need help please

jensennan · May 17, 2015

Help me with my computer !

flashh4 · May 17, 2015

Howdy and welcome to BestTechie !!!

My name is flashh4 (Chuck) and i will be assisting you with the cleaning of your computer.

Run these 1 at a time & post each log as you get it ! Work them as your time permits you to !!

If you don't understand something, please don't hesitate to ask for clarification before proceeding !!! You can PM me if you need to !!

Perform all actions in the order given.

Please stay with us until we give you the "All Clean Speech"! Just because the problem has stopped it may still need some clean-up !

Do Not Remove anything or run any tools/programs until advised to do so !

Please note that all instructions given are customized for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.

===================================

AdwCleaner

Please download adwcleaner by Xplode onto your desktop.
Double click on AdwCleaner.exe to run the tool again.
       Windows XP : Double click on the icon to run it.

       Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

    *Click on the Scan button.
    *AdwCleaner will begin to scan your computer like it did before.
    *After the scan has finished .......

    This time, click on the "Cleaning" button.

    *Press OK when asked to close all programs and follow the onscreen prompts.
    *Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    *After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
    *Copy and paste the contents of that logfile in your next reply.
    *A copy of that logfile will also be saved in the C:\AdwCleaner folder.

NEXT

    Please download Junkware Removal Tool and save to your desk top.

    Shut down your protection software now to avoid potential conflicts.

    * Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    * The tool will open and start scanning your system.
    * Please be patient as this can take a while to complete depending on your system's specifications.
    * On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    * Post the contents of JRT.txt into your next reply !

Re-Boot your computer now !!

NEXT

    Download Malwarebytes' Anti-Malware (save it to your desktop). >>>   http://api.viglink.com/api/click?format=go&jsonp=vglnk_142716402237113&key=9b4efad421c8b103b2c94b796db973b0&libId=i7moiq1n01002u9u000DAjanrgva6&subId=ada8cd58e448a82cf9bb2f2782266d43&loc=http%3A%2F%2Fforums.whatthetech.com%2Findex.php%3Fshowtopic%3D129391%26page%3D1&v=1&out=http%3A%2F%2Fwww.malwarebytes.org%2Fmwb-download%2Fconfirm%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial&ref=http%3A%2F%2Fforums.whatthetech.com%2Findex.php%3Fs%3D49c36eb57530cd237bc7129892da2191%26showforum%3D27&title=can%27t%20download%20or%20run%20malwarebyts%20%5BSolved%5D%20-%20What%20the%20Tech&txt=http%3A%2F%2Fwww.malwareby...m_medium%3Dsocial

      * Windows XP : Double click on the icon to run it.
      * Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
      * Select Scan tab.

* Select type of scan to perform:

* Threat Scan < --- Select this type of scan
* Custom Scan
* Hyper Scan

Next click the Scan button.

When the scan is complete, if no malicious items are found you can close the program.

If malicious items are found be sure that everything is checked, and click Quarantine .

When completed, a log will open in Notepad. Please save it to a convenient location and post the results.

Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.

So i need:

1. AdwCleaner log

2. Junk removal log

3. Malwarebytes log

Thanks

Chuck

jensennan · May 17, 2015

# AdwCleaner v4.204 - Logfile created 16/05/2015 at 18:40:19

# Updated 12/05/2015 by Xplode

# Database : 2015-05-12.2 [server]

# Operating system : Microsoft Windows XP Service Pack 3 (x86)

# Username : Nancy - JENSENFAMILY

# Running from : C:\Documents and Settings\Nancy\My Documents\Downloads\adwcleaner_4.204.exe

# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Ask

Folder Deleted : C:\Documents and Settings\All Users\Application Data\DriverCure

Folder Deleted : C:\Documents and Settings\All Users\Application Data\FileCure

Folder Deleted : C:\Documents and Settings\All Users\Application Data\ParetoLogic

Folder Deleted : C:\Documents and Settings\All Users\Application Data\speedypc software

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Tarma Installer

Folder Deleted : C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Yahoo! Companion

Folder Deleted : C:\Documents and Settings\All Users\Application Data\SparkTrust

Folder Deleted : C:\Program Files\BabylonToolbar

Folder Deleted : C:\Program Files\GamesBar

Folder Deleted : C:\Program Files\Coupons

Folder Deleted : C:\Program Files\DriverToolkit

Folder Deleted : C:\Program Files\SparkTrust

Folder Deleted : C:\Program Files\VideoViewer

Folder Deleted : C:\Program Files\Common Files\ParetoLogic

Folder Deleted : C:\Program Files\Common Files\SparkTrust

Folder Deleted : C:\WINDOWS\system32\bProtectorForWindows

Folder Deleted : C:\Documents and Settings\Nancy\Local Settings\Application Data\apn

Folder Deleted : C:\Documents and Settings\Nancy\Local Settings\Application Data\Conduit

Folder Deleted : C:\Documents and Settings\Nancy\Local Settings\Application Data\DriverToolkit

Folder Deleted : C:\Documents and Settings\Nancy\Application Data\DriverCure

Folder Deleted : C:\Documents and Settings\Nancy\Application Data\ParetoLogic

Folder Deleted : C:\Documents and Settings\Nancy\Application Data\PerformerSoft

Folder Deleted : C:\Documents and Settings\Nancy\Application Data\registry mechanic

Folder Deleted : C:\Documents and Settings\Nancy\Application Data\speedypc software

Folder Deleted : C:\Documents and Settings\Nancy\Application Data\Systweak

Folder Deleted : C:\Documents and Settings\Nancy\Application Data\SparkTrust

Folder Deleted : C:\Documents and Settings\Nancy\Start Menu\Programs\SparkTrust

Folder Deleted : C:\Documents and Settings\Nancy\Start Menu\Programs\VideoViewer

Folder Deleted : C:\Documents and Settings\Paul Jensen\Local Settings\Application Data\Conduit

Folder Deleted : C:\Documents and Settings\Paul Jensen\Local Settings\Application Data\ConduitEngine

