/14 06:47:40 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/12/14 06:47:40 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2013/12/14 06:47:40 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2013/12/14 06:47:40 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2013/12/14 06:47:40 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2013/12/14 06:47:40 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2013/12/14 06:47:40 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2013/12/14 06:47:40 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2013/12/14 06:47:40 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2013/12/14 06:47:40 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013/12/14 06:47:40 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2013/12/14 06:47:40 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2013/12/14 06:47:40 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2013/12/14 06:47:40 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2013/12/14 06:47:40 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2013/12/14 06:47:40 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2013/12/14 06:47:40 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2013/12/14 06:47:40 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2013/12/14 06:47:40 | 000,016,284 | ---- | M] () -- C:\windows\SysNative\ieuinit.inf
[2013/12/14 06:47:39 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/12/14 06:47:39 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2013/12/14 06:47:39 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2013/12/14 06:47:39 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2013/12/14 06:47:39 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2013/12/14 06:47:39 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2013/12/14 06:47:39 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2013/12/11 21:06:07 | 000,310,136 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/12/10 18:07:06 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013/12/10 18:07:06 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/12/10 18:06:50 | 009,293,192 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe
[2013/12/09 16:46:03 | 000,000,512 | ---- | M] () -- C:\Users\Ruth\Documents\MBR.dat
[2013/12/09 15:43:30 | 000,000,974 | R--- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2013/12/09 15:18:14 | 000,450,675 | R--- | M] () -- C:\windows\SysNative\drivers\etc\hosts.20131209-154330.backup
[2013/12/09 15:17:17 | 000,450,675 | R--- | M] () -- C:\windows\SysNative\drivers\etc\hosts.20131209-151814.backup
[2013/12/09 15:09:02 | 000,000,860 | R--- | M] () -- C:\windows\SysNative\drivers\etc\hosts.20131209-151717.backup
[2013/12/09 14:56:56 | 000,001,389 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/12/08 01:42:22 | 483,591,795 | ---- | M] () -- C:\windows\MEMORY.DMP
[2013/12/05 07:15:23 | 000,273,696 | ---- | M] () -- C:\Users\Ruth\Documents\cc_cleaner December 5 20131205_071355.reg
[2013/12/05 06:17:47 | 000,000,832 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/12/04 20:45:26 | 000,002,193 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/12/03 16:57:03 | 000,001,447 | ---- | M] () -- C:\Users\Ruth\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/11/28 11:16:53 | 000,242,972 | ---- | M] () -- C:\Users\Ruth\Documents\GradEndoReferral.pdf
[2013/11/26 02:18:23 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2013/11/26 01:48:07 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013/11/26 01:46:25 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2013/11/26 01:27:54 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013/11/26 01:21:24 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/11/26 01:18:39 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2013/11/26 01:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2013/11/26 01:16:57 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2013/11/26 00:57:44 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013/11/26 00:35:02 | 005,769,216 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/11/26 00:32:08 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/11/26 00:28:16 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2013/11/26 00:02:16 | 001,995,264 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2013/11/25 23:32:06 | 001,928,192 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2013/11/25 22:34:55 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2013/11/25 22:34:27 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2013/11/23 10:26:20 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll
[2013/11/23 09:47:34 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WMPhoto.dll
[5 C:\windows\SysNative\*.tmp files -> C:\windows\SysNative\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
second part

========== Files Created - No Company Name ==========

[2013/12/19 04:42:16 | 000,001,191 | ---- | C] () -- C:\Users\Ruth\Desktop\Desinstaller_HOSTS_Anti-PUPs.lnk
[2013/12/14 17:59:14 | 000,001,423 | ---- | C] () -- C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/12/14 06:47:43 | 000,016,284 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf
[2013/12/14 06:47:40 | 000,016,284 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf
[2013/12/09 16:32:49 | 000,000,512 | ---- | C] () -- C:\Users\Ruth\Documents\MBR.dat
[2013/12/09 14:56:56 | 000,001,401 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013/12/09 14:56:56 | 000,001,389 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/12/07 08:35:55 | 483,591,795 | ---- | C] () -- C:\windows\MEMORY.DMP
[2013/12/05 07:14:32 | 000,273,696 | ---- | C] () -- C:\Users\Ruth\Documents\cc_cleaner December 5 20131205_071355.reg
[2013/12/05 06:17:47 | 000,000,832 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/11/28 11:16:53 | 000,242,972 | ---- | C] () -- C:\Users\Ruth\Documents\GradEndoReferral.pdf
[2013/05/17 19:18:39 | 000,000,258 | RHS- | C] () -- C:\Users\Ruth\ntuser.pol
[2012/03/17 17:11:39 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/02/29 16:57:40 | 000,000,095 | ---- | C] () -- C:\windows\QBChanUtil_Trigger.ini
[2011/12/19 20:15:37 | 000,007,603 | ---- | C] () -- C:\Users\Ruth\AppData\Local\Resmon.ResmonCfg
[2011/06/12 14:16:09 | 000,000,000 | ---- | C] () -- C:\Users\Ruth\AppData\Local\{303D5921-B263-4213-8045-F7C521597A78}

========== ZeroAccess Check ==========

[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 18:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 17:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/07/01 16:55:49 | 000,000,000 | ---D | M] -- C:\Users\Ruth\AppData\Roaming\.minecraft
[2013/07/01 16:55:50 | 000,000,000 | ---D | M] -- C:\Users\Ruth\AppData\Roaming\BitTorrent
[2013/01/10 14:43:10 | 000,000,000 | ---D | M] -- C:\Users\Ruth\AppData\Roaming\com.skinkers.aa
[2013/07/01 16:55:50 | 000,000,000 | ---D | M] -- C:\Users\Ruth\AppData\Roaming\MAGIX
[2013/09/09 13:26:53 | 000,000,000 | ---D | M] -- C:\Users\Ruth\AppData\Roaming\mjusbsp
[2013/07/01 16:49:51 | 000,000,000 | ---D | M] -- C:\Users\Ruth\AppData\Roaming\MP3Rocket
[2013/12/14 17:04:30 | 000,000,000 | ---D | M] -- C:\Users\Ruth\AppData\Roaming\SoftGrid Client
[2013/07/01 16:56:01 | 000,000,000 | ---D | M] -- C:\Users\Ruth\AppData\Roaming\SystemRequirementsLab
[2011/06/28 16:41:33 | 000,000,000 | ---D | M] -- C:\Users\Ruth\AppData\Roaming\TP
[2013/07/01 16:56:01 | 000,000,000 | ---D | M] -- C:\Users\Ruth\AppData\Roaming\uTorrent
[2013/01/03 09:14:56 | 000,000,000 | ---D | M] -- C:\Users\Ruth\AppData\Roaming\Visan
[2013/07/01 16:56:01 | 000,000,000 | ---D | M] -- C:\Users\Ruth\AppData\Roaming\Will McGugan
[2011/01/04 17:25:54 | 000,000,000 | ---D | M] -- C:\Users\Ruth\AppData\Roaming\Windows Live Writer
[2011/08/03 11:04:45 | 000,000,000 | ---D | M] -- C:\Users\Ruth\AppData\Roaming\{90140011-0066-0409-0000-0000000FF1CE}

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:A3E39C6A

< End of report >
 
DuckDuck

I don't need it, a friend recommended it to me is all!

Absolutely don't need it. I also noticed U torrent and a bit torrent. . . that I never have used!? don't know why it's there.
 
Status
Not open for further replies.
Back
Top