[!] Folder Deleted : C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\iegblecddbnnoimnajgjhdllfghfkooh

[!] Folder Deleted : C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nhmfbhcpmaklbnmogmgpfgbgpgflpieb

File Deleted : C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ippkomaaonokjnfjoikaemidanojkfmm_0.localstorage

File Deleted : C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iegblecddbnnoimnajgjhdllfghfkooh_0.localstorage

File Deleted : C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iegblecddbnnoimnajgjhdllfghfkooh_0.localstorage-journal

File Deleted : C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nhmfbhcpmaklbnmogmgpfgbgpgflpieb_0.localstorage

File Deleted : C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nhmfbhcpmaklbnmogmgpfgbgpgflpieb_0.localstorage-journal

File Deleted : C:\WINDOWS\system32\conduitEngine.tmp

File Deleted : C:\Documents and Settings\Nancy\Application Data\Microsoft\Internet Explorer\Quick Launch\SparkTrust PC Cleaner Plus.lnk

File Deleted : C:\Documents and Settings\Nancy\Desktop\SparkTrust PC Cleaner Plus.lnk

File Deleted : C:\Documents and Settings\Nancy\Application Data\Mozilla\Firefox\Profiles\qzgx7hxy.default\bprotector_extensions.rdf

File Deleted : C:\Documents and Settings\Nancy\Application Data\Mozilla\Firefox\Profiles\qzgx7hxy.default\invalidprefs.js

File Deleted : C:\Documents and Settings\Nancy\Application Data\Mozilla\Firefox\Profiles\qzgx7hxy.default\user.js

File Deleted : C:\Program Files\Mozilla Firefox\defaults\pref\itms.js

File Deleted : C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_fromdoctopdf.dl.tb.ask.com_0.localstorage

File Deleted : C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_fromdoctopdf.dl.tb.ask.com_0.localstorage-journal

File Deleted : C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_inboxace.dl.tb.ask.com_0.localstorage

File Deleted : C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_inboxace.dl.tb.ask.com_0.localstorage-journal

***** [ Scheduled tasks ] *****

Task Deleted : SparkTrust Update Version3

Task Deleted : SparkTrust Update Version3_triggeronce

Task Deleted : SparkTrust Registration3

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}]

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}

Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.DynamicBarButton

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.DynamicBarButton.1

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.FeedManager

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.HTMLMenu

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.HTMLMenu.1

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.HTMLPanel

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.HTMLPanel.1

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.MultipleButton

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.PseudoTransparentPlugin

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.PseudoTransparentPlugin.1

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.Radio

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.RadioSettings

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ScriptButton

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.SettingsPlugin

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.SkinLauncher

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.SkinLauncherSettings

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ThirdPartyInstaller

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ThirdPartyInstaller.1

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.UrlAlertButton

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.UrlAlertButton.1

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.XMLSessionPlugin

Key Deleted : HKCU\Software\59e8fdeb76eea48

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A69A551A-1AAE-4B67-8C2E-52F8B8A19504}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB35C569-5624-4CFC-8043-E5139F55A073}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8736C681-37A0-40C6-A0F0-4C083409151C}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB35C569-5624-4CFC-8043-E5139F55A073}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{60B34F47-3FDD-46F8-AB6C-AAABEA55C3D6}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5731AB1-8566-4441-AEFB-9AFB2EEA63D9}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44db423d-a0db-4664-9477-ccdceb7cd666}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{53855564-cf81-410c-9c1c-321c7e067816}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5c9cb1c-1c0a-45a2-81cc-1dd342d0a478}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a661d4dc-4bd8-48fc-964b-a24ab8157de6}

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

Key Deleted : HKCU\Software\CompeteInc

Key Deleted : HKCU\Software\IM

Key Deleted : HKCU\Software\ImInstaller

Key Deleted : HKCU\Software\MyWaySA

Key Deleted : HKCU\Software\ParetoLogic

Key Deleted : HKCU\Software\speedypc software

Key Deleted : HKCU\Software\DriverToolkit

Key Deleted : HKLM\SOFTWARE\CompeteInc

Key Deleted : HKLM\SOFTWARE\Conduit

Key Deleted : HKLM\SOFTWARE\ParetoLogic

Key Deleted : HKLM\SOFTWARE\speedypc software

Key Deleted : HKLM\SOFTWARE\systweak

Key Deleted : HKLM\SOFTWARE\VBMZ

Key Deleted : HKU\.DEFAULT\Software\IBUpdaterService

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{35827710-D042-428B-A1E5-E20E12D2FEB9}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\VisualBee for Microsoft PowerPoint

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Yahoo! Companion

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7

Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>;*.local

Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v36.0.1 (x86 en-US)

-\\ Google Chrome v42.0.2311.135

[C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : iegblecddbnnoimnajgjhdllfghfkooh

[C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : nhmfbhcpmaklbnmogmgpfgbgpgflpieb

*************************

AdwCleaner[R0].txt - [19541 bytes] - [16/05/2015 18:34:23]

AdwCleaner[s0].txt - [19727 bytes] - [16/05/2015 18:40:19]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [19787 bytes] ##########

flashh4 · May 17, 2015

Wow that cleaned a bunch out ! Who ever said they cleaned it was full of it ! When we are done it will run really smooth & should be a lot faster !!

If you stop in go ahead and run the next program (Junkware Removal) and post the log it will produce here !!

Thanks

Chuck

jensennan · May 17, 2015

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.7.2 (05.15.2015:1)

OS: Microsoft Windows XP x86

Ran by Nancy on Sun 05/17/2015 at 14:39:02.31

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Tasks

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111981166}

~~~ Files

Successfully deleted: [File] C:\chromehplog.txt

~~~ Folders

Successfully deleted: [Folder] C:\Documents and Settings\Nancy\Application Data\fixcleaner

Successfully deleted: [Folder] C:\Program Files\fixcleaner

Successfully deleted: [Folder] C:\Program Files\regwork

Successfully deleted: [Folder] C:\WINDOWS\System32\ai_recyclebin

~~~ FireFox

Successfully deleted: [File] C:\user.js

Successfully deleted: [Folder] C:\Program Files\Mozilla Firefox\extensions\{650eed71-89e2-453b-8dcf-2aa1b4ae6ef3}

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Sun 05/17/2015 at 14:45:53.42

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

jensennan · May 17, 2015

Malwarebytes Anti-Malware

www.malwarebytes.org

Scan Date: 5/17/2015

Scan Time: 3:08:34 PM

Logfile:

Administrator: Yes

Version: 2.01.6.1022

Malware Database: v2015.05.17.03

Rootkit Database: v2015.05.16.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

OS: Windows XP Service Pack 3

CPU: x86

File System: NTFS

User: Nancy

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 455679

Time Elapsed: 49 min, 16 sec

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Warn

PUM: Enabled

Processes: 0

(No malicious items detected)

Modules: 0

(No malicious items detected)

Registry Keys: 1

PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{21111111-1111-1111-1111-110111981166}, Quarantined, [4a6d445082088da9a73fafbf31d4619f],

Registry Values: 1

PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{21111111-1111-1111-1111-110111981166}|AppName, Deal Vault-bg.exe, Quarantined, [4a6d445082088da9a73fafbf31d4619f]

Registry Data: 0

(No malicious items detected)

Folders: 0

(No malicious items detected)

Files: 4

PUP.Optional.MindSpark.A, C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.myway.com_0.localstorage, Quarantined, [00b78a0a3753e74fdf7c9bd26f96ba46],

PUP.Optional.MindSpark.A, C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.myway.com_0.localstorage-journal, Quarantined, [7641197b99f1cc6a7dde2647b64f37c9],

PUP.Optional.MindSpark.A, C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_inboxace.dl.myway.com_0.localstorage, Quarantined, [14a330644545de583922303df60f26da],

PUP.Optional.MindSpark.A, C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_inboxace.dl.myway.com_0.localstorage-journal, Quarantined, [b6016e26e1a923133229135a1ee758a8],

Physical Sectors: 0

(No malicious items detected)

(end)

flashh4 · May 17, 2015

Nancy ...... Download OldTimer to your desk top !
Links: http://oldtimer.geekstogo.com/OTL.com http://oldtimer.geekstogo.com/OTL.scr

If you already have a copy of OTL delete it and use this version. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).

* Double click OTL.exe to launch the program.
* Check the following.

o Scan all users.
o Standard Output. o Lop check.
o Purity check. oExtra Registry > Use SafeList

* Under Extra Registry section, select Use SafeList
* Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
* When finished it will produce two logs.

o OTL.txt (open on your desktop).
o Extras.txt (minimised in your taskbar) The Extras.txt file will only appear the very first time you run OTL.

* Please post me both logs. This may have to be broken into more than one post !

Post the logs !

Thanks

Chuck

jensennan · May 17, 2015

OTL logfile created on: 5/17/2015 4:14:23 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Nancy\My Documents\Downloads

Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.42 Mb Total Physical Memory | 215.87 Mb Available Physical Memory | 22.52% Memory free

2.26 Gb Paging File | 1.30 Gb Available in Paging File | 57.73% Paging File free

Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 69.82 Gb Total Space | 39.98 Gb Free Space | 57.26% Space Free | Partition Type: NTFS

Computer Name: JENSENFAMILY | User Name: Nancy | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015/05/17 16:14:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nancy\My Documents\Downloads\OTL.com

PRC - [2015/05/04 22:06:54 | 000,812,872 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

PRC - [2015/03/18 19:34:04 | 005,511,352 | ---- | M] (Avast Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\avastui.exe

PRC - [2015/03/16 01:04:24 | 000,343,336 | ---- | M] (Avast Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe

PRC - [2012/05/15 13:19:34 | 004,980,992 | ---- | M] (NETGEAR) -- C:\Program Files\NETGEAR\WNDA4100\WNDA4100.EXE

PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2015/05/17 11:07:41 | 002,929,664 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\15051701\algo.dll

MOD - [2015/05/16 09:17:52 | 002,929,664 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\15051600\algo.dll

MOD - [2015/03/16 01:04:29 | 040,540,672 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll

MOD - [2015/03/16 01:04:25 | 000,104,400 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll

MOD - [2015/03/16 01:04:25 | 000,081,728 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll

MOD - [2015/02/13 04:20:40 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2015/02/13 04:20:34 | 001,044,776 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2013/01/02 00:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll

MOD - [2012/04/24 14:17:06 | 000,102,400 | ---- | M] () -- C:\Program Files\NETGEAR\WNDA4100\Ralink.dll

MOD - [2011/02/04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll

MOD - [2008/04/13 18:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll

MOD - [2008/04/13 18:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll

MOD - [2002/07/04 09:38:00 | 000,053,248 | ---- | M] () -- C:\Program Files\ArcSoft\Software Suite\PhotoImpression 5\Share\PIHook.dll

========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (SupportSoft RemoteAssist)

SRV - [2015/04/30 16:58:13 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2015/04/14 09:36:30 | 001,080,120 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2015/03/16 01:04:24 | 000,343,336 | ---- | M] (Avast Software s.r.o.) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV - [2015/03/15 18:12:25 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2014/12/11 13:03:12 | 000,089,864 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files\HP\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)

SRV - [2012/04/30 17:16:00 | 000,377,088 | ---- | M] (Ralink Technology, Corp.) [Auto | Stopped] -- C:\Program Files\NETGEAR\WNDA4100\Service\RaRegistry.exe -- (RalinkRegistryWriter)

SRV - [2011/03/01 09:56:36 | 000,052,288 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper)

SRV - [2008/01/08 13:02:16 | 001,213,728 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe -- (sprtlisten)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (wanatw)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LGELTEprt.sys -- (LGELTEprt)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LGELTENdis.sys -- (LGELTENdis)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LGELTEMux.sys -- (LGELTEMux)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LGELTEmdm.sys -- (LGELTEmdm)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LGELTEBus.sys -- (LGELTEBus)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (icsak)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (DSproct)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - [2015/04/14 09:37:42 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2015/03/16 01:04:30 | 000,427,480 | ---- | M] (Avast Software s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)

DRV - [2015/03/16 01:04:30 | 000,206,976 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)

DRV - [2015/03/16 01:04:30 | 000,073,440 | ---- | M] (Avast Software s.r.o.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV - [2015/03/16 01:04:30 | 000,057,888 | ---- | M] (Avast Software s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2015/03/16 01:04:30 | 000,055,200 | ---- | M] (Avast Software s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2015/03/16 01:04:30 | 000,049,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)

DRV - [2015/03/16 01:04:30 | 000,024,144 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aswHwid.sys -- (aswHwid)

DRV - [2015/03/16 01:04:23 | 000,788,272 | ---- | M] (Avast Software s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)

DRV - [2014/10/05 23:02:46 | 000,010,112 | ---- | M] (support.com, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssmirrdr.sys -- (ssmirrdr)

DRV - [2012/12/20 22:05:15 | 000,011,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SWDUMon.sys -- (SWDUMon)

DRV - [2012/04/11 19:05:36 | 001,224,384 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)

DRV - [2011/11/29 03:20:22 | 000,032,408 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Verizon Wireless\VZAccess Manager\SMSIVZAM5.sys -- (SMSIVZAM5)

DRV - [2008/04/13 12:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)

DRV - [2006/08/15 09:00:18 | 001,171,464 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)

DRV - [2006/08/14 12:29:44 | 000,044,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)

DRV - [2006/06/19 03:37:34 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)

DRV - [2004/08/10 04:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)

DRV - [2004/08/10 04:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)

DRV - [2003/11/17 20:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)

DRV - [2003/11/17 20:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)

DRV - [2003/11/17 20:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)

DRV - [2003/05/01 13:26:34 | 000,005,220 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=1061013

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=1061013

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKLM\..\SearchScopes\{8FAC98C3-C9E7-442C-B59B-371A2D545A6E}: "URL" = http://shopping.yahoo.com/search?p={searchTerms}&fr=yie7c

IE - HKLM\..\SearchScopes\{95311789-0483-4A2A-BF3F-33DA6FAF544C}: "URL" = http://local.yahoo.com/results?stx={searchTerms}&fr=yie7c

IE - HKLM\..\SearchScopes\{D2BB6954-AFA6-4E15-A790-BB0904EF9B51}: "URL" = http://news.search.yahoo.com/search/news?p={searchTerms}&fr=yie7c

IE - HKLM\..\SearchScopes\{E049AD79-84C1-4632-BDA7-0C4884AA1073}: "URL" = http://images.search.yahoo.com/search/images?p={searchTerms}&fr=yie7c

IE - HKLM\..\SearchScopes\{E4791FAC-113E-4212-9417-228F6CB2C0AA}: "URL" = http://video.yahoo.com/video/search?p={searchTerms}&fr=yie7c

IE - HKLM\..\SearchScopes\{EB22674A-F081-450C-9C6A-E1FB571A4080}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=yie7c

IE - HKLM\..\SearchScopes\{F671CC99-BF69-4473-8D3E-94114729D738}: "URL" = http://answers.yahoo.com/search/search_result?p={searchTerms}&fr=yie7c

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=IDMD&pc=IDMD

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\Google: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_en

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "US"

FF - prefs.js..browser.search.defaultenginename.US: "Google"

FF - prefs.js..browser.search.region: "US"

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.100: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)

FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.97: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)

FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found

FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Documents and Settings\Nancy\Local Settings\Application Data\RobloxVersions\version-fd63d8cdc8954fbd\\NPRobloxProxy.dll ()

FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/26 15:18:26 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015/03/16 01:04:30 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 36.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2015/03/16 17:30:23 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 36.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2015/03/16 15:20:01 | 000,000,000 | ---D | M]

[2011/12/31 21:53:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Nancy\Application Data\Mozilla\Extensions

[2015/05/16 10:32:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Nancy\Application Data\Mozilla\Firefox\Profiles\qzgx7hxy.default\extensions

[2015/05/16 10:32:29 | 000,970,672 | ---- | M] () (No name found) -- C:\Documents and Settings\Nancy\Application Data\Mozilla\Firefox\Profiles\qzgx7hxy.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2015/05/17 14:43:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2015/03/15 18:12:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions

[2015/03/15 18:12:31 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2015/03/16 01:04:30 | 000,000,000 | ---D | M] ("Avast Online Security") -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

========== Chrome ==========

CHR - default_search_provider: (Enabled)

CHR - default_search_provider: search_url =

CHR - default_search_provider: suggest_url = ,

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\42.0.2311.152\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\42.0.2311.152\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\42.0.2311.152\pdf.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll

CHR - plugin: MicrosoftÃ‚Â® DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll

CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

CHR - plugin: Roblox Launcher Plugin (Enabled) = C:\Documents and Settings\Nancy\Local Settings\Application Data\RobloxVersions\version-9ae7cc04e47a4b12\\NPRobloxProxy.dll

CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

CHR - plugin: getPlusPlus for Adobe 162100 (Enabled) = C:\Program Files\NOS\bin\np_gp.dll

CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files\RadioRage_4j\bar\1.bin\NP4jStub.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll

CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll

CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpjplug.dll

CHR - Extension: No name found = C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\

CHR - Extension: No name found = C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\

CHR - Extension: No name found = C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\

CHR - Extension: No name found = C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.2_0\

CHR - Extension: No name found = C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\

O1 HOSTS File: ([2015/03/16 17:31:22 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (Avast Software s.r.o.)

O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)

O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o.)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()

O4 - HKCU..\Run: [HP Officejet 6700 (NET)] C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNDA4100 Genie.lnk = C:\Program Files\NETGEAR\WNDA4100\WNDA4100.EXE (NETGEAR)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)

O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)

O15 - HKCU\..Trusted Domains: rxamerica.com ([www] https in Trusted sites)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 72.36.0.5 72.36.7.234

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{99835D0E-2579-415E-A582-C1336BBF0BE6}: DhcpNameServer = 72.36.0.5 72.36.7.234

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Documents and Settings\Nancy\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Nancy\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2005/08/16 03:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2015/05/17 14:39:08 | 000,000,000 | ---D | C] -- C:\RegBackup

[2015/05/16 18:33:32 | 000,000,000 | ---D | C] -- C:\AdwCleaner

[2015/05/16 10:37:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nancy\Application Data\supportdotcom

[2015/05/16 10:36:53 | 000,000,000 | ---D | C] -- C:\Program Files\supportdotcom

[2015/05/16 10:36:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\supportdotcom

[2012/12/12 20:46:19 | 000,940,544 | ---- | C] (Apache Software Foundation) -- C:\Documents and Settings\Nancy\Local Settings\Application Data\log4cxx.dll

[2010/03/22 16:37:30 | 009,078,208 | ---- | C] (Qwest ) -- C:\Documents and Settings\Nancy\QCSetup_2_7.exe

[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2015/05/17 16:22:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{044EF96A-30E3-401A-8912-3BB0368A919C}.job

[2015/05/17 15:58:04 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2015/05/17 15:58:03 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2015/05/17 15:37:49 | 000,000,444 | ---- | M] () -- C:\WINDOWS\tasks\At5.job

[2015/05/17 15:08:20 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys

[2015/05/17 15:07:30 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2015/05/17 14:00:02 | 000,000,444 | ---- | M] () -- C:\WINDOWS\tasks\At6.job

[2015/05/17 13:04:02 | 000,000,362 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job

[2015/05/17 10:10:12 | 000,000,444 | ---- | M] () -- C:\WINDOWS\tasks\At3.job

[2015/05/17 04:05:00 | 000,000,621 | ---- | M] () -- C:\WINDOWS\tasks\SparkTrust PC Cleaner Plus_sch_62B5545A-FBE3-11E4-873C-001372307A3A.job

[2015/05/17 04:05:00 | 000,000,621 | ---- | M] () -- C:\WINDOWS\tasks\SparkTrust PC Cleaner Plus_sch_0058AB0C-FBEA-11E4-873D-001372307A3A.job

[2015/05/16 23:58:01 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2015/05/16 20:40:26 | 000,000,444 | ---- | M] () -- C:\WINDOWS\tasks\At4.job

[2015/05/16 18:59:26 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk

[2015/05/16 18:44:36 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2015/05/16 18:43:18 | 000,081,191 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml

[2015/05/16 18:42:33 | 000,000,222 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job

[2015/05/16 18:42:21 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-997423933-533409510-455064316-1012.job

[2015/05/16 18:42:21 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-997423933-533409510-455064316-1006.job

[2015/05/16 18:42:20 | 000,000,574 | ---- | M] () -- C:\WINDOWS\tasks\SparkTrust PC Cleaner Plus Startup.job

[2015/05/16 18:41:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2015/05/16 18:41:52 | 1005,047,808 | -HS- | M] () -- C:\hiberfil.sys

[2015/05/16 17:57:01 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2015/05/16 12:18:01 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat

[2015/05/16 10:44:43 | 000,000,088 | ---- | M] () -- C:\Documents and Settings\Nancy\Desktop\System Advisor.url

[2015/05/08 15:00:00 | 000,000,216 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job

[2015/05/07 19:43:00 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-997423933-533409510-455064316-1012.job

[2015/05/07 13:10:00 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-997423933-533409510-455064316-1006.job

[2015/05/05 17:13:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2015/04/30 16:58:13 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe

[2015/04/30 16:58:13 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files Created - No Company Name ==========

[2015/05/16 18:41:52 | 1005,047,808 | -HS- | C] () -- C:\hiberfil.sys

[2015/05/16 12:18:01 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat

[2015/05/16 10:38:38 | 000,000,621 | ---- | C] () -- C:\WINDOWS\tasks\SparkTrust PC Cleaner Plus_sch_0058AB0C-FBEA-11E4-873D-001372307A3A.job

[2015/05/16 09:52:29 | 000,000,574 | ---- | C] () -- C:\WINDOWS\tasks\SparkTrust PC Cleaner Plus Startup.job

[2015/05/16 09:51:17 | 000,000,621 | ---- | C] () -- C:\WINDOWS\tasks\SparkTrust PC Cleaner Plus_sch_62B5545A-FBE3-11E4-873C-001372307A3A.job

[2015/03/16 01:04:35 | 000,206,976 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys

[2015/03/16 01:04:35 | 000,049,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys

[2015/03/16 01:04:34 | 000,024,144 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswHwid.sys

[2015/03/15 17:39:18 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2015/03/15 17:39:18 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2015/03/15 17:39:18 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2015/03/15 17:39:18 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2015/03/15 17:39:18 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2014/12/13 16:36:07 | 000,000,057 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Ament.ini

[2013/01/12 15:54:06 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\Nancy\Local Settings\Application Data\rbxcsettings.rbx

[2012/12/20 21:52:09 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\MIDI Drivers

[2012/10/28 14:17:50 | 000,294,194 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-997423933-533409510-455064316-1006-0.dat

[2012/10/28 14:17:42 | 000,294,194 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat

[2011/12/06 20:05:00 | 000,000,582 | ---- | C] () -- C:\Documents and Settings\Nancy\Local Settings\Application Data\cookies.ini

[2010/02/09 19:11:39 | 000,000,027 | ---- | C] () -- C:\Documents and Settings\Nancy\Application Data\TAConf.conf

[2010/01/23 21:33:43 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT

[2010/01/23 21:33:43 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Nancy\Application Data\Metadata Importer

[2007/08/31 09:51:09 | 000,009,984 | ---- | C] () -- C:\Documents and Settings\Nancy\DModem_Trace.trc

[2006/10/25 17:43:39 | 000,014,848 | ---- | C] () -- C:\Documents and Settings\Nancy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2006/10/25 17:43:17 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Nancy\Application Data\PFP120JPR.{PB

[2006/10/25 17:43:16 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Nancy\Application Data\PFP120JCM.{PB

[2006/10/25 17:15:15 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Nancy\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2005/08/16 03:39:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 18:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 06:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 18:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

< End of report >

flashh4 · May 17, 2015

Run a Fix ! Open the OTL program on your desktop it will look like this :
[/url

Now copy/paste the fix i wrote for you below, place it where it says "Paste script here" then click "Run Fix" !

We need to Run an OTL fix !!
Warning This fix is only relevant for this system and no other, using on another computer may cause problems.

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

* Double-click OTL.exe to start the program.
* Copy and Paste the following code into the . text box of the OTL tool/program ! Start with and include the colon plus :OTL

:OTLSRV - File not found [Auto | Stopped] --  -- (SupportSoft RemoteAssist)DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)DRV - File not found [Kernel | On_Demand | Stopped] --  -- (wanatw)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LGELTEprt.sys -- (LGELTEprt)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LGELTENdis.sys -- (LGELTENdis)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LGELTEMux.sys -- (LGELTEMux)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LGELTEmdm.sys -- (LGELTEmdm)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LGELTEBus.sys -- (LGELTEBus)DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)DRV - File not found [Kernel | On_Demand | Stopped] --  -- (icsak)DRV - File not found [Kernel | On_Demand | Stopped] --  -- (DSproct)DRV - File not found [Kernel | System | Stopped] --  -- (Changer)IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRCIE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7IE - HKLM\..\SearchScopes\{8FAC98C3-C9E7-442C-B59B-371A2D545A6E}: "URL" = http://shopping.yahoo.com/search?p={searchTerms}&fr=yie7cIE - HKLM\..\SearchScopes\{95311789-0483-4A2A-BF3F-33DA6FAF544C}: "URL" = http://local.yahoo.com/results?stx={searchTerms}&fr=yie7cIE - HKLM\..\SearchScopes\{D2BB6954-AFA6-4E15-A790-BB0904EF9B51}: "URL" = http://news.search.y.../search/news?p={searchTerms}&fr=yie7cIE - HKLM\..\SearchScopes\{E049AD79-84C1-4632-BDA7-0C4884AA1073}: "URL" = http://images.search...earch/images?p={searchTerms}&fr=yie7cIE - HKLM\..\SearchScopes\{E4791FAC-113E-4212-9417-228F6CB2C0AA}: "URL" = http://video.yahoo.com/video/search?p={searchTerms}&fr=yie7cIE - HKLM\..\SearchScopes\{EB22674A-F081-450C-9C6A-E1FB571A4080}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=yie7cIE - HKLM\..\SearchScopes\{F671CC99-BF69-4473-8D3E-94114729D738}: "URL" = http://answers.yahoo...earch_result?p={searchTerms}&fr=yie7cIE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRCIE - HKCU\..\SearchScopes\Google: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_enFF - user.js - File not foundFF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not foundFF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not foundFF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not foundFF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine:  File not foundCHR - Extension: No name found = C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\CHR - Extension: No name found = C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\CHR - Extension: No name found = C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\CHR - Extension: No name found = C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.2_0\CHR - Extension: No name found = C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - No CLSID value found.O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.2015/05/16 18:42:20 | 000,000,574 | ---- | M] () -- C:\WINDOWS\tasks\SparkTrust PC Cleaner Plus Startup.job[2015/05/16 10:38:38 | 000,000,621 | ---- | C] () -- C:\WINDOWS\tasks\SparkTrust PC Cleaner Plus_sch_0058AB0C-FBEA-11E4-873D-001372307A3A.job[2015/05/16 09:52:29 | 000,000,574 | ---- | C] () -- C:\WINDOWS\tasks\SparkTrust PC Cleaner Plus Startup.job[2015/05/16 09:51:17 | 000,000,621 | ---- | C] () -- C:\WINDOWS\tasks\SparkTrust PC Cleaner Plus_sch_62B5545A-FBE3-11E4-873C-001372307A3A.job:Commands[emptyjava][emptyflash][EMPTYTEMP][RESETHOSTS][CREATERESTOREPOINT][Reboot]

Post the log when done !!

Thanks Chuck

flashh4 · May 20, 2015

Nancy copy everything in RED & paste it where it says Paste script here !

:OTL
SRV - File not found [Auto | Stopped] -- -- (SupportSoft RemoteAssist)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LGELTEprt.sys -- (LGELTEprt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LGELTENdis.sys -- (LGELTENdis)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LGELTEMux.sys -- (LGELTEMux)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LGELTEmdm.sys -- (LGELTEmdm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LGELTEBus.sys -- (LGELTEBus)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (icsak)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (DSproct)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{8FAC98C3-C9E7-442C-B59B-371A2D545A6E}: "URL" = http://shopping.yahoo.com/search?p={searchTerms}&fr=yie7c
IE - HKLM\..\SearchScopes\{95311789-0483-4A2A-BF3F-33DA6FAF544C}: "URL" = http://local.yahoo.com/results?stx={searchTerms}&fr=yie7c
IE - HKLM\..\SearchScopes\{D2BB6954-AFA6-4E15-A790-BB0904EF9B51}: "URL" = http://news.search.y.../search/news?p={searchTerms}&fr=yie7c
IE - HKLM\..\SearchScopes\{E049AD79-84C1-4632-BDA7-0C4884AA1073}: "URL" = http://images.search...earch/images?p={searchTerms}&fr=yie7c
IE - HKLM\..\SearchScopes\{E4791FAC-113E-4212-9417-228F6CB2C0AA}: "URL" = http://video.yahoo.com/video/search?p={searchTerms}&fr=yie7c
IE - HKLM\..\SearchScopes\{EB22674A-F081-450C-9C6A-E1FB571A4080}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=yie7c
IE - HKLM\..\SearchScopes\{F671CC99-BF69-4473-8D3E-94114729D738}: "URL" = http://answers.yahoo...earch_result?p={searchTerms}&fr=yie7c
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\Google: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_en
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: File not found
CHR - Extension: No name found = C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\
CHR - Extension: No name found = C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\
CHR - Extension: No name found = C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\
CHR - Extension: No name found = C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.2_0\
CHR - Extension: No name found = C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\
O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
2015/05/16 18:42:20 | 000,000,574 | ---- | M] () -- C:\WINDOWS\tasks\SparkTrust PC Cleaner Plus Startup.job
[2015/05/16 10:38:38 | 000,000,621 | ---- | C] () -- C:\WINDOWS\tasks\SparkTrust PC Cleaner Plus_sch_0058AB0C-FBEA-11E4-873D-001372307A3A.job
[2015/05/16 09:52:29 | 000,000,574 | ---- | C] () -- C:\WINDOWS\tasks\SparkTrust PC Cleaner Plus Startup.job
[2015/05/16 09:51:17 | 000,000,621 | ---- | C] () -- C:\WINDOWS\tasks\SparkTrust PC Cleaner Plus_sch_62B5545A-FBE3-11E4-873C-001372307A3A.job

:Commands

[emptyjava]
[emptyflash]
[EMPTYTEMP]
[RESETHOSTS]
[CREATERESTOREPOINT]
[Reboot]

flashh4 · May 20, 2015

[/url

this is

the ICON for OTL program

jensennan · May 20, 2015

All processes killed

========== OTL ==========

Service SupportSoft RemoteAssist stopped successfully!

Service SupportSoft RemoteAssist deleted successfully!

Service WDICA stopped successfully!

Service WDICA deleted successfully!

Service wanatw stopped successfully!

Service wanatw deleted successfully!

Service USBModem stopped successfully!

Service USBModem deleted successfully!

File system32\DRIVERS\lgusbmodem.sys not found.

Service UsbDiag stopped successfully!

Service UsbDiag deleted successfully!

File system32\DRIVERS\lgusbdiag.sys not found.

Service usbbus stopped successfully!

Service usbbus deleted successfully!

File system32\DRIVERS\lgusbbus.sys not found.

Service PDRFRAME stopped successfully!

Service PDRFRAME deleted successfully!

Service PDRELI stopped successfully!

Service PDRELI deleted successfully!

Service PDFRAME stopped successfully!

Service PDFRAME deleted successfully!

Service PDCOMP stopped successfully!

Service PDCOMP deleted successfully!

Service PCIDump stopped successfully!

Service PCIDump deleted successfully!

Service LGELTEprt stopped successfully!

Service LGELTEprt deleted successfully!

File system32\DRIVERS\LGELTEprt.sys not found.

Service LGELTENdis stopped successfully!

Service LGELTENdis deleted successfully!

File system32\DRIVERS\LGELTENdis.sys not found.

Service LGELTEMux stopped successfully!

Service LGELTEMux deleted successfully!

File system32\DRIVERS\LGELTEMux.sys not found.

Service LGELTEmdm stopped successfully!

Service LGELTEmdm deleted successfully!

File system32\DRIVERS\LGELTEmdm.sys not found.

Service LGELTEBus stopped successfully!

Service LGELTEBus deleted successfully!

File system32\DRIVERS\LGELTEBus.sys not found.

Service lbrtfdc stopped successfully!

Service lbrtfdc deleted successfully!

Service icsak stopped successfully!

Service icsak deleted successfully!

Service DSproct stopped successfully!

Service DSproct deleted successfully!

Service Changer stopped successfully!

Service Changer deleted successfully!

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8FAC98C3-C9E7-442C-B59B-371A2D545A6E}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FAC98C3-C9E7-442C-B59B-371A2D545A6E}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95311789-0483-4A2A-BF3F-33DA6FAF544C}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95311789-0483-4A2A-BF3F-33DA6FAF544C}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D2BB6954-AFA6-4E15-A790-BB0904EF9B51}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D2BB6954-AFA6-4E15-A790-BB0904EF9B51}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E049AD79-84C1-4632-BDA7-0C4884AA1073}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E049AD79-84C1-4632-BDA7-0C4884AA1073}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E4791FAC-113E-4212-9417-228F6CB2C0AA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E4791FAC-113E-4212-9417-228F6CB2C0AA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EB22674A-F081-450C-9C6A-E1FB571A4080}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EB22674A-F081-450C-9C6A-E1FB571A4080}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F671CC99-BF69-4473-8D3E-94114729D738}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F671CC99-BF69-4473-8D3E-94114729D738}\ not found.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ deleted successfully.

Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.

Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine\ deleted successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_metadata folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\zu folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\zh_TW folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\zh_HK folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\zh_CN folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\zh folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\vi folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\uk folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\tr folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\tl folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\th folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\te folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\ta folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\sw folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\sv folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\sr_Latn folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\sr folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\sl folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\sk folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\si folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\ru folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\ro folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\pt_PT folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\pt_BR folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\pt folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\pl folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\no folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\nl folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\ne folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\nb folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\ms folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\mr folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\mo folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\mn folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\ml folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\mk folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\lv folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\lt folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\lo folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\ln folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\ko folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\kn folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\km folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\ka folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\ja folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\it folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\is folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\in folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\id folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\hy folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\hu folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\hr folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\hi folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\he folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\gu folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\gsw folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\gl folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\fr_CH folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\fr_CA folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\fr folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\fil folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\fi folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\eu folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\et folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\es_VE folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\es_UY folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\es_US folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\es_SV folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\es_PY folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\es_PR folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\es_PE folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\es_PA folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\es_NI folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\es_MX folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\es_HN folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\es_GT folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\es_EC folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\es_DO folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\es_CR folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\es_CO folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\es_CL folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\es_BO folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\es_AR folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\es_419 folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\es folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\en_ZA folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\en_XC folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\en_XA folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\en_SG folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\en_IN folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\en_IE folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\en_GB folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\en folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\el folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\de_CH folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\de_AT folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\de folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\da folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\cs folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\ca folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\bn folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\bg folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\ar folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\am folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales\af folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\_locales folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\images folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\icons folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\fonts folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0 folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_metadata folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\zh_TW folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\zh_CN folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\vi folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\ur folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\uk folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\tr folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\th folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\sv folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\sr folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\sl folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\sk folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\ru folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\ro folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\pt_PT folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\pt_BR folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\pl folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\nl folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\nb folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\ms folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\lv folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\lt folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\ko folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\ja folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\it folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\id folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\hu folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\hr folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\hi folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\he folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\fr folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\fi folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\fa folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\et folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\es folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\en_GB folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\en folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\el folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\de folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\da folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\cs folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\ca folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\bn folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\bg folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\be folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales\ar folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\_locales folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\scripts folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\common\ui\templates folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\common\ui\icons folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\common\ui\css folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\common\ui\bgs folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\common\ui folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\common\skin\img folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\common\skin\css folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\common\skin folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\common\scripts folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\common\mocks folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\common\libs folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\common folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0 folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0 folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.2_0\_platform_specific\x86-32_ folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.2_0\_platform_specific folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.2_0\_metadata folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.2_0\audio folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.2_0 folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_metadata folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\zh_TW folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\zh_CN folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\vi folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\uk folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\tr folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\th folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\sv folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\sr folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\sl folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\sk folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\ru folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\ro folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\pt_PT folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\pt_BR folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\pl folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\nl folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\nb folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\lv folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\lt folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\ko folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\ja folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\it folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\id folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\hu folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\hr folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\hi folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\fr folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\fil folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\fi folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\et folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\es_419 folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\es folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\en_GB folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\en folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\el folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\de folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\da folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\cs folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\ca folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales\bg folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\_locales folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\images folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\html folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\css folder moved successfully.

C:\Documents and Settings\Nancy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0 folder moved successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4982D40A-C53B-4615-B15B-B5B5E98D167C} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4982D40A-C53B-4615-B15B-B5B5E98D167C}\ not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D7F30B62-8269-41AF-9539-B2697FA7D77E} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D7F30B62-8269-41AF-9539-B2697FA7D77E}\ not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}\ deleted successfully.

C:\WINDOWS\tasks\SparkTrust PC Cleaner Plus_sch_0058AB0C-FBEA-11E4-873D-001372307A3A.job moved successfully.

C:\WINDOWS\tasks\SparkTrust PC Cleaner Plus Startup.job moved successfully.

C:\WINDOWS\tasks\SparkTrust PC Cleaner Plus_sch_62B5545A-FBE3-11E4-873C-001372307A3A.job moved successfully.

========== COMMANDS ==========

[EMPTYJAVA]

User: Administrator

User: All Users

User: Default User

User: LocalService

User: Nancy

->Java cache emptied: 12114690 bytes

User: Nancy Ann

User: NetworkService

User: Paul Jensen

Total Java Files Cleaned = 12.00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: LocalService

->Flash cache emptied: 300 bytes

User: Nancy

->Flash cache emptied: 1287 bytes

User: Nancy Ann

->Flash cache emptied: 1922 bytes

User: NetworkService

User: Paul Jensen

->Flash cache emptied: 856 bytes

Total Flash Files Cleaned = 0.00 mb

[EMPTYTEMP]

User: Administrator

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 4538794 bytes

User: LocalService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 249760 bytes

->FireFox cache emptied: 6869845 bytes

->Flash cache emptied: 0 bytes

User: Nancy

->Temp folder emptied: 125063157 bytes

->Temporary Internet Files folder emptied: 21563630 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 21965352 bytes

->Google Chrome cache emptied: 188863573 bytes

->Flash cache emptied: 0 bytes

User: Nancy Ann

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 78924 bytes

->Flash cache emptied: 0 bytes

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Google Chrome cache emptied: 819568 bytes

User: Paul Jensen

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 6135 bytes

->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 107536 bytes

%systemroot%\System32 .tmp files removed: 2577 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 36447686 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 3202 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 67 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 388.00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 05202015_101039

Files\Folders moved on Reboot...

File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.

File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

C:\WINDOWS\temp\Perflib_Perfdata_e5c.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

flashh4 · May 20, 2015

Clean up of Malware Removal Tools

Now that we are through using these tools, let's clean them off your system so that should you ever need to have malware removed again (we hope not) fresh, updated copies will be downloaded.

    Download Delfix to your desktop and double click it to start the program here
    Ensure Remove disinfection tools is ticked
    Also tick:
    o Create registry backup
    o Purge system restore
    o Reset system settings

    o Click Run
    The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.

You can delete any log files left on your desktop as these are no longer needed.

flashh4 · May 20, 2015

Nancy, you are clean as far as the logs look !

Remember i told you about this being a XP operating system which is no longer supported by Microsoft so NO use of Credit Cards or Banking, nothing with important numbers that can be stolen ! It is good for surfing only !!

Let me know if you have any pop-ups or any other problems ??

How is it running other than being slow, it might get a little faster after a few reboots !!

Pleas passalong my work & our web site to your friends that may need help !!

Thanks

Chuck

Happy Surfing !!!

jensennan · May 20, 2015

I've spent way too much money on people that have scammed me into thinking they have fixed my computer- I can not thank you enough for your time and expertise. Sincerely- Daughter at Heart- Nancy

flashh4 · May 20, 2015

I will lock this topic in 5 days !!

Thanks

Chuck

flashh4 · May 27, 2015

Problems have been fixed & computer cleaned !! This topic is now closed !!! If you need it re-opened please PM me or any Mod !

Thanks

Chuck

need help please

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